$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/289652667B7511F0A2592A6EC4F9AE02.roa File: 289652667B7511F0A2592A6EC4F9AE02.roa (raw, json) Hash identifier: MIG5ytjBmWgfoVPKlrbWqCYL4yCWtxcV0jRXlzp0+A0= Subject key identifier: D0:18:7D:9A:23:47:47:59:FC:FC:F4:C9:1C:94:E7:6A:B6:02:3D:8C Certificate issuer: /CN=A91E8AF2/serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Certificate serial: 0152 Authority key identifier: 7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/289652667B7511F0A2592A6EC4F9AE02.roa Signing time: Sun 17 Aug 2025 14:19:17 +0000 ROA not before: Sun 17 Aug 2025 14:19:17 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 141209 IP address blocks: 103.252.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:22:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 338 (0x152) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8AF2, serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Validity Not Before: Aug 17 14:19:17 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=68a1e4e5-4995 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:3a:04:de:0a:15:0f:f1:91:d7:dc:a5:00:db: e0:43:7e:3d:59:29:70:67:18:89:58:96:70:38:c7: 18:a3:61:0f:02:7f:57:c0:92:6d:c1:4d:23:8c:b1: 49:c4:6f:61:9a:1d:d6:3c:26:20:9d:73:30:fd:5d: 5f:73:7f:cf:e1:64:89:f0:21:09:cb:06:ef:47:5c: 98:92:ee:4c:5f:f2:35:d2:21:fb:90:67:8e:f5:cb: d9:ef:a1:d8:db:bb:12:6a:b6:20:3a:c8:fb:ca:09: a5:2c:01:7b:46:eb:b6:6c:ce:3d:69:7b:55:36:eb: 40:cb:66:c7:4c:59:c8:3f:35:ee:d1:f3:78:95:a7: 57:52:bc:cb:15:96:f8:03:b4:04:1d:e8:4a:d4:77: d4:b5:a7:d1:08:81:37:1e:c5:7f:a8:0a:33:2a:12: b3:95:29:5a:1d:cd:8e:d6:a3:91:da:72:5a:6e:c4: 49:9f:ea:11:e3:bb:d0:cc:96:bf:c8:12:59:b3:ec: 7b:49:79:cd:70:e9:dc:78:dc:f5:b6:22:6d:e6:7f: 4b:d1:ef:71:a0:2a:c6:cc:2b:0c:ca:25:33:23:f5: 55:cf:4d:a0:b0:00:c4:1f:40:1d:a5:6f:c0:25:67: 57:cf:19:5f:22:15:06:4f:96:71:fa:c7:75:0d:90: 2f:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:18:7D:9A:23:47:47:59:FC:FC:F4:C9:1C:94:E7:6A:B6:02:3D:8C X509v3 Authority Key Identifier: keyid:7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/289652667B7511F0A2592A6EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.252.121.0/24 Signature Algorithm: sha256WithRSAEncryption 46:dd:25:39:6d:8d:97:e9:11:d8:a3:36:c1:c3:30:63:e7:af: 15:ed:1d:3f:b4:7f:6b:a4:ba:44:a4:ab:ad:24:fe:70:00:d6: 04:d3:46:9f:1e:ef:61:9b:3f:45:58:7a:9d:f7:d6:46:e5:85: 1c:37:06:ff:cc:65:76:39:67:04:40:a7:66:0c:bf:4b:b2:94: 34:1c:06:7b:be:26:6b:22:fe:28:67:24:e1:d8:95:c8:dd:af: d3:d0:9a:88:85:e6:93:ec:52:40:7a:11:d3:9c:39:b5:1c:0a: b2:5c:ff:e4:52:b3:ac:a2:b6:85:07:bf:7f:97:b8:80:1d:55: bf:1d:e9:c2:eb:09:7e:45:5c:30:aa:00:f7:45:9a:c4:05:4e: dc:5b:72:cb:a9:de:ec:8a:e8:e3:bb:38:be:be:8d:a7:21:f7: 65:e8:b3:4f:e8:2c:51:32:b1:f0:33:47:35:e9:fa:ef:49:a6: 14:19:72:29:03:f8:ac:b6:24:f8:d8:88:c3:cc:09:6d:3c:48: fd:78:49:43:56:9a:c9:77:23:d0:c9:c7:c8:6e:22:cd:47:f2: 7f:cb:b0:2b:01:07:b5:68:39:4f:a5:bd:8c:a9:8f:d4:5b:64: 6f:2b:28:4f:a5:f8:92:67:cb:bc:3c:fa:ca:65:ab:a3:00:13: 14:2b:5e:65 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAVIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThBRjIxMTAvBgNVBAUTKDdDRDk1OEEwMDdGNEYwRTU2RTRBOEQyNDU3NjY4ODYy MkJBQjcyMjEwHhcNMjUwODE3MTQxOTE3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGExZTRlNS00OTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzToE3goVD/GR19ylANvgQ349WSlwZxiJWJZwOMcYo2EPAn9XwJJtwU0jjLFJ xG9hmh3WPCYgnXMw/V1fc3/P4WSJ8CEJywbvR1yYku5MX/I10iH7kGeO9cvZ76HY 27sSarYgOsj7ygmlLAF7Ruu2bM49aXtVNutAy2bHTFnIPzXu0fN4ladXUrzLFZb4 A7QEHehK1HfUtafRCIE3HsV/qAozKhKzlSlaHc2O1qOR2nJabsRJn+oR47vQzJa/ yBJZs+x7SXnNcOnceNz1tiJt5n9L0e9xoCrGzCsMyiUzI/VVz02gsADEH0AdpW/A JWdXzxlfIhUGT5Zx+sd1DZAvdQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNAYfZoj R0dZ/Pz0yRyU52q2Aj2MMB8GA1UdIwQYMBaAFHzZWKAH9PDlbkqNJFdmiGIrq3Ih MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEFGMi81NzMyQzgzODg0 NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhPVnVTbzBrVjJhSVlpdXJj aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZObFlvQWYwOE9WdVNvMGtWMmFJWWl1cmNpRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RThBRjIvNTczMkM4Mzg4NDRDMTFFRUIxRjJDQTI5QzRGOUFFMDIvMjg5NjUyNjY3 Qjc1MTFGMEEyNTkyQTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBABn/HkwDQYJKoZIhvcNAQELBQADggEBAEbdJTltjZfpEdij NsHDMGPnrxXtHT+0f2ukukSkq60k/nAA1gTTRp8e72GbP0VYep331kblhRw3Bv/M ZXY5ZwRAp2YMv0uylDQcBnu+Jmsi/ihnJOHYlcjdr9PQmoiF5pPsUkB6EdOcObUc CrJc/+RSs6yitoUHv3+XuIAdVb8d6cLrCX5FXDCqAPdFmsQFTtxbcsup3uyK6OO7 OL6+jach92Xos0/oLFEysfAzRzXp+u9JphQZcikD+Ky2JPjYiMPMCW08SP14SUNW msl3I9DJx8huIs1H8n/LsCsBB7VoOU+lvYypj9RbZG8rKE+l+JJny7w8+splq6MA ExQrXmU= -----END CERTIFICATE-----Generated at Sun Aug 24 03:33:01 2025 by rpki-client