$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/9D9B2E7A6D3211F0A68A8A58C4F9AE02.roa File: 9D9B2E7A6D3211F0A68A8A58C4F9AE02.roa (raw, json) Hash identifier: jhSTY2DYnMEsMBx0x/zPRVJM0gPx3FVGm0Ptw4y3rcw= Subject key identifier: 06:8F:45:D9:D8:95:5D:59:D1:7E:75:4E:33:0F:4C:2A:B9:22:6F:BF Certificate issuer: /CN=A91E9467/serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845 Certificate serial: 04C7 Authority key identifier: 52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/9D9B2E7A6D3211F0A68A8A58C4F9AE02.roa Signing time: Fri 01 Aug 2025 06:34:34 +0000 ROA not before: Fri 01 Aug 2025 06:34:34 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 136308 IP address blocks: 103.150.152.0/23 maxlen: 23 103.150.152.0/24 maxlen: 24 103.150.153.0/24 maxlen: 24 202.12.80.0/22 maxlen: 22 202.12.80.0/23 maxlen: 23 202.12.80.0/24 maxlen: 24 202.12.81.0/24 maxlen: 24 202.12.82.0/23 maxlen: 23 202.12.82.0/24 maxlen: 24 202.12.83.0/24 maxlen: 24 2405:3e40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 01:48:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1223 (0x4c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9467, serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845 Validity Not Before: Aug 1 06:34:34 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=688c5ffa-ac4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:8c:2c:2c:16:c8:44:04:bc:66:b7:2a:a8:af: 20:37:c6:06:e8:c8:b1:bc:88:e0:05:b5:4a:c5:45: fd:9e:bf:e9:35:6b:e9:77:65:69:d4:93:ec:f5:80: 79:5c:b5:70:53:2d:0b:f7:d5:45:cb:6a:65:8f:37: bd:11:e2:fc:20:66:fd:56:ec:09:72:80:16:1b:f6: 0e:bf:a4:44:03:19:82:97:d7:e1:ea:10:97:ba:47: 5a:14:9d:9c:dd:1a:6c:ef:9d:d3:a9:82:83:3e:aa: 36:90:23:00:0b:74:c0:09:37:db:8d:2a:2b:0c:b4: 66:7f:79:a7:f2:0b:e5:99:8a:5f:83:a0:59:3e:a7: 2a:95:88:58:86:57:1b:08:6f:99:ec:ea:74:bf:fa: c3:30:11:ea:32:a4:b6:6a:a0:96:07:22:38:6e:04: 47:66:55:c3:64:a2:15:d2:90:7c:e5:a1:47:6d:ee: a0:99:0b:6d:12:f4:c5:31:bf:96:23:d8:b4:ba:cc: 51:1f:f3:ad:44:d1:46:7f:5c:11:62:71:c7:9a:ed: 35:8d:30:29:2e:4d:81:5b:fa:b1:f4:d5:11:60:a9: af:97:03:13:63:18:3d:24:59:33:9b:80:d4:e8:d6: 7e:37:00:6f:18:cd:cf:c1:93:0e:b0:20:f2:3c:eb: 85:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:8F:45:D9:D8:95:5D:59:D1:7E:75:4E:33:0F:4C:2A:B9:22:6F:BF X509v3 Authority Key Identifier: keyid:52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/9D9B2E7A6D3211F0A68A8A58C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.150.152.0/23 202.12.80.0/22 IPv6: 2405:3e40::/32 Signature Algorithm: sha256WithRSAEncryption 2a:5f:23:60:ff:9c:04:52:a7:a6:7b:f3:18:cf:89:b1:28:fd: 4e:5a:73:07:32:71:45:14:d7:ce:9d:a6:09:c4:ce:62:a2:2c: c6:46:3f:f0:ac:97:23:ad:43:1c:a5:f8:28:0f:9c:54:16:7b: 4c:60:f7:6a:6f:66:55:b1:d3:ef:e3:07:5a:8c:21:0f:f6:9a: 1a:75:df:be:e6:47:f4:a9:7b:a3:82:2a:a4:45:12:b6:34:e6: 76:3b:35:49:de:f2:24:c1:bc:a3:d1:34:c6:b0:09:e8:04:9b: 03:68:4f:3a:28:42:6b:74:de:75:8d:04:55:f7:fb:a8:13:6e: 3b:17:3b:07:d2:e1:47:79:42:d7:d7:77:79:94:67:3e:c1:0e: 42:00:f4:88:3e:74:48:f7:de:b4:3f:8c:4f:32:a2:14:6d:6e: c3:19:dc:c6:7f:08:73:36:46:aa:d3:11:17:02:31:dd:8f:05: e1:d2:63:d9:2c:19:7e:84:fb:e8:15:fe:9e:47:2d:28:01:72: a6:2c:91:13:7a:ef:ff:f7:5b:86:66:da:bd:ab:fe:63:4a:6c: 81:b9:09:42:7b:f6:44:1e:1a:33:9e:ed:cc:f1:83:10:7c:ce: fd:82:40:9e:5a:6e:f9:e1:a9:03:9a:58:51:ba:4a:2c:8d:3d: e7:1e:20:e6 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBMcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk0NjcxMTAvBgNVBAUTKDUyQkU5RERFOTU2OEZFNEFEQ0EwRjM0NUIzNjE3QTYz QzMwNzU4NDUwHhcNMjUwODAxMDYzNDM0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhjNWZmYS1hYzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtYwsLBbIRAS8ZrcqqK8gN8YG6MixvIjgBbVKxUX9nr/pNWvpd2Vp1JPs9YB5 XLVwUy0L99VFy2pljze9EeL8IGb9VuwJcoAWG/YOv6REAxmCl9fh6hCXukdaFJ2c 3Rps753TqYKDPqo2kCMAC3TACTfbjSorDLRmf3mn8gvlmYpfg6BZPqcqlYhYhlcb CG+Z7Op0v/rDMBHqMqS2aqCWByI4bgRHZlXDZKIV0pB85aFHbe6gmQttEvTFMb+W I9i0usxRH/OtRNFGf1wRYnHHmu01jTApLk2BW/qx9NURYKmvlwMTYxg9JFkzm4DU 6NZ+NwBvGM3PwZMOsCDyPOuFXwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAaPRdnY lV1Z0X51TjMPTCq5Im+/MB8GA1UdIwQYMBaAFFK+nd6VaP5K3KDzRbNhemPDB1hF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTQ2Ny83NzBCNEYxQTUy NkYxMUVDQkM1MEVCMTdDNEY5QUUwMi9VcjZkM3BWb19rcmNvUE5GczJGNlk4TUhX RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VyNmQzcFZvX2tyY29QTkZzMkY2WThNSFdFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk0NjcvNzcwQjRGMUE1MjZGMTFFQ0JDNTBFQjE3QzRGOUFFMDIvOUQ5QjJFN0E2 RDMyMTFGMEE2OEE4QTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAFnlpgDBALKDFAwDQQCAAIwBwMFACQFPkAwDQYJKoZIhvcN AQELBQADggEBACpfI2D/nARSp6Z78xjPibEo/U5acwcycUUU186dpgnEzmKiLMZG P/CslyOtQxyl+CgPnFQWe0xg92pvZlWx0+/jB1qMIQ/2mhp1377mR/Spe6OCKqRF ErY05nY7NUne8iTBvKPRNMawCegEmwNoTzooQmt03nWNBFX3+6gTbjsXOwfS4Ud5 QtfXd3mUZz7BDkIA9Ig+dEj33rQ/jE8yohRtbsMZ3MZ/CHM2RqrTERcCMd2PBeHS Y9ksGX6E++gV/p5HLSgBcqYskRN67//3W4Zm2r2r/mNKbIG5CUJ79kQeGjOe7czx gxB8zv2CQJ5abvnhqQOaWFG6SiyNPeceIOY= -----END CERTIFICATE-----Generated at Mon Oct 20 19:12:20 2025 by rpki-client