$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9C0/529BC2FC388211F08CCB1866C4F9AE02/28BB8F3E7CFD11F0A33DEA21C4F9AE02.roa File: 28BB8F3E7CFD11F0A33DEA21C4F9AE02.roa (raw, json) Hash identifier: r4KaPqqtCXW7b+8GzlZoQ18nPDvw2xoi898WdJXVWq0= Subject key identifier: 3B:67:69:05:A4:57:C4:06:AA:CD:0D:29:02:77:58:CA:6A:89:8E:FC Certificate issuer: /CN=A91EA9C0/serialNumber=7A730021113D24511D6E8B8562E724EC9E98251B Certificate serial: 31 Authority key identifier: 7A:73:00:21:11:3D:24:51:1D:6E:8B:85:62:E7:24:EC:9E:98:25:1B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/enMAIRE9JFEdbouFYuck7J6YJRs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9C0/529BC2FC388211F08CCB1866C4F9AE02/28BB8F3E7CFD11F0A33DEA21C4F9AE02.roa Signing time: Tue 19 Aug 2025 13:05:20 +0000 ROA not before: Tue 19 Aug 2025 13:05:20 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 153883 IP address blocks: 165.99.44.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA9C0/529BC2FC388211F08CCB1866C4F9AE02/enMAIRE9JFEdbouFYuck7J6YJRs.crl rsync://rpki.apnic.net/member_repository/A91EA9C0/529BC2FC388211F08CCB1866C4F9AE02/enMAIRE9JFEdbouFYuck7J6YJRs.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/enMAIRE9JFEdbouFYuck7J6YJRs.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:54:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49 (0x31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA9C0, serialNumber=7A730021113D24511D6E8B8562E724EC9E98251B Validity Not Before: Aug 19 13:05:20 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68a47690-d7f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:9c:9b:7e:47:f7:a6:2f:71:49:4c:42:e6:c9: b7:84:d0:40:d1:9e:93:54:58:bc:94:aa:7d:7f:eb: 4d:11:a7:f0:c6:ec:f9:70:69:a0:87:0b:fb:69:19: 5a:cf:c3:44:a4:7a:84:44:bc:16:ce:5d:f8:d0:d7: 06:76:fa:ad:18:f4:3e:73:34:dd:66:48:b4:73:0a: ec:fe:9f:8e:af:11:e7:59:b1:56:8a:41:85:9e:fe: 70:fa:7e:c8:67:1d:35:8f:74:50:08:90:f4:0a:9c: cc:80:30:d6:1e:fd:36:51:13:e4:95:09:fa:9d:06: ec:9e:33:5f:db:87:60:ab:df:83:d9:c9:29:31:3f: e8:b7:69:3c:c8:47:27:cd:03:9a:7c:60:37:7d:90: d5:7a:97:78:81:4e:08:37:e0:60:44:5c:a0:ed:49: d4:96:be:ef:80:e7:52:83:99:cc:bf:42:9d:0d:d3: 02:b2:92:b8:4a:d8:77:99:05:20:24:46:18:f3:88: 80:7f:d4:e5:6e:23:ff:11:0e:8f:99:e7:20:3c:f7: 28:f2:10:bb:01:05:d6:03:5e:cc:29:be:fa:38:c1: ff:2e:95:1a:dd:b2:f7:51:06:ff:cf:14:dc:08:91: 08:53:45:b5:3e:3c:49:38:cc:c8:cc:2c:dd:e6:0b: 55:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:67:69:05:A4:57:C4:06:AA:CD:0D:29:02:77:58:CA:6A:89:8E:FC X509v3 Authority Key Identifier: keyid:7A:73:00:21:11:3D:24:51:1D:6E:8B:85:62:E7:24:EC:9E:98:25:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA9C0/529BC2FC388211F08CCB1866C4F9AE02/enMAIRE9JFEdbouFYuck7J6YJRs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/enMAIRE9JFEdbouFYuck7J6YJRs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9C0/529BC2FC388211F08CCB1866C4F9AE02/28BB8F3E7CFD11F0A33DEA21C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 165.99.44.0/24 Signature Algorithm: sha256WithRSAEncryption c6:23:bf:48:a2:13:06:76:d6:f6:e9:06:95:ba:2c:bd:f9:21: 38:7e:c5:f3:0b:34:83:7b:e5:33:b3:a3:54:7d:e8:b7:4c:1b: c0:c6:28:09:eb:3c:22:6f:e0:e0:9a:66:19:cb:d4:65:12:2b: 15:be:07:7e:75:cc:0e:2c:ac:bb:cb:bb:6b:84:6d:0f:0c:71: 07:26:bb:ea:43:0a:b8:b5:d3:6f:f7:a3:54:cc:2a:c5:d3:fb: e0:5f:67:de:ac:c9:2a:fb:72:ad:ac:47:70:5c:60:1c:b1:80: d7:5c:51:44:e2:d0:37:e9:c3:1c:eb:4c:81:e1:bd:cb:22:ee: 9e:73:3f:91:a6:e4:65:64:21:ff:e6:09:d3:96:fc:43:c8:1b: 14:a1:ca:e8:d7:ef:21:9c:82:b2:d3:ff:0e:9e:dc:d3:14:ec: 69:b4:84:fc:6f:36:c2:6b:c8:97:6e:d3:3f:f2:08:3d:74:d7: 51:e9:d2:9a:c0:59:27:be:c2:e2:98:11:9f:01:7d:ab:fa:bf: 25:6a:12:b8:05:05:e3:5d:e9:56:20:37:05:28:26:9b:b3:d7: a9:66:8a:a7:5b:93:72:73:e7:2f:8a:43:3e:51:d1:23:7a:e5: fc:2a:bf:47:66:b3:07:b5:42:bc:11:b1:c7:e1:4d:72:53:a2: 54:24:aa:d4 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBMTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTlDMDExMC8GA1UEBRMoN0E3MzAwMjExMTNEMjQ1MTFENkU4Qjg1NjJFNzI0RUM5 RTk4MjUxQjAeFw0yNTA4MTkxMzA1MjBaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YTQ3NjkwLWQ3ZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCsnJt+R/emL3FJTELmybeE0EDRnpNUWLyUqn1/600Rp/DG7PlwaaCHC/tpGVrP w0SkeoREvBbOXfjQ1wZ2+q0Y9D5zNN1mSLRzCuz+n46vEedZsVaKQYWe/nD6fshn HTWPdFAIkPQKnMyAMNYe/TZRE+SVCfqdBuyeM1/bh2Cr34PZySkxP+i3aTzIRyfN A5p8YDd9kNV6l3iBTgg34GBEXKDtSdSWvu+A51KDmcy/Qp0N0wKykrhK2HeZBSAk RhjziIB/1OVuI/8RDo+Z5yA89yjyELsBBdYDXswpvvo4wf8ulRrdsvdRBv/PFNwI kQhTRbU+PEk4zMjMLN3mC1XVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUO2dpBaRX xAaqzQ0pAndYymqJjvwwHwYDVR0jBBgwFoAUenMAIRE9JFEdbouFYuck7J6YJRsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBOUMwLzUyOUJDMkZDMzg4 MjExRjA4Q0NCMTg2NkM0RjlBRTAyL2VuTUFJUkU5SkZFZGJvdUZZdWNrN0o2WUpS cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvZW5NQUlSRTlKRkVkYm91Rll1Y2s3SjZZSlJzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTlDMC81MjlCQzJGQzM4ODIxMUYwOENDQjE4NjZDNEY5QUUwMi8yOEJCOEYzRTdD RkQxMUYwQTMzREVBMjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAKVjLDANBgkqhkiG9w0BAQsFAAOCAQEAxiO/SKITBnbW9ukG lbosvfkhOH7F8ws0g3vlM7OjVH3ot0wbwMYoCes8Im/g4JpmGcvUZRIrFb4HfnXM Diysu8u7a4RtDwxxBya76kMKuLXTb/ejVMwqxdP74F9n3qzJKvtyraxHcFxgHLGA 11xRROLQN+nDHOtMgeG9yyLunnM/kabkZWQh/+YJ05b8Q8gbFKHK6NfvIZyCstP/ Dp7c0xTsabSE/G82wmvIl27TP/IIPXTXUenSmsBZJ77C4pgRnwF9q/q/JWoSuAUF 413pViA3BSgmm7PXqWaKp1uTcnPnL4pDPlHRI3rl/Cq/R2azB7VCvBGxx+FNclOi VCSq1A== -----END CERTIFICATE-----Generated at Sat Aug 23 23:47:46 2025 by rpki-client