$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/17BB4C20F17E11EAA3CC597BC4F9AE02.roa File: 17BB4C20F17E11EAA3CC597BC4F9AE02.roa (raw, json) Hash identifier: sb92Yiu1DkaA/Jlw4YPyCeHs7T2hutc7NkpwUwObZxY= Subject key identifier: D0:B9:1B:DC:DA:13:83:C0:FC:A9:10:DC:37:70:19:D9:B8:DF:63:72 Certificate issuer: /CN=A91EB45A/serialNumber=C1422A0C4CFF248D517358EBDF7B4E802BACC0E7 Certificate serial: 34D3 Authority key identifier: C1:42:2A:0C:4C:FF:24:8D:51:73:58:EB:DF:7B:4E:80:2B:AC:C0:E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUIqDEz_JI1Rc1jr33tOgCuswOc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/17BB4C20F17E11EAA3CC597BC4F9AE02.roa Signing time: Thu 18 Sep 2025 15:21:14 +0000 ROA not before: Thu 18 Sep 2025 15:21:14 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 45945 IP address blocks: 43.245.124.0/22 maxlen: 22 43.245.124.0/24 maxlen: 24 43.245.125.0/24 maxlen: 24 43.245.126.0/24 maxlen: 24 43.245.127.0/24 maxlen: 24 103.1.148.0/22 maxlen: 22 103.1.148.0/24 maxlen: 24 103.1.149.0/24 maxlen: 24 103.1.150.0/24 maxlen: 24 103.1.151.0/24 maxlen: 24 124.150.140.0/22 maxlen: 22 124.150.140.0/24 maxlen: 24 124.150.141.0/24 maxlen: 24 124.150.142.0/24 maxlen: 24 124.150.143.0/24 maxlen: 24 2401:fd00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/wUIqDEz_JI1Rc1jr33tOgCuswOc.crl rsync://rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/wUIqDEz_JI1Rc1jr33tOgCuswOc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUIqDEz_JI1Rc1jr33tOgCuswOc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 15:13:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13523 (0x34d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB45A, serialNumber=C1422A0C4CFF248D517358EBDF7B4E802BACC0E7 Validity Not Before: Sep 18 15:21:14 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68cc236a-b71a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:9d:11:af:82:8f:a2:aa:41:af:98:da:ce:29: c7:24:2c:17:f2:b5:a6:95:f8:81:9d:b0:e8:a7:12: 25:de:14:f8:3c:15:71:4c:f0:de:e2:6b:4d:e6:9c: b6:13:27:62:10:91:2b:11:a9:66:80:3a:46:5a:c9: b8:46:3b:34:2e:5b:3b:4f:7a:d8:53:3a:a3:b4:06: 85:bd:24:50:97:0b:d6:05:84:7a:23:71:f2:4a:a6: 98:7c:86:3f:af:dc:23:25:5c:49:34:b8:3e:ee:5c: e6:3f:4a:da:cf:12:92:22:cc:15:a3:fe:81:a3:59: ff:7e:50:68:0d:83:f9:b8:65:22:7a:be:d3:e5:3c: 23:8e:71:38:34:94:24:1c:25:31:3f:d2:7d:be:3a: 4e:cf:c0:d1:fb:8d:ac:8f:ee:7d:8e:5b:52:b6:66: 92:be:85:29:b7:aa:39:c1:c7:9e:aa:b5:76:ef:1e: 01:e1:fb:64:d5:b7:bd:a2:72:58:b3:7a:68:61:08: 6a:5a:5b:71:4f:60:ae:7a:1c:e7:5d:b9:fb:29:85: 98:53:20:5b:34:7c:f8:e4:bb:9c:b1:52:b3:77:ca: f0:ad:7a:a4:fc:9f:1b:46:79:71:8b:0b:7b:8c:19: 2b:e7:68:d5:a8:11:4d:4f:a5:3e:c9:ac:b6:80:b9: a1:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:B9:1B:DC:DA:13:83:C0:FC:A9:10:DC:37:70:19:D9:B8:DF:63:72 X509v3 Authority Key Identifier: keyid:C1:42:2A:0C:4C:FF:24:8D:51:73:58:EB:DF:7B:4E:80:2B:AC:C0:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/wUIqDEz_JI1Rc1jr33tOgCuswOc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUIqDEz_JI1Rc1jr33tOgCuswOc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB45A/1E448A481DA111E29F56079308B02CD2/17BB4C20F17E11EAA3CC597BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.124.0/22 103.1.148.0/22 124.150.140.0/22 IPv6: 2401:fd00::/32 Signature Algorithm: sha256WithRSAEncryption 9b:58:72:fd:33:11:6f:07:f1:84:2f:12:f4:e9:22:c2:4a:d5: 10:d6:13:fc:82:24:cd:fd:4f:c6:ee:00:a4:8b:fd:33:54:55: 07:a6:2e:af:f4:29:60:ed:08:48:5b:98:73:f5:fa:f5:2e:3f: 82:6e:b0:5c:c5:cd:83:ef:81:b4:61:6e:b3:fe:e7:7e:d1:95: b7:dc:33:94:b5:4f:b7:64:61:f3:62:d9:6f:13:d6:06:74:63: 05:72:47:7f:f6:7f:42:a5:b0:c3:6a:9d:ef:db:7b:3e:e3:47: 45:ca:83:5d:87:7f:ea:5b:e2:f1:54:4b:7b:49:06:69:71:0f: cd:ef:4a:b0:15:25:76:7f:a2:16:40:9c:8c:de:57:97:cf:c4: f0:44:79:dc:2e:85:af:ed:78:d3:19:b1:5a:55:62:39:61:a3: 82:89:2f:da:5d:14:5e:32:54:d2:64:96:aa:cb:d5:d6:15:c8: 3a:d8:cc:e2:82:a8:f4:17:c0:02:16:e0:57:30:4a:7e:90:48: a1:20:cc:d9:7d:20:69:43:a4:34:fb:8f:54:92:93:29:38:c3: 07:ec:8d:e8:e6:d9:a7:c3:85:ec:a7:20:4f:c4:8e:49:67:41: 7a:50:25:77:78:1a:d9:21:04:ca:98:42:37:e3:18:9e:50:f5: 3a:c4:70:1d -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICNNMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI0NUExMTAvBgNVBAUTKEMxNDIyQTBDNENGRjI0OEQ1MTczNThFQkRGN0I0RTgw MkJBQ0MwRTcwHhcNMjUwOTE4MTUyMTE0WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGNjMjM2YS1iNzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArp0Rr4KPoqpBr5jazinHJCwX8rWmlfiBnbDopxIl3hT4PBVxTPDe4mtN5py2 EydiEJErEalmgDpGWsm4Rjs0Lls7T3rYUzqjtAaFvSRQlwvWBYR6I3HySqaYfIY/ r9wjJVxJNLg+7lzmP0razxKSIswVo/6Bo1n/flBoDYP5uGUier7T5TwjjnE4NJQk HCUxP9J9vjpOz8DR+42sj+59jltStmaSvoUpt6o5wceeqrV27x4B4ftk1be9onJY s3poYQhqWltxT2CuehznXbn7KYWYUyBbNHz45LucsVKzd8rwrXqk/J8bRnlxiwt7 jBkr52jVqBFNT6U+yay2gLmhjwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNC5G9za E4PA/KkQ3DdwGdm432NyMB8GA1UdIwQYMBaAFMFCKgxM/ySNUXNY6997ToArrMDn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjQ1QS8xRTQ0OEE0ODFE QTExMUUyOUY1NjA3OTMwOEIwMkNEMi93VUlxREV6X0pJMVJjMWpyMzN0T2dDdXN3 T2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3dVSXFERXpfSkkxUmMxanIzM3RPZ0N1c3dPYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUI0NUEvMUU0NDhBNDgxREExMTFFMjlGNTYwNzkzMDhCMDJDRDIvMTdCQjRDMjBG MTdFMTFFQUEzQ0M1OTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAIr9XwDBAJnAZQDBAJ8lowwDQQCAAIwBwMFACQB/QAwDQYJ KoZIhvcNAQELBQADggEBAJtYcv0zEW8H8YQvEvTpIsJK1RDWE/yCJM39T8buAKSL /TNUVQemLq/0KWDtCEhbmHP1+vUuP4JusFzFzYPvgbRhbrP+537RlbfcM5S1T7dk YfNi2W8T1gZ0YwVyR3/2f0KlsMNqne/bez7jR0XKg12Hf+pb4vFUS3tJBmlxD83v SrAVJXZ/ohZAnIzeV5fPxPBEedwuha/teNMZsVpVYjlho4KJL9pdFF4yVNJklqrL 1dYVyDrYzOKCqPQXwAIW4FcwSn6QSKEgzNl9IGlDpDT7j1SSkyk4wwfsjejm2afD heynIE/EjklnQXpQJXd4GtkhBMqYQjfjGJ5Q9TrEcB0= -----END CERTIFICATE-----Generated at Mon Oct 20 07:58:58 2025 by rpki-client