$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/681705C288C511F0B7A9672DC4F9AE02.roa File: 681705C288C511F0B7A9672DC4F9AE02.roa (raw, json) Hash identifier: fA0eOMPAM9yocHdllIn9x7eb0JYL2y6sI/CU560QASo= Subject key identifier: 34:4F:AB:BD:C0:A6:B1:5B:C0:3A:C5:10:69:9A:6B:24:24:4D:57:00 Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB Certificate serial: 22BE Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/681705C288C511F0B7A9672DC4F9AE02.roa Signing time: Wed 03 Sep 2025 12:56:28 +0000 ROA not before: Wed 03 Sep 2025 12:56:28 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 63980 IP address blocks: 59.153.200.0/22 maxlen: 24 103.57.20.0/22 maxlen: 24 2402:5380::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 16:05:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8894 (0x22be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA1C, serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB Validity Not Before: Sep 3 12:56:28 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68b83afc-ccc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:2f:eb:c0:33:93:71:76:29:ca:bf:cc:95:0a: f9:19:83:f7:7f:6a:b4:c8:25:33:65:99:f2:51:7b: d7:1c:e9:f4:08:cf:ef:93:5f:97:e9:51:39:ee:15: a4:24:c8:e6:00:a0:aa:d2:af:e4:0f:47:e2:58:1d: b6:e1:63:f9:c5:0b:53:7a:32:91:ef:70:ca:3b:94: d5:a1:06:c1:e7:4c:1f:da:c5:04:30:c3:07:4d:88: a2:6f:74:f0:e8:39:7f:7e:28:dd:77:03:10:ef:34: 8c:41:88:56:29:af:9f:46:d0:9f:3d:3b:a2:bc:14: 03:46:6a:34:ac:b0:f7:5d:2f:80:71:08:d9:58:2d: 76:ed:b5:97:d7:66:b6:03:8d:ed:9b:16:e9:38:66: 7a:2d:67:30:4f:9e:dc:2f:05:c4:6e:a5:0c:f2:34: 34:34:66:38:99:73:06:37:5e:2e:0c:8b:da:87:54: 0a:8d:27:e9:97:af:2f:0d:4c:59:5d:47:99:38:6f: dc:cf:15:21:2f:70:aa:3d:c7:e5:c5:39:a9:d8:85: 79:84:d7:e8:2d:4d:c0:90:18:19:94:d1:62:b4:85: e4:48:06:26:47:d8:5e:59:02:f0:ff:3b:40:16:96: 03:de:27:de:fb:1e:ac:c6:ec:83:6a:7e:09:2e:b6: 1d:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:4F:AB:BD:C0:A6:B1:5B:C0:3A:C5:10:69:9A:6B:24:24:4D:57:00 X509v3 Authority Key Identifier: keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/681705C288C511F0B7A9672DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.153.200.0/22 103.57.20.0/22 IPv6: 2402:5380::/32 Signature Algorithm: sha256WithRSAEncryption ca:83:c2:8e:5a:47:58:74:01:85:d2:1d:b5:21:76:18:fa:cd: 8d:c1:4a:ff:ad:34:29:f7:cf:ce:bd:1b:c7:11:0d:2a:82:ee: 61:92:24:36:3d:c5:3c:a0:68:18:6a:a7:9f:22:37:e3:4a:8c: 3c:86:7c:79:7a:86:cb:bd:7e:b9:36:db:52:7c:c1:0a:1b:f7: dc:0c:af:b6:bb:f5:a7:73:a3:0f:96:8a:2c:5d:a8:48:fd:f7: 7b:27:5e:05:e5:31:73:32:6d:fe:d2:fe:d0:02:b4:42:38:22: 3c:3b:cc:4b:80:bb:28:5a:04:b8:b5:ce:54:a2:97:2e:c0:ab: cf:30:76:ed:31:77:c8:2a:e4:b4:fd:30:2f:9b:5a:9a:56:70: d0:81:9b:0a:ae:1f:a2:ea:cc:a3:43:08:48:f3:97:19:ae:4f: 8d:6d:62:5c:9d:59:cd:52:70:cb:df:83:84:d1:f7:9b:43:8f: b9:86:ea:a8:7e:28:2a:8d:33:ca:e6:e5:94:b0:e7:c2:14:2f: 85:66:cb:e9:05:7e:73:25:14:c4:cf:8b:54:39:9d:7e:43:8c: 18:08:64:4c:a1:d9:4b:92:0b:e4:c2:59:05:24:53:75:16:75: e4:00:4f:eb:1e:e6:c0:0c:eb:0f:c0:a5:dc:c3:c4:5f:18:b0: 45:72:ac:34 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICIr4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy RDNBMzlBRUIwHhcNMjUwOTAzMTI1NjI4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI4M2FmYy1jY2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAri/rwDOTcXYpyr/MlQr5GYP3f2q0yCUzZZnyUXvXHOn0CM/vk1+X6VE57hWk JMjmAKCq0q/kD0fiWB224WP5xQtTejKR73DKO5TVoQbB50wf2sUEMMMHTYiib3Tw 6Dl/fijddwMQ7zSMQYhWKa+fRtCfPTuivBQDRmo0rLD3XS+AcQjZWC127bWX12a2 A43tmxbpOGZ6LWcwT57cLwXEbqUM8jQ0NGY4mXMGN14uDIvah1QKjSfpl68vDUxZ XUeZOG/czxUhL3CqPcflxTmp2IV5hNfoLU3AkBgZlNFitIXkSAYmR9heWQLw/ztA FpYD3ife+x6sxuyDan4JLrYdXwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDRPq73A prFbwDrFEGmaayQkTVcAMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4 MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvNjgxNzA1QzI4 OEM1MTFGMEI3QTk2NzJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAI7mcgDBAJnORQwDQQCAAIwBwMFACQCU4AwDQYJKoZIhvcN AQELBQADggEBAMqDwo5aR1h0AYXSHbUhdhj6zY3BSv+tNCn3z869G8cRDSqC7mGS JDY9xTygaBhqp58iN+NKjDyGfHl6hsu9frk221J8wQob99wMr7a79adzow+Wiixd qEj993snXgXlMXMybf7S/tACtEI4Ijw7zEuAuyhaBLi1zlSily7Aq88wdu0xd8gq 5LT9MC+bWppWcNCBmwquH6LqzKNDCEjzlxmuT41tYlydWc1ScMvfg4TR95tDj7mG 6qh+KCqNM8rm5ZSw58IUL4Vmy+kFfnMlFMTPi1Q5nX5DjBgIZEyh2UuSC+TCWQUk U3UWdeQAT+se5sAM6w/ApdzDxF8YsEVyrDQ= -----END CERTIFICATE-----Generated at Tue Oct 21 09:51:27 2025 by rpki-client