$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/586B33AEF44611EBA78C117AC4F9AE02.roa File: 586B33AEF44611EBA78C117AC4F9AE02.roa (raw, json) Hash identifier: W3kQqETMCmWx1rkG4UQFdMD9AvtHip25lMvzH/UT/O4= Subject key identifier: BE:F0:A5:21:CB:AF:9C:BF:37:35:26:85:3D:EA:0F:E7:B1:BA:D4:ED Certificate issuer: /CN=A91F0EBF/serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Certificate serial: 2222 Authority key identifier: 3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/586B33AEF44611EBA78C117AC4F9AE02.roa Signing time: Thu 02 Oct 2025 16:13:45 +0000 ROA not before: Thu 02 Oct 2025 16:13:45 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 58436 IP address blocks: 43.230.24.0/24 maxlen: 24 43.230.25.0/24 maxlen: 24 43.255.124.0/22 maxlen: 24 45.125.196.0/22 maxlen: 22 103.5.151.0/24 maxlen: 24 103.11.143.0/24 maxlen: 24 103.11.150.0/24 maxlen: 24 103.11.151.0/24 maxlen: 24 103.16.16.0/24 maxlen: 24 103.16.17.0/24 maxlen: 24 103.16.18.0/24 maxlen: 24 103.16.19.0/24 maxlen: 24 103.194.76.0/22 maxlen: 24 124.6.56.0/22 maxlen: 24 2001:df0:24f::/48 maxlen: 48 2407:8100:1::/48 maxlen: 48 2407:8100:3::/48 maxlen: 48 2407:8100:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 16:08:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8738 (0x2222) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0EBF, serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4 Validity Not Before: Oct 2 16:13:45 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68dea4b9-95f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f1:0c:39:b9:3e:6b:e2:06:e5:f9:06:d0:04: a4:e7:81:88:e0:db:d7:8d:40:f3:53:2f:a4:b3:33: fa:25:71:c4:cb:61:58:66:0d:97:85:89:61:95:f1: ae:84:8a:76:85:e2:fb:83:3f:fd:0e:e1:42:bc:fd: 08:f1:21:89:a2:ac:50:23:7c:96:b6:e8:ff:e0:59: 02:4b:22:14:ec:af:76:1f:ec:ba:44:4e:03:76:e5: fb:9f:03:cb:aa:e5:1c:ea:4b:0a:95:dd:9e:a7:75: cf:d4:c2:5c:c2:3d:9e:e4:35:54:3e:bb:90:25:91: 72:5e:60:5c:19:bd:07:40:ee:69:33:0d:fa:0d:57: 80:80:e6:33:8a:c1:97:07:89:0f:46:8f:6e:61:a3: a3:1e:87:ed:5f:46:36:91:95:f2:c9:7f:fb:9a:f8: 46:0d:b5:b9:c6:58:b7:52:45:01:1d:4b:77:46:c6: 98:08:d1:a4:07:4f:81:33:73:b2:35:3d:ab:fd:6e: f9:7f:1b:88:f5:1c:8e:19:14:b7:a0:cb:3b:f4:ae: 07:c7:32:96:31:57:a0:ea:ac:e8:62:1b:e0:37:c5: 3f:9d:d5:dc:63:58:21:46:22:fe:11:64:16:e5:f7: 23:5a:84:7a:1d:aa:71:da:e5:04:c3:c1:4b:38:46: e0:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:F0:A5:21:CB:AF:9C:BF:37:35:26:85:3D:EA:0F:E7:B1:BA:D4:ED X509v3 Authority Key Identifier: keyid:3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/586B33AEF44611EBA78C117AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.24.0/23 43.255.124.0/22 45.125.196.0/22 103.5.151.0/24 103.11.143.0/24 103.11.150.0/23 103.16.16.0/22 103.194.76.0/22 124.6.56.0/22 IPv6: 2001:df0:24f::/48 2407:8100:1::/48 2407:8100:3::/48 2407:8100:6::/48 Signature Algorithm: sha256WithRSAEncryption bc:09:3f:db:44:b8:f0:ac:34:00:33:cb:bb:5f:ca:3f:1e:03: 1d:49:2f:af:52:5e:03:22:de:34:0b:3d:80:a3:03:be:ae:c1: 5d:db:2c:a7:c3:7f:ee:37:ed:7f:ea:3b:1c:9d:10:c5:68:3c: 82:e7:e4:b8:6f:48:b0:3c:4f:2e:ee:ea:60:7d:ad:b6:a1:eb: 49:cc:b9:4f:4f:c1:43:6e:43:c8:af:c2:66:d6:00:a6:1b:35: 8b:ec:36:45:92:66:03:bf:a8:b0:90:e6:ac:e4:83:d6:4a:6d: 36:09:10:e1:c7:02:14:9d:ef:5c:d5:09:c5:08:57:fb:5f:a0: de:79:84:7a:ff:af:3a:8a:2e:50:a7:7c:15:45:c5:21:db:c8: 62:82:57:72:1d:8d:4f:e4:67:66:4d:1e:5b:33:30:19:64:ba: 20:1f:f4:5f:93:66:46:2f:2e:dd:49:67:c7:7c:2c:22:da:97: ea:93:f0:8c:f9:37:51:20:7e:86:05:69:2e:f2:4d:02:14:8f: 58:2a:3f:e7:3d:79:a8:7b:2e:86:61:b0:00:f1:7d:8c:bc:11: 1c:5b:2b:0f:b7:f7:bb:7a:06:a3:9e:18:63:78:74:32:ff:3c: 00:4b:a4:dc:3c:77:c9:5a:12:21:f1:80:ac:ca:ac:f1:eb:0e: 5f:ac:f6:80 -----BEGIN CERTIFICATE----- MIIFzTCCBLWgAwIBAgICIiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBFQkYxMTAvBgNVBAUTKDNBQ0NCNjk1MzlBQzlGNDI4OEJDRDBGMEE1NDI1MEQ1 OTJGNTQwRDQwHhcNMjUxMDAyMTYxMzQ1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRlYTRiOS05NWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsvEMObk+a+IG5fkG0ASk54GI4NvXjUDzUy+kszP6JXHEy2FYZg2XhYlhlfGu hIp2heL7gz/9DuFCvP0I8SGJoqxQI3yWtuj/4FkCSyIU7K92H+y6RE4DduX7nwPL quUc6ksKld2ep3XP1MJcwj2e5DVUPruQJZFyXmBcGb0HQO5pMw36DVeAgOYzisGX B4kPRo9uYaOjHoftX0Y2kZXyyX/7mvhGDbW5xli3UkUBHUt3RsaYCNGkB0+BM3Oy NT2r/W75fxuI9RyOGRS3oMs79K4HxzKWMVeg6qzoYhvgN8U/ndXcY1ghRiL+EWQW 5fcjWoR6Hapx2uUEw8FLOEbgkwIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFL7wpSHL r5y/NzUmhT3qD+exutTtMB8GA1UdIwQYMBaAFDrMtpU5rJ9CiLzQ8KVCUNWS9UDU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEVCRi81Rjg0RDdEOERC ODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24wS0l2TkR3cFVKUTFaTDFR TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09zeTJsVG1zbjBLSXZORHdwVUpRMVpMMVFOUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjBFQkYvNUY4NEQ3RDhEQjgwMTFFNTlBQjdFRDFFQzRGOUFFMDIvNTg2QjMzQUVG NDQ2MTFFQkE3OEMxMTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E bDBqMDwEAgABMDYDBAEr5hgDBAIr/3wDBAItfcQDBABnBZcDBABnC48DBAFnC5YD BAJnEBADBAJnwkwDBAJ8BjgwKgQCAAIwJAMHACABDfACTwMHACQHgQAAAQMHACQH gQAAAwMHACQHgQAABjANBgkqhkiG9w0BAQsFAAOCAQEAvAk/20S48Kw0ADPLu1/K Px4DHUkvr1JeAyLeNAs9gKMDvq7BXdssp8N/7jftf+o7HJ0QxWg8gufkuG9IsDxP Lu7qYH2ttqHrScy5T0/BQ25DyK/CZtYAphs1i+w2RZJmA7+osJDmrOSD1kptNgkQ 4ccCFJ3vXNUJxQhX+1+g3nmEev+vOoouUKd8FUXFIdvIYoJXch2NT+RnZk0eWzMw GWS6IB/0X5NmRi8u3Ulnx3wsItqX6pPwjPk3USB+hgVpLvJNAhSPWCo/5z15qHsu hmGwAPF9jLwRHFsrD7f3u3oGo54YY3h0Mv88AEuk3Dx3yVoSIfGArMqs8esOX6z2 gA== -----END CERTIFICATE-----Generated at Mon Oct 20 09:36:46 2025 by rpki-client