$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/9217B6681AA811F0B10C6412C4F9AE02.roa File: 9217B6681AA811F0B10C6412C4F9AE02.roa (raw, json) Hash identifier: sZgQK5O5s/O14GhajecNBficObwzwlusVMVigjNU8Y8= Subject key identifier: 50:66:66:1D:B9:1B:C7:59:3B:BB:8E:48:C1:AF:95:D5:38:14:F5:CA Certificate issuer: /CN=A91F3CB1/serialNumber=7AD79EEB3B928354D950DC6E4F8BECCB25C2FC4B Certificate serial: 61 Authority key identifier: 7A:D7:9E:EB:3B:92:83:54:D9:50:DC:6E:4F:8B:EC:CB:25:C2:FC:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/etee6zuSg1TZUNxuT4vsyyXC_Es.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/9217B6681AA811F0B10C6412C4F9AE02.roa Signing time: Thu 21 Aug 2025 11:06:12 +0000 ROA not before: Thu 21 Aug 2025 11:06:12 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 7468 IP address blocks: 202.60.224.0/24 maxlen: 24 202.60.225.0/24 maxlen: 24 202.60.226.0/24 maxlen: 24 202.60.227.0/24 maxlen: 24 202.60.228.0/22 maxlen: 22 202.60.228.0/24 maxlen: 24 202.60.229.0/24 maxlen: 24 202.60.230.0/24 maxlen: 24 202.60.231.0/24 maxlen: 24 202.60.232.0/22 maxlen: 22 202.60.232.0/24 maxlen: 24 202.60.233.0/24 maxlen: 24 202.60.234.0/24 maxlen: 24 202.60.235.0/24 maxlen: 24 202.60.236.0/23 maxlen: 23 202.60.236.0/24 maxlen: 24 202.60.237.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/etee6zuSg1TZUNxuT4vsyyXC_Es.crl rsync://rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/etee6zuSg1TZUNxuT4vsyyXC_Es.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/etee6zuSg1TZUNxuT4vsyyXC_Es.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:39:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 97 (0x61) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3CB1, serialNumber=7AD79EEB3B928354D950DC6E4F8BECCB25C2FC4B Validity Not Before: Aug 21 11:06:12 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68a6fda3-3c71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ac:81:83:a9:f8:96:d8:00:63:74:40:00:18: d8:47:fa:6a:75:c5:d4:4d:07:4d:09:83:87:67:8f: 76:a4:df:58:40:dd:77:72:4f:52:21:09:7b:1a:1f: bc:e4:ae:bf:35:c2:9b:47:91:32:89:b3:b2:6f:10: 34:9e:b4:a2:c8:e5:3a:7a:87:55:4c:0f:94:88:f6: 96:60:c5:e5:91:36:58:9a:e5:bf:8d:fd:ca:65:46: 24:8b:ea:83:f4:82:9d:1b:dc:8d:fb:fd:38:fa:56: d5:12:81:43:20:f4:2c:43:c9:c4:1a:7e:6b:28:fa: 55:3a:30:5a:79:bd:61:b6:4a:12:7b:6e:dc:aa:2d: 1c:6f:8b:ee:bf:46:df:cd:a3:18:19:e2:c4:67:8b: e2:12:f6:50:d2:23:2d:bb:02:18:dd:f9:78:07:09: 53:c3:07:94:78:b7:d7:e2:f4:9e:d8:95:51:ae:57: 88:49:03:1f:8a:c2:60:94:b4:f0:eb:a7:6c:c8:3e: f5:ad:f7:ff:f7:32:1f:ba:2a:65:16:3c:b1:40:86: d5:40:16:39:09:ea:90:14:ef:c7:0a:e1:69:31:32: 3b:13:a7:78:1b:06:a3:16:bc:6c:6a:5d:fd:7a:63: 7b:29:c7:6a:2a:5f:dd:af:02:60:c2:a9:a6:d9:6d: ea:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:66:66:1D:B9:1B:C7:59:3B:BB:8E:48:C1:AF:95:D5:38:14:F5:CA X509v3 Authority Key Identifier: keyid:7A:D7:9E:EB:3B:92:83:54:D9:50:DC:6E:4F:8B:EC:CB:25:C2:FC:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/etee6zuSg1TZUNxuT4vsyyXC_Es.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/etee6zuSg1TZUNxuT4vsyyXC_Es.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3CB1/2D843698168611F08916985BC4F9AE02/9217B6681AA811F0B10C6412C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.60.224.0-202.60.237.255 Signature Algorithm: sha256WithRSAEncryption 6d:5f:65:51:82:28:9f:0a:99:18:ec:cd:64:19:14:6b:16:d7: b4:35:af:31:2d:2d:3a:d9:07:71:bb:34:bb:b6:79:d1:09:d0: 83:04:51:4d:de:0c:46:b3:29:00:87:84:55:e7:56:12:69:6c: 60:e8:40:f9:37:85:99:5d:36:c1:6d:df:f9:a3:78:53:ad:94: 61:56:8a:51:1f:68:c6:a2:4f:5c:7a:95:77:4c:e0:3a:d9:29: 55:86:06:4c:4b:09:15:96:13:7a:f7:a1:25:6e:20:7b:43:68: 25:8a:89:df:3b:b1:b3:c3:51:33:a1:40:65:ac:dc:fe:f8:ee: e1:b2:43:7b:5e:c5:65:04:d3:0e:2e:64:96:ee:b3:d3:42:f7: d3:f7:00:15:57:b1:54:84:f6:3c:41:6d:ef:57:76:e3:63:72: 8e:3f:99:5c:c0:e1:34:17:11:27:1f:bb:03:6b:9d:de:74:4c: 9d:e0:02:c0:92:63:b2:ed:65:73:15:c5:8b:f3:64:f2:19:4e: e7:f7:aa:4a:17:2c:d7:92:34:89:8d:aa:4c:67:1f:46:72:24: d6:27:8b:bf:71:1c:91:7f:60:d9:1e:4e:76:e7:91:cb:42:11: 1e:69:5c:08:2a:3b:66:a3:6b:03:db:dc:2e:93:52:a0:bc:11: 9c:bc:cc:98 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIBYTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG M0NCMTExMC8GA1UEBRMoN0FENzlFRUIzQjkyODM1NEQ5NTBEQzZFNEY4QkVDQ0Iy NUMyRkM0QjAeFw0yNTA4MjExMTA2MTJaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YTZmZGEzLTNjNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDQrIGDqfiW2ABjdEAAGNhH+mp1xdRNB00Jg4dnj3ak31hA3XdyT1IhCXsaH7zk rr81wptHkTKJs7JvEDSetKLI5Tp6h1VMD5SI9pZgxeWRNlia5b+N/cplRiSL6oP0 gp0b3I37/Tj6VtUSgUMg9CxDycQafmso+lU6MFp5vWG2ShJ7btyqLRxvi+6/Rt/N oxgZ4sRni+IS9lDSIy27Ahjd+XgHCVPDB5R4t9fi9J7YlVGuV4hJAx+KwmCUtPDr p2zIPvWt9//3Mh+6KmUWPLFAhtVAFjkJ6pAU78cK4WkxMjsTp3gbBqMWvGxqXf16 Y3spx2oqX92vAmDCqabZberpAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUUGZmHbkb x1k7u45Iwa+V1TgU9cowHwYDVR0jBBgwFoAUetee6zuSg1TZUNxuT4vsyyXC/Esw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzQ0IxLzJEODQzNjk4MTY4 NjExRjA4OTE2OTg1QkM0RjlBRTAyL2V0ZWU2enVTZzFUWlVOeHVUNHZzeXlYQ19F cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZXRlZTZ6dVNnMVRaVU54dVQ0dnN5eVhDX0VzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0NCMS8yRDg0MzY5ODE2ODYxMUYwODkxNjk4NUJDNEY5QUUwMi85MjE3QjY2ODFB QTgxMUYwQjEwQzY0MTJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY MBYwFAQCAAEwDjAMAwQFyjzgAwQByjzsMA0GCSqGSIb3DQEBCwUAA4IBAQBtX2VR giifCpkY7M1kGRRrFte0Na8xLS062QdxuzS7tnnRCdCDBFFN3gxGsykAh4RV51YS aWxg6ED5N4WZXTbBbd/5o3hTrZRhVopRH2jGok9cepV3TOA62SlVhgZMSwkVlhN6 96ElbiB7Q2glionfO7Gzw1EzoUBlrNz++O7hskN7XsVlBNMOLmSW7rPTQvfT9wAV V7FUhPY8QW3vV3bjY3KOP5lcwOE0FxEnH7sDa53edEyd4ALAkmOy7WVzFcWL82Ty GU7n96pKFyzXkjSJjapMZx9GciTWJ4u/cRyRf2DZHk5255HLQhEeaVwIKjtmo2sD 29wuk1KgvBGcvMyY -----END CERTIFICATE-----Generated at Sun Aug 24 00:43:25 2025 by rpki-client