$ rpki-client -vvf rpki.apnic.net/member_repository/A91F40E0/3FBB5E047B5311F09B54845FC4F9AE02/EC9842367B5311F0837B8087C4F9AE02.roa File: EC9842367B5311F0837B8087C4F9AE02.roa (raw, json) Hash identifier: bZzEkzZszvb4JsWyoagiYFa9QiH8SNgd2C7pkAWgZCk= Subject key identifier: 66:52:4C:3C:47:03:20:FD:2D:09:15:6D:5C:C8:D1:22:14:8F:B7:E8 Certificate issuer: /CN=A91F40E0/serialNumber=897077B71F2C5AEDDE6C1DD49547DCC9952CDABE Certificate serial: 02 Authority key identifier: 89:70:77:B7:1F:2C:5A:ED:DE:6C:1D:D4:95:47:DC:C9:95:2C:DA:BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXB3tx8sWu3ebB3UlUfcyZUs2r4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F40E0/3FBB5E047B5311F09B54845FC4F9AE02/EC9842367B5311F0837B8087C4F9AE02.roa Signing time: Sun 17 Aug 2025 10:21:23 +0000 ROA not before: Sun 17 Aug 2025 10:21:23 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 147180 IP address blocks: 49.213.32.0/24 maxlen: 24 49.213.33.0/24 maxlen: 24 2001:df5:f9c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F40E0/3FBB5E047B5311F09B54845FC4F9AE02/iXB3tx8sWu3ebB3UlUfcyZUs2r4.crl rsync://rpki.apnic.net/member_repository/A91F40E0/3FBB5E047B5311F09B54845FC4F9AE02/iXB3tx8sWu3ebB3UlUfcyZUs2r4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXB3tx8sWu3ebB3UlUfcyZUs2r4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:23:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F40E0, serialNumber=897077B71F2C5AEDDE6C1DD49547DCC9952CDABE Validity Not Before: Aug 17 10:21:23 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68a1ad23-28d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:3f:2a:d3:ff:3d:95:89:fc:57:d0:8c:3e:f5: 3f:7f:14:85:66:9a:9b:e5:94:21:e7:90:0c:06:45: 1e:de:5a:b6:12:35:04:99:d2:7b:0e:56:2f:d3:fe: 17:88:db:00:c3:d3:e4:28:24:e5:55:31:f1:30:e4: 62:8e:c1:17:87:44:c8:e8:8c:84:66:d3:94:9a:bf: 4c:40:3b:fd:2c:e3:5c:1f:5b:55:78:74:75:98:c4: cf:57:f7:43:04:4c:35:d7:fc:2b:18:32:12:9e:44: 38:30:5c:bd:e6:ed:ea:59:41:73:d9:f0:35:93:2e: 28:21:fa:a0:17:3f:54:53:70:eb:ec:a9:31:73:83: aa:ae:c6:f2:74:85:5d:63:02:4f:78:26:e1:b2:2b: c1:f6:e3:13:bf:ed:d5:38:2a:24:4b:60:11:15:3c: 0a:56:ff:fb:9b:69:ba:2f:39:eb:aa:ed:9e:0c:86: a9:e8:10:b0:16:77:18:83:70:33:9f:76:89:4a:4f: a0:0f:37:56:43:31:a3:ce:be:20:e3:06:4d:13:bf: 8f:ef:e9:bd:c2:d8:84:26:80:63:bd:37:b3:bd:19: fc:c6:68:cc:ca:e3:dd:af:89:d3:70:56:75:c3:9b: 2a:7b:2b:52:75:5e:76:78:69:2b:72:ef:3a:5f:a3: 01:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:52:4C:3C:47:03:20:FD:2D:09:15:6D:5C:C8:D1:22:14:8F:B7:E8 X509v3 Authority Key Identifier: keyid:89:70:77:B7:1F:2C:5A:ED:DE:6C:1D:D4:95:47:DC:C9:95:2C:DA:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F40E0/3FBB5E047B5311F09B54845FC4F9AE02/iXB3tx8sWu3ebB3UlUfcyZUs2r4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXB3tx8sWu3ebB3UlUfcyZUs2r4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F40E0/3FBB5E047B5311F09B54845FC4F9AE02/EC9842367B5311F0837B8087C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.213.32.0/23 IPv6: 2001:df5:f9c0::/48 Signature Algorithm: sha256WithRSAEncryption 0d:9b:dd:a0:6d:4e:23:37:e1:31:11:c7:bd:76:db:67:30:2a: c5:4d:84:5a:90:b1:8e:4e:f9:51:6d:4b:0f:5d:58:76:be:7b: 2d:e2:33:c1:0e:ec:ba:4d:6f:26:67:c4:da:4a:45:75:e7:24: d8:2f:b4:c4:8d:3b:3a:06:f6:d8:07:d6:60:52:1d:78:3b:87: 27:43:da:4b:0f:af:eb:e6:7c:18:44:4f:7c:a2:06:34:96:79: 93:c8:1e:a7:83:4f:2c:7c:74:cf:cc:c8:02:fd:72:1d:b8:a9: fc:02:4f:7c:9a:2b:3e:1d:1a:f0:07:11:06:d4:a1:b5:66:1c: 9a:7e:8f:5e:f2:2d:fa:fe:b9:ec:36:3b:20:4d:3e:b5:2d:0a: 2a:21:4d:c4:20:d7:65:4d:78:79:de:9d:b0:11:73:ea:43:2e: 2f:b4:fd:85:28:31:4f:0b:6b:86:90:42:b7:e5:80:9e:aa:23: 24:d0:44:3f:b3:ad:9b:72:5a:7d:57:51:c7:bb:df:e8:93:63: 37:6e:c0:a5:dd:06:58:db:33:8f:a6:1a:d3:1e:2b:76:75:16: 46:c7:f0:02:5b:5d:2d:76:f6:64:e3:1e:3b:a2:72:b3:b6:f5: 76:24:e6:ea:36:85:1e:c5:cd:b1:10:c5:09:aa:a0:75:97:68: 7e:73:17:b9 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG NDBFMDExMC8GA1UEBRMoODk3MDc3QjcxRjJDNUFFRERFNkMxREQ0OTU0N0RDQzk5 NTJDREFCRTAeFw0yNTA4MTcxMDIxMjNaFw0yNjEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YTFhZDIzLTI4ZDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzPyrT/z2VifxX0Iw+9T9/FIVmmpvllCHnkAwGRR7eWrYSNQSZ0nsOVi/T/heI 2wDD0+QoJOVVMfEw5GKOwReHRMjojIRm05Sav0xAO/0s41wfW1V4dHWYxM9X90ME TDXX/CsYMhKeRDgwXL3m7epZQXPZ8DWTLigh+qAXP1RTcOvsqTFzg6quxvJ0hV1j Ak94JuGyK8H24xO/7dU4KiRLYBEVPApW//ubabovOeuq7Z4MhqnoELAWdxiDcDOf dolKT6APN1ZDMaPOviDjBk0Tv4/v6b3C2IQmgGO9N7O9GfzGaMzK492vidNwVnXD myp7K1J1XnZ4aSty7zpfowHtAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUZlJMPEcD IP0tCRVtXMjRIhSPt+gwHwYDVR0jBBgwFoAUiXB3tx8sWu3ebB3UlUfcyZUs2r4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY0MEUwLzNGQkI1RTA0N0I1 MzExRjA5QjU0ODQ1RkM0RjlBRTAyL2lYQjN0eDhzV3UzZWJCM1VsVWZjeVpVczJy NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaVhCM3R4OHNXdTNlYkIzVWxVZmN5WlVzMnI0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NDBFMC8zRkJCNUUwNDdCNTMxMUYwOUI1NDg0NUZDNEY5QUUwMi9FQzk4NDIzNjdC NTMxMUYwODM3QjgwODdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEATHVIDAPBAIAAjAJAwcAIAEN9fnAMA0GCSqGSIb3DQEBCwUA A4IBAQANm92gbU4jN+ExEce9dttnMCrFTYRakLGOTvlRbUsPXVh2vnst4jPBDuy6 TW8mZ8TaSkV15yTYL7TEjTs6BvbYB9ZgUh14O4cnQ9pLD6/r5nwYRE98ogY0lnmT yB6ng08sfHTPzMgC/XIduKn8Ak98mis+HRrwBxEG1KG1Zhyafo9e8i36/rnsNjsg TT61LQoqIU3EINdlTXh53p2wEXPqQy4vtP2FKDFPC2uGkEK35YCeqiMk0EQ/s62b clp9V1HHu9/ok2M3bsCl3QZY2zOPphrTHit2dRZGx/ACW10tdvZk4x47onKztvV2 JObqNoUexc2xEMUJqqB1l2h+cxe5 -----END CERTIFICATE-----Generated at Sun Aug 24 00:30:35 2025 by rpki-client