$ rpki-client -vvf rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/8852DDDEBED411ECBA66025BC4F9AE02.roa File: 8852DDDEBED411ECBA66025BC4F9AE02.roa (raw, json) Hash identifier: 3hsbI0PrBL5LI5VaCiCNQ0sMN2EIkZA6LenSvD9t9yA= Subject key identifier: CB:D3:09:7B:4C:BF:FF:0A:C3:E6:04:0E:D5:B4:6C:86:06:76:61:74 Certificate issuer: /CN=A91F428C/serialNumber=632C8DE0220B8C10B41FF49BFF8B432CF8FFD254 Certificate serial: 34B3 Authority key identifier: 63:2C:8D:E0:22:0B:8C:10:B4:1F:F4:9B:FF:8B:43:2C:F8:FF:D2:54 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/8852DDDEBED411ECBA66025BC4F9AE02.roa Signing time: Tue 12 Aug 2025 15:21:15 +0000 ROA not before: Tue 12 Aug 2025 15:21:15 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 45172 IP address blocks: 143.96.0.0/16 maxlen: 16 143.96.0.0/24 maxlen: 24 143.96.1.0/24 maxlen: 24 143.96.2.0/23 maxlen: 24 143.96.4.0/23 maxlen: 24 143.96.6.0/24 maxlen: 24 143.96.7.0/24 maxlen: 24 143.96.8.0/22 maxlen: 22 143.96.12.0/24 maxlen: 24 143.96.13.0/24 maxlen: 24 143.96.14.0/24 maxlen: 24 143.96.15.0/24 maxlen: 24 143.96.16.0/20 maxlen: 20 143.96.32.0/19 maxlen: 19 143.96.64.0/18 maxlen: 18 143.96.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.crl rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 15:05:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13491 (0x34b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F428C, serialNumber=632C8DE0220B8C10B41FF49BFF8B432CF8FFD254 Validity Not Before: Aug 12 15:21:15 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=689b5beb-5013 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:03:99:90:32:0a:1a:88:bc:12:82:54:25:50: 16:27:9c:84:d6:ee:74:cf:0c:df:27:bb:ad:10:14: 83:b1:b0:f0:50:c7:ca:07:b7:3e:64:75:89:f1:4c: 4b:ae:14:fe:86:f4:e3:b0:c8:53:d1:5e:61:5d:fb: 27:d3:05:85:21:8e:4c:70:b9:82:fd:e8:8f:2e:46: be:55:db:82:7e:50:67:e2:d4:81:df:63:3b:01:58: 72:df:89:3a:89:06:58:32:06:90:d5:c4:76:d5:84: 36:db:6e:6d:77:17:fa:c9:57:01:22:f6:d8:cc:fb: 3b:07:2f:50:14:46:22:ea:fe:fb:a7:9f:36:3f:5c: e5:07:0d:f6:d1:81:24:45:a2:f1:c4:e8:b0:2d:4f: 43:7c:78:0a:b2:52:f5:95:78:fb:7d:1d:3d:61:a7: ff:ac:6f:07:0d:71:41:09:68:5a:b6:7b:07:41:d6: b5:dd:25:47:d8:79:7a:6a:ef:84:79:55:d5:ec:ab: 23:15:43:84:c0:8a:fd:23:46:60:6b:7f:aa:66:76: 23:11:35:8d:c2:b0:58:26:c7:f0:40:08:bf:92:4c: 4c:15:84:ab:6c:0e:4a:ed:2a:e9:f1:8d:8c:40:af: ba:d4:25:70:a0:28:0e:3a:51:82:55:c9:41:0f:89: 82:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:D3:09:7B:4C:BF:FF:0A:C3:E6:04:0E:D5:B4:6C:86:06:76:61:74 X509v3 Authority Key Identifier: keyid:63:2C:8D:E0:22:0B:8C:10:B4:1F:F4:9B:FF:8B:43:2C:F8:FF:D2:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YyyN4CILjBC0H_Sb_4tDLPj_0lQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F428C/449BA5061DA011E2B6D8709108B02CD2/8852DDDEBED411ECBA66025BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 143.96.0.0/16 Signature Algorithm: sha256WithRSAEncryption 6a:7e:9a:f5:7d:c3:ea:ec:57:a5:db:58:f7:be:81:39:73:bb: f3:1e:8b:ad:75:c9:20:52:06:f2:cf:e0:d5:8e:6d:07:8e:c8: 00:f6:9f:19:38:1e:6f:0b:4f:c0:60:3e:cc:7a:82:f7:ed:c9: 1a:bd:d6:57:d9:ff:45:18:06:89:e0:3c:e4:c8:e0:4b:b2:0e: 64:0e:ab:a8:d9:41:27:ba:3d:0f:a3:27:33:9b:a2:eb:4f:dd: 32:33:23:45:5c:ab:a3:48:7f:66:5b:2c:78:36:34:49:97:06: 57:e8:56:c7:52:00:03:61:0a:a6:79:cc:85:50:53:be:bf:b9: a4:e7:d4:f0:c0:44:ca:c5:af:48:24:57:9a:d8:82:34:cb:58: 69:d1:e2:86:c1:62:ca:c8:d8:18:fd:26:1f:6e:78:af:dc:0d: 90:5d:85:d5:16:07:2b:ab:f5:e3:2d:51:2f:77:87:c6:b2:b8: 59:61:67:77:74:d9:2b:59:ba:6e:63:c6:27:3f:0e:48:f5:97: 39:70:47:ac:4a:7a:25:8f:89:5b:b8:f8:06:b3:25:f5:c7:df: 65:cc:da:52:e3:7c:a3:e0:4e:84:95:db:fb:8f:c9:3c:5c:61: 8a:7a:e1:96:bd:28:17:75:40:39:e6:7a:18:5f:fb:f5:18:d4: 2e:8b:44:ae -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgICNLMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjQyOEMxMTAvBgNVBAUTKDYzMkM4REUwMjIwQjhDMTBCNDFGRjQ5QkZGOEI0MzJD RjhGRkQyNTQwHhcNMjUwODEyMTUyMTE1WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODliNWJlYi01MDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtQOZkDIKGoi8EoJUJVAWJ5yE1u50zwzfJ7utEBSDsbDwUMfKB7c+ZHWJ8UxL rhT+hvTjsMhT0V5hXfsn0wWFIY5McLmC/eiPLka+VduCflBn4tSB32M7AVhy34k6 iQZYMgaQ1cR21YQ2225tdxf6yVcBIvbYzPs7By9QFEYi6v77p582P1zlBw320YEk RaLxxOiwLU9DfHgKslL1lXj7fR09Yaf/rG8HDXFBCWhatnsHQda13SVH2Hl6au+E eVXV7KsjFUOEwIr9I0Zga3+qZnYjETWNwrBYJsfwQAi/kkxMFYSrbA5K7Srp8Y2M QK+61CVwoCgOOlGCVclBD4mCMQIDAQABo4IClDCCApAwHQYDVR0OBBYEFMvTCXtM v/8Kw+YEDtW0bIYGdmF0MB8GA1UdIwQYMBaAFGMsjeAiC4wQtB/0m/+LQyz4/9JU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDI4Qy80NDlCQTUwNjFE QTAxMUUyQjZEODcwOTEwOEIwMkNEMi9ZeXlONENJTGpCQzBIX1NiXzR0RExQal8w bFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1l5eU40Q0lMakJDMEhfU2JfNHRETFBqXzBsUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjQyOEMvNDQ5QkE1MDYxREEwMTFFMkI2RDg3MDkxMDhCMDJDRDIvODg1MkREREVC RUQ0MTFFQ0JBNjYwMjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E DzANMAsEAgABMAUDAwCPYDANBgkqhkiG9w0BAQsFAAOCAQEAan6a9X3D6uxXpdtY 976BOXO78x6LrXXJIFIG8s/g1Y5tB47IAPafGTgebwtPwGA+zHqC9+3JGr3WV9n/ RRgGieA85MjgS7IOZA6rqNlBJ7o9D6MnM5ui60/dMjMjRVyro0h/ZlsseDY0SZcG V+hWx1IAA2EKpnnMhVBTvr+5pOfU8MBEysWvSCRXmtiCNMtYadHihsFiysjYGP0m H254r9wNkF2F1RYHK6v14y1RL3eHxrK4WWFnd3TZK1m6bmPGJz8OSPWXOXBHrEp6 JY+JW7j4BrMl9cffZczaUuN8o+BOhJXb+4/JPFxhinrhlr0oF3VAOeZ6GF/79RjU LotErg== -----END CERTIFICATE-----Generated at Sat Aug 23 18:22:06 2025 by rpki-client