$ rpki-client -vvf rpki.apnic.net/member_repository/A91F59DF/BB52F4AC9C0D11EBAED84B24C4F9AE02/354314309C0F11EBAEFB6225C4F9AE02.roa File: 354314309C0F11EBAEFB6225C4F9AE02.roa (raw, json) Hash identifier: JJP7X3f6AVH5KsSFfVI30UVBcX+xwO84hT0LgBX60uQ= Subject key identifier: 01:8D:AB:09:00:EE:52:CA:FF:58:FB:50:77:F1:5C:9B:29:93:C4:81 Certificate issuer: /CN=A91F59DF/serialNumber=609A3126E2369A97D47FD64498D8165E21E525C5 Certificate serial: 0655 Authority key identifier: 60:9A:31:26:E2:36:9A:97:D4:7F:D6:44:98:D8:16:5E:21:E5:25:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YJoxJuI2mpfUf9ZEmNgWXiHlJcU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F59DF/BB52F4AC9C0D11EBAED84B24C4F9AE02/354314309C0F11EBAEFB6225C4F9AE02.roa Signing time: Tue 12 Aug 2025 23:04:49 +0000 ROA not before: Tue 12 Aug 2025 23:04:49 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 135345 IP address blocks: 103.214.12.0/24 maxlen: 24 103.214.13.0/24 maxlen: 24 103.214.14.0/24 maxlen: 24 103.214.15.0/24 maxlen: 24 115.42.120.0/24 maxlen: 24 115.42.121.0/24 maxlen: 24 115.42.122.0/24 maxlen: 24 115.42.123.0/24 maxlen: 24 115.42.124.0/24 maxlen: 24 115.42.125.0/24 maxlen: 24 115.42.126.0/24 maxlen: 24 115.42.127.0/24 maxlen: 24 144.48.28.0/24 maxlen: 24 144.48.29.0/24 maxlen: 24 144.48.30.0/24 maxlen: 24 144.48.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F59DF/BB52F4AC9C0D11EBAED84B24C4F9AE02/YJoxJuI2mpfUf9ZEmNgWXiHlJcU.crl rsync://rpki.apnic.net/member_repository/A91F59DF/BB52F4AC9C0D11EBAED84B24C4F9AE02/YJoxJuI2mpfUf9ZEmNgWXiHlJcU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YJoxJuI2mpfUf9ZEmNgWXiHlJcU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 22:48:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1621 (0x655) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F59DF, serialNumber=609A3126E2369A97D47FD64498D8165E21E525C5 Validity Not Before: Aug 12 23:04:49 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=689bc891-0a6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:00:bb:f1:28:6b:e3:5e:80:bb:47:84:4a:21: 60:ea:03:e2:22:bb:d2:13:21:9a:88:f2:d3:b3:2c: 71:11:b4:64:82:66:e4:5f:84:8a:aa:18:13:0c:a6: 55:fb:95:04:e3:e0:4b:93:89:6d:dd:d0:ea:23:93: df:3e:29:7e:45:e3:c0:f0:94:c0:ad:07:6b:f2:69: f9:e5:30:4e:d8:8a:8b:da:21:7d:02:5d:27:f4:2b: 2d:3e:02:9e:c0:1e:2e:22:64:de:35:61:16:58:69: 69:08:a7:de:0f:82:b6:50:a3:df:d4:8f:24:13:c5: 76:25:13:77:9b:1d:31:db:fa:6a:29:de:05:51:c1: 2b:ee:f8:e7:75:5f:04:e2:4b:6e:bd:bd:90:1b:f1: 88:0e:cd:7d:53:28:43:ac:c0:c4:ae:9c:66:2b:26: b9:3a:68:c2:9d:81:50:ef:e1:f6:86:8c:d1:a1:da: 50:20:ee:aa:d3:ac:d4:6d:3d:3a:e1:c3:3b:5b:81: 4a:a6:45:83:1e:2e:e3:c0:a3:46:25:35:5c:25:95: a6:69:db:ba:e7:0f:40:4c:81:58:4e:c2:94:68:bb: a4:56:51:cf:c0:7d:ee:d5:fb:d8:56:27:5d:9b:c1: ec:79:1a:a8:51:a6:5c:94:d5:66:ca:25:71:34:eb: 82:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:8D:AB:09:00:EE:52:CA:FF:58:FB:50:77:F1:5C:9B:29:93:C4:81 X509v3 Authority Key Identifier: keyid:60:9A:31:26:E2:36:9A:97:D4:7F:D6:44:98:D8:16:5E:21:E5:25:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F59DF/BB52F4AC9C0D11EBAED84B24C4F9AE02/YJoxJuI2mpfUf9ZEmNgWXiHlJcU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YJoxJuI2mpfUf9ZEmNgWXiHlJcU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F59DF/BB52F4AC9C0D11EBAED84B24C4F9AE02/354314309C0F11EBAEFB6225C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.214.12.0/22 115.42.120.0/21 144.48.28.0/22 Signature Algorithm: sha256WithRSAEncryption 9c:ab:44:57:64:2a:a2:0d:39:b1:38:b0:44:7e:c9:73:83:ce: 49:74:12:3b:b0:6d:53:48:c6:f0:ee:9a:09:31:99:aa:74:c5: 35:c7:6f:a3:fb:60:c2:6d:08:e6:5f:9c:f9:35:70:ea:b8:46: 75:34:c7:ff:d1:f6:06:89:a7:f5:a6:9f:29:05:27:14:7f:bc: 82:7c:40:87:4f:74:fc:12:87:6a:72:1e:24:c7:e3:73:82:a7: a3:85:40:fb:9a:da:b5:65:af:1b:0f:ee:dc:8b:eb:83:5a:d0: f6:d9:b3:b0:19:a2:b1:4e:3d:ac:0b:29:e9:2a:54:6a:35:d3: d6:37:70:ca:3c:7b:ba:2e:5f:df:36:8a:5a:8d:a1:a6:eb:72: af:75:b8:bc:83:04:e3:34:d0:94:93:0f:63:18:41:5e:33:5f: e9:01:68:40:ee:0d:89:a0:43:51:f9:9a:6a:af:ee:f8:ef:84: f4:b7:77:12:40:48:d0:75:57:41:f5:e1:1d:2e:d0:9b:85:af: 62:4b:9a:c3:f9:47:15:ea:4c:e9:d4:fd:c1:d4:1c:f5:52:a6: a3:9b:cc:90:68:9c:49:1c:b7:a3:b6:3c:7c:a3:2a:f1:7c:a1: ab:31:b5:56:e1:97:c2:8c:ea:79:93:d4:97:89:3f:59:92:af: 12:5f:ab:4b -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICBlUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjU5REYxMTAvBgNVBAUTKDYwOUEzMTI2RTIzNjlBOTdENDdGRDY0NDk4RDgxNjVF MjFFNTI1QzUwHhcNMjUwODEyMjMwNDQ5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODliYzg5MS0wYTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAygC78Shr416Au0eESiFg6gPiIrvSEyGaiPLTsyxxEbRkgmbkX4SKqhgTDKZV +5UE4+BLk4lt3dDqI5PfPil+RePA8JTArQdr8mn55TBO2IqL2iF9Al0n9CstPgKe wB4uImTeNWEWWGlpCKfeD4K2UKPf1I8kE8V2JRN3mx0x2/pqKd4FUcEr7vjndV8E 4ktuvb2QG/GIDs19UyhDrMDErpxmKya5OmjCnYFQ7+H2hozRodpQIO6q06zUbT06 4cM7W4FKpkWDHi7jwKNGJTVcJZWmadu65w9ATIFYTsKUaLukVlHPwH3u1fvYVidd m8HseRqoUaZclNVmyiVxNOuCzwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAGNqwkA 7lLK/1j7UHfxXJspk8SBMB8GA1UdIwQYMBaAFGCaMSbiNpqX1H/WRJjYFl4h5SXF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTlERi9CQjUyRjRBQzlD MEQxMUVCQUVEODRCMjRDNEY5QUUwMi9ZSm94SnVJMm1wZlVmOVpFbU5nV1hpSGxK Y1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lKb3hKdUkybXBmVWY5WkVtTmdXWGlIbEpjVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjU5REYvQkI1MkY0QUM5QzBEMTFFQkFFRDg0QjI0QzRGOUFFMDIvMzU0MzE0MzA5 QzBGMTFFQkFFRkI2MjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAJn1gwDBANzKngDBAKQMBwwDQYJKoZIhvcNAQELBQADggEB AJyrRFdkKqINObE4sER+yXODzkl0EjuwbVNIxvDumgkxmap0xTXHb6P7YMJtCOZf nPk1cOq4RnU0x//R9gaJp/WmnykFJxR/vIJ8QIdPdPwSh2pyHiTH43OCp6OFQPua 2rVlrxsP7tyL64Na0PbZs7AZorFOPawLKekqVGo109Y3cMo8e7ouX982ilqNoabr cq91uLyDBOM00JSTD2MYQV4zX+kBaEDuDYmgQ1H5mmqv7vjvhPS3dxJASNB1V0H1 4R0u0JuFr2JLmsP5RxXqTOnU/cHUHPVSpqObzJBonEkct6O2PHyjKvF8oasxtVbh l8KM6nmT1JeJP1mSrxJfq0s= -----END CERTIFICATE-----Generated at Sun Aug 24 07:56:08 2025 by rpki-client