$ rpki-client -vvf rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/AF0A3F14178911EC876F5F50C4F9AE02.roa File: AF0A3F14178911EC876F5F50C4F9AE02.roa (raw, json) Hash identifier: KRiDfnMy2+pwD3zrIBOiDvY7T9O/jHD6MSYbIKfk0AY= Subject key identifier: A4:A6:8A:3B:6D:62:6C:57:22:6B:99:99:BA:D5:A4:A0:2B:C6:28:47 Certificate issuer: /CN=A91514B1/serialNumber=9682C2ABE25323580776B1D0E275D2FD2D697EB6 Certificate serial: 057C Authority key identifier: 96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/AF0A3F14178911EC876F5F50C4F9AE02.roa Signing time: Fri 01 Aug 2025 00:36:02 +0000 ROA not before: Fri 01 Aug 2025 00:36:02 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 7474 IP address blocks: 161.43.64.0/18 maxlen: 18 161.43.96.0/24 maxlen: 24 161.43.97.0/24 maxlen: 24 161.43.192.0/18 maxlen: 18 161.43.192.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.crl rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1404 (0x57c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91514B1, serialNumber=9682C2ABE25323580776B1D0E275D2FD2D697EB6 Validity Not Before: Aug 1 00:36:02 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=688c0bf2-2884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ff:34:93:d8:dc:4a:a0:50:62:26:c3:80:3e:47: 68:82:4d:b1:36:24:56:ec:48:a8:01:cb:cf:49:3f: 3a:bb:01:f9:94:cf:82:61:e1:84:67:c8:78:52:8c: 8e:3f:07:23:b0:32:b6:f7:41:c7:7d:b4:6a:6b:88: d7:52:36:ea:a0:a6:cc:a1:63:8b:ed:8c:c4:f1:4f: b0:57:4c:57:4c:19:b1:12:69:5b:89:a8:d9:81:2f: 42:80:35:dc:6d:b3:61:31:5e:c5:28:ce:ea:63:84: 45:b6:2e:31:3d:00:53:19:0c:75:fc:08:4e:9c:70: f8:c9:3d:2f:e8:f6:b4:60:a8:ad:42:6f:12:c5:43: ae:23:c3:93:65:20:4c:f6:0a:a7:77:fd:3a:8a:2f: 3f:68:56:82:99:0e:19:fb:2c:fa:e9:ea:db:b4:f6: 18:6c:bd:f0:3d:51:39:bb:49:2d:3f:8d:97:e2:d8: e4:5a:67:20:aa:73:ab:a2:95:68:e7:81:c3:2b:5e: 9c:5d:48:7c:30:12:94:cf:8b:9e:14:bf:e6:46:5e: e4:f5:95:bd:d5:1b:58:13:cb:52:2a:4b:bd:d9:c1: a3:b3:05:7e:56:41:6e:f8:1d:62:34:72:44:ae:06: df:14:30:bf:93:59:13:d9:93:2d:cd:69:a2:a5:b0: 14:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:A6:8A:3B:6D:62:6C:57:22:6B:99:99:BA:D5:A4:A0:2B:C6:28:47 X509v3 Authority Key Identifier: keyid:96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/AF0A3F14178911EC876F5F50C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.43.64.0/18 161.43.192.0/18 Signature Algorithm: sha256WithRSAEncryption 0f:1c:b5:0f:74:20:ef:5c:83:20:f3:55:1a:1e:de:cc:87:a6: 97:9a:2b:05:20:d2:11:69:05:22:a1:5e:3e:16:86:25:09:f2: 8d:9d:f9:4d:e5:8c:4f:36:15:81:c6:d1:07:f5:55:8e:5c:7e: 06:b4:28:79:83:9c:f4:48:b6:8d:90:95:72:16:ac:bb:46:3d: a3:f3:1a:ca:20:c4:d9:f2:c0:08:23:04:5d:ee:ce:41:23:53: 86:1f:28:38:99:ae:e4:27:7b:78:30:df:26:6d:2a:c1:11:aa: 45:72:9c:9f:7f:ac:94:6d:1f:e4:d3:5a:88:68:22:9c:fb:de: 60:fb:b9:9d:0d:40:a0:bc:43:da:fb:a0:ee:10:b9:76:82:ef: e6:e2:4a:cf:c5:5f:4f:1f:e6:6b:f3:6b:fc:6b:b9:72:00:a2: 67:ec:b9:2c:f6:4b:f5:d5:91:dc:92:9a:62:4c:d2:ff:d3:0c: 71:8d:89:30:71:b2:44:b9:68:62:7c:6c:a7:bf:6c:ff:9c:d5: 57:1e:b2:a8:08:d4:dd:7f:0c:82:77:64:af:ba:fa:38:1d:85: 6f:f5:24:85:12:23:12:b7:b3:0d:4e:bb:ed:7d:7f:70:45:0b: d7:26:a6:f8:4e:a1:78:28:e6:2d:4e:f4:a9:1c:ac:b0:2f:45: 6f:51:f6:7d -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBXwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTE0QjExMTAvBgNVBAUTKDk2ODJDMkFCRTI1MzIzNTgwNzc2QjFEMEUyNzVEMkZE MkQ2OTdFQjYwHhcNMjUwODAxMDAzNjAyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhjMGJmMi0yODg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA/zST2NxKoFBiJsOAPkdogk2xNiRW7EioAcvPST86uwH5lM+CYeGEZ8h4UoyO PwcjsDK290HHfbRqa4jXUjbqoKbMoWOL7YzE8U+wV0xXTBmxEmlbiajZgS9CgDXc bbNhMV7FKM7qY4RFti4xPQBTGQx1/AhOnHD4yT0v6Pa0YKitQm8SxUOuI8OTZSBM 9gqnd/06ii8/aFaCmQ4Z+yz66erbtPYYbL3wPVE5u0ktP42X4tjkWmcgqnOropVo 54HDK16cXUh8MBKUz4ueFL/mRl7k9ZW91RtYE8tSKku92cGjswV+VkFu+B1iNHJE rgbfFDC/k1kT2ZMtzWmipbAUuQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKSmijtt YmxXImuZmbrVpKArxihHMB8GA1UdIwQYMBaAFJaCwqviUyNYB3ax0OJ10v0taX62 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTRCMS83QTg4NjRBQ0ZC RTQxMUVCODJCNjI2NEZDNEY5QUUwMi9sb0xDcS1KVEkxZ0hkckhRNG5YU19TMXBm clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xvTENxLUpUSTFnSGRySFE0blhTX1MxcGZyWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTE0QjEvN0E4ODY0QUNGQkU0MTFFQjgyQjYyNjRGQzRGOUFFMDIvQUYwQTNGMTQx Nzg5MTFFQzg3NkY1RjUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAahK0ADBAahK8AwDQYJKoZIhvcNAQELBQADggEBAA8ctQ90 IO9cgyDzVRoe3syHppeaKwUg0hFpBSKhXj4WhiUJ8o2d+U3ljE82FYHG0Qf1VY5c fga0KHmDnPRIto2QlXIWrLtGPaPzGsogxNnywAgjBF3uzkEjU4YfKDiZruQne3gw 3yZtKsERqkVynJ9/rJRtH+TTWohoIpz73mD7uZ0NQKC8Q9r7oO4QuXaC7+biSs/F X08f5mvza/xruXIAomfsuSz2S/XVkdySmmJM0v/TDHGNiTBxskS5aGJ8bKe/bP+c 1VcesqgI1N1/DIJ3ZK+6+jgdhW/1JIUSIxK3sw1Ou+19f3BFC9cmpvhOoXgo5i1O 9KkcrLAvRW9R9n0= -----END CERTIFICATE-----Generated at Mon Aug 11 02:04:06 2025 by rpki-client