$ rpki-client -vvf rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/572A655C6E8E11F0BC00AD68C4F9AE02.roa File: 572A655C6E8E11F0BC00AD68C4F9AE02.roa (raw, json) Hash identifier: cUCnwUzBgOkdgH52sYU+IHvJQMt7Wg+jJl+nGicq16I= Subject key identifier: 1C:82:4F:84:B6:C8:B2:5C:98:BA:D6:36:A7:E0:C4:5C:C0:83:0D:79 Certificate issuer: /CN=A91516FF/serialNumber=DFCA8FDAA5FEF948E0ECF6F9C703639B56539D99 Certificate serial: 4A Authority key identifier: DF:CA:8F:DA:A5:FE:F9:48:E0:EC:F6:F9:C7:03:63:9B:56:53:9D:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/572A655C6E8E11F0BC00AD68C4F9AE02.roa Signing time: Fri 01 Aug 2025 04:17:18 +0000 ROA not before: Fri 01 Aug 2025 04:17:18 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 153315 IP address blocks: 202.40.164.0/24 maxlen: 24 202.40.165.0/24 maxlen: 24 202.40.166.0/24 maxlen: 24 202.40.167.0/24 maxlen: 24 2401:c0e0::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.crl rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74 (0x4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91516FF, serialNumber=DFCA8FDAA5FEF948E0ECF6F9C703639B56539D99 Validity Not Before: Aug 1 04:17:18 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=688c3fce-96d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:22:1b:97:ff:b0:5a:5d:24:13:04:82:75:3c: 9d:4c:67:e1:61:88:8a:f5:a9:87:3c:9c:f5:31:d9: d9:4f:5a:fa:bb:6b:b6:57:bd:bf:2a:ae:5f:e5:d8: 79:7b:0c:bc:a8:d3:1f:9d:71:34:dc:a2:c5:4d:7e: 4c:c4:87:be:2b:9d:9a:19:d3:ab:32:02:b6:d0:2d: f4:b9:1a:00:36:58:25:76:88:9d:a0:ae:d9:36:55: 1c:5d:f6:82:d8:64:5a:a0:ce:fa:85:01:ae:c8:0c: 96:94:63:21:df:35:88:38:c2:9c:cd:33:40:90:9c: f2:28:e1:c4:c9:7d:91:47:b2:42:df:73:d6:f6:31: e7:79:a6:7d:d2:00:ac:25:a4:11:46:f9:34:2e:1c: 9c:fe:f9:b2:91:13:46:5f:e1:3a:bb:9e:86:57:51: 52:1e:26:9d:e7:1e:51:b3:a6:4f:5d:49:f9:b5:8e: 7e:e1:d4:a5:ce:60:d0:90:fb:38:d2:ed:20:c2:b4: 18:eb:fe:50:7d:f0:1d:30:19:86:9a:2b:b9:a0:4e: a3:96:61:33:be:ed:de:0d:83:d6:bc:48:91:ec:89: 4e:71:07:3a:ef:ef:92:cb:85:0a:21:ce:53:bb:42: 88:9a:57:55:62:7f:7f:84:ee:f6:71:3c:ec:25:3d: f2:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:82:4F:84:B6:C8:B2:5C:98:BA:D6:36:A7:E0:C4:5C:C0:83:0D:79 X509v3 Authority Key Identifier: keyid:DF:CA:8F:DA:A5:FE:F9:48:E0:EC:F6:F9:C7:03:63:9B:56:53:9D:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38qP2qX--Ujg7Pb5xwNjm1ZTnZk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91516FF/2DA55912141611F0A8523219C4F9AE02/572A655C6E8E11F0BC00AD68C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.40.164.0/22 IPv6: 2401:c0e0::/40 Signature Algorithm: sha256WithRSAEncryption ad:ef:3f:86:24:7c:ff:2c:8b:26:b8:74:5e:77:67:09:53:91: e6:5c:73:75:5e:84:7c:66:b4:f2:d9:53:20:d9:06:e6:36:59: 3f:31:ed:62:34:49:dc:fc:e3:92:2a:fa:99:df:98:6c:c3:48: 33:96:f6:02:2d:72:26:c3:72:1a:0e:85:74:7a:6d:ef:09:ea: 36:d4:78:03:38:2a:e8:50:4e:a4:34:cf:4b:1b:f4:46:33:22: 1b:0c:19:27:74:d8:75:47:d7:b1:ff:25:d8:46:21:15:92:bd: ac:9c:7c:23:ab:e5:d6:b7:7a:29:44:17:e6:d3:3c:a3:f8:93: 56:18:ee:10:d6:9c:90:49:5b:e4:2d:05:15:d3:29:5b:b9:7f: 17:85:dd:05:37:97:93:45:a3:db:e6:03:ed:6f:46:9d:46:d1: 4e:bb:8d:d3:81:bd:9b:62:45:22:20:9d:54:29:65:cc:c3:39: 84:14:ab:38:94:66:6e:11:05:e8:90:99:5f:f6:b2:19:3f:e9: 4f:05:cf:4d:4f:84:c1:17:fa:aa:04:94:d6:9d:1f:0f:aa:8d: fb:94:93:51:98:75:b8:53:a0:db:53:ef:b4:0a:d6:32:92:df: 7c:5e:e0:4c:4a:6f:b3:bf:7f:6d:46:7c:62:f4:d6:35:17:bc: c1:92:74:76 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgIBSjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 MTZGRjExMC8GA1UEBRMoREZDQThGREFBNUZFRjk0OEUwRUNGNkY5QzcwMzYzOUI1 NjUzOUQ5OTAeFw0yNTA4MDEwNDE3MThaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4OGMzZmNlLTk2ZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+IhuX/7BaXSQTBIJ1PJ1MZ+FhiIr1qYc8nPUx2dlPWvq7a7ZXvb8qrl/l2Hl7 DLyo0x+dcTTcosVNfkzEh74rnZoZ06syArbQLfS5GgA2WCV2iJ2grtk2VRxd9oLY ZFqgzvqFAa7IDJaUYyHfNYg4wpzNM0CQnPIo4cTJfZFHskLfc9b2Med5pn3SAKwl pBFG+TQuHJz++bKRE0Zf4Tq7noZXUVIeJp3nHlGzpk9dSfm1jn7h1KXOYNCQ+zjS 7SDCtBjr/lB98B0wGYaaK7mgTqOWYTO+7d4Ng9a8SJHsiU5xBzrv75LLhQohzlO7 QoiaV1Vif3+E7vZxPOwlPfKfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUHIJPhLbI slyYutY2p+DEXMCDDXkwHwYDVR0jBBgwFoAU38qP2qX++Ujg7Pb5xwNjm1ZTnZkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUxNkZGLzJEQTU1OTEyMTQx NjExRjBBODUyMzIxOUM0RjlBRTAyLzM4cVAycVgtLVVqZzdQYjV4d05qbTFaVG5a ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMzhxUDJxWC0tVWpnN1BiNXh3TmptMVpUblprLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MTZGRi8yREE1NTkxMjE0MTYxMUYwQTg1MjMyMTlDNEY5QUUwMi81NzJBNjU1QzZF OEUxMUYwQkMwMEFENjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAvBggrBgEFBQcBBwEB/wQg MB4wDAQCAAEwBgMEAsoopDAOBAIAAjAIAwYAJAHA4AAwDQYJKoZIhvcNAQELBQAD ggEBAK3vP4YkfP8siya4dF53ZwlTkeZcc3VehHxmtPLZUyDZBuY2WT8x7WI0Sdz8 45Iq+pnfmGzDSDOW9gItcibDchoOhXR6be8J6jbUeAM4KuhQTqQ0z0sb9EYzIhsM GSd02HVH17H/JdhGIRWSvaycfCOr5da3eilEF+bTPKP4k1YY7hDWnJBJW+QtBRXT KVu5fxeF3QU3l5NFo9vmA+1vRp1G0U67jdOBvZtiRSIgnVQpZczDOYQUqziUZm4R BeiQmV/2shk/6U8Fz01PhMEX+qoElNadHw+qjfuUk1GYdbhToNtT77QK1jKS33xe 4ExKb7O/f21GfGL01jUXvMGSdHY= -----END CERTIFICATE-----Generated at Mon Aug 11 12:56:32 2025 by rpki-client