$ rpki-client -vvf rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/17679A100BCE11EC85811A0DC4F9AE02.roa File: 17679A100BCE11EC85811A0DC4F9AE02.roa (raw, json) Hash identifier: GBlJBvL9mw9TcJgwkIpDEFzq0c16HJn6FF84wJKDCP8= Subject key identifier: 18:B9:96:F1:85:D9:DE:66:EA:5B:D8:32:8B:B9:82:B9:D6:34:3C:55 Certificate issuer: /CN=A91852BA/serialNumber=F66964F99BC88D37761D389815D3C9E9D0A17A4D Certificate serial: 0506 Authority key identifier: F6:69:64:F9:9B:C8:8D:37:76:1D:38:98:15:D3:C9:E9:D0:A1:7A:4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9mlk-ZvIjTd2HTiYFdPJ6dChek0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/17679A100BCE11EC85811A0DC4F9AE02.roa Signing time: Wed 14 May 2025 23:54:16 +0000 ROA not before: Wed 14 May 2025 23:54:16 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 53587 IP address blocks: 43.248.168.0/22 maxlen: 22 43.248.168.0/24 maxlen: 24 43.248.169.0/24 maxlen: 24 43.248.170.0/24 maxlen: 24 43.248.171.0/24 maxlen: 24 103.228.92.0/22 maxlen: 22 103.228.92.0/24 maxlen: 24 103.228.93.0/24 maxlen: 24 103.228.94.0/24 maxlen: 24 103.228.95.0/24 maxlen: 24 2401:9d80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/9mlk-ZvIjTd2HTiYFdPJ6dChek0.crl rsync://rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/9mlk-ZvIjTd2HTiYFdPJ6dChek0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9mlk-ZvIjTd2HTiYFdPJ6dChek0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:28:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1286 (0x506) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91852BA, serialNumber=F66964F99BC88D37761D389815D3C9E9D0A17A4D Validity Not Before: May 14 23:54:16 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68252d28-3a7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:71:2d:19:ad:d0:99:b5:28:1f:cc:cd:f9:01: 04:3c:78:04:a1:2a:09:c5:69:b4:72:91:11:c3:9a: 74:f4:44:be:6f:41:5f:b4:dc:88:84:01:54:a9:bb: 77:8f:c0:82:40:85:f1:d3:b6:d8:8e:2f:79:48:87: 22:a1:69:77:26:1e:c8:1e:82:65:81:74:10:3c:a5: f0:79:7d:c0:5b:aa:5a:1a:41:41:6b:13:17:0f:a5: 93:e8:a7:4e:c3:85:00:10:8e:9a:77:f6:05:f8:38: 5f:8b:82:72:66:c6:3d:ea:d1:c5:56:78:e8:45:55: 51:06:20:d4:bd:03:ef:2c:88:99:d1:31:9a:bf:1a: 6b:d8:1c:0a:87:23:17:82:85:82:49:3a:4d:38:25: 63:f5:44:07:22:70:c2:f7:be:29:e3:2c:00:bc:c6: 79:e7:77:f5:a5:5b:ae:67:4d:1f:ea:49:e8:0c:e8: 72:c5:83:31:29:5f:bb:db:df:31:54:3a:55:7c:d6: ea:32:0a:f6:4a:c1:f9:11:ad:dd:fa:37:01:9b:ca: 2f:06:9b:99:0f:9e:51:c8:ce:fa:6a:1c:08:04:2a: f9:28:89:8a:b4:9d:ec:2a:79:36:11:ba:65:0f:25: 36:75:e7:e3:6e:cf:95:69:c7:b2:c3:12:6e:1b:84: 49:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:B9:96:F1:85:D9:DE:66:EA:5B:D8:32:8B:B9:82:B9:D6:34:3C:55 X509v3 Authority Key Identifier: keyid:F6:69:64:F9:9B:C8:8D:37:76:1D:38:98:15:D3:C9:E9:D0:A1:7A:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/9mlk-ZvIjTd2HTiYFdPJ6dChek0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9mlk-ZvIjTd2HTiYFdPJ6dChek0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91852BA/856517C00BCB11ECBD9C200BC4F9AE02/17679A100BCE11EC85811A0DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.248.168.0/22 103.228.92.0/22 IPv6: 2401:9d80::/32 Signature Algorithm: sha256WithRSAEncryption 82:6c:d7:d6:35:6c:d5:74:3a:d1:43:d8:39:ad:ee:1f:ae:ce: bf:da:6c:0b:45:c2:81:82:77:2e:e6:c7:76:cd:b5:ae:49:2c: 99:86:10:c8:9b:2d:0d:c7:5a:2a:bf:28:be:14:a2:f9:24:f5: 23:16:71:77:f3:77:13:d9:8d:42:00:a0:d0:84:af:13:76:e3: a3:71:e0:7e:ab:67:1d:c7:0b:f7:45:6d:76:0a:7f:5d:65:fc: 5a:8b:22:82:83:32:e0:2b:9a:f9:11:d9:15:bf:4c:84:76:f4: 99:52:83:40:5e:91:70:55:85:05:03:02:b9:e3:85:12:34:02: cc:aa:40:44:b9:af:c9:dd:eb:af:57:dd:d9:70:86:e4:cd:dc: cd:d8:d9:44:d5:ac:a1:82:ad:8b:ab:b9:86:23:bd:d4:47:97: 18:ba:91:97:ab:3a:4d:fd:87:55:45:4d:ca:e2:c8:fe:46:89: b3:45:45:dc:17:72:84:59:95:75:01:12:9f:dd:3d:78:f2:91: 19:17:a7:5d:66:87:21:85:d9:33:1f:ec:28:99:40:25:51:8f: 0a:0b:68:99:be:aa:df:b1:fd:d9:0a:26:cd:ac:3c:57:4b:b1: b0:27:6d:38:32:e2:87:a6:47:82:97:25:4b:e8:90:ee:a3:af: 6c:aa:84:1e -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBQYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODUyQkExMTAvBgNVBAUTKEY2Njk2NEY5OUJDODhEMzc3NjFEMzg5ODE1RDNDOUU5 RDBBMTdBNEQwHhcNMjUwNTE0MjM1NDE2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODI1MmQyOC0zYTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu3EtGa3QmbUoH8zN+QEEPHgEoSoJxWm0cpERw5p09ES+b0FftNyIhAFUqbt3 j8CCQIXx07bYji95SIcioWl3Jh7IHoJlgXQQPKXweX3AW6paGkFBaxMXD6WT6KdO w4UAEI6ad/YF+Dhfi4JyZsY96tHFVnjoRVVRBiDUvQPvLIiZ0TGavxpr2BwKhyMX goWCSTpNOCVj9UQHInDC974p4ywAvMZ553f1pVuuZ00f6knoDOhyxYMxKV+7298x VDpVfNbqMgr2SsH5Ea3d+jcBm8ovBpuZD55RyM76ahwIBCr5KImKtJ3sKnk2Ebpl DyU2defjbs+VaceywxJuG4RJ9wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBi5lvGF 2d5m6lvYMou5grnWNDxVMB8GA1UdIwQYMBaAFPZpZPmbyI03dh04mBXTyenQoXpN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTJCQS84NTY1MTdDMDBC Q0IxMUVDQkQ5QzIwMEJDNEY5QUUwMi85bWxrLVp2SWpUZDJIVGlZRmRQSjZkQ2hl azAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzltbGstWnZJalRkMkhUaVlGZFBKNmRDaGVrMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODUyQkEvODU2NTE3QzAwQkNCMTFFQ0JEOUMyMDBCQzRGOUFFMDIvMTc2NzlBMTAw QkNFMTFFQzg1ODExQTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIr+KgDBAJn5FwwDQQCAAIwBwMFACQBnYAwDQYJKoZIhvcN AQELBQADggEBAIJs19Y1bNV0OtFD2Dmt7h+uzr/abAtFwoGCdy7mx3bNta5JLJmG EMibLQ3HWiq/KL4Uovkk9SMWcXfzdxPZjUIAoNCErxN246Nx4H6rZx3HC/dFbXYK f11l/FqLIoKDMuArmvkR2RW/TIR29JlSg0BekXBVhQUDArnjhRI0AsyqQES5r8nd 669X3dlwhuTN3M3Y2UTVrKGCrYuruYYjvdRHlxi6kZerOk39h1VFTcriyP5GibNF RdwXcoRZlXUBEp/dPXjykRkXp11mhyGF2TMf7CiZQCVRjwoLaJm+qt+x/dkKJs2s PFdLsbAnbTgy4oemR4KXJUvokO6jr2yqhB4= -----END CERTIFICATE-----Generated at Wed Nov 5 15:04:20 2025 by rpki-client