$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0A6C/B916F38882C211EA9A514639C4F9AE02/CFDF8B8A5B5D11EE967F161DC4F9AE02.roa File: CFDF8B8A5B5D11EE967F161DC4F9AE02.roa (raw, json) Hash identifier: PugK/HlSlwCNhEasOZjO6B/uomD7VotHJLA2wV6jZrM= Subject key identifier: 05:F0:4A:FC:06:18:9A:E2:3E:7F:B7:3E:6B:D2:F1:55:50:FB:1B:E3 Certificate issuer: /CN=A91A0A6C/serialNumber=A787A63E49EE8EC6F97511607F1B7C5B0DF1164E Certificate serial: 09D1 Authority key identifier: A7:87:A6:3E:49:EE:8E:C6:F9:75:11:60:7F:1B:7C:5B:0D:F1:16:4E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p4emPknujsb5dRFgfxt8Ww3xFk4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0A6C/B916F38882C211EA9A514639C4F9AE02/CFDF8B8A5B5D11EE967F161DC4F9AE02.roa Signing time: Mon 02 Jun 2025 20:24:52 +0000 ROA not before: Mon 02 Jun 2025 20:24:52 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 9370 IP address blocks: 103.26.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0A6C/B916F38882C211EA9A514639C4F9AE02/p4emPknujsb5dRFgfxt8Ww3xFk4.crl rsync://rpki.apnic.net/member_repository/A91A0A6C/B916F38882C211EA9A514639C4F9AE02/p4emPknujsb5dRFgfxt8Ww3xFk4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p4emPknujsb5dRFgfxt8Ww3xFk4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 19:48:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2513 (0x9d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0A6C, serialNumber=A787A63E49EE8EC6F97511607F1B7C5B0DF1164E Validity Not Before: Jun 2 20:24:52 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=683e0894-2242 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:61:2f:e7:53:90:d0:f8:b9:17:4e:03:e2:ee: 91:9f:9c:9d:db:87:26:25:11:43:c9:ad:cb:77:1c: 86:5d:fa:83:c0:ed:32:0e:3a:07:a8:95:dd:38:86: fe:24:8c:5c:90:a6:62:21:37:f3:e3:12:48:8f:4a: a2:ec:22:b2:a4:f9:31:7d:c3:fa:33:07:f9:ee:2e: 47:e9:5b:e3:57:c8:f4:db:2c:8f:8e:06:09:6e:f8: 3f:bb:e0:90:83:de:30:92:85:3e:43:50:78:d5:b7: 4f:dd:37:89:cc:a1:22:77:05:65:82:3e:dc:c7:92: ed:e2:1c:a7:b4:22:70:ad:a7:93:91:03:0e:48:22: 00:a9:90:c8:36:cd:d9:d7:cd:bc:68:49:54:db:1a: de:a8:3a:35:01:a2:a4:ed:57:66:78:4a:75:8f:cd: ae:88:94:42:92:a6:c9:63:d6:20:7e:cb:0e:a3:f6: 43:22:4e:4f:cc:47:29:26:e1:ad:09:0d:a0:80:7a: 64:23:5b:6a:d6:ec:19:ae:71:91:86:6d:f5:2d:c2: b8:46:41:f0:2d:bb:2e:b5:8e:33:60:34:fe:18:d8: 8e:e8:e3:5b:df:08:0c:a3:83:cf:55:18:2d:f1:7c: 9c:ab:9a:48:cf:74:4e:1a:8e:51:f1:0e:81:fc:82: e3:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:F0:4A:FC:06:18:9A:E2:3E:7F:B7:3E:6B:D2:F1:55:50:FB:1B:E3 X509v3 Authority Key Identifier: keyid:A7:87:A6:3E:49:EE:8E:C6:F9:75:11:60:7F:1B:7C:5B:0D:F1:16:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0A6C/B916F38882C211EA9A514639C4F9AE02/p4emPknujsb5dRFgfxt8Ww3xFk4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p4emPknujsb5dRFgfxt8Ww3xFk4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0A6C/B916F38882C211EA9A514639C4F9AE02/CFDF8B8A5B5D11EE967F161DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.26.32.0/24 Signature Algorithm: sha256WithRSAEncryption 4a:33:65:9f:82:17:6a:23:2f:32:c8:22:5d:a0:ea:71:5d:c8: c1:ba:04:ec:14:9a:10:34:d3:8d:48:d1:8a:26:0c:9e:76:21: 3d:0b:ae:a9:80:a1:37:1a:27:3c:3c:c4:aa:d8:0f:9c:97:50: f3:82:f4:0e:61:4c:9e:4f:e6:fe:e5:42:9a:4d:95:89:9b:05: d1:99:5e:77:ad:1c:42:1f:4d:f4:b3:85:c4:8e:9f:1e:79:17: 60:05:50:52:cb:c0:f3:52:2d:54:fe:59:37:01:d4:d8:4d:b2: 1f:29:07:35:7a:eb:ba:07:12:52:3f:49:fe:ba:67:e0:cb:94: a8:09:07:07:bb:a9:6c:62:bb:97:9b:16:43:e1:08:30:c1:0d: 44:3f:98:b5:5e:ab:8d:f6:fe:3a:30:ec:3f:23:12:83:cf:71: 23:b0:14:c3:a9:64:3a:01:12:68:1f:bf:68:2a:46:9e:b1:ea: 55:c3:76:5c:e1:5a:d9:1a:20:8e:f0:5e:f1:de:ed:d5:9e:5b: 32:e1:02:59:2a:bd:1e:0a:35:ed:90:28:a9:69:f9:8d:0d:5b: 58:81:b6:66:e5:bf:51:49:36:47:59:a0:50:12:ac:19:a8:aa: 4b:91:eb:6f:41:75:80:a0:35:24:f1:3a:20:59:1b:fb:16:31: 36:69:94:36 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTBBNkMxMTAvBgNVBAUTKEE3ODdBNjNFNDlFRThFQzZGOTc1MTE2MDdGMUI3QzVC MERGMTE2NEUwHhcNMjUwNjAyMjAyNDUyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNlMDg5NC0yMjQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyGEv51OQ0Pi5F04D4u6Rn5yd24cmJRFDya3LdxyGXfqDwO0yDjoHqJXdOIb+ JIxckKZiITfz4xJIj0qi7CKypPkxfcP6Mwf57i5H6VvjV8j02yyPjgYJbvg/u+CQ g94wkoU+Q1B41bdP3TeJzKEidwVlgj7cx5Lt4hyntCJwraeTkQMOSCIAqZDINs3Z 1828aElU2xreqDo1AaKk7VdmeEp1j82uiJRCkqbJY9YgfssOo/ZDIk5PzEcpJuGt CQ2ggHpkI1tq1uwZrnGRhm31LcK4RkHwLbsutY4zYDT+GNiO6ONb3wgMo4PPVRgt 8Xycq5pIz3ROGo5R8Q6B/ILjbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAXwSvwG GJriPn+3PmvS8VVQ+xvjMB8GA1UdIwQYMBaAFKeHpj5J7o7G+XURYH8bfFsN8RZO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMEE2Qy9COTE2RjM4ODgy QzIxMUVBOUE1MTQ2MzlDNEY5QUUwMi9wNGVtUGtudWpzYjVkUkZnZnh0OFd3M3hG azQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3A0ZW1Qa251anNiNWRSRmdmeHQ4V3czeEZrNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTBBNkMvQjkxNkYzODg4MkMyMTFFQTlBNTE0NjM5QzRGOUFFMDIvQ0ZERjhCOEE1 QjVEMTFFRTk2N0YxNjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBABnGiAwDQYJKoZIhvcNAQELBQADggEBAEozZZ+CF2ojLzLI Il2g6nFdyMG6BOwUmhA0041I0YomDJ52IT0LrqmAoTcaJzw8xKrYD5yXUPOC9A5h TJ5P5v7lQppNlYmbBdGZXnetHEIfTfSzhcSOnx55F2AFUFLLwPNSLVT+WTcB1NhN sh8pBzV667oHElI/Sf66Z+DLlKgJBwe7qWxiu5ebFkPhCDDBDUQ/mLVeq432/jow 7D8jEoPPcSOwFMOpZDoBEmgfv2gqRp6x6lXDdlzhWtkaII7wXvHe7dWeWzLhAlkq vR4KNe2QKKlp+Y0NW1iBtmblv1FJNkdZoFASrBmoqkuR629BdYCgNSTxOiBZG/sW MTZplDY= -----END CERTIFICATE-----Generated at Fri Jun 20 12:51:35 2025 by rpki-client