$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B43088B457F311F099129754C4F9AE02.roa File: B43088B457F311F099129754C4F9AE02.roa (raw, json) Hash identifier: C5OFRKDzkFW24B9vlFa8RumKtNGm9zWYC6fIbYgCNks= Subject key identifier: 53:B1:87:B8:16:2F:2F:EC:88:9A:35:8B:57:F7:9D:D8:9C:60:75:8D Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Certificate serial: 0C28 Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B43088B457F311F099129754C4F9AE02.roa Signing time: Mon 28 Jul 2025 06:24:17 +0000 ROA not before: Mon 28 Jul 2025 06:24:17 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 5065 IP address blocks: 43.230.52.0/24 maxlen: 24 43.230.53.0/24 maxlen: 24 43.246.198.0/24 maxlen: 24 43.249.240.0/24 maxlen: 24 43.249.242.0/24 maxlen: 24 43.249.243.0/24 maxlen: 24 43.251.184.0/24 maxlen: 24 43.251.186.0/24 maxlen: 24 45.115.33.0/24 maxlen: 24 103.7.117.0/24 maxlen: 24 103.7.118.0/24 maxlen: 24 103.7.119.0/24 maxlen: 24 103.13.19.0/24 maxlen: 24 103.15.32.0/24 maxlen: 24 103.15.33.0/24 maxlen: 24 103.15.34.0/24 maxlen: 24 103.15.35.0/24 maxlen: 24 103.248.150.0/24 maxlen: 24 103.248.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3112 (0xc28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Validity Not Before: Jul 28 06:24:17 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=68871791-3abf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:17:56:22:24:db:5c:eb:18:25:e2:f1:dc:fc: 86:30:b6:66:d6:8f:a0:65:ee:13:c8:46:ab:9b:a1: 02:d5:f4:d5:c6:92:e4:99:0d:8b:06:10:90:43:cc: e6:af:e7:50:b7:11:c4:a3:81:ab:48:dd:7a:b6:31: 41:48:83:95:da:44:d4:e4:f3:05:81:d6:5d:e8:66: 0f:12:47:ed:b0:09:e4:d7:e4:71:f2:17:ec:93:54: b7:b6:39:50:74:f5:bd:ef:76:39:00:24:57:e0:7d: 88:da:19:97:e9:d4:74:a0:53:88:d5:d6:99:73:c7: c6:5e:b4:73:01:a8:0f:a9:b7:fb:5e:d7:35:1c:29: fe:ee:3a:9c:32:7c:4a:fd:e1:53:e7:05:1a:92:e9: 4e:ad:97:b6:de:ce:14:2e:04:ff:d6:3b:d2:ac:31: d2:80:8d:ab:41:ac:56:ec:26:c4:2c:c5:50:a8:5d: a0:f6:f7:11:da:0d:49:75:40:fd:bc:99:a1:fe:62: 5e:e6:83:35:99:f2:d6:91:4d:77:e4:63:e4:9c:d9: 24:61:9c:24:db:9d:53:58:c0:f3:ff:19:1d:65:c4: ac:bc:1f:96:3c:7b:4d:cc:9e:91:75:ed:3e:c0:07: 72:6c:04:56:c1:2e:e8:fb:57:5b:6a:87:60:c1:44: ca:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:B1:87:B8:16:2F:2F:EC:88:9A:35:8B:57:F7:9D:D8:9C:60:75:8D X509v3 Authority Key Identifier: keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B43088B457F311F099129754C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.52.0/23 43.246.198.0/24 43.249.240.0/24 43.249.242.0/23 43.251.184.0/24 43.251.186.0/24 45.115.33.0/24 103.7.117.0-103.7.119.255 103.13.19.0/24 103.15.32.0/22 103.248.150.0/23 Signature Algorithm: sha256WithRSAEncryption 14:15:bc:21:6f:d8:1b:da:72:ce:e1:da:8d:15:9e:9f:b6:49: c8:0a:e8:8f:31:f1:a2:d1:f5:27:ae:35:0b:9d:7c:4f:64:f2: 32:32:56:16:6c:26:fd:81:ad:eb:36:da:00:b4:f4:8d:9c:4d: e7:3c:9a:4f:79:71:ab:7a:e6:25:55:0c:08:84:50:9e:df:e0: ee:67:7c:99:41:71:1f:13:62:03:6e:7e:d9:6b:e5:aa:56:3d: e1:95:31:17:15:7e:cd:c6:88:67:ee:7b:c8:dd:d0:f5:b6:3e: 15:53:b1:5a:d2:a1:55:b6:65:0a:bf:c2:52:1d:51:e5:d5:4d: a6:2f:69:c5:13:3a:04:00:fd:62:22:13:dc:8d:f0:ae:2c:6f: 89:34:ee:58:3b:3e:5a:5a:d5:6b:a2:0f:e7:b3:15:18:68:e7: 35:b6:3c:ce:2c:4c:ab:41:f9:df:4f:1b:d0:20:77:f2:3e:9d: 2e:08:82:00:e3:a2:5c:f3:65:4f:e2:b2:1a:69:61:5f:9a:26: 98:3c:b4:e3:77:58:dc:7d:1e:75:84:ff:49:70:8a:3a:95:01: 4b:a5:98:2f:cf:57:97:ee:05:6a:fd:3e:55:58:13:56:e5:32: e9:ee:cb:24:a5:2b:d8:c0:50:4b:3e:6a:59:e5:fe:92:39:98: 6d:aa:71:1c -----BEGIN CERTIFICATE----- MIIFtTCCBJ2gAwIBAgICDCgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG NjlDQkE4NDYwHhcNMjUwNzI4MDYyNDE3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02ODg3MTc5MS0zYWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsxdWIiTbXOsYJeLx3PyGMLZm1o+gZe4TyEarm6EC1fTVxpLkmQ2LBhCQQ8zm r+dQtxHEo4GrSN16tjFBSIOV2kTU5PMFgdZd6GYPEkftsAnk1+Rx8hfsk1S3tjlQ dPW973Y5ACRX4H2I2hmX6dR0oFOI1daZc8fGXrRzAagPqbf7Xtc1HCn+7jqcMnxK /eFT5wUakulOrZe23s4ULgT/1jvSrDHSgI2rQaxW7CbELMVQqF2g9vcR2g1JdUD9 vJmh/mJe5oM1mfLWkU135GPknNkkYZwk251TWMDz/xkdZcSsvB+WPHtNzJ6Rde0+ wAdybARWwS7o+1dbaodgwUTKEQIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFFOxh7gW Ly/siJo1i1f3ndicYHWNMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvQjQzMDg4QjQ1 N0YzMTFGMDk5MTI5NzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E VDBSMFAEAgABMEoDBAEr5jQDBAAr9sYDBAAr+fADBAEr+fIDBAAr+7gDBAAr+7oD BAAtcyEwDAMEAGcHdQMEA2cHcAMEAGcNEwMEAmcPIAMEAWf4ljANBgkqhkiG9w0B AQsFAAOCAQEAFBW8IW/YG9pyzuHajRWen7ZJyArojzHxotH1J641C518T2TyMjJW Fmwm/YGt6zbaALT0jZxN5zyaT3lxq3rmJVUMCIRQnt/g7md8mUFxHxNiA25+2Wvl qlY94ZUxFxV+zcaIZ+57yN3Q9bY+FVOxWtKhVbZlCr/CUh1R5dVNpi9pxRM6BAD9 YiIT3I3wrixviTTuWDs+WlrVa6IP57MVGGjnNbY8zixMq0H5308b0CB38j6dLgiC AOOiXPNlT+KyGmlhX5ommDy043dY3H0edYT/SXCKOpUBS6WYL89Xl+4Fav0+VVgT VuUy6e7LJKUr2MBQSz5qWeX+kjmYbapxHA== -----END CERTIFICATE-----Generated at Sat Aug 9 15:18:55 2025 by rpki-client