$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/1517BF2ED77711EF8E6D7517C4F9AE02.roa File: 1517BF2ED77711EF8E6D7517C4F9AE02.roa (raw, json) Hash identifier: vaFX8SCMmHEvr5Ib9mcWdU+hQiZLjmlJABjS+fsvvGA= Subject key identifier: 72:78:FC:2A:77:26:6A:96:8F:2B:E8:4A:43:1A:57:F2:0D:C6:31:6C Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A Certificate serial: 0AAB Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/1517BF2ED77711EF8E6D7517C4F9AE02.roa Signing time: Mon 10 Mar 2025 20:40:40 +0000 ROA not before: Mon 10 Mar 2025 20:40:40 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 55714 IP address blocks: 103.17.200.0/24 maxlen: 24 110.34.33.0/24 maxlen: 24 110.34.34.0/24 maxlen: 24 110.34.35.0/24 maxlen: 24 110.34.36.0/24 maxlen: 24 110.34.39.0/24 maxlen: 24 192.135.90.0/24 maxlen: 24 192.135.91.0/24 maxlen: 24 2406:f500::/32 maxlen: 32 2406:f500::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2731 (0xaab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB6EB, serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A Validity Not Before: Mar 10 20:40:40 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67cf4e47-531e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:f2:ea:72:ce:ca:bb:1f:d1:6a:80:7f:8f:d5: a9:88:aa:48:3a:85:d5:aa:fd:fa:dd:f3:ef:fd:bd: a7:9b:86:08:f4:4f:d3:9c:dc:5a:35:74:28:bc:60: db:19:fc:90:25:41:21:ae:6e:3a:18:55:01:85:c6: 14:c0:bb:44:49:65:16:2c:93:04:57:60:bd:d3:18: e8:5a:83:64:7c:53:c4:5d:86:25:df:ef:3a:87:ec: 90:c2:f9:e0:a0:ff:c4:c9:9c:0e:9f:a0:bd:22:15: bd:fe:ea:2b:df:ad:51:b6:10:67:62:d2:44:a8:33: 39:01:bf:30:cd:51:75:3a:bb:28:bd:93:01:e0:3b: 27:fa:e8:43:9d:c2:31:4f:07:54:03:cb:0d:8a:ff: c3:40:a1:66:25:24:e1:ba:17:47:5d:10:7f:db:3c: ce:1d:96:7a:95:0c:26:1d:4d:4b:91:1f:80:3b:5b: a3:7b:56:3d:86:a0:3f:78:67:71:0c:90:d6:31:12: 0f:91:6d:d0:fd:6b:09:39:5a:2b:5f:ee:af:f4:7e: cc:12:d0:fc:71:9e:31:e5:24:bc:13:54:16:9e:6f: b3:85:42:05:20:2a:14:49:45:cc:26:6e:10:b4:f4: e9:50:b8:ac:62:a5:c2:52:2f:b2:8f:e9:38:5b:db: 7c:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:78:FC:2A:77:26:6A:96:8F:2B:E8:4A:43:1A:57:F2:0D:C6:31:6C X509v3 Authority Key Identifier: keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/1517BF2ED77711EF8E6D7517C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.17.200.0/24 110.34.33.0-110.34.36.255 110.34.39.0/24 192.135.90.0/23 IPv6: 2406:f500::/32 Signature Algorithm: sha256WithRSAEncryption b7:dd:86:78:cc:da:2b:52:09:26:68:a2:5a:8e:6d:e8:92:fb: 77:80:2d:38:7b:77:f1:f1:b8:41:80:73:d5:56:1f:0c:02:6a: b7:69:1a:5d:fe:07:32:bf:e9:74:c0:17:43:ea:1d:c1:d0:81: d0:74:6e:08:9e:48:a3:99:50:af:0c:b9:2f:1e:6b:54:64:41: 3f:c0:50:29:da:6d:17:bf:25:63:d8:fe:72:d1:c9:da:be:87: f8:32:56:16:a8:53:7c:fb:ef:97:c8:78:a5:13:d4:7d:27:e8: da:e5:ca:91:39:11:91:0d:5c:04:e5:9b:a8:5f:f6:0d:fe:f6: f1:43:2b:f5:11:58:a9:ec:72:e4:17:d8:eb:5c:d8:f8:97:a4: 6b:c7:82:02:b0:66:e0:09:39:2a:e2:8c:ea:e8:58:3d:aa:d2: c9:51:76:11:ea:27:43:0d:eb:34:ff:28:19:ce:c5:98:23:8b: 19:42:b3:54:1d:22:4b:36:67:e3:31:fc:55:23:52:e5:29:78: 9d:0e:ce:5b:d1:2e:54:00:80:7d:d6:65:0c:99:cd:cb:0b:1d: 49:fc:e1:7b:5c:b1:4f:75:00:b6:0a:be:b6:96:33:c6:ff:6c: 80:20:0c:18:40:fe:18:09:5c:bf:4a:43:f6:96:98:4a:a3:a0: 03:a2:d0:f1 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgICCqswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz MjI2NThDMkEwHhcNMjUwMzEwMjA0MDQwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2NmNGU0Ny01MzFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx/Lqcs7Kux/RaoB/j9WpiKpIOoXVqv363fPv/b2nm4YI9E/TnNxaNXQovGDb GfyQJUEhrm46GFUBhcYUwLtESWUWLJMEV2C90xjoWoNkfFPEXYYl3+86h+yQwvng oP/EyZwOn6C9IhW9/uor361RthBnYtJEqDM5Ab8wzVF1OrsovZMB4Dsn+uhDncIx TwdUA8sNiv/DQKFmJSThuhdHXRB/2zzOHZZ6lQwmHU1LkR+AO1uje1Y9hqA/eGdx DJDWMRIPkW3Q/WsJOVorX+6v9H7MEtD8cZ4x5SS8E1QWnm+zhUIFICoUSUXMJm4Q tPTpULisYqXCUi+yj+k4W9t8DwIDAQABo4ICvjCCArowHQYDVR0OBBYEFHJ4/Cp3 JmqWjyvoSkMaV/INxjFsMB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvMTUxN0JGMkVE Nzc3MTFFRjhFNkQ3NTE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E OTA3MCYEAgABMCADBABnEcgwDAMEAG4iIQMEAG4iJAMEAG4iJwMEAcCHWjANBAIA AjAHAwUAJAb1ADANBgkqhkiG9w0BAQsFAAOCAQEAt92GeMzaK1IJJmiiWo5t6JL7 d4AtOHt38fG4QYBz1VYfDAJqt2kaXf4HMr/pdMAXQ+odwdCB0HRuCJ5Io5lQrwy5 Lx5rVGRBP8BQKdptF78lY9j+ctHJ2r6H+DJWFqhTfPvvl8h4pRPUfSfo2uXKkTkR kQ1cBOWbqF/2Df728UMr9RFYqexy5BfY61zY+Jeka8eCArBm4Ak5KuKM6uhYParS yVF2EeonQw3rNP8oGc7FmCOLGUKzVB0iSzZn4zH8VSNS5Sl4nQ7OW9EuVACAfdZl DJnNywsdSfzhe1yxT3UAtgq+tpYzxv9sgCAMGED+GAlcv0pD9paYSqOgA6LQ8Q== -----END CERTIFICATE-----Generated at Wed Nov 5 10:30:24 2025 by rpki-client