$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/40965650EA4311EEA09F786BC4F9AE02.roa File: 40965650EA4311EEA09F786BC4F9AE02.roa (raw, json) Hash identifier: ag0QXLN9VhtP4YSxCpypnephnV4TdElKmf1LeX8WRbs= Subject key identifier: CA:EF:60:DF:C2:80:6C:E2:25:F1:74:52:C6:4F:CB:6C:DE:B2:C7:5E Certificate issuer: /CN=A91ACF30/serialNumber=D3267AF9FB969089C3C12AFEBFD0FDE9BD867581 Certificate serial: 080F Authority key identifier: D3:26:7A:F9:FB:96:90:89:C3:C1:2A:FE:BF:D0:FD:E9:BD:86:75:81 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0yZ6-fuWkInDwSr-v9D96b2GdYE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/40965650EA4311EEA09F786BC4F9AE02.roa Signing time: Tue 08 Jul 2025 21:32:11 +0000 ROA not before: Tue 08 Jul 2025 21:32:11 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 38278 IP address blocks: 45.114.28.0/22 maxlen: 22 103.115.220.0/24 maxlen: 24 103.115.221.0/24 maxlen: 24 103.115.222.0/24 maxlen: 24 103.115.223.0/24 maxlen: 24 103.248.108.0/22 maxlen: 24 103.251.0.0/22 maxlen: 24 111.221.48.0/21 maxlen: 24 202.169.24.0/21 maxlen: 24 2402:eec0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/0yZ6-fuWkInDwSr-v9D96b2GdYE.crl rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/0yZ6-fuWkInDwSr-v9D96b2GdYE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0yZ6-fuWkInDwSr-v9D96b2GdYE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2063 (0x80f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACF30, serialNumber=D3267AF9FB969089C3C12AFEBFD0FDE9BD867581 Validity Not Before: Jul 8 21:32:11 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=686d8e5b-4004 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1f:7d:26:8e:35:55:d1:e4:bc:c4:f9:30:20: e4:14:a7:5c:6b:8b:84:d0:ef:6c:0e:30:e7:20:75: fc:5e:db:13:3f:67:23:7b:e7:01:d6:45:4a:f4:71: 1d:40:89:57:df:6a:b3:2b:ac:2a:ad:39:03:90:ca: e8:24:1b:6e:ac:57:67:c5:18:30:9d:21:6e:ca:7d: 16:45:ae:d8:ce:3b:e8:6c:c0:b0:59:a2:a0:00:da: d8:8d:a9:e3:23:b5:bd:43:dd:3e:0c:c4:b7:72:b4: 68:7a:de:d8:1d:17:19:a0:0a:ea:4a:a4:b3:2b:c9: 3b:91:ea:45:e4:65:81:05:40:02:f2:ab:e5:96:ed: f1:bc:7e:16:84:fd:9f:c9:9a:7c:ad:ab:61:75:81: 21:8c:9f:a6:84:8e:e8:46:46:d7:46:4d:18:4b:46: 0d:6b:bd:60:a6:19:22:4e:e6:4c:7b:a1:bc:59:26: 96:08:cf:3e:a0:0e:ef:19:b8:15:30:3a:12:a1:85: f7:b9:98:69:e5:ad:77:ef:df:71:37:47:a9:44:f4: ec:d6:48:46:22:96:0b:af:b1:d7:e6:5f:8a:92:bb: c6:64:4a:dc:7b:40:aa:66:64:03:a6:d4:1f:1a:48: 0b:5a:7a:67:9f:d2:83:1f:77:54:9d:13:06:e5:90: a2:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:EF:60:DF:C2:80:6C:E2:25:F1:74:52:C6:4F:CB:6C:DE:B2:C7:5E X509v3 Authority Key Identifier: keyid:D3:26:7A:F9:FB:96:90:89:C3:C1:2A:FE:BF:D0:FD:E9:BD:86:75:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/0yZ6-fuWkInDwSr-v9D96b2GdYE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0yZ6-fuWkInDwSr-v9D96b2GdYE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACF30/3B912F12F18211EAA537970AC4F9AE02/40965650EA4311EEA09F786BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.114.28.0/22 103.115.220.0/22 103.248.108.0/22 103.251.0.0/22 111.221.48.0/21 202.169.24.0/21 IPv6: 2402:eec0::/32 Signature Algorithm: sha256WithRSAEncryption 4f:0d:63:41:20:b2:52:57:3d:5e:2f:20:e1:ef:1a:07:21:df: 71:5a:b7:ca:f7:07:7c:15:29:7c:3c:01:61:ce:ae:2d:42:df: fd:3f:2e:3d:00:42:01:0b:79:59:61:16:84:eb:d3:d8:77:16: c1:cd:65:fd:ca:20:0a:66:18:0f:61:ab:0b:56:d9:94:17:e9: 4f:84:55:96:1b:51:51:44:98:be:fe:cc:d8:6b:ef:46:92:61: 37:74:37:ab:42:37:42:17:b0:5e:e8:24:a5:35:93:c1:2b:61: 9c:ec:5a:2d:10:16:c4:47:ba:20:42:f9:d2:a8:af:68:8d:cc: 3d:34:83:5a:eb:1d:dd:c0:05:46:62:dd:27:71:5e:61:cb:d6: dd:23:ac:8b:fb:8e:da:b3:01:a9:cb:7a:f1:a5:4a:aa:93:5f: 1b:61:bf:94:d5:2f:ca:23:38:91:77:d7:14:61:25:fe:02:3c: 60:a2:84:cb:0d:60:bd:37:fe:f5:63:81:ec:b3:46:82:b5:6d: 70:29:01:a6:99:cb:58:4c:81:3c:60:a9:1c:dd:fe:0d:93:d8: e2:6f:2f:6a:d8:2a:6d:c9:c0:65:26:e2:c4:8c:69:a9:70:a8: bb:f0:7b:c5:07:3b:2b:2f:73:f5:36:9d:f2:33:f9:52:2e:65: fa:8a:ac:e0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgICCA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNGMzAxMTAvBgNVBAUTKEQzMjY3QUY5RkI5NjkwODlDM0MxMkFGRUJGRDBGREU5 QkQ4Njc1ODEwHhcNMjUwNzA4MjEzMjExWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODZkOGU1Yi00MDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwh99Jo41VdHkvMT5MCDkFKdca4uE0O9sDjDnIHX8XtsTP2cje+cB1kVK9HEd QIlX32qzK6wqrTkDkMroJBturFdnxRgwnSFuyn0WRa7YzjvobMCwWaKgANrYjanj I7W9Q90+DMS3crRoet7YHRcZoArqSqSzK8k7kepF5GWBBUAC8qvllu3xvH4WhP2f yZp8rathdYEhjJ+mhI7oRkbXRk0YS0YNa71gphkiTuZMe6G8WSaWCM8+oA7vGbgV MDoSoYX3uZhp5a13799xN0epRPTs1khGIpYLr7HX5l+KkrvGZErce0CqZmQDptQf GkgLWnpnn9KDH3dUnRMG5ZCiCQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFMrvYN/C gGziJfF0UsZPy2zessdeMB8GA1UdIwQYMBaAFNMmevn7lpCJw8Eq/r/Q/em9hnWB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0YzMC8zQjkxMkYxMkYx ODIxMUVBQTUzNzk3MEFDNEY5QUUwMi8weVo2LWZ1V2tJbkR3U3ItdjlEOTZiMkdk WUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzB5WjYtZnVXa0luRHdTci12OUQ5NmIyR2RZRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUNGMzAvM0I5MTJGMTJGMTgyMTFFQUE1Mzc5NzBBQzRGOUFFMDIvNDA5NjU2NTBF QTQzMTFFRUEwOUY3ODZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E PTA7MCoEAgABMCQDBAItchwDBAJnc9wDBAJn+GwDBAJn+wADBANv3TADBAPKqRgw DQQCAAIwBwMFACQC7sAwDQYJKoZIhvcNAQELBQADggEBAE8NY0EgslJXPV4vIOHv Ggch33Fat8r3B3wVKXw8AWHOri1C3/0/Lj0AQgELeVlhFoTr09h3FsHNZf3KIApm GA9hqwtW2ZQX6U+EVZYbUVFEmL7+zNhr70aSYTd0N6tCN0IXsF7oJKU1k8ErYZzs Wi0QFsRHuiBC+dKor2iNzD00g1rrHd3ABUZi3SdxXmHL1t0jrIv7jtqzAanLevGl SqqTXxthv5TVL8ojOJF31xRhJf4CPGCihMsNYL03/vVjgeyzRoK1bXApAaaZy1hM gTxgqRzd/g2T2OJvL2rYKm3JwGUm4sSMaalwqLvwe8UHOysvc/U2nfIz+VIuZfqK rOA= -----END CERTIFICATE-----Generated at Sun Aug 10 13:59:59 2025 by rpki-client