$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2A6F/CADFF2FE6E3611EAA10EFF76C4F9AE02/BDC0899A1FF511ECAE74F266C4F9AE02.roa File: BDC0899A1FF511ECAE74F266C4F9AE02.roa (raw, json) Hash identifier: r0RKRgF0/rDGEDAesBgC29Z43qYpMBwutyEjFMfF0YY= Subject key identifier: 51:D3:BE:46:DF:B5:00:A5:54:F8:5B:10:A4:59:68:56:35:B0:CA:20 Certificate issuer: /CN=A91B2A6F/serialNumber=8C5A8997FCA5BF0270EAF86EE8C0CB6551AB97D1 Certificate serial: 0A59 Authority key identifier: 8C:5A:89:97:FC:A5:BF:02:70:EA:F8:6E:E8:C0:CB:65:51:AB:97:D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jFqJl_ylvwJw6vhu6MDLZVGrl9E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2A6F/CADFF2FE6E3611EAA10EFF76C4F9AE02/BDC0899A1FF511ECAE74F266C4F9AE02.roa Signing time: Mon 04 Aug 2025 20:00:12 +0000 ROA not before: Mon 04 Aug 2025 20:00:12 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 9268 IP address blocks: 43.247.64.0/22 maxlen: 22 103.26.172.0/22 maxlen: 24 2401:f80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2A6F/CADFF2FE6E3611EAA10EFF76C4F9AE02/jFqJl_ylvwJw6vhu6MDLZVGrl9E.crl rsync://rpki.apnic.net/member_repository/A91B2A6F/CADFF2FE6E3611EAA10EFF76C4F9AE02/jFqJl_ylvwJw6vhu6MDLZVGrl9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jFqJl_ylvwJw6vhu6MDLZVGrl9E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2649 (0xa59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2A6F, serialNumber=8C5A8997FCA5BF0270EAF86EE8C0CB6551AB97D1 Validity Not Before: Aug 4 20:00:12 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=6891114c-13e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:cb:7f:22:c2:fe:06:29:d0:c0:81:94:71:8e: c6:04:7a:b5:d1:04:08:58:49:55:89:c5:5c:0c:28: c0:f5:d6:ee:3b:f7:eb:11:8a:b6:cb:86:72:74:8f: 52:c8:c0:e4:66:3f:04:78:09:96:ae:c9:00:fa:93: 10:3e:ac:73:fa:ef:bb:63:c8:65:06:1c:6f:6a:09: ce:56:61:f7:49:6a:72:3b:26:26:7b:24:71:14:d6: 19:cc:f7:2a:19:ab:bc:f0:bd:60:0c:95:ad:f1:bc: 63:3e:7d:0a:c3:a1:ae:e4:51:50:f3:59:6d:00:08: ec:d8:1f:e7:43:8f:f0:20:81:b4:2c:ca:33:ac:86: 97:4e:60:cd:5d:53:d4:b5:1d:a7:e2:6d:f5:1b:10: 87:c4:9f:b9:e6:c5:f7:17:76:a0:6f:da:1d:27:b9: 32:0a:7f:0a:75:07:7c:2d:9d:a1:39:2d:48:17:58: d1:dd:db:2f:10:01:2c:b9:ff:46:86:16:ba:53:9b: 23:83:e8:96:bb:8c:32:a5:73:35:41:48:c9:4e:54: f0:9c:c2:76:f0:e8:58:d0:2f:14:20:f5:4c:52:1a: 33:da:1c:fe:7b:3d:24:5a:e2:8f:0e:2b:ae:9a:7a: 3d:16:17:26:25:ed:9e:97:43:64:58:85:b3:0d:e3: f8:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:D3:BE:46:DF:B5:00:A5:54:F8:5B:10:A4:59:68:56:35:B0:CA:20 X509v3 Authority Key Identifier: keyid:8C:5A:89:97:FC:A5:BF:02:70:EA:F8:6E:E8:C0:CB:65:51:AB:97:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2A6F/CADFF2FE6E3611EAA10EFF76C4F9AE02/jFqJl_ylvwJw6vhu6MDLZVGrl9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jFqJl_ylvwJw6vhu6MDLZVGrl9E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2A6F/CADFF2FE6E3611EAA10EFF76C4F9AE02/BDC0899A1FF511ECAE74F266C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.247.64.0/22 103.26.172.0/22 IPv6: 2401:f80::/32 Signature Algorithm: sha256WithRSAEncryption 24:3c:9b:a5:38:58:4a:b5:1b:fb:a5:b0:54:e1:ba:21:e9:3c: c2:05:59:6e:71:22:a5:d0:95:dc:22:f7:ca:09:0f:ff:89:0e: c4:12:c3:e4:88:ef:77:71:04:94:e1:84:26:5f:45:ab:f7:9b: 28:e8:17:4c:ed:61:ab:cd:b3:76:29:d6:d0:a6:57:4b:66:3b: 07:dd:c0:70:ce:77:cd:90:49:9f:92:e2:e4:31:26:5e:ce:f2: 07:91:e5:c9:f7:75:df:ef:61:64:f1:f2:78:05:05:47:9b:b6: 2a:b7:2c:a1:e6:4c:1b:b3:84:53:b3:e7:54:96:fb:74:0a:42: fc:83:f7:0f:0d:60:e0:bf:5e:d5:f8:b8:f6:7b:22:eb:80:fa: cd:df:8f:20:b0:43:10:5e:aa:37:00:d3:04:af:7b:2c:c0:de: 2b:d8:30:5b:d7:06:79:15:8b:6a:f5:4c:5b:47:9f:4d:91:3a: ba:f1:2d:f4:b0:69:7c:f8:a2:71:3b:c7:a4:fe:10:96:0c:97: 5b:cf:99:3e:8e:f5:cf:90:3a:48:20:a7:19:93:1f:52:e8:67: 66:12:41:55:33:69:c5:69:cd:8a:f7:c6:9a:39:0d:e6:01:80: 51:84:2e:1f:25:02:d7:15:7d:f7:36:dc:67:12:8f:8a:4c:0c: a2:27:55:d2 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICClkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJBNkYxMTAvBgNVBAUTKDhDNUE4OTk3RkNBNUJGMDI3MEVBRjg2RUU4QzBDQjY1 NTFBQjk3RDEwHhcNMjUwODA0MjAwMDEyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODkxMTE0Yy0xM2UzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApct/IsL+BinQwIGUcY7GBHq10QQIWElVicVcDCjA9dbuO/frEYq2y4ZydI9S yMDkZj8EeAmWrskA+pMQPqxz+u+7Y8hlBhxvagnOVmH3SWpyOyYmeyRxFNYZzPcq Gau88L1gDJWt8bxjPn0Kw6Gu5FFQ81ltAAjs2B/nQ4/wIIG0LMozrIaXTmDNXVPU tR2n4m31GxCHxJ+55sX3F3agb9odJ7kyCn8KdQd8LZ2hOS1IF1jR3dsvEAEsuf9G hha6U5sjg+iWu4wypXM1QUjJTlTwnMJ28OhY0C8UIPVMUhoz2hz+ez0kWuKPDiuu mno9FhcmJe2el0NkWIWzDeP4ywIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFHTvkbf tQClVPhbEKRZaFY1sMogMB8GA1UdIwQYMBaAFIxaiZf8pb8CcOr4bujAy2VRq5fR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkE2Ri9DQURGRjJGRTZF MzYxMUVBQTEwRUZGNzZDNEY5QUUwMi9qRnFKbF95bHZ3Snc2dmh1Nk1ETFpWR3Js OUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2pGcUpsX3lsdndKdzZ2aHU2TURMWlZHcmw5RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjJBNkYvQ0FERkYyRkU2RTM2MTFFQUExMEVGRjc2QzRGOUFFMDIvQkRDMDg5OUEx RkY1MTFFQ0FFNzRGMjY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIr90ADBAJnGqwwDQQCAAIwBwMFACQBD4AwDQYJKoZIhvcN AQELBQADggEBACQ8m6U4WEq1G/ulsFThuiHpPMIFWW5xIqXQldwi98oJD/+JDsQS w+SI73dxBJThhCZfRav3myjoF0ztYavNs3Yp1tCmV0tmOwfdwHDOd82QSZ+S4uQx Jl7O8geR5cn3dd/vYWTx8ngFBUebtiq3LKHmTBuzhFOz51SW+3QKQvyD9w8NYOC/ XtX4uPZ7IuuA+s3fjyCwQxBeqjcA0wSveyzA3ivYMFvXBnkVi2r1TFtHn02ROrrx LfSwaXz4onE7x6T+EJYMl1vPmT6O9c+QOkggpxmTH1LoZ2YSQVUzacVpzYr3xpo5 DeYBgFGELh8lAtcVffc23GcSj4pMDKInVdI= -----END CERTIFICATE-----Generated at Sun Aug 10 18:14:02 2025 by rpki-client