$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/B42198DC64F211ED9AEC046FC4F9AE02.roa File: B42198DC64F211ED9AEC046FC4F9AE02.roa (raw, json) Hash identifier: 9taiAk5oqRem+++FlFWs0bgv4cUdlRkoPSLMugraGUw= Subject key identifier: 52:EC:10:AF:45:74:DE:4E:27:CE:7D:BB:B5:0B:53:2A:3A:6E:88:37 Certificate issuer: /CN=A91B5CEA/serialNumber=FD4E5CFBBE51340160396D596E1B3248CFC81CC4 Certificate serial: 020D Authority key identifier: FD:4E:5C:FB:BE:51:34:01:60:39:6D:59:6E:1B:32:48:CF:C8:1C:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U5c-75RNAFgOW1ZbhsySM_IHMQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/B42198DC64F211ED9AEC046FC4F9AE02.roa Signing time: Thu 07 Aug 2025 03:08:54 +0000 ROA not before: Thu 07 Aug 2025 03:08:54 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 133606 IP address blocks: 43.243.120.0/22 maxlen: 24 43.243.176.0/22 maxlen: 24 43.254.56.0/22 maxlen: 24 103.94.180.0/22 maxlen: 24 103.238.116.0/22 maxlen: 24 116.199.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/_U5c-75RNAFgOW1ZbhsySM_IHMQ.crl rsync://rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/_U5c-75RNAFgOW1ZbhsySM_IHMQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U5c-75RNAFgOW1ZbhsySM_IHMQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:04:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 525 (0x20d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5CEA, serialNumber=FD4E5CFBBE51340160396D596E1B3248CFC81CC4 Validity Not Before: Aug 7 03:08:54 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=689418c5-2860 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c4:91:93:6e:a6:58:aa:f6:94:a6:8f:41:3a: 0f:d6:be:95:8b:ed:57:8a:a9:fd:80:66:84:70:ae: a0:d4:94:bc:02:32:0e:27:42:c4:14:71:9a:6a:20: e9:5f:58:75:97:6a:c7:bc:c3:1a:40:fd:e2:3d:96: f2:62:90:d9:8f:dc:cc:61:7d:42:68:69:09:7e:19: 3a:a1:e1:d5:3d:9c:7f:99:ad:17:c0:50:e7:70:53: a9:3c:f2:aa:61:34:e6:38:aa:0f:da:85:63:f9:f4: e2:43:0c:26:17:b4:11:3a:3a:5f:55:95:4d:7d:31: 04:28:4f:36:9e:96:58:f7:42:47:9a:64:c1:f0:ad: e4:62:5e:d3:36:e5:87:d4:ba:ed:2f:17:e8:b5:01: 58:65:66:00:ea:dc:09:80:75:9f:ec:20:d8:42:b9: dd:cf:a4:66:b6:76:82:8a:a2:11:21:65:ca:3e:d7: 3c:d3:be:87:df:4f:88:af:46:9b:bd:69:14:0c:fe: dc:73:c2:6a:58:58:ff:b8:4d:3b:51:c4:38:66:5d: cd:ae:04:4b:83:c4:e8:b5:52:18:88:f6:8a:82:24: c3:3a:17:cf:45:c8:b4:41:4f:7f:79:d5:d0:a6:5f: 44:81:3f:41:4b:df:ed:07:92:f4:26:30:00:59:c1: 7a:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:EC:10:AF:45:74:DE:4E:27:CE:7D:BB:B5:0B:53:2A:3A:6E:88:37 X509v3 Authority Key Identifier: keyid:FD:4E:5C:FB:BE:51:34:01:60:39:6D:59:6E:1B:32:48:CF:C8:1C:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/_U5c-75RNAFgOW1ZbhsySM_IHMQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_U5c-75RNAFgOW1ZbhsySM_IHMQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/28A77B6864EE11EDA4A34513C4F9AE02/B42198DC64F211ED9AEC046FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.243.120.0/22 43.243.176.0/22 43.254.56.0/22 103.94.180.0/22 103.238.116.0/22 116.199.172.0/22 Signature Algorithm: sha256WithRSAEncryption 12:9e:a7:1e:d8:d0:52:d9:76:d9:2b:86:fd:89:41:73:49:bb: e0:9a:53:5d:6c:da:d2:3c:8f:52:16:b2:8e:0d:3a:70:49:89: ad:bc:15:32:eb:6b:48:dc:33:41:50:27:a5:ff:ac:d5:05:f1: 63:d6:f2:2a:47:30:23:9a:c3:8c:77:42:4d:c6:62:23:8c:7a: 6b:20:be:95:c3:04:de:a2:83:61:f6:ab:0d:e9:cf:1c:f2:ac: 03:c2:55:60:b5:a6:9d:0f:fb:23:e8:60:71:61:71:86:65:b4: 8c:07:5f:55:4c:81:5f:4d:2c:4f:0a:4d:4e:bb:69:6c:4a:86: 2a:f8:fe:a8:59:52:74:e0:8b:5e:f9:d5:08:45:ef:9f:db:a1: 89:05:ec:7a:92:dd:1f:e1:5b:46:0a:02:97:a3:39:8a:19:07: 80:c2:e0:e1:1e:42:9c:53:f9:8c:65:a2:ab:62:19:64:96:cf: 6a:05:83:fe:7a:12:97:f5:0d:64:78:f6:97:bc:58:6c:47:ba: 3a:fe:9e:ca:62:79:80:14:62:42:b8:ac:67:5a:30:01:da:d5: f1:a7:22:ec:21:25:4d:24:02:d8:fe:e3:29:1c:6f:e7:3d:29: ef:80:ba:01:3e:73:60:2e:53:af:85:8a:91:4b:29:89:30:a0: 93:91:48:4e -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICAg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVDRUExMTAvBgNVBAUTKEZENEU1Q0ZCQkU1MTM0MDE2MDM5NkQ1OTZFMUIzMjQ4 Q0ZDODFDQzQwHhcNMjUwODA3MDMwODU0WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODk0MThjNS0yODYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxMSRk26mWKr2lKaPQToP1r6Vi+1Xiqn9gGaEcK6g1JS8AjIOJ0LEFHGaaiDp X1h1l2rHvMMaQP3iPZbyYpDZj9zMYX1CaGkJfhk6oeHVPZx/ma0XwFDncFOpPPKq YTTmOKoP2oVj+fTiQwwmF7QROjpfVZVNfTEEKE82npZY90JHmmTB8K3kYl7TNuWH 1LrtLxfotQFYZWYA6twJgHWf7CDYQrndz6RmtnaCiqIRIWXKPtc8076H30+Ir0ab vWkUDP7cc8JqWFj/uE07UcQ4Zl3NrgRLg8TotVIYiPaKgiTDOhfPRci0QU9/edXQ pl9EgT9BS9/tB5L0JjAAWcF6dQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFFLsEK9F dN5OJ859u7ULUyo6bog3MB8GA1UdIwQYMBaAFP1OXPu+UTQBYDltWW4bMkjPyBzE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8yOEE3N0I2ODY0 RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9fVTVjLTc1Uk5BRmdPVzFaYmhzeVNNX0lI TVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19VNWMtNzVSTkFGZ09XMVpiaHN5U01fSUhNUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjVDRUEvMjhBNzdCNjg2NEVFMTFFREE0QTM0NTEzQzRGOUFFMDIvQjQyMTk4REM2 NEYyMTFFRDlBRUMwNDZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAIr83gDBAIr87ADBAIr/jgDBAJnXrQDBAJn7nQDBAJ0x6ww DQYJKoZIhvcNAQELBQADggEBABKepx7Y0FLZdtkrhv2JQXNJu+CaU11s2tI8j1IW so4NOnBJia28FTLra0jcM0FQJ6X/rNUF8WPW8ipHMCOaw4x3Qk3GYiOMemsgvpXD BN6ig2H2qw3pzxzyrAPCVWC1pp0P+yPoYHFhcYZltIwHX1VMgV9NLE8KTU67aWxK hir4/qhZUnTgi1751QhF75/boYkF7HqS3R/hW0YKApejOYoZB4DC4OEeQpxT+Yxl oqtiGWSWz2oFg/56Epf1DWR49pe8WGxHujr+nspieYAUYkK4rGdaMAHa1fGnIuwh JU0kAtj+4ykcb+c9Ke+AugE+c2AuU6+FipFLKYkwoJORSE4= -----END CERTIFICATE-----Generated at Wed Nov 5 11:37:00 2025 by rpki-client