$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/87F2D334F2D811EC8F663D52C4F9AE02.roa File: 87F2D334F2D811EC8F663D52C4F9AE02.roa (raw, json) Hash identifier: 2CusgDeod/GNoY/LuvI1PPosNLPCfcqPbyc433D/0Uw= Subject key identifier: 5F:C6:8C:6F:59:72:FE:CC:6E:74:43:11:AA:C9:0D:1A:E9:07:2A:AD Certificate issuer: /CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F Certificate serial: 038F Authority key identifier: 02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/87F2D334F2D811EC8F663D52C4F9AE02.roa Signing time: Thu 17 Jul 2025 01:36:49 +0000 ROA not before: Thu 17 Jul 2025 01:36:49 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 131329 IP address blocks: 202.88.42.0/24 maxlen: 24 2400:1560:6::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 911 (0x38f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA5BA, serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F Validity Not Before: Jul 17 01:36:49 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=687853b1-0d96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:9c:bc:dd:02:b3:c7:41:e7:2c:ab:4b:c0:c6: a0:fb:91:b3:8c:b9:8b:5a:1c:ae:d3:82:c8:ec:71: 79:af:5c:57:92:8b:58:9e:c3:51:69:33:80:77:31: 3c:0c:63:f1:6a:e2:f9:a6:fe:17:ac:67:64:83:59: 08:ee:a4:02:f8:9d:de:5c:53:3a:1c:17:48:a8:90: d0:c2:de:33:06:a4:3c:92:49:11:8b:17:07:0d:34: 4c:a3:e5:6d:9b:92:74:31:f5:75:5c:eb:ae:13:fb: e3:25:08:46:a8:90:c8:56:40:17:29:9f:ff:2c:41: 1f:c7:06:b6:b2:92:4f:29:76:92:06:77:25:e2:c5: 45:d8:9b:65:45:37:37:39:17:fc:dd:f5:03:a2:5f: e6:37:c3:51:1b:0a:6b:47:2e:aa:8f:5b:60:27:06: a1:62:65:47:ff:d0:c5:58:1f:fd:83:d2:e6:35:ea: 70:c8:b0:cf:77:a6:a7:33:42:9f:e7:5b:7a:c0:85: e3:02:45:b0:41:06:27:d8:d9:c5:e0:ea:3b:99:3a: 5a:78:41:89:03:75:0f:ca:25:09:2f:95:07:5b:04: c6:c6:8d:d8:88:c2:04:b6:b7:01:7e:be:3f:17:39: eb:40:22:64:d0:9f:7e:88:50:e4:5c:26:8f:d4:2f: 25:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:C6:8C:6F:59:72:FE:CC:6E:74:43:11:AA:C9:0D:1A:E9:07:2A:AD X509v3 Authority Key Identifier: keyid:02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/87F2D334F2D811EC8F663D52C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.88.42.0/24 IPv6: 2400:1560:6::/64 Signature Algorithm: sha256WithRSAEncryption 03:3d:e5:e6:8e:15:3d:dd:5c:f5:e6:8a:f6:bf:ee:95:42:1f: 05:54:71:ff:41:f8:26:12:27:8a:c1:3c:a4:2f:c5:32:df:80: 59:07:f5:f7:c7:47:a4:5b:96:d3:8b:e4:4b:ac:9f:d8:d7:b9: 41:83:f6:f4:b3:20:11:04:96:41:fe:fc:04:90:e4:95:06:26: 04:d8:64:b6:be:dd:21:26:a7:f8:56:8f:f1:24:56:8d:e6:fb: 16:fc:cc:82:c2:0d:d2:e1:17:df:7d:71:46:56:c6:c6:4c:30: c4:53:3b:df:85:d7:03:5c:a2:27:ec:e8:38:85:02:ca:bc:43: 6a:80:3d:5c:b3:f1:cb:6d:f1:45:c1:38:19:88:7a:ea:7e:bc: 89:6a:52:5b:a5:f7:86:1d:2a:0f:56:23:70:4e:b1:cd:da:a9: c5:38:f6:68:11:21:f1:31:39:26:9d:4a:cb:3f:d3:f5:bb:34: b7:91:4f:ad:54:02:95:3f:31:84:de:ea:0c:1f:78:b9:53:bd: 56:b6:ce:a8:eb:d1:88:2a:9c:e0:a5:81:c2:49:bd:48:32:6f: 54:93:9f:27:68:46:70:5d:e6:89:fa:85:83:07:52:a0:ae:82: fd:7c:d2:68:55:90:28:1e:37:ea:33:68:d6:7d:6f:1c:c9:86: 0d:39:c3:5a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE1QkExMTAvBgNVBAUTKDAyQUEzQTc2QzQ1OTQ5N0IxQjQ1RjI2RTkwNDRBQ0M2 RjJFODA0NEYwHhcNMjUwNzE3MDEzNjQ5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODc4NTNiMS0wZDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApJy83QKzx0HnLKtLwMag+5GzjLmLWhyu04LI7HF5r1xXkotYnsNRaTOAdzE8 DGPxauL5pv4XrGdkg1kI7qQC+J3eXFM6HBdIqJDQwt4zBqQ8kkkRixcHDTRMo+Vt m5J0MfV1XOuuE/vjJQhGqJDIVkAXKZ//LEEfxwa2spJPKXaSBncl4sVF2JtlRTc3 ORf83fUDol/mN8NRGwprRy6qj1tgJwahYmVH/9DFWB/9g9LmNepwyLDPd6anM0Kf 51t6wIXjAkWwQQYn2NnF4Oo7mTpaeEGJA3UPyiUJL5UHWwTGxo3YiMIEtrcBfr4/ FznrQCJk0J9+iFDkXCaP1C8lZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF/GjG9Z cv7MbnRDEarJDRrpByqtMB8GA1UdIwQYMBaAFAKqOnbEWUl7G0XybpBErMby6ARP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTVCQS80MzI2Q0JDMEI3 Q0QxMUVDQUY2ODEzMzVDNEY5QUUwMi9BcW82ZHNSWlNYc2JSZkp1a0VTc3h2TG9C RTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FxbzZkc1JaU1hzYlJmSnVrRVNzeHZMb0JFOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkE1QkEvNDMyNkNCQzBCN0NEMTFFQ0FGNjgxMzM1QzRGOUFFMDIvODdGMkQzMzRG MkQ4MTFFQzhGNjYzRDUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQcBAf8E IzAhMAwEAgABMAYDBADKWCowEQQCAAIwCwMJACQAFWAABgAAMA0GCSqGSIb3DQEB CwUAA4IBAQADPeXmjhU93Vz15or2v+6VQh8FVHH/QfgmEieKwTykL8Uy34BZB/X3 x0ekW5bTi+RLrJ/Y17lBg/b0syARBJZB/vwEkOSVBiYE2GS2vt0hJqf4Vo/xJFaN 5vsW/MyCwg3S4RfffXFGVsbGTDDEUzvfhdcDXKIn7Og4hQLKvENqgD1cs/HLbfFF wTgZiHrqfryJalJbpfeGHSoPViNwTrHN2qnFOPZoESHxMTkmnUrLP9P1uzS3kU+t VAKVPzGE3uoMH3i5U71Wts6o69GIKpzgpYHCSb1IMm9Uk58naEZwXeaJ+oWDB1Kg roL9fNJoVZAoHjfqM2jWfW8cyYYNOcNa -----END CERTIFICATE-----Generated at Mon Aug 11 11:50:56 2025 by rpki-client