$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/0AC13D943C5711F0BFBB572EC4F9AE02.roa File: 0AC13D943C5711F0BFBB572EC4F9AE02.roa (raw, json) Hash identifier: 61Maf4HdTVjL1p15SmMO0sDKtCDOS9JEKlRjMIwn4Cg= Subject key identifier: 4D:8B:F5:59:BD:99:7F:69:D6:F4:5F:79:6D:7D:67:D2:C4:76:B1:39 Certificate issuer: /CN=A91C7AA5/serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A Certificate serial: 6D Authority key identifier: F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/0AC13D943C5711F0BFBB572EC4F9AE02.roa Signing time: Wed 30 Jul 2025 10:49:51 +0000 ROA not before: Wed 30 Jul 2025 10:49:51 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 8075 IP address blocks: 203.2.220.0/24 maxlen: 24 203.2.221.0/24 maxlen: 24 203.2.222.0/24 maxlen: 24 203.2.223.0/24 maxlen: 24 203.28.214.0/24 maxlen: 24 203.28.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 08:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 109 (0x6d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7AA5, serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A Validity Not Before: Jul 30 10:49:51 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6889f8cf-f168 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:04:06:cc:34:e2:88:fb:fb:cc:17:8b:aa:1b: 82:10:89:31:8b:25:42:9f:f1:c6:a4:0b:17:1a:91: 82:78:6b:1a:52:25:2a:6e:c6:6a:b1:ff:48:d4:0e: b0:e2:f3:11:d4:f4:a7:43:18:89:f0:ba:53:e1:58: a7:10:c6:f0:6c:64:59:27:46:a9:dc:e4:f8:74:69: 14:6e:19:c5:3e:29:9d:ae:0a:61:0d:63:73:c0:c3: 58:39:ae:25:5b:2b:53:eb:5c:b6:30:9e:79:3e:8f: 1e:17:1d:42:ca:17:b2:93:db:9f:0c:9b:6a:e1:51: f8:e4:a7:95:c0:91:80:3b:af:3d:25:27:2f:9c:4f: a0:f9:55:52:f1:a2:a0:9e:08:9c:33:12:fe:df:38: 5a:4a:03:79:ba:8b:f7:53:be:ff:36:29:6c:dd:a8: 71:32:6d:4d:75:cf:f9:7c:ee:32:aa:8d:e3:ea:3c: c3:2e:88:1a:ed:8f:02:b6:09:75:aa:45:81:80:c7: 13:cf:13:18:27:a0:15:67:eb:a7:be:a5:1e:29:d0: 2c:c4:88:6b:6d:0e:83:9d:e6:90:44:87:f7:59:db: f9:87:37:8e:8d:e7:67:17:3e:c7:2c:b0:e0:61:c6: 68:e5:6f:4a:3d:b6:92:81:9e:21:2d:9a:34:ed:4d: 32:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:8B:F5:59:BD:99:7F:69:D6:F4:5F:79:6D:7D:67:D2:C4:76:B1:39 X509v3 Authority Key Identifier: keyid:F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/0AC13D943C5711F0BFBB572EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.2.220.0/22 203.28.214.0/23 Signature Algorithm: sha256WithRSAEncryption 09:ad:74:fb:68:69:8e:8b:d7:e7:cf:1e:55:8b:b7:eb:42:c5: 43:6d:63:06:1f:82:4a:05:af:14:bb:46:00:a6:9c:04:dd:52: ff:32:14:3c:ba:5f:59:25:c1:14:3a:b7:d5:34:dd:54:08:81: 5e:ee:ec:ac:26:97:95:99:70:eb:df:ac:c2:13:95:5a:3e:7b: 04:69:fa:ea:5b:c6:79:83:7e:bb:1e:30:17:3f:e0:13:70:05: b0:4a:39:81:3f:82:a6:52:aa:4a:dc:0b:1b:48:c9:ff:c7:21: a4:b7:db:dd:b2:c7:33:81:50:67:23:0c:8d:15:d4:e5:0b:83: 25:c6:61:d1:28:7b:45:b7:21:01:66:07:79:8d:d6:6c:d1:2f: be:c7:f3:14:fa:82:43:c7:c7:03:b4:c6:29:72:40:16:92:ca: 7d:dc:fd:36:5e:2c:82:8d:ac:b5:4e:c9:a4:0e:09:ad:98:80: 68:36:44:28:6c:35:75:3a:b9:45:4f:5a:7b:7f:0b:02:25:57: 7b:c6:ea:52:66:42:13:f8:9c:6f:35:c1:08:45:85:64:32:91: ba:47:71:56:d3:29:56:0c:47:34:17:fc:41:f5:78:c7:1d:bb: 62:6d:67:ff:24:14:4e:df:fc:2d:ce:61:f6:46:da:b8:a8:84: 80:28:66:34 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIBbTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD N0FBNTExMC8GA1UEBRMoRjcyNjdFODBCRTgxN0YwNDNEMjhGQjdFNzMwNUY0QzQ4 OEE4MzkxQTAeFw0yNTA3MzAxMDQ5NTFaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ODlmOGNmLWYxNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDPBAbMNOKI+/vMF4uqG4IQiTGLJUKf8cakCxcakYJ4axpSJSpuxmqx/0jUDrDi 8xHU9KdDGInwulPhWKcQxvBsZFknRqnc5Ph0aRRuGcU+KZ2uCmENY3PAw1g5riVb K1PrXLYwnnk+jx4XHULKF7KT258Mm2rhUfjkp5XAkYA7rz0lJy+cT6D5VVLxoqCe CJwzEv7fOFpKA3m6i/dTvv82KWzdqHEybU11z/l87jKqjePqPMMuiBrtjwK2CXWq RYGAxxPPExgnoBVn66e+pR4p0CzEiGttDoOd5pBEh/dZ2/mHN46N52cXPscssOBh xmjlb0o9tpKBniEtmjTtTTI1AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUTYv1Wb2Z f2nW9F95bX1n0sR2sTkwHwYDVR0jBBgwFoAU9yZ+gL6BfwQ9KPt+cwX0xIioORow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3QUE1L0JBRkIzNTc0MTVC QjExRjBCRkQ1NDg4MUM0RjlBRTAyLzl5Wi1nTDZCZndROUtQdC1jd1gweElpb09S by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvOXlaLWdMNkJmd1E5S1B0LWN3WDB4SWlvT1JvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD N0FBNS9CQUZCMzU3NDE1QkIxMUYwQkZENTQ4ODFDNEY5QUUwMi8wQUMxM0Q5NDND NTcxMUYwQkZCQjU3MkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW MBQwEgQCAAEwDAMEAssC3AMEAcsc1jANBgkqhkiG9w0BAQsFAAOCAQEACa10+2hp jovX588eVYu360LFQ21jBh+CSgWvFLtGAKacBN1S/zIUPLpfWSXBFDq31TTdVAiB Xu7srCaXlZlw69+swhOVWj57BGn66lvGeYN+ux4wFz/gE3AFsEo5gT+CplKqStwL G0jJ/8chpLfb3bLHM4FQZyMMjRXU5QuDJcZh0Sh7RbchAWYHeY3WbNEvvsfzFPqC Q8fHA7TGKXJAFpLKfdz9Nl4sgo2stU7JpA4JrZiAaDZEKGw1dTq5RU9ae38LAiVX e8bqUmZCE/icbzXBCEWFZDKRukdxVtMpVgxHNBf8QfV4xx27Ym1n/yQUTt/8Lc5h 9kbauKiEgChmNA== -----END CERTIFICATE-----Generated at Thu Aug 7 05:13:52 2025 by rpki-client