$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCD09/578B06CC886411EDBF995F42C4F9AE02/5CAB3758374A11EFB612084EC4F9AE02.roa File: 5CAB3758374A11EFB612084EC4F9AE02.roa (raw, json) Hash identifier: I6Do6wUFDqn95ErcBDY8GxAwjzlBupfp3qvysqubm+U= Subject key identifier: 6F:B0:98:21:7C:5F:E8:CD:D3:7A:4B:2C:88:F4:34:55:2B:98:FB:DB Certificate issuer: /CN=A91DCD09/serialNumber=4CD9DE372D0348AC33B167A5D78E3013FC03571F Certificate serial: 0209 Authority key identifier: 4C:D9:DE:37:2D:03:48:AC:33:B1:67:A5:D7:8E:30:13:FC:03:57:1F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TNneNy0DSKwzsWel144wE_wDVx8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DCD09/578B06CC886411EDBF995F42C4F9AE02/5CAB3758374A11EFB612084EC4F9AE02.roa Signing time: Mon 22 Sep 2025 16:35:24 +0000 ROA not before: Mon 22 Sep 2025 16:35:24 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 134433 IP address blocks: 45.157.168.0/24 maxlen: 24 45.157.169.0/24 maxlen: 24 45.157.170.0/24 maxlen: 24 45.157.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DCD09/578B06CC886411EDBF995F42C4F9AE02/TNneNy0DSKwzsWel144wE_wDVx8.crl rsync://rpki.apnic.net/member_repository/A91DCD09/578B06CC886411EDBF995F42C4F9AE02/TNneNy0DSKwzsWel144wE_wDVx8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TNneNy0DSKwzsWel144wE_wDVx8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:26:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 521 (0x209) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DCD09, serialNumber=4CD9DE372D0348AC33B167A5D78E3013FC03571F Validity Not Before: Sep 22 16:35:24 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68d17acc-47a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:58:3e:7d:be:23:5f:3b:ed:dd:ed:68:dd:c4: b8:ce:8d:f3:ca:59:ee:9a:3e:c7:48:9e:6a:9d:16: b3:8f:e7:66:90:6b:fc:4d:23:8f:59:90:00:68:61: 41:66:fe:48:5b:48:0f:e8:41:8a:a4:27:3c:50:00: 7e:39:7c:3c:0a:3b:f5:e6:1b:ac:ee:44:d7:5a:f8: 64:55:35:3a:46:e6:0b:34:f5:e5:92:25:8f:a0:c7: 75:03:fb:67:1d:07:3b:e2:f6:fb:20:b1:95:ba:96: c8:c6:a2:6f:f7:36:87:49:24:9d:0e:8e:2d:1f:e6: 85:a0:40:df:ae:e9:15:74:9c:8f:76:67:8c:ec:eb: ea:fa:62:7e:a6:de:f0:e6:50:de:86:84:eb:da:b3: c3:46:fd:72:f6:b7:e5:fd:a1:77:82:6d:c0:26:bc: 07:7b:81:6b:a3:e5:8a:7a:b4:44:25:e7:01:b4:d4: ec:04:0a:63:96:cb:0c:70:39:35:6a:56:1e:fc:7c: 66:33:07:fc:61:0d:61:fb:62:1e:8c:6a:59:f5:13: 32:e0:56:78:a8:c3:3f:a6:a8:2f:5a:8b:3a:04:74: 97:64:60:56:9c:e6:40:7d:39:35:92:6d:ea:64:91: 52:4b:af:e9:d0:c1:ee:34:67:88:33:e1:44:a1:9d: 5d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:B0:98:21:7C:5F:E8:CD:D3:7A:4B:2C:88:F4:34:55:2B:98:FB:DB X509v3 Authority Key Identifier: keyid:4C:D9:DE:37:2D:03:48:AC:33:B1:67:A5:D7:8E:30:13:FC:03:57:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DCD09/578B06CC886411EDBF995F42C4F9AE02/TNneNy0DSKwzsWel144wE_wDVx8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TNneNy0DSKwzsWel144wE_wDVx8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCD09/578B06CC886411EDBF995F42C4F9AE02/5CAB3758374A11EFB612084EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.157.168.0/22 Signature Algorithm: sha256WithRSAEncryption 87:cb:7c:8b:7e:3a:17:61:b9:c6:62:4d:a1:bf:09:e6:44:ae: 68:14:ed:9f:a7:b4:93:c5:f9:02:01:2c:c6:d7:62:ca:d4:7b: 64:fc:3f:c7:98:32:31:31:1d:f6:15:c0:dd:15:c7:69:91:07: 9e:66:c9:c0:76:3e:7a:ed:95:d5:7b:5c:23:0a:b9:fb:e6:2d: 17:56:82:48:43:68:1a:4a:37:cc:ce:92:06:24:33:75:9c:5f: 09:15:7e:d9:16:24:b2:15:27:51:eb:9c:48:3c:95:f5:24:ee: 9e:12:9c:ce:16:80:85:e2:b9:c2:7e:7d:7d:16:d3:10:c8:18: ef:3f:ab:78:82:c7:80:d5:3e:03:c3:3c:07:15:35:a4:54:e4: 35:2f:12:fd:28:e8:52:be:fa:ea:f3:ee:53:09:1c:02:1d:10: cb:3c:37:22:3b:ff:c2:75:2a:58:16:9a:a3:81:27:21:86:7a: 4a:cb:ed:24:db:57:11:80:24:86:c6:33:bc:8c:58:9d:9d:e6: cb:de:47:f0:3d:40:e3:2f:57:6d:f9:8c:54:78:f6:8a:08:2f: c1:35:a5:89:ca:41:9c:cf:50:24:f9:06:03:22:18:6a:aa:63: b6:bd:d4:4a:01:c6:51:a3:c0:7f:27:03:4d:ed:e8:18:37:e5: 65:1e:fd:e1 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RENEMDkxMTAvBgNVBAUTKDRDRDlERTM3MkQwMzQ4QUMzM0IxNjdBNUQ3OEUzMDEz RkMwMzU3MUYwHhcNMjUwOTIyMTYzNTI0WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQxN2FjYy00N2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArVg+fb4jXzvt3e1o3cS4zo3zylnumj7HSJ5qnRazj+dmkGv8TSOPWZAAaGFB Zv5IW0gP6EGKpCc8UAB+OXw8Cjv15hus7kTXWvhkVTU6RuYLNPXlkiWPoMd1A/tn HQc74vb7ILGVupbIxqJv9zaHSSSdDo4tH+aFoEDfrukVdJyPdmeM7Ovq+mJ+pt7w 5lDehoTr2rPDRv1y9rfl/aF3gm3AJrwHe4Fro+WKerREJecBtNTsBApjlssMcDk1 alYe/HxmMwf8YQ1h+2IejGpZ9RMy4FZ4qMM/pqgvWos6BHSXZGBWnOZAfTk1km3q ZJFSS6/p0MHuNGeIM+FEoZ1dyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG+wmCF8 X+jN03pLLIj0NFUrmPvbMB8GA1UdIwQYMBaAFEzZ3jctA0isM7FnpdeOMBP8A1cf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0QwOS81NzhCMDZDQzg4 NjQxMUVEQkY5OTVGNDJDNEY5QUUwMi9UTm5lTnkwRFNLd3pzV2VsMTQ0d0Vfd0RW eDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1RObmVOeTBEU0t3enNXZWwxNDR3RV93RFZ4OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RENEMDkvNTc4QjA2Q0M4ODY0MTFFREJGOTk1RjQyQzRGOUFFMDIvNUNBQjM3NTgz NzRBMTFFRkI2MTIwODRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAItnagwDQYJKoZIhvcNAQELBQADggEBAIfLfIt+OhdhucZi TaG/CeZErmgU7Z+ntJPF+QIBLMbXYsrUe2T8P8eYMjExHfYVwN0Vx2mRB55mycB2 PnrtldV7XCMKufvmLRdWgkhDaBpKN8zOkgYkM3WcXwkVftkWJLIVJ1HrnEg8lfUk 7p4SnM4WgIXiucJ+fX0W0xDIGO8/q3iCx4DVPgPDPAcVNaRU5DUvEv0o6FK++urz 7lMJHAIdEMs8NyI7/8J1KlgWmqOBJyGGekrL7STbVxGAJIbGM7yMWJ2d5sveR/A9 QOMvV235jFR49ooIL8E1pYnKQZzPUCT5BgMiGGqqY7a91EoBxlGjwH8nA03t6Bg3 5WUe/eE= -----END CERTIFICATE-----Generated at Wed Nov 5 13:47:04 2025 by rpki-client