$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/33CFE442C07511EE980AEC0CC4F9AE02.roa File: 33CFE442C07511EE980AEC0CC4F9AE02.roa (raw, json) Hash identifier: 66vEtVsOZgkHbfKKZep1to2E133VnAUxFeLa9d7Wa3k= Subject key identifier: 57:AD:14:6B:21:4A:C8:81:36:21:11:7D:0E:51:EE:63:BD:32:07:19 Certificate issuer: /CN=A91E0875/serialNumber=F973492ED646928ED1F10DE84662E5523F55CC8D Certificate serial: 0AA6 Authority key identifier: F9:73:49:2E:D6:46:92:8E:D1:F1:0D:E8:46:62:E5:52:3F:55:CC:8D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XNJLtZGko7R8Q3oRmLlUj9VzI0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/33CFE442C07511EE980AEC0CC4F9AE02.roa Signing time: Sat 22 Feb 2025 20:28:22 +0000 ROA not before: Sat 22 Feb 2025 20:28:22 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 134069 IP address blocks: 43.231.224.0/22 maxlen: 24 45.115.220.0/22 maxlen: 24 103.51.48.0/22 maxlen: 22 103.51.48.0/23 maxlen: 23 103.51.50.0/24 maxlen: 24 103.51.51.0/24 maxlen: 24 202.6.248.0/22 maxlen: 24 2402:1a80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/-XNJLtZGko7R8Q3oRmLlUj9VzI0.crl rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/-XNJLtZGko7R8Q3oRmLlUj9VzI0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XNJLtZGko7R8Q3oRmLlUj9VzI0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 19:23:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2726 (0xaa6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0875, serialNumber=F973492ED646928ED1F10DE84662E5523F55CC8D Validity Not Before: Feb 22 20:28:22 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67ba3365-fa9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:99:94:8e:74:d4:f1:cf:c4:ba:bd:8e:fb:78: fd:e0:2f:6b:cc:5a:d1:48:25:0f:9e:39:60:0c:c8: d0:bb:56:7d:8a:8d:39:93:cf:cb:08:83:88:1b:1c: 28:29:73:dc:cb:98:54:fe:d5:ce:fb:be:69:3b:17: 56:64:50:ab:f0:8a:c4:18:b0:8f:84:20:50:c9:0d: 92:ff:3c:33:f3:f0:89:f1:fb:55:d2:81:d5:d0:49: de:54:fc:61:87:08:43:63:78:1d:f2:7e:b9:c2:fb: 2a:4e:23:25:ca:84:4c:05:c7:a9:a5:e0:d2:49:0f: f0:2d:cd:ec:1a:62:c3:b7:a0:81:c1:33:72:a5:24: 72:be:da:b7:b4:26:85:90:ab:86:b5:22:3d:2c:b7: 79:93:44:b1:22:7e:52:45:fa:9f:b2:00:47:28:7f: 91:95:33:a7:d7:09:9f:f0:38:2b:7f:f5:dc:85:05: 53:c8:41:10:ca:02:d3:f1:d1:73:b1:36:46:f6:03: 2f:4d:cd:7b:d2:21:9b:f4:5c:e9:43:e9:b8:26:8b: 00:74:e3:3b:4a:39:e7:3f:54:7f:dd:43:c5:63:2b: a8:b6:44:b6:6e:a6:be:b8:7a:c4:0c:ec:88:7e:04: 6c:f3:81:87:80:0e:ac:74:b4:35:8b:ac:c8:ab:88: c6:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:AD:14:6B:21:4A:C8:81:36:21:11:7D:0E:51:EE:63:BD:32:07:19 X509v3 Authority Key Identifier: keyid:F9:73:49:2E:D6:46:92:8E:D1:F1:0D:E8:46:62:E5:52:3F:55:CC:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/-XNJLtZGko7R8Q3oRmLlUj9VzI0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XNJLtZGko7R8Q3oRmLlUj9VzI0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/33CFE442C07511EE980AEC0CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.231.224.0/22 45.115.220.0/22 103.51.48.0/22 202.6.248.0/22 IPv6: 2402:1a80::/32 Signature Algorithm: sha256WithRSAEncryption 2e:05:ca:3c:1b:b3:b6:47:91:5f:98:10:ea:b1:11:14:af:f0: 27:6c:fa:80:22:71:a1:a9:4b:c1:63:8c:18:01:0e:5b:6e:d3: 74:5b:74:26:d6:34:82:4d:04:9a:41:bf:20:0f:63:ba:9e:1d: 80:95:84:c4:7d:d3:74:04:3f:8b:e3:5e:be:72:f9:fc:a4:b2: b7:51:c8:33:ef:fb:c9:b6:11:ff:a2:ce:60:aa:a8:1c:af:29: 04:29:61:3f:5a:98:d3:f0:f2:7b:15:8f:fc:aa:45:c8:17:32: ad:f2:e6:f7:7f:b1:b0:ec:11:ba:d9:28:6f:db:1e:71:c4:66: eb:50:0e:fd:73:96:8f:1f:e4:c3:a2:ac:d0:dd:27:96:fc:35: f6:af:2a:00:6d:4f:43:52:7a:fd:5a:83:5f:8a:b6:5d:48:91: 52:06:7e:cf:7c:fd:75:99:50:50:29:13:16:ee:ab:30:2c:ae: 9b:73:d8:58:82:84:ce:65:db:01:ca:5d:dd:50:64:07:a4:8b: 88:95:23:d8:93:0f:6c:a6:55:30:9a:11:d6:43:22:5f:0a:e5: b8:dc:c0:61:d8:17:18:09:8e:0b:52:15:70:4c:63:33:fc:19: 4e:b2:ab:7b:a2:69:de:18:16:8c:65:9c:ca:b8:54:f0:8f:d7: 6c:43:23:b0 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICCqYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTA4NzUxMTAvBgNVBAUTKEY5NzM0OTJFRDY0NjkyOEVEMUYxMERFODQ2NjJFNTUy M0Y1NUNDOEQwHhcNMjUwMjIyMjAyODIyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2JhMzM2NS1mYTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4ZmUjnTU8c/Eur2O+3j94C9rzFrRSCUPnjlgDMjQu1Z9io05k8/LCIOIGxwo KXPcy5hU/tXO+75pOxdWZFCr8IrEGLCPhCBQyQ2S/zwz8/CJ8ftV0oHV0EneVPxh hwhDY3gd8n65wvsqTiMlyoRMBceppeDSSQ/wLc3sGmLDt6CBwTNypSRyvtq3tCaF kKuGtSI9LLd5k0SxIn5SRfqfsgBHKH+RlTOn1wmf8Dgrf/XchQVTyEEQygLT8dFz sTZG9gMvTc170iGb9FzpQ+m4JosAdOM7SjnnP1R/3UPFYyuotkS2bqa+uHrEDOyI fgRs84GHgA6sdLQ1i6zIq4jGCwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFFetFGsh SsiBNiERfQ5R7mO9MgcZMB8GA1UdIwQYMBaAFPlzSS7WRpKO0fEN6EZi5VI/VcyN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDg3NS82RDkxQUFCQzU5 MzExMUVBQUEzMUI0MEFDNEY5QUUwMi8tWE5KTHRaR2tvN1I4UTNvUm1MbFVqOVZ6 STAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1YTkpMdFpHa283UjhRM29SbUxsVWo5VnpJMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTA4NzUvNkQ5MUFBQkM1OTMxMTFFQUFBMzFCNDBBQzRGOUFFMDIvMzNDRkU0NDJD MDc1MTFFRTk4MEFFQzBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr5+ADBAItc9wDBAJnMzADBALKBvgwDQQCAAIwBwMFACQC GoAwDQYJKoZIhvcNAQELBQADggEBAC4Fyjwbs7ZHkV+YEOqxERSv8Cds+oAicaGp S8FjjBgBDltu03RbdCbWNIJNBJpBvyAPY7qeHYCVhMR903QEP4vjXr5y+fyksrdR yDPv+8m2Ef+izmCqqByvKQQpYT9amNPw8nsVj/yqRcgXMq3y5vd/sbDsEbrZKG/b HnHEZutQDv1zlo8f5MOirNDdJ5b8NfavKgBtT0NSev1ag1+Ktl1IkVIGfs98/XWZ UFApExbuqzAsrptz2FiChM5l2wHKXd1QZAeki4iVI9iTD2ymVTCaEdZDIl8K5bjc wGHYFxgJjgtSFXBMYzP8GU6yq3uiad4YFoxlnMq4VPCP12xDI7A= -----END CERTIFICATE-----Generated at Tue Nov 4 16:37:31 2025 by rpki-client