$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/2815E7D4BF4211E9A93A3957C4F9AE02.roa File: 2815E7D4BF4211E9A93A3957C4F9AE02.roa (raw, json) Hash identifier: q2QK7nleDfVKJdydH1BhBELt50ggXZGsQHTMsb+GgzQ= Subject key identifier: 26:65:22:DE:6A:DF:05:AA:3E:1F:69:EA:B6:2B:63:BB:26:FE:E0:5D Certificate issuer: /CN=A91E2AE5/serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D Certificate serial: 2B5F Authority key identifier: B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/2815E7D4BF4211E9A93A3957C4F9AE02.roa Signing time: Fri 28 Feb 2025 15:52:35 +0000 ROA not before: Fri 28 Feb 2025 15:52:35 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 9988 IP address blocks: 43.224.40.0/22 maxlen: 24 103.25.12.0/22 maxlen: 22 203.81.64.0/19 maxlen: 19 203.81.64.0/21 maxlen: 22 203.81.72.0/21 maxlen: 22 203.81.76.0/24 maxlen: 24 203.81.80.0/21 maxlen: 22 203.81.84.0/24 maxlen: 24 203.81.85.0/24 maxlen: 24 203.81.88.0/21 maxlen: 22 203.81.92.0/24 maxlen: 24 203.81.93.0/24 maxlen: 24 203.81.95.0/24 maxlen: 24 2401:f200::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:35:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11103 (0x2b5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2AE5, serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D Validity Not Before: Feb 28 15:52:35 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67c1dbc3-2bfe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:8c:da:8b:63:31:6c:60:9c:38:9c:ff:89:a8: 1e:af:b8:a6:dc:63:45:02:bf:93:68:ad:02:12:7d: e5:47:4f:d6:86:c6:fc:f2:d2:5b:ac:72:03:87:69: 18:33:b9:48:b8:83:19:80:4d:44:91:0e:b9:07:b4: 84:c1:6b:55:09:5a:fd:03:58:d8:6d:5f:17:35:01: da:37:8a:af:43:01:d2:21:7d:fa:c3:88:4c:fa:52: a9:4b:15:70:b8:f3:61:13:1f:b9:ba:22:73:cb:9c: 0a:5b:df:fe:1a:b4:be:7d:df:be:58:33:c6:27:af: 0c:44:b9:13:92:51:f5:61:a6:79:0f:37:31:bf:84: fb:13:8e:7c:f1:83:c3:2d:70:0f:e2:81:e1:68:5f: 8e:0e:b3:21:4d:82:37:43:36:e3:98:56:a2:67:b9: b2:b7:f9:de:0c:b3:19:9b:ab:f2:3d:bb:fd:08:ae: 68:c9:fe:cc:bc:73:3a:45:a1:5f:e0:9d:2f:8e:86: b0:81:f6:7b:b3:e6:2b:7d:0b:1a:81:53:bb:90:8f: b1:32:80:04:18:13:e4:94:51:37:e5:2b:66:d5:10: dc:d0:ea:ae:b2:89:cd:6f:78:54:c0:53:0d:a9:80: a8:ff:e7:c6:65:4e:17:d1:f8:df:cf:57:a1:68:3f: 6c:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:65:22:DE:6A:DF:05:AA:3E:1F:69:EA:B6:2B:63:BB:26:FE:E0:5D X509v3 Authority Key Identifier: keyid:B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/2815E7D4BF4211E9A93A3957C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.40.0/22 103.25.12.0/22 203.81.64.0/19 IPv6: 2401:f200::/32 Signature Algorithm: sha256WithRSAEncryption 79:6c:75:b4:7d:b0:c0:d1:0f:84:9b:8c:fe:8d:43:34:63:0e: ce:25:57:4e:ba:cb:18:c6:44:d0:58:59:4f:fc:22:08:85:fa: 2f:3f:e8:95:c0:e6:65:06:79:87:01:45:ac:b8:a1:41:54:74: 91:a2:11:be:92:e8:98:62:cd:78:59:4d:ff:12:fc:21:28:c4: 1d:f1:c3:a4:f7:33:44:11:ea:0c:c8:66:69:29:2c:06:2f:70: df:8d:f5:09:98:77:31:df:cd:90:59:7e:15:42:ea:d5:a5:0b: 29:cd:bf:0f:04:9c:0b:e5:a0:6a:4f:94:65:79:a0:38:72:b3: e0:90:be:19:84:6f:49:42:21:55:58:ba:59:70:24:65:c0:a4: e3:a8:f4:50:da:69:db:8b:b2:88:e1:81:4a:b7:3e:e4:ae:14: 15:1e:de:36:d0:ef:41:fc:75:40:2b:1c:27:6f:02:65:4b:b6: 25:95:84:c7:9d:1e:19:2c:dd:1e:b5:88:2c:32:82:58:d4:bb: 46:f3:36:99:77:b1:59:05:21:a4:e4:d7:5c:6b:eb:9c:19:03: 76:dd:b6:9a:66:75:64:3d:80:43:b5:98:d2:61:88:82:b5:92: ce:fb:0f:c7:85:c5:f6:a8:0c:7e:1a:d0:ca:39:40:25:95:7f: 48:05:85:a7 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICK18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJBRTUxMTAvBgNVBAUTKEI0M0E1QTYwRDQ2ODA2QTY5RkZFRjdDNjc2MjE5RUM0 QkE4QkEzNkQwHhcNMjUwMjI4MTU1MjM1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2MxZGJjMy0yYmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlYzai2MxbGCcOJz/iager7im3GNFAr+TaK0CEn3lR0/Whsb88tJbrHIDh2kY M7lIuIMZgE1EkQ65B7SEwWtVCVr9A1jYbV8XNQHaN4qvQwHSIX36w4hM+lKpSxVw uPNhEx+5uiJzy5wKW9/+GrS+fd++WDPGJ68MRLkTklH1YaZ5Dzcxv4T7E4588YPD LXAP4oHhaF+ODrMhTYI3QzbjmFaiZ7myt/neDLMZm6vyPbv9CK5oyf7MvHM6RaFf 4J0vjoawgfZ7s+YrfQsagVO7kI+xMoAEGBPklFE35Stm1RDc0OqusonNb3hUwFMN qYCo/+fGZU4X0fjfz1ehaD9seQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFCZlIt5q 3wWqPh9p6rYrY7sm/uBdMB8GA1UdIwQYMBaAFLQ6WmDUaAamn/73xnYhnsS6i6Nt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkFFNS84RDNFNTRFQUVE NTkxMUUzQjA5MDExOTI1OTExRUEzMi90RHBhWU5Sb0JxYWZfdmZHZGlHZXhMcUxv MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3REcGFZTlJvQnFhZl92ZkdkaUdleExxTG8yMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTJBRTUvOEQzRTU0RUFFRDU5MTFFM0IwOTAxMTkyNTkxMUVBMzIvMjgxNUU3RDRC RjQyMTFFOUE5M0EzOTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAIr4CgDBAJnGQwDBAXLUUAwDQQCAAIwBwMFACQB8gAwDQYJ KoZIhvcNAQELBQADggEBAHlsdbR9sMDRD4SbjP6NQzRjDs4lV066yxjGRNBYWU/8 IgiF+i8/6JXA5mUGeYcBRay4oUFUdJGiEb6S6JhizXhZTf8S/CEoxB3xw6T3M0QR 6gzIZmkpLAYvcN+N9QmYdzHfzZBZfhVC6tWlCynNvw8EnAvloGpPlGV5oDhys+CQ vhmEb0lCIVVYullwJGXApOOo9FDaaduLsojhgUq3PuSuFBUe3jbQ70H8dUArHCdv AmVLtiWVhMedHhks3R61iCwygljUu0bzNpl3sVkFIaTk11xr65wZA3bdtppmdWQ9 gEO1mNJhiIK1ks77D8eFxfaoDH4a0Mo5QCWVf0gFhac= -----END CERTIFICATE-----Generated at Wed Nov 5 11:46:14 2025 by rpki-client