$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/879C6CC6BC0A11EF8387A57BC4F9AE02.roa File: 879C6CC6BC0A11EF8387A57BC4F9AE02.roa (raw, json) Hash identifier: GD8TE1iM2Ym7f93p/1VYDkqCG50V4KFtJCkioUpH7AI= Subject key identifier: C7:78:3F:3C:E5:8E:0B:B9:F6:B2:DF:A8:D6:A6:B1:40:DC:C5:B7:0D Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Certificate serial: 0AB4 Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/879C6CC6BC0A11EF8387A57BC4F9AE02.roa Signing time: Wed 04 Jun 2025 20:05:06 +0000 ROA not before: Wed 04 Jun 2025 20:05:06 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 9229 IP address blocks: 202.174.130.0/24 maxlen: 24 202.174.155.0/24 maxlen: 24 202.174.156.0/24 maxlen: 24 202.174.157.0/24 maxlen: 24 202.174.159.0/24 maxlen: 24 203.88.80.0/24 maxlen: 24 203.88.81.0/24 maxlen: 24 203.88.82.0/24 maxlen: 24 203.88.86.0/24 maxlen: 24 203.88.87.0/24 maxlen: 24 203.88.88.0/24 maxlen: 24 203.88.89.0/24 maxlen: 24 203.88.90.0/24 maxlen: 24 203.88.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 19:38:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2740 (0xab4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B Validity Not Before: Jun 4 20:05:06 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6840a6f2-02f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:98:c7:43:f2:96:51:96:00:e4:76:97:79:cc: 9d:bc:a5:9f:a2:6c:2e:5c:e8:98:57:57:1b:b2:26: 5a:5c:5e:c6:d4:c1:85:9a:f3:78:3e:e9:af:be:c2: 32:6c:54:31:15:96:be:ee:0a:7f:b7:81:0c:d5:5d: 0f:13:b2:c2:2c:0b:d9:a1:37:2f:cc:08:1a:9a:d3: b6:97:d7:66:71:f0:e5:95:bd:34:5b:1e:ba:83:b9: 93:49:17:aa:51:b2:94:18:dd:a8:a5:db:78:3d:70: 0b:06:a1:86:d4:c4:30:1a:d6:9a:a7:19:dc:03:16: 90:cd:8f:31:ae:10:8c:6a:3b:a3:f2:75:25:61:38: 98:b3:b9:b9:a8:32:26:79:d4:76:e6:1a:e0:43:85: 64:a4:bd:f3:67:6f:6c:7b:01:40:e2:e3:c7:81:c7: 31:24:e6:f9:1a:4f:3e:50:e2:e2:46:b0:c6:45:90: 8e:e0:d1:ff:cc:7c:98:59:2b:eb:90:db:0d:e6:28: 05:69:6c:4d:60:9f:3e:31:b2:cb:63:ae:96:f9:d7: be:60:8b:3a:35:2b:74:a6:02:6f:d1:19:fa:c9:8d: 47:f9:e5:f8:11:5f:9c:3d:ab:7d:b3:08:f7:fe:73: 82:38:d3:7c:53:24:94:32:cf:01:8e:50:9c:90:fc: 1a:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:78:3F:3C:E5:8E:0B:B9:F6:B2:DF:A8:D6:A6:B1:40:DC:C5:B7:0D X509v3 Authority Key Identifier: keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/879C6CC6BC0A11EF8387A57BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.174.130.0/24 202.174.155.0-202.174.157.255 202.174.159.0/24 203.88.80.0-203.88.82.255 203.88.86.0-203.88.90.255 203.88.95.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:0c:71:e7:b7:9e:25:2d:e8:58:b0:cc:94:d5:44:6d:50:93: 35:a9:36:b4:79:e7:a9:5d:d4:5a:9d:46:06:f8:83:d9:6d:ed: c1:ba:46:c3:cd:d6:39:e5:ce:9f:94:98:87:9a:b0:8f:af:60: 22:85:6c:39:c5:20:1c:58:02:75:28:d1:0e:96:63:85:f3:90: 3f:82:15:cb:a5:2b:d3:34:c2:90:e4:6e:9a:83:1c:44:66:8a: bd:0f:21:9c:9e:e5:7d:0d:27:d7:b5:62:e9:1a:4b:52:5a:01: 32:e6:d4:51:7b:a2:89:d2:33:56:2d:d2:71:47:25:5c:90:69: fc:b2:5b:3d:b3:88:7a:1f:ce:69:ef:3b:a3:bc:66:6e:0b:e6: a5:94:f5:e2:f9:d1:a3:45:11:64:aa:0f:52:4c:8e:d5:87:75: 5a:64:d2:84:14:cb:d9:96:69:2f:91:36:ef:8c:59:48:82:1d: 2d:3e:c7:fe:c9:ac:ba:e8:b0:62:24:97:b0:b9:81:67:33:e3: 9d:1b:1d:8c:ee:66:19:61:96:f4:4d:24:cb:be:c3:0a:5e:08: 1c:ea:a1:94:75:a6:b3:fa:e4:29:3f:f5:8d:f3:08:30:ef:0e: 4f:ee:2b:a3:b5:0a:e4:5d:0d:5d:a5:1f:29:0d:19:0a:4f:39: a4:cd:dc:26 -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgICCrQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw OEM3NDNENEIwHhcNMjUwNjA0MjAwNTA2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQwYTZmMi0wMmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnJjHQ/KWUZYA5HaXecydvKWfomwuXOiYV1cbsiZaXF7G1MGFmvN4PumvvsIy bFQxFZa+7gp/t4EM1V0PE7LCLAvZoTcvzAgamtO2l9dmcfDllb00Wx66g7mTSReq UbKUGN2opdt4PXALBqGG1MQwGtaapxncAxaQzY8xrhCMajuj8nUlYTiYs7m5qDIm edR25hrgQ4VkpL3zZ29sewFA4uPHgccxJOb5Gk8+UOLiRrDGRZCO4NH/zHyYWSvr kNsN5igFaWxNYJ8+MbLLY66W+de+YIs6NSt0pgJv0Rn6yY1H+eX4EV+cPat9swj3 /nOCONN8UySUMs8BjlCckPwa9wIDAQABo4ICyzCCAscwHQYDVR0OBBYEFMd4Pzzl jgu59rLfqNamsUDcxbcNMB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTNFMjcvRjM4ODg3NjY2RjNBMTFFQTk4NDAxMzNEQzRGOUFFMDIvODc5QzZDQzZC QzBBMTFFRjgzODdBNTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E RjBEMEIEAgABMDwDBADKroIwDAMEAMqumwMEAcqunAMEAMqunzAMAwQEy1hQAwQA y1hSMAwDBAHLWFYDBADLWFoDBADLWF8wDQYJKoZIhvcNAQELBQADggEBAAsMcee3 niUt6FiwzJTVRG1QkzWpNrR556ld1FqdRgb4g9lt7cG6RsPN1jnlzp+UmIeasI+v YCKFbDnFIBxYAnUo0Q6WY4XzkD+CFculK9M0wpDkbpqDHERmir0PIZye5X0NJ9e1 YukaS1JaATLm1FF7oonSM1Yt0nFHJVyQafyyWz2ziHofzmnvO6O8Zm4L5qWU9eL5 0aNFEWSqD1JMjtWHdVpk0oQUy9mWaS+RNu+MWUiCHS0+x/7JrLrosGIkl7C5gWcz 450bHYzuZhlhlvRNJMu+wwpeCBzqoZR1prP65Ck/9Y3zCDDvDk/uK6O1CuRdDV2l HykNGQpPOaTN3CY= -----END CERTIFICATE-----Generated at Fri Jun 20 04:36:38 2025 by rpki-client