$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/06820D08961011ECA540626AC4F9AE02.roa File: 06820D08961011ECA540626AC4F9AE02.roa (raw, json) Hash identifier: XbxtLk1+2CfWndcMlMOnwCxgbfEchquqUDJGfTWj61E= Subject key identifier: A8:E3:B3:32:E5:D7:04:56:3A:DC:FD:2F:4A:1E:2D:4E:71:2C:B6:E8 Certificate issuer: /CN=A91E504E/serialNumber=E477D38AAAC4A37CC6DF1665BF1C880AF99B7B4F Certificate serial: 03E1 Authority key identifier: E4:77:D3:8A:AA:C4:A3:7C:C6:DF:16:65:BF:1C:88:0A:F9:9B:7B:4F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/06820D08961011ECA540626AC4F9AE02.roa Signing time: Fri 01 Aug 2025 02:07:37 +0000 ROA not before: Fri 01 Aug 2025 02:07:37 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 133199 IP address blocks: 208.87.200.0/24 maxlen: 24 208.87.201.0/24 maxlen: 24 208.87.202.0/24 maxlen: 24 208.87.203.0/24 maxlen: 24 208.87.204.0/24 maxlen: 24 208.87.205.0/24 maxlen: 24 208.87.206.0/24 maxlen: 24 208.87.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.crl rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 993 (0x3e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E504E, serialNumber=E477D38AAAC4A37CC6DF1665BF1C880AF99B7B4F Validity Not Before: Aug 1 02:07:37 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=688c2169-1a79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:db:a5:d2:61:5e:35:43:e9:48:f0:3d:28:85: ad:86:d1:a9:1a:5a:09:ee:c8:51:d4:23:9d:72:67: db:7b:a5:7d:a4:3f:92:c4:92:1a:8f:85:6e:8f:cd: 28:ec:3c:05:f0:4a:4b:54:9d:5c:bc:56:14:bb:29: b6:09:45:be:d5:5b:1b:1e:6d:20:5f:8f:20:fb:60: ab:fd:31:ec:67:15:ea:48:41:80:cf:4f:c8:67:51: b3:cd:de:52:18:a2:a3:c8:eb:3d:02:19:fc:b5:a3: f4:75:2a:69:f5:85:84:74:24:f7:56:6d:23:b3:f4: ac:0e:eb:c9:c3:f6:7c:76:54:46:41:40:8b:fe:d6: 1d:47:bd:42:29:7e:5a:52:3e:29:88:1e:93:86:a0: 63:88:9a:df:51:ca:04:40:e8:4b:cd:d4:06:3e:b3: d7:b6:1a:c2:d7:5d:99:17:2c:8e:44:01:97:a7:32: fd:15:01:cc:b3:ef:51:b7:a2:f5:69:61:9a:57:4a: a7:7c:0d:0d:3f:82:8f:91:18:a5:d4:28:52:cd:64: 7d:fa:08:52:b1:85:47:8f:b9:fd:32:ee:97:94:8f: d6:81:c2:51:28:73:56:3c:0a:e7:12:8a:09:e7:26: b1:54:d6:d5:77:95:d3:27:5e:08:fa:03:73:24:e6: 33:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:E3:B3:32:E5:D7:04:56:3A:DC:FD:2F:4A:1E:2D:4E:71:2C:B6:E8 X509v3 Authority Key Identifier: keyid:E4:77:D3:8A:AA:C4:A3:7C:C6:DF:16:65:BF:1C:88:0A:F9:9B:7B:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/06820D08961011ECA540626AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 208.87.200.0/21 Signature Algorithm: sha256WithRSAEncryption ae:9a:16:2d:2c:00:34:9d:50:75:e3:a4:b4:e2:cb:15:e3:d1: e2:00:b6:26:c9:d3:27:92:54:da:8c:12:5b:ad:08:22:22:eb: de:45:c3:32:7e:7e:46:81:0b:23:11:15:5b:9c:27:91:f7:e3: ae:8b:2b:21:e9:ed:c8:9f:cc:b3:7b:1e:4e:d8:16:0a:6c:c9: 50:06:df:cb:6e:25:34:e6:0f:d3:84:50:5f:08:c0:81:14:97: b0:91:69:bf:f9:49:25:5b:a6:e5:0d:35:85:61:54:82:0a:22: 91:53:44:e8:d9:de:7d:07:ba:87:b7:6a:db:db:02:cd:69:29: 97:26:d1:b9:8c:77:61:f7:7f:f9:66:da:5e:91:0b:9f:49:f1: 1e:7d:b9:c3:d5:c1:50:4c:97:b9:82:a2:37:d6:9e:3b:27:06: a3:bf:24:bb:7b:42:46:93:0b:f1:04:f9:0e:0a:d1:6d:44:ae: d5:33:41:4c:21:01:c7:9c:c6:82:5a:09:f5:7a:6d:d2:69:88: 83:b0:3f:78:df:be:2c:9d:f2:2c:77:bd:8b:5f:12:3d:01:bf: 05:b7:d9:cf:aa:96:77:0b:45:3f:3b:17:8b:92:79:79:38:e8: 3c:08:9f:98:43:b5:f0:31:4e:6f:b3:9c:26:c9:ef:61:78:56: e0:44:99:2c -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICA+EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTUwNEUxMTAvBgNVBAUTKEU0NzdEMzhBQUFDNEEzN0NDNkRGMTY2NUJGMUM4ODBB Rjk5QjdCNEYwHhcNMjUwODAxMDIwNzM3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhjMjE2OS0xYTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAltul0mFeNUPpSPA9KIWthtGpGloJ7shR1COdcmfbe6V9pD+SxJIaj4Vuj80o 7DwF8EpLVJ1cvFYUuym2CUW+1VsbHm0gX48g+2Cr/THsZxXqSEGAz0/IZ1Gzzd5S GKKjyOs9Ahn8taP0dSpp9YWEdCT3Vm0js/SsDuvJw/Z8dlRGQUCL/tYdR71CKX5a Uj4piB6ThqBjiJrfUcoEQOhLzdQGPrPXthrC112ZFyyORAGXpzL9FQHMs+9Rt6L1 aWGaV0qnfA0NP4KPkRil1ChSzWR9+ghSsYVHj7n9Mu6XlI/WgcJRKHNWPArnEooJ 5yaxVNbVd5XTJ14I+gNzJOYzdwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKjjszLl 1wRWOtz9L0oeLU5xLLboMB8GA1UdIwQYMBaAFOR304qqxKN8xt8WZb8ciAr5m3tP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS80RTNFMzY3RTk2 MDgxMUVDQTA0QTAwODZDNEY5QUUwMi81SGZUaXFyRW8zekczeFpsdnh5SUN2bWJl MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVIZlRpcXJFbzN6RzN4Wmx2eHlJQ3ZtYmUwOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTUwNEUvNEUzRTM2N0U5NjA4MTFFQ0EwNEEwMDg2QzRGOUFFMDIvMDY4MjBEMDg5 NjEwMTFFQ0E1NDA2MjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAPQV8gwDQYJKoZIhvcNAQELBQADggEBAK6aFi0sADSdUHXj pLTiyxXj0eIAtibJ0yeSVNqMElutCCIi695FwzJ+fkaBCyMRFVucJ5H3466LKyHp 7cifzLN7Hk7YFgpsyVAG38tuJTTmD9OEUF8IwIEUl7CRab/5SSVbpuUNNYVhVIIK IpFTROjZ3n0Huoe3atvbAs1pKZcm0bmMd2H3f/lm2l6RC59J8R59ucPVwVBMl7mC ojfWnjsnBqO/JLt7QkaTC/EE+Q4K0W1ErtUzQUwhAcecxoJaCfV6bdJpiIOwP3jf viyd8ix3vYtfEj0BvwW32c+qlncLRT87F4uSeXk46DwIn5hDtfAxTm+znCbJ72F4 VuBEmSw= -----END CERTIFICATE-----Generated at Sat Aug 9 15:16:41 2025 by rpki-client