$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/041803705DEE11F0B3FA764DC4F9AE02.roa File: 041803705DEE11F0B3FA764DC4F9AE02.roa (raw, json) Hash identifier: g234+BOrsFID00gHUsuGQ7ja/TZsYXQzY8A84ZILmbw= Subject key identifier: 32:17:A6:90:E1:B2:37:79:74:4D:69:C6:F4:C5:78:A9:75:EB:9A:D4 Certificate issuer: /CN=A91E6A01/serialNumber=A05EC266B3C0BFD6CEB517100BE05C505B943624 Certificate serial: 13 Authority key identifier: A0:5E:C2:66:B3:C0:BF:D6:CE:B5:17:10:0B:E0:5C:50:5B:94:36:24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/041803705DEE11F0B3FA764DC4F9AE02.roa Signing time: Fri 11 Jul 2025 04:37:28 +0000 ROA not before: Fri 11 Jul 2025 04:37:28 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 14618 IP address blocks: 203.17.165.0/24 maxlen: 24 203.176.120.0/24 maxlen: 24 203.176.121.0/24 maxlen: 24 2001:df0:219::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.crl rsync://rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19 (0x13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6A01, serialNumber=A05EC266B3C0BFD6CEB517100BE05C505B943624 Validity Not Before: Jul 11 04:37:28 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=68709507-efb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ff:ef:43:88:0d:b6:14:14:79:da:09:52:72: 9f:75:f9:16:c8:a7:18:b6:a4:7b:87:c1:3f:8a:35: 3a:1a:01:f1:05:87:29:16:50:a6:ca:8e:f0:ef:ca: 61:48:64:8c:f8:09:88:fa:7d:18:3a:0d:a5:a5:40: 04:57:47:ff:1e:64:85:29:25:49:fe:88:8d:f7:d5: b8:45:61:0e:25:4e:ad:db:9d:d3:e9:3a:82:d9:03: d5:28:aa:7a:5c:24:34:4a:4d:1c:94:05:82:2b:ad: 67:9d:08:98:5c:61:a5:f0:28:a1:41:b8:dc:44:bc: e7:7b:c0:a4:a1:85:3f:7a:82:5b:7b:93:cd:17:3c: f0:95:61:ba:72:d9:af:75:66:05:17:9a:6f:6d:51: bb:18:89:a7:8f:34:71:20:95:3e:ba:a1:fc:1b:54: 86:9d:07:b4:c7:54:01:79:4f:18:c1:61:79:cd:b5: f1:b3:35:c3:40:07:70:05:09:96:3b:fa:4e:e1:83: 2c:67:f8:70:ed:89:d7:dc:6f:36:62:52:61:87:1f: 62:6e:9c:97:14:3e:c0:6f:e5:3f:f9:da:8e:91:9f: c2:46:9c:8a:4d:e0:3e:f6:65:2f:bb:d5:3e:79:46: 58:81:32:7a:e6:dc:a4:b5:cc:e0:c2:93:17:46:8c: b6:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:17:A6:90:E1:B2:37:79:74:4D:69:C6:F4:C5:78:A9:75:EB:9A:D4 X509v3 Authority Key Identifier: keyid:A0:5E:C2:66:B3:C0:BF:D6:CE:B5:17:10:0B:E0:5C:50:5B:94:36:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/041803705DEE11F0B3FA764DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.17.165.0/24 203.176.120.0/23 IPv6: 2001:df0:219::/48 Signature Algorithm: sha256WithRSAEncryption 67:11:38:09:20:98:01:de:38:b3:33:16:4d:e9:cd:66:6a:42: 86:a8:5a:a9:11:37:39:ed:e7:68:29:bc:54:12:1b:eb:fb:8d: 47:d3:8b:0d:54:fa:b1:65:dc:6d:4f:88:c2:c0:4a:0c:bc:47: 7b:14:39:fd:c9:af:0d:2b:c1:13:2f:d0:c8:dc:19:b4:a0:bf: 9c:e4:25:56:5c:12:ed:f9:be:3d:eb:96:bd:89:40:30:48:ab: 35:20:77:9f:e1:0f:6b:28:51:39:ff:13:95:65:f2:dc:48:00: 89:06:8f:e2:d3:0b:3a:ca:df:7b:2f:3e:7a:57:63:04:5b:4e: 92:00:67:91:58:ca:ec:df:57:02:00:42:16:90:4d:4e:95:b9: 8a:4b:0f:6d:92:bd:ea:a8:66:ea:01:5e:fa:39:34:32:67:4c: 5e:fa:82:1b:1f:fb:d3:42:df:57:eb:c5:c9:a0:27:96:a5:48: cd:6c:7b:66:5e:e7:e0:7f:db:76:1e:7f:3d:44:a4:6d:d2:17: 90:7a:5c:9f:35:ef:be:11:15:70:c1:d1:3e:8a:8b:45:f6:66: d9:2a:d4:1d:33:39:67:e1:50:83:18:90:95:96:5f:eb:e9:15: a2:e6:ab:80:d4:82:72:9c:d9:64:d2:ab:3e:e5:f8:9e:97:06: 84:68:95:16 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NkEwMTExMC8GA1UEBRMoQTA1RUMyNjZCM0MwQkZENkNFQjUxNzEwMEJFMDVDNTA1 Qjk0MzYyNDAeFw0yNTA3MTEwNDM3MjhaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NzA5NTA3LWVmYjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCx/+9DiA22FBR52glScp91+RbIpxi2pHuHwT+KNToaAfEFhykWUKbKjvDvymFI ZIz4CYj6fRg6DaWlQARXR/8eZIUpJUn+iI331bhFYQ4lTq3bndPpOoLZA9Uoqnpc JDRKTRyUBYIrrWedCJhcYaXwKKFBuNxEvOd7wKShhT96glt7k80XPPCVYbpy2a91 ZgUXmm9tUbsYiaePNHEglT66ofwbVIadB7THVAF5TxjBYXnNtfGzNcNAB3AFCZY7 +k7hgyxn+HDtidfcbzZiUmGHH2JunJcUPsBv5T/52o6Rn8JGnIpN4D72ZS+71T55 RliBMnrm3KS1zODCkxdGjLYfAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUMhemkOGy N3l0TWnG9MV4qXXrmtQwHwYDVR0jBBgwFoAUoF7CZrPAv9bOtRcQC+BcUFuUNiQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU2QTAxL0Y2NEQzQjI0NTdB OTExRjA4RUU0MjYwOUM0RjlBRTAyL29GN0NaclBBdjliT3RSY1FDLUJjVUZ1VU5p US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb0Y3Q1pyUEF2OWJPdFJjUUMtQmNVRnVVTmlRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NkEwMS9GNjREM0IyNDU3QTkxMUYwOEVFNDI2MDlDNEY5QUUwMi8wNDE4MDM3MDVE RUUxMUYwQjNGQTc2NERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn MCUwEgQCAAEwDAMEAMsRpQMEAcuweDAPBAIAAjAJAwcAIAEN8AIZMA0GCSqGSIb3 DQEBCwUAA4IBAQBnETgJIJgB3jizMxZN6c1makKGqFqpETc57edoKbxUEhvr+41H 04sNVPqxZdxtT4jCwEoMvEd7FDn9ya8NK8ETL9DI3Bm0oL+c5CVWXBLt+b4965a9 iUAwSKs1IHef4Q9rKFE5/xOVZfLcSACJBo/i0ws6yt97Lz56V2MEW06SAGeRWMrs 31cCAEIWkE1OlbmKSw9tkr3qqGbqAV76OTQyZ0xe+oIbH/vTQt9X68XJoCeWpUjN bHtmXufgf9t2Hn89RKRt0heQelyfNe++ERVwwdE+iotF9mbZKtQdMzln4VCDGJCV ll/r6RWi5quA1IJynNlk0qs+5fielwaEaJUW -----END CERTIFICATE-----Generated at Sat Aug 9 23:13:49 2025 by rpki-client