$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/230AFEA45DEE11F0B0B1CF4DC4F9AE02.roa File: 230AFEA45DEE11F0B0B1CF4DC4F9AE02.roa (raw, json) Hash identifier: DDcpKf4cwajzPz7iOk0WiFF4+R4nRejRaM+Ry6/ubVg= Subject key identifier: AC:E6:8F:C0:51:F3:B4:B7:96:FF:DE:FA:3A:A4:37:9B:97:DD:0E:12 Certificate issuer: /CN=A91E6A01/serialNumber=A05EC266B3C0BFD6CEB517100BE05C505B943624 Certificate serial: 14 Authority key identifier: A0:5E:C2:66:B3:C0:BF:D6:CE:B5:17:10:0B:E0:5C:50:5B:94:36:24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/230AFEA45DEE11F0B0B1CF4DC4F9AE02.roa Signing time: Fri 11 Jul 2025 04:37:28 +0000 ROA not before: Fri 11 Jul 2025 04:37:28 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 16509 IP address blocks: 203.17.165.0/24 maxlen: 24 203.176.120.0/24 maxlen: 24 203.176.121.0/24 maxlen: 24 2001:df0:219::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.crl rsync://rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6A01, serialNumber=A05EC266B3C0BFD6CEB517100BE05C505B943624 Validity Not Before: Jul 11 04:37:28 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=68709508-cc9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:7b:06:9b:91:2f:c7:ac:5d:7a:9d:09:72:c1: 5e:d3:a5:f6:3f:4a:86:4a:49:8e:d5:3d:02:a0:70: 39:60:78:06:4a:36:bf:76:05:b2:b0:d6:ff:c0:ab: 4a:54:a7:1b:06:63:09:7f:8f:02:91:f2:21:b9:23: 7a:c8:38:b7:65:4c:6d:55:b6:0f:0c:c7:91:87:dc: 00:f5:2d:cd:ee:76:04:7d:76:51:c0:fd:d6:ac:22: a1:4b:6e:22:28:dd:2d:c7:29:ec:e3:fa:6a:82:df: 5d:8a:ff:43:6e:26:e2:98:ab:87:60:e1:55:1c:2a: a4:87:d1:92:bc:a8:55:d3:a7:f2:f7:3f:d9:58:f5: 89:39:47:0f:c7:c0:99:72:9b:43:a4:11:34:91:9d: 18:70:7c:47:24:c3:c1:1b:fa:f7:e4:c8:28:8f:42: 17:ee:b2:6a:88:1f:65:f1:9b:72:5c:59:5e:bc:66: c4:5b:09:00:73:0f:d0:c8:01:10:64:fe:40:a2:75: 32:ec:f4:b7:25:46:9c:1e:57:a5:65:f7:d3:e9:52: 5c:63:11:c7:bb:bf:23:4b:21:35:f1:4a:f2:56:36: cf:fc:f6:b4:de:b5:82:b3:ff:52:74:1e:ce:df:c8: 52:83:4b:0e:6e:39:b1:1e:b2:48:00:47:b0:e7:db: 91:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:E6:8F:C0:51:F3:B4:B7:96:FF:DE:FA:3A:A4:37:9B:97:DD:0E:12 X509v3 Authority Key Identifier: keyid:A0:5E:C2:66:B3:C0:BF:D6:CE:B5:17:10:0B:E0:5C:50:5B:94:36:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oF7CZrPAv9bOtRcQC-BcUFuUNiQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6A01/F64D3B2457A911F08EE42609C4F9AE02/230AFEA45DEE11F0B0B1CF4DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.17.165.0/24 203.176.120.0/23 IPv6: 2001:df0:219::/48 Signature Algorithm: sha256WithRSAEncryption 4b:d0:25:31:0d:18:68:1c:43:f8:4c:45:e1:10:76:ed:8f:a4: ea:d7:5d:7c:e3:03:3c:f1:33:4f:15:8f:42:4e:5c:2e:f1:65: 4f:02:38:d6:b5:3a:fe:47:39:6c:5e:d6:e7:5d:b6:8a:9d:c2: c5:2f:d4:5f:3c:fa:be:7c:63:0a:0e:e6:c0:c6:a0:4c:f1:30: 6f:85:5d:2e:01:45:8a:ba:f6:6b:c7:a2:59:e4:2e:db:a9:48: dd:d3:02:fd:20:22:9a:81:ec:7e:02:00:8f:68:40:7b:c9:9f: 6a:b2:52:72:ea:47:d7:fc:b5:98:ef:b5:67:e8:68:6a:a4:3f: c2:e1:09:4b:5c:ed:16:d9:d8:fb:85:0c:0c:75:89:08:d3:1f: 20:17:bd:5a:fd:78:aa:f0:fc:47:ee:bf:af:36:30:61:1c:12: 08:56:8a:e2:11:3f:3b:28:a2:8f:34:e5:97:78:42:93:e0:d6: 44:2b:10:32:3a:e8:c6:1a:f7:93:5b:af:5a:4b:32:c6:e1:0d: b9:72:13:f5:73:59:b4:bf:9f:a5:4c:ce:34:91:0a:df:ae:44: 44:4c:56:46:6a:2c:03:1b:a3:61:d0:9c:62:f9:1e:ed:6b:e1: 20:57:90:6c:9d:e3:ee:f3:b2:c9:00:6a:32:4f:29:45:32:eb: d4:cd:d2:90 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NkEwMTExMC8GA1UEBRMoQTA1RUMyNjZCM0MwQkZENkNFQjUxNzEwMEJFMDVDNTA1 Qjk0MzYyNDAeFw0yNTA3MTEwNDM3MjhaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NzA5NTA4LWNjOWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCiewabkS/HrF16nQlywV7TpfY/SoZKSY7VPQKgcDlgeAZKNr92BbKw1v/Aq0pU pxsGYwl/jwKR8iG5I3rIOLdlTG1Vtg8Mx5GH3AD1Lc3udgR9dlHA/dasIqFLbiIo 3S3HKezj+mqC312K/0NuJuKYq4dg4VUcKqSH0ZK8qFXTp/L3P9lY9Yk5Rw/HwJly m0OkETSRnRhwfEckw8Eb+vfkyCiPQhfusmqIH2Xxm3JcWV68ZsRbCQBzD9DIARBk /kCidTLs9LclRpweV6Vl99PpUlxjEce7vyNLITXxSvJWNs/89rTetYKz/1J0Hs7f yFKDSw5uObEeskgAR7Dn25EfAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUrOaPwFHz tLeW/976OqQ3m5fdDhIwHwYDVR0jBBgwFoAUoF7CZrPAv9bOtRcQC+BcUFuUNiQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU2QTAxL0Y2NEQzQjI0NTdB OTExRjA4RUU0MjYwOUM0RjlBRTAyL29GN0NaclBBdjliT3RSY1FDLUJjVUZ1VU5p US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb0Y3Q1pyUEF2OWJPdFJjUUMtQmNVRnVVTmlRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NkEwMS9GNjREM0IyNDU3QTkxMUYwOEVFNDI2MDlDNEY5QUUwMi8yMzBBRkVBNDVE RUUxMUYwQjBCMUNGNERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn MCUwEgQCAAEwDAMEAMsRpQMEAcuweDAPBAIAAjAJAwcAIAEN8AIZMA0GCSqGSIb3 DQEBCwUAA4IBAQBL0CUxDRhoHEP4TEXhEHbtj6Tq11184wM88TNPFY9CTlwu8WVP AjjWtTr+RzlsXtbnXbaKncLFL9RfPPq+fGMKDubAxqBM8TBvhV0uAUWKuvZrx6JZ 5C7bqUjd0wL9ICKagex+AgCPaEB7yZ9qslJy6kfX/LWY77Vn6GhqpD/C4QlLXO0W 2dj7hQwMdYkI0x8gF71a/Xiq8PxH7r+vNjBhHBIIVoriET87KKKPNOWXeEKT4NZE KxAyOujGGveTW69aSzLG4Q25chP1c1m0v5+lTM40kQrfrkRETFZGaiwDG6Nh0Jxi +R7ta+EgV5BsnePu87LJAGoyTylFMuvUzdKQ -----END CERTIFICATE-----Generated at Sat Aug 9 15:15:00 2025 by rpki-client