$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/192418F6AA1811EA97BC574CC4F9AE02.roa File: 192418F6AA1811EA97BC574CC4F9AE02.roa (raw, json) Hash identifier: pD7Mj0vJ+e1POLE/byu1PMgPE9cMbD9gxTReb6JuPb4= Subject key identifier: 81:F0:49:D8:59:D1:4C:AC:19:52:A8:64:38:77:1B:0A:72:FC:26:30 Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD Certificate serial: 1EF8 Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/192418F6AA1811EA97BC574CC4F9AE02.roa Signing time: Sun 03 Aug 2025 07:49:53 +0000 ROA not before: Sun 03 Aug 2025 07:49:53 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 24429 IP address blocks: 43.91.0.0/16 maxlen: 24 43.102.128.0/20 maxlen: 24 43.102.144.0/20 maxlen: 24 2404:2280:100::/40 maxlen: 48 2404:2280:200::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7928 (0x1ef8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA198, serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD Validity Not Before: Aug 3 07:49:53 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=688f14a1-a0dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:93:71:d0:5d:49:2a:ab:ed:48:72:b7:29:4c: 65:57:0b:3e:f1:66:e0:53:f1:12:0c:1d:b2:e8:68: 3b:ab:c0:ab:d7:6b:69:17:f4:95:ab:56:ed:a0:4d: 80:b7:4b:d6:c7:ab:9f:d5:a2:78:eb:92:77:30:d7: 99:6c:44:46:a8:2f:9f:3c:c1:8c:a4:0e:e5:01:a3: 82:a5:e5:4f:14:26:71:65:84:ff:59:69:52:f1:a6: 50:d3:3c:22:d5:bc:4a:c1:b5:ef:72:09:4c:45:94: b6:f8:a2:18:b6:4e:4e:d9:ef:f8:1a:b6:23:82:c6: d8:82:75:43:64:14:68:66:ce:73:ce:bc:72:e8:bd: 4a:71:38:df:84:fb:8c:12:9d:e7:6d:c3:80:77:58: 09:da:97:aa:e5:ff:8b:5a:b4:fa:97:98:10:6e:20: 5a:52:23:3b:c8:5f:00:69:f6:49:d4:28:ab:e3:4a: b4:87:f0:50:64:cd:c4:53:cf:f7:23:b8:ee:c4:33: 64:fa:11:b8:e6:33:ff:55:4a:8c:4f:7b:85:40:1c: 30:83:b9:fb:02:8f:c3:96:96:89:c0:fc:97:25:b5: 6a:8c:36:37:ef:5f:08:2c:11:4f:02:31:e5:77:fe: 73:96:cf:75:af:9b:11:9c:db:36:6b:ef:48:be:d1: cc:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:F0:49:D8:59:D1:4C:AC:19:52:A8:64:38:77:1B:0A:72:FC:26:30 X509v3 Authority Key Identifier: keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/192418F6AA1811EA97BC574CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.91.0.0/16 43.102.128.0/19 IPv6: 2404:2280:100::-2404:2280:2ff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 33:01:d9:8b:1a:50:09:03:0d:28:ab:a2:20:b1:41:ce:8e:fd: a3:6e:ae:c7:f7:d1:be:b6:83:fa:3a:6d:07:f9:19:e3:c9:32: 33:e3:eb:d4:3f:cb:e6:25:ae:f2:aa:9f:0f:cd:e7:92:3d:46: 41:ad:89:c1:2f:47:a4:2c:41:af:6f:d6:5c:6a:16:63:6e:9d: 3b:bc:7f:20:f2:7c:d8:ce:50:b2:cc:2f:98:3a:e2:d7:6f:16: 5d:e8:23:73:83:50:c7:41:f9:db:51:42:bc:2f:cd:21:25:9d: 74:fa:a7:9b:e2:de:4f:c7:9c:f6:dc:bb:ef:78:db:08:ee:84: 25:af:6d:7b:94:0c:72:ec:e6:16:d8:98:9c:27:61:dc:bd:f9: 41:25:53:fb:32:42:10:ec:54:fd:53:49:91:16:ad:83:2a:94: f5:6c:30:ce:e4:92:61:cc:c8:0e:04:a3:65:08:00:ed:d0:16: 7f:48:dd:a0:34:54:ad:a9:fa:24:ba:c4:40:a8:85:5a:21:06: 93:fe:d2:cb:05:10:01:21:98:99:56:65:d1:b7:44:3d:be:6e: b0:eb:22:45:ca:a3:45:e7:19:ae:8b:93:34:f7:a5:87:87:61: d7:80:81:b6:45:72:ca:d1:89:13:8d:31:37:94:77:d0:7a:41: da:f2:36:a4 -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgICHvgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG QkNCQkQ4QkQwHhcNMjUwODAzMDc0OTUzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhmMTRhMS1hMGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0JNx0F1JKqvtSHK3KUxlVws+8WbgU/ESDB2y6Gg7q8Cr12tpF/SVq1btoE2A t0vWx6uf1aJ465J3MNeZbERGqC+fPMGMpA7lAaOCpeVPFCZxZYT/WWlS8aZQ0zwi 1bxKwbXvcglMRZS2+KIYtk5O2e/4GrYjgsbYgnVDZBRoZs5zzrxy6L1KcTjfhPuM Ep3nbcOAd1gJ2peq5f+LWrT6l5gQbiBaUiM7yF8AafZJ1Cir40q0h/BQZM3EU8/3 I7juxDNk+hG45jP/VUqMT3uFQBwwg7n7Ao/DlpaJwPyXJbVqjDY3718ILBFPAjHl d/5zls91r5sRnNs2a+9IvtHMIQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFIHwSdhZ 0UysGVKoZDh3Gwpy/CYwMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvMTkyNDE4RjZB QTE4MTFFQTk3QkM1NzRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E LzAtMBEEAgABMAsDAwArWwMEBStmgDAYBAIAAjASMBADBgAkBCKAAQMGACQEIoAC MA0GCSqGSIb3DQEBCwUAA4IBAQAzAdmLGlAJAw0oq6IgsUHOjv2jbq7H99G+toP6 Om0H+RnjyTIz4+vUP8vmJa7yqp8PzeeSPUZBrYnBL0ekLEGvb9ZcahZjbp07vH8g 8nzYzlCyzC+YOuLXbxZd6CNzg1DHQfnbUUK8L80hJZ10+qeb4t5Px5z23LvveNsI 7oQlr217lAxy7OYW2JicJ2HcvflBJVP7MkIQ7FT9U0mRFq2DKpT1bDDO5JJhzMgO BKNlCADt0BZ/SN2gNFStqfokusRAqIVaIQaT/tLLBRABIZiZVmXRt0Q9vm6w6yJF yqNF5xmui5M096WHh2HXgIG2RXLK0YkTjTE3lHfQekHa8jak -----END CERTIFICATE-----Generated at Mon Aug 11 12:54:08 2025 by rpki-client