$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1AD0/86EF4BDE66CA11EBAC642735C4F9AE02/8BA860DC616D11F0AD24140DC4F9AE02.roa File: 8BA860DC616D11F0AD24140DC4F9AE02.roa (raw, json) Hash identifier: xJy7YQZ0crPXG5O6plEG8C2d99XDJF1XleSB4LHWL0A= Subject key identifier: 87:56:BD:BB:9F:30:8D:9E:43:FE:3A:C3:50:2E:5B:2A:10:BF:DC:B3 Certificate issuer: /CN=A91F1AD0/serialNumber=4302125EFB149E451560C7495B7D43CD9E9ACFF7 Certificate serial: 06CA Authority key identifier: 43:02:12:5E:FB:14:9E:45:15:60:C7:49:5B:7D:43:CD:9E:9A:CF:F7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QwISXvsUnkUVYMdJW31DzZ6az_c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F1AD0/86EF4BDE66CA11EBAC642735C4F9AE02/8BA860DC616D11F0AD24140DC4F9AE02.roa Signing time: Tue 15 Jul 2025 11:19:17 +0000 ROA not before: Tue 15 Jul 2025 11:19:17 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 137236 IP address blocks: 43.226.12.0/22 maxlen: 24 103.101.80.0/22 maxlen: 24 202.8.72.0/22 maxlen: 24 2401:ccc0::/33 maxlen: 36 2401:ccc0:8000::/33 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F1AD0/86EF4BDE66CA11EBAC642735C4F9AE02/QwISXvsUnkUVYMdJW31DzZ6az_c.crl rsync://rpki.apnic.net/member_repository/A91F1AD0/86EF4BDE66CA11EBAC642735C4F9AE02/QwISXvsUnkUVYMdJW31DzZ6az_c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QwISXvsUnkUVYMdJW31DzZ6az_c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1738 (0x6ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F1AD0, serialNumber=4302125EFB149E451560C7495B7D43CD9E9ACFF7 Validity Not Before: Jul 15 11:19:17 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=68763935-6818 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b8:a6:71:9c:f6:a3:14:94:05:22:d8:b7:21: fe:d4:c5:15:de:f4:7b:26:dd:02:81:61:05:30:ef: 81:3c:e1:a2:4e:33:8a:99:18:83:94:0b:e4:07:85: 04:a1:9f:8f:9d:91:40:6c:af:12:6c:3b:b6:13:95: 42:47:16:d3:61:a2:06:2e:65:e0:c2:7b:b1:c5:10: 93:73:90:98:8c:d6:15:39:76:4b:fe:65:5a:cc:fd: 62:4b:09:62:fd:d9:f3:b0:ed:fc:29:71:dd:a4:45: bb:73:04:98:23:a8:75:b0:6d:1c:23:d7:43:95:93: 8b:ac:d6:c7:c6:5e:80:39:b8:b6:c6:d9:2f:de:9d: 41:cd:53:f4:60:91:e9:ed:b9:20:a2:d2:91:81:c8: a3:a7:a8:05:29:cb:8b:62:a3:4a:80:26:7b:f0:13: bd:da:31:26:74:da:d4:da:05:c4:b2:8e:54:53:8f: 67:3e:af:db:47:2a:b6:c4:be:53:f3:18:0c:30:af: b1:0f:9f:b0:8b:38:9f:d7:df:7b:13:da:b7:e4:17: 11:cd:f0:44:72:cc:4d:a7:81:e2:c3:7e:3c:0f:50: 74:e3:ab:af:0a:d5:30:29:fa:23:16:33:a4:2c:70: af:81:bc:ab:92:99:49:00:3f:8b:f2:c9:c6:67:c5: 4c:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:56:BD:BB:9F:30:8D:9E:43:FE:3A:C3:50:2E:5B:2A:10:BF:DC:B3 X509v3 Authority Key Identifier: keyid:43:02:12:5E:FB:14:9E:45:15:60:C7:49:5B:7D:43:CD:9E:9A:CF:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F1AD0/86EF4BDE66CA11EBAC642735C4F9AE02/QwISXvsUnkUVYMdJW31DzZ6az_c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QwISXvsUnkUVYMdJW31DzZ6az_c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1AD0/86EF4BDE66CA11EBAC642735C4F9AE02/8BA860DC616D11F0AD24140DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.226.12.0/22 103.101.80.0/22 202.8.72.0/22 IPv6: 2401:ccc0::/32 Signature Algorithm: sha256WithRSAEncryption 8b:e7:bd:6f:f5:19:38:c9:f5:97:2f:8a:14:fe:30:9c:7c:e0: 59:dc:21:bb:5d:90:3e:ec:b2:f4:58:f2:7a:37:2c:98:4f:34: af:a2:01:de:60:db:84:66:50:a7:d6:e5:92:aa:db:24:73:da: 01:4e:a8:87:06:2a:40:e8:7c:31:53:5b:b3:aa:d3:a5:0f:89: e6:82:0e:12:27:da:64:66:73:0c:e9:6c:8c:ad:ae:7b:69:45: 73:de:ea:1a:22:8a:b0:52:92:1a:6d:e6:71:25:f9:86:3f:c4: d4:d7:e9:e9:01:ea:16:e0:9b:76:32:ca:c9:33:1c:f7:68:25: b1:1a:b6:7c:95:ef:e5:1f:6e:23:99:e3:b0:34:a1:92:91:6e: 36:16:f5:a0:81:c8:1a:3f:08:0f:8c:7b:c6:de:91:b3:67:3b: 5f:22:ed:30:87:af:84:9c:af:b5:ba:0b:1c:c8:84:73:b1:c0: d8:ed:61:f2:54:51:65:29:2e:50:6e:21:ea:77:3f:04:15:81: 53:3d:2f:08:5c:01:2f:aa:a8:25:14:7f:62:a0:e5:fb:75:8d: 2f:62:43:19:4d:33:04:27:89:a0:94:5c:8f:f9:5d:4a:36:32: 0d:c6:f1:85:cf:d7:20:95:48:59:a2:f9:b9:45:6d:23:ce:bf: ba:b6:35:c8 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICBsowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjFBRDAxMTAvBgNVBAUTKDQzMDIxMjVFRkIxNDlFNDUxNTYwQzc0OTVCN0Q0M0NE OUU5QUNGRjcwHhcNMjUwNzE1MTExOTE3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODc2MzkzNS02ODE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv7imcZz2oxSUBSLYtyH+1MUV3vR7Jt0CgWEFMO+BPOGiTjOKmRiDlAvkB4UE oZ+PnZFAbK8SbDu2E5VCRxbTYaIGLmXgwnuxxRCTc5CYjNYVOXZL/mVazP1iSwli /dnzsO38KXHdpEW7cwSYI6h1sG0cI9dDlZOLrNbHxl6AObi2xtkv3p1BzVP0YJHp 7bkgotKRgcijp6gFKcuLYqNKgCZ78BO92jEmdNrU2gXEso5UU49nPq/bRyq2xL5T 8xgMMK+xD5+wizif1997E9q35BcRzfBEcsxNp4Hiw348D1B046uvCtUwKfojFjOk LHCvgbyrkplJAD+L8snGZ8VMVQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFIdWvbuf MI2eQ/46w1AuWyoQv9yzMB8GA1UdIwQYMBaAFEMCEl77FJ5FFWDHSVt9Q82ems/3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMUFEMC84NkVGNEJERTY2 Q0ExMUVCQUM2NDI3MzVDNEY5QUUwMi9Rd0lTWHZzVW5rVVZZTWRKVzMxRHpaNmF6 X2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1F3SVNYdnNVbmtVVllNZEpXMzFEelo2YXpfYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjFBRDAvODZFRjRCREU2NkNBMTFFQkFDNjQyNzM1QzRGOUFFMDIvOEJBODYwREM2 MTZEMTFGMEFEMjQxNDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAIr4gwDBAJnZVADBALKCEgwDQQCAAIwBwMFACQBzMAwDQYJ KoZIhvcNAQELBQADggEBAIvnvW/1GTjJ9ZcvihT+MJx84FncIbtdkD7ssvRY8no3 LJhPNK+iAd5g24RmUKfW5ZKq2yRz2gFOqIcGKkDofDFTW7Oq06UPieaCDhIn2mRm cwzpbIytrntpRXPe6hoiirBSkhpt5nEl+YY/xNTX6ekB6hbgm3YyyskzHPdoJbEa tnyV7+UfbiOZ47A0oZKRbjYW9aCByBo/CA+Me8bekbNnO18i7TCHr4Scr7W6CxzI hHOxwNjtYfJUUWUpLlBuIep3PwQVgVM9LwhcAS+qqCUUf2Kg5ft1jS9iQxlNMwQn iaCUXI/5XUo2Mg3G8YXP1yCVSFmi+blFbSPOv7q2Ncg= -----END CERTIFICATE-----Generated at Sun Aug 10 04:14:51 2025 by rpki-client