$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/C4662D3A5FD311EDAE56DD7FC4F9AE02.roa File: C4662D3A5FD311EDAE56DD7FC4F9AE02.roa (raw, json) Hash identifier: zBHdHSF63R8mEEZ+rYJDH444w3w2BlTQcVaLo7TdbJw= Subject key identifier: F2:B5:CD:D3:07:7E:2A:44:1B:18:A6:08:1D:83:79:FF:4B:86:E5:5A Certificate issuer: /CN=A91F8A41/serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14 Certificate serial: 0710 Authority key identifier: CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/C4662D3A5FD311EDAE56DD7FC4F9AE02.roa Signing time: Sat 10 May 2025 22:22:16 +0000 ROA not before: Sat 10 May 2025 22:22:16 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 10101 IP address blocks: 202.152.64.0/19 maxlen: 19 202.152.64.0/24 maxlen: 24 202.152.65.0/24 maxlen: 24 202.152.66.0/24 maxlen: 24 202.152.67.0/24 maxlen: 24 202.152.68.0/24 maxlen: 24 202.152.69.0/24 maxlen: 24 202.152.70.0/24 maxlen: 24 202.152.71.0/24 maxlen: 24 202.152.72.0/24 maxlen: 24 202.152.73.0/24 maxlen: 24 202.152.76.0/22 maxlen: 22 202.152.76.0/24 maxlen: 24 202.152.77.0/24 maxlen: 24 202.152.78.0/24 maxlen: 24 202.152.79.0/24 maxlen: 24 202.152.80.0/24 maxlen: 24 202.152.81.0/24 maxlen: 24 202.152.82.0/24 maxlen: 24 202.152.83.0/24 maxlen: 24 202.152.84.0/24 maxlen: 24 202.152.85.0/24 maxlen: 24 202.152.86.0/24 maxlen: 24 202.152.87.0/24 maxlen: 24 202.152.88.0/22 maxlen: 22 202.152.92.0/24 maxlen: 24 202.152.93.0/24 maxlen: 24 202.152.94.0/24 maxlen: 24 202.152.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 22:19:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1808 (0x710) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8A41, serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14 Validity Not Before: May 10 22:22:16 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681fd198-4cc3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:53:15:d2:27:86:bd:f6:d2:15:5f:b2:ff:16: ec:fc:e2:ec:34:fb:77:9b:dd:28:f0:b5:5c:d0:6b: 97:64:ad:31:9c:90:5a:74:d3:76:36:24:1f:a9:8b: 4f:47:d3:36:cf:5d:f8:5c:7f:50:d8:76:e3:1c:ec: 41:69:1a:6e:48:98:28:1f:ee:8e:61:15:4b:3e:63: 15:a1:bf:12:29:8d:7c:9f:ed:1b:48:c8:fb:19:2e: 24:5a:ef:03:14:66:1c:aa:3b:2c:9f:0d:d5:d9:69: 7f:99:b8:45:9b:5b:8c:06:5e:4a:d3:3e:9b:38:d8: d7:8d:60:3c:4c:c7:43:64:fc:16:94:5e:e5:8d:90: d1:7e:96:fe:d3:bf:2d:39:1b:c7:b4:12:c2:81:c6: b1:b2:81:28:96:76:96:00:00:09:91:a7:cb:9b:ef: c6:7c:25:68:3e:7b:42:8d:ba:ef:ff:5a:eb:36:fa: 3a:ab:99:25:b6:31:a1:0d:29:a9:ae:89:c9:4a:eb: 60:16:5b:7e:84:a9:79:3c:b0:fc:25:9d:c1:75:ac: 0a:3c:62:f9:18:4c:4b:f8:2c:f7:b7:fd:d1:4f:06: d5:db:93:25:d3:af:1f:bb:96:78:00:ec:40:2a:3e: a5:b2:95:ce:43:e8:9c:3c:e0:07:95:93:25:6e:7e: 84:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:B5:CD:D3:07:7E:2A:44:1B:18:A6:08:1D:83:79:FF:4B:86:E5:5A X509v3 Authority Key Identifier: keyid:CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/C4662D3A5FD311EDAE56DD7FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.152.64.0/19 Signature Algorithm: sha256WithRSAEncryption d1:d1:96:a0:0c:e1:b8:fb:32:dd:14:59:ea:d2:36:4c:9b:79: d7:ec:14:02:30:a4:49:6b:d9:e4:45:84:95:6b:34:30:a2:94: ff:e8:b0:8c:6e:d2:6c:0a:4d:8d:33:9c:37:80:23:1f:fc:da: 2f:e3:a1:e1:0d:32:17:d5:17:a2:c6:53:bb:08:84:3d:c9:8d: be:e3:20:f6:1a:e0:be:ac:5a:73:8f:15:42:7a:6b:64:49:96: d4:76:13:4c:f8:53:a7:2d:ff:0d:d3:a5:6d:d8:57:49:bd:02: 10:60:02:52:40:f3:c8:36:2f:e4:06:fd:56:81:aa:48:7e:8b: 92:1d:c9:c3:03:eb:03:10:06:bb:b9:b9:14:b9:3a:ae:ba:d2: e0:a1:19:fb:25:a4:26:bd:a9:46:ea:ea:4c:47:39:b5:7e:83: 33:c4:7e:28:ce:3c:51:b1:6e:1c:01:f8:5a:35:68:1f:61:68: 2a:ac:4e:71:da:fa:e4:46:5d:db:a2:ea:df:cf:cd:8d:9d:09: 69:2c:9b:6d:f9:49:76:5e:c6:69:21:f9:02:de:25:71:f9:27: d7:60:25:0f:4e:e4:da:10:29:1c:cc:a9:ec:1f:71:ef:3e:ed: fd:f3:fa:22:00:75:a6:d2:0a:99:26:5f:55:c6:77:b3:81:f4: b2:7a:61:89 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBxAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhBNDExMTAvBgNVBAUTKENERkVERjJENDExQzg0QzM2REMzQkI2QTAyRkRGMUFD NTBCNUJBMTQwHhcNMjUwNTEwMjIyMjE2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFmZDE5OC00Y2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVMV0ieGvfbSFV+y/xbs/OLsNPt3m90o8LVc0GuXZK0xnJBadNN2NiQfqYtP R9M2z134XH9Q2HbjHOxBaRpuSJgoH+6OYRVLPmMVob8SKY18n+0bSMj7GS4kWu8D FGYcqjssnw3V2Wl/mbhFm1uMBl5K0z6bONjXjWA8TMdDZPwWlF7ljZDRfpb+078t ORvHtBLCgcaxsoEolnaWAAAJkafLm+/GfCVoPntCjbrv/1rrNvo6q5kltjGhDSmp ronJSutgFlt+hKl5PLD8JZ3BdawKPGL5GExL+Cz3t/3RTwbV25Ml068fu5Z4AOxA Kj6lspXOQ+icPOAHlZMlbn6EkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPK1zdMH fipEGximCB2Def9LhuVaMB8GA1UdIwQYMBaAFM3+3y1BHITDbcO7agL98axQtboU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEE0MS81NTQxNDBERTg3 QkMxMUVCQjNDMDgyNzJDNEY5QUUwMi96ZjdmTFVFY2hNTnR3N3RxQXYzeHJGQzF1 aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pmN2ZMVUVjaE1OdHc3dHFBdjN4ckZDMXVoUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjhBNDEvNTU0MTQwREU4N0JDMTFFQkIzQzA4MjcyQzRGOUFFMDIvQzQ2NjJEM0E1 RkQzMTFFREFFNTZERDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAXKmEAwDQYJKoZIhvcNAQELBQADggEBANHRlqAM4bj7Mt0U WerSNkybedfsFAIwpElr2eRFhJVrNDCilP/osIxu0mwKTY0znDeAIx/82i/joeEN MhfVF6LGU7sIhD3Jjb7jIPYa4L6sWnOPFUJ6a2RJltR2E0z4U6ct/w3TpW3YV0m9 AhBgAlJA88g2L+QG/VaBqkh+i5IdycMD6wMQBru5uRS5Oq660uChGfslpCa9qUbq 6kxHObV+gzPEfijOPFGxbhwB+Fo1aB9haCqsTnHa+uRGXdui6t/PzY2dCWksm235 SXZexmkh+QLeJXH5J9dgJQ9O5NoQKRzMqewfce8+7f3z+iIAdabSCpkmX1XGd7OB 9LJ6YYk= -----END CERTIFICATE-----Generated at Fri Jun 20 20:51:22 2025 by rpki-client