$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAB3C/991EADFE694A11F0A7741A43C4F9AE02/90BDD67E6EF611F0B80A0E30C4F9AE02.roa File: 90BDD67E6EF611F0B80A0E30C4F9AE02.roa (raw, json) Hash identifier: YAsradZ2aJS18fpOaKgFCMVexkVrOXolStNUtaxy12E= Subject key identifier: 50:97:94:36:6E:3C:78:07:9C:8B:B3:C5:D1:56:AA:C6:1F:31:A4:9C Certificate issuer: /CN=A91FAB3C/serialNumber=826B4474BC6F4F3BE40B5E7511F105CAE7FE8C0C Certificate serial: 0A Authority key identifier: 82:6B:44:74:BC:6F:4F:3B:E4:0B:5E:75:11:F1:05:CA:E7:FE:8C:0C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gmtEdLxvTzvkC151EfEFyuf-jAw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FAB3C/991EADFE694A11F0A7741A43C4F9AE02/90BDD67E6EF611F0B80A0E30C4F9AE02.roa Signing time: Fri 01 Aug 2025 16:42:52 +0000 ROA not before: Fri 01 Aug 2025 16:42:52 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 154086 IP address blocks: 192.188.86.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FAB3C/991EADFE694A11F0A7741A43C4F9AE02/gmtEdLxvTzvkC151EfEFyuf-jAw.crl rsync://rpki.apnic.net/member_repository/A91FAB3C/991EADFE694A11F0A7741A43C4F9AE02/gmtEdLxvTzvkC151EfEFyuf-jAw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gmtEdLxvTzvkC151EfEFyuf-jAw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10 (0xa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FAB3C, serialNumber=826B4474BC6F4F3BE40B5E7511F105CAE7FE8C0C Validity Not Before: Aug 1 16:42:52 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=688cee8c-c2f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:a2:25:c0:a4:da:b8:3c:5f:fa:dd:cc:8a:ba: 16:1f:29:b9:01:89:fe:15:1c:ba:db:70:19:41:0c: 35:d1:ba:64:e6:d1:d1:ec:ab:9a:79:73:ba:e0:19: 46:25:70:85:18:21:e5:6c:1c:55:85:c4:23:a7:17: 6f:ec:8a:0d:e7:3a:cc:8c:78:94:e0:fd:8e:15:8a: 80:a8:c4:fb:e3:33:d7:ee:39:b8:91:cc:31:93:c2: cf:85:7a:88:fd:ea:21:a4:d4:f2:d2:9e:5e:1d:bb: 94:41:ce:37:a3:ec:5d:48:3d:ac:bc:55:8b:65:1d: 2c:47:29:4b:c0:95:8c:07:2e:38:3d:63:40:ef:18: 43:27:a5:c4:fc:a8:13:05:bd:64:ac:f3:38:43:d5: d3:8c:92:30:bd:e6:1f:be:07:81:9f:40:af:23:52: d7:67:c6:3c:e3:a4:7d:7c:cc:00:73:bc:5c:25:81: be:2f:7b:a2:b8:d4:0e:96:44:81:44:23:78:33:ac: 15:88:de:40:34:98:f4:00:b2:94:3d:62:e5:1d:ed: ed:f2:11:eb:48:40:c4:3f:4c:eb:19:35:af:dc:1c: b6:35:55:13:39:6c:54:d2:b2:ca:86:44:b0:30:3d: bd:0c:39:f0:dd:92:f6:c4:9d:29:df:dc:3f:a4:e2: 65:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:97:94:36:6E:3C:78:07:9C:8B:B3:C5:D1:56:AA:C6:1F:31:A4:9C X509v3 Authority Key Identifier: keyid:82:6B:44:74:BC:6F:4F:3B:E4:0B:5E:75:11:F1:05:CA:E7:FE:8C:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FAB3C/991EADFE694A11F0A7741A43C4F9AE02/gmtEdLxvTzvkC151EfEFyuf-jAw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gmtEdLxvTzvkC151EfEFyuf-jAw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAB3C/991EADFE694A11F0A7741A43C4F9AE02/90BDD67E6EF611F0B80A0E30C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 192.188.86.0/24 Signature Algorithm: sha256WithRSAEncryption 4f:65:74:a4:86:26:e4:23:1f:96:b6:f4:3b:43:dd:08:be:a9: 5c:98:ac:a3:09:da:18:8b:3b:89:d8:a0:8f:07:f7:1d:c5:db: 8f:f0:50:c0:ce:eb:a1:01:c1:c2:c3:b9:db:4a:3f:94:f0:02: 4c:8d:8e:8a:e6:2d:ba:79:0a:52:1d:79:70:51:78:f1:63:2f: 25:93:14:db:1a:31:4c:b5:c0:b4:b0:b0:e6:44:5d:04:07:b8: ba:26:ac:0d:c7:ed:06:a4:28:76:a0:34:91:04:6e:9a:78:6e: 4a:b9:fc:41:8c:b9:ec:94:cb:ca:1a:a7:4b:83:be:39:6b:91: c5:af:1f:f2:2b:23:bc:a3:58:5a:47:15:24:ab:f9:0e:3a:29: 21:5f:f3:4b:b1:b1:42:1f:5e:fc:16:60:7b:25:d5:db:1b:30: c8:c8:a7:43:19:70:95:13:4e:58:86:19:8f:9f:15:30:fa:d6: c1:04:7e:57:d0:e1:f0:ce:32:b5:b0:51:6e:17:2b:b4:48:49: 99:cd:4f:9c:0e:62:03:7a:37:5f:30:b6:37:75:16:ed:99:f7: 80:01:58:21:3f:32:c8:48:50:86:73:da:a8:dd:59:5b:b6:e8: 39:80:2d:f3:41:aa:27:f0:25:65:87:f8:f8:34:83:e9:81:af: b1:84:8d:b7 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QUIzQzExMC8GA1UEBRMoODI2QjQ0NzRCQzZGNEYzQkU0MEI1RTc1MTFGMTA1Q0FF N0ZFOEMwQzAeFw0yNTA4MDExNjQyNTJaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4OGNlZThjLWMyZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDcoiXApNq4PF/63cyKuhYfKbkBif4VHLrbcBlBDDXRumTm0dHsq5p5c7rgGUYl cIUYIeVsHFWFxCOnF2/sig3nOsyMeJTg/Y4VioCoxPvjM9fuObiRzDGTws+Feoj9 6iGk1PLSnl4du5RBzjej7F1IPay8VYtlHSxHKUvAlYwHLjg9Y0DvGEMnpcT8qBMF vWSs8zhD1dOMkjC95h++B4GfQK8jUtdnxjzjpH18zABzvFwlgb4ve6K41A6WRIFE I3gzrBWI3kA0mPQAspQ9YuUd7e3yEetIQMQ/TOsZNa/cHLY1VRM5bFTSssqGRLAw Pb0MOfDdkvbEnSnf3D+k4mUFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUUJeUNm48 eAeci7PF0Vaqxh8xpJwwHwYDVR0jBBgwFoAUgmtEdLxvTzvkC151EfEFyuf+jAww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBQjNDLzk5MUVBREZFNjk0 QTExRjBBNzc0MUE0M0M0RjlBRTAyL2dtdEVkTHh2VHp2a0MxNTFFZkVGeXVmLWpB dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvZ210RWRMeHZUenZrQzE1MUVmRUZ5dWYtakF3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QUIzQy85OTFFQURGRTY5NEExMUYwQTc3NDFBNDNDNEY5QUUwMi85MEJERDY3RTZF RjYxMUYwQjgwQTBFMzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAMC8VjANBgkqhkiG9w0BAQsFAAOCAQEAT2V0pIYm5CMflrb0 O0PdCL6pXJisownaGIs7idigjwf3HcXbj/BQwM7roQHBwsO520o/lPACTI2OiuYt unkKUh15cFF48WMvJZMU2xoxTLXAtLCw5kRdBAe4uiasDcftBqQodqA0kQRumnhu Srn8QYy57JTLyhqnS4O+OWuRxa8f8isjvKNYWkcVJKv5DjopIV/zS7GxQh9e/BZg eyXV2xswyMinQxlwlRNOWIYZj58VMPrWwQR+V9Dh8M4ytbBRbhcrtEhJmc1PnA5i A3o3XzC2N3UW7Zn3gAFYIT8yyEhQhnPaqN1ZW7boOYAt80GqJ/AlZYf4+DSD6YGv sYSNtw== -----END CERTIFICATE-----Generated at Sun Aug 10 18:32:11 2025 by rpki-client