$ rpki-client -vvf rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/C9104DDAF63511EE9461F649C4F9AE02.roa File: C9104DDAF63511EE9461F649C4F9AE02.roa (raw, json) Hash identifier: hoztiHzkudjZ4uyVDlQ5lcIwyXb3f5TOwZ3A3QC9LNg= Subject key identifier: F6:F2:F1:38:9A:71:6F:E3:5F:C1:C5:CD:EE:91:B0:AD:0B:CB:94:FA Certificate issuer: /CN=A91FCA1E/serialNumber=8E650A712DC84F22B89B8F18B864C29F9DD713C5 Certificate serial: 0104 Authority key identifier: 8E:65:0A:71:2D:C8:4F:22:B8:9B:8F:18:B8:64:C2:9F:9D:D7:13:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jmUKcS3ITyK4m48YuGTCn53XE8U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/C9104DDAF63511EE9461F649C4F9AE02.roa Signing time: Tue 05 Aug 2025 10:36:51 +0000 ROA not before: Tue 05 Aug 2025 10:36:51 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 4797 IP address blocks: 202.81.136.0/24 maxlen: 24 202.81.139.0/24 maxlen: 24 202.81.147.0/24 maxlen: 24 202.81.148.0/24 maxlen: 24 202.81.149.0/24 maxlen: 24 202.81.150.0/24 maxlen: 24 202.81.152.0/24 maxlen: 24 202.81.157.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/jmUKcS3ITyK4m48YuGTCn53XE8U.crl rsync://rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/jmUKcS3ITyK4m48YuGTCn53XE8U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jmUKcS3ITyK4m48YuGTCn53XE8U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 260 (0x104) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FCA1E, serialNumber=8E650A712DC84F22B89B8F18B864C29F9DD713C5 Validity Not Before: Aug 5 10:36:51 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6891dec3-dd41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:dd:64:92:f3:bb:b6:42:c7:c9:0e:49:9c:a6: 18:45:f3:30:c3:91:9c:2c:4f:ff:91:82:12:92:02: 9c:dc:10:c9:e5:9d:d3:9f:a5:14:6d:65:46:67:88: fd:94:27:2c:6e:38:cb:c9:aa:26:0b:c9:1c:5c:75: 8d:ec:73:ce:54:ae:5e:8f:f7:39:d3:06:78:99:3b: 04:ef:5e:b0:9f:fc:b9:4e:1b:fd:12:83:68:a6:06: f1:20:e4:f2:ec:46:d0:eb:e7:c8:2e:2a:cb:ba:eb: fa:1f:e2:e3:23:47:1d:9b:bc:37:da:2b:fa:dd:34: 4e:46:da:7a:8c:61:65:f4:c4:ff:d2:77:c9:ca:6e: e3:0a:f7:bf:8a:a5:51:e6:55:3e:9c:20:9a:77:a3: b5:46:83:d8:2f:92:71:ee:75:33:ee:f5:29:88:22: a6:08:a0:67:1b:5e:01:15:bb:75:fd:a7:02:af:e5: 3e:15:bd:fe:73:03:d1:a4:6f:dc:bf:07:3c:fc:37: 16:1b:08:d4:bb:2b:95:92:6a:34:24:83:f3:be:47: c6:cf:d2:48:d2:92:c5:17:28:1a:84:e6:4f:9c:4c: 1c:c6:de:c0:8c:00:4f:2d:d7:62:09:3d:c4:14:94: 53:82:fe:c9:44:b0:a2:00:1f:89:bc:99:62:5e:58: da:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:F2:F1:38:9A:71:6F:E3:5F:C1:C5:CD:EE:91:B0:AD:0B:CB:94:FA X509v3 Authority Key Identifier: keyid:8E:65:0A:71:2D:C8:4F:22:B8:9B:8F:18:B8:64:C2:9F:9D:D7:13:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/jmUKcS3ITyK4m48YuGTCn53XE8U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jmUKcS3ITyK4m48YuGTCn53XE8U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/C9104DDAF63511EE9461F649C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.81.136.0/24 202.81.139.0/24 202.81.147.0-202.81.150.255 202.81.152.0/24 202.81.157.0/24 Signature Algorithm: sha256WithRSAEncryption 92:67:2f:23:0e:c7:c4:47:43:88:1d:f6:83:a2:de:0c:de:ee: 6b:a1:76:30:54:5e:d9:76:6e:e7:b2:9f:6a:60:15:e1:9f:f3: 15:81:7d:13:cd:97:25:9f:52:39:ab:1c:da:99:69:1f:89:4b: 01:63:9d:16:13:04:27:62:61:c7:54:5f:7b:42:79:bf:33:7b: 0e:4f:43:70:c1:a2:74:82:d2:71:1c:39:39:70:0a:04:01:1b: f9:9f:ff:41:35:d2:33:27:b5:75:0e:3d:b9:5d:46:d4:ef:1d: f6:55:37:ea:ac:5f:74:0a:3f:67:2b:89:53:ba:29:e3:14:6f: a0:0e:22:ee:6e:f7:92:b5:0d:06:aa:40:d1:2f:5d:00:e8:b4: 8f:05:14:de:10:29:5e:e0:bb:04:b4:8e:f5:33:7a:03:d9:78: 70:a4:e8:88:86:27:06:c3:31:d5:47:10:b1:a2:c2:0c:21:28: a5:2b:3e:a8:0c:be:83:d7:87:93:17:31:a4:14:db:04:07:41: 12:a7:c1:67:12:2a:13:ef:e8:90:09:b0:b0:4f:dd:98:90:16: 24:d9:5e:3a:d8:71:a3:72:c2:40:56:f6:c9:6e:af:30:03:88: a2:d5:67:3e:41:68:ac:19:71:60:38:2b:e7:94:29:c6:76:60: f6:ee:0c:21 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICAQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkNBMUUxMTAvBgNVBAUTKDhFNjUwQTcxMkRDODRGMjJCODlCOEYxOEI4NjRDMjlG OURENzEzQzUwHhcNMjUwODA1MTAzNjUxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODkxZGVjMy1kZDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1N1kkvO7tkLHyQ5JnKYYRfMww5GcLE//kYISkgKc3BDJ5Z3Tn6UUbWVGZ4j9 lCcsbjjLyaomC8kcXHWN7HPOVK5ej/c50wZ4mTsE716wn/y5Thv9EoNopgbxIOTy 7EbQ6+fILirLuuv6H+LjI0cdm7w32iv63TRORtp6jGFl9MT/0nfJym7jCve/iqVR 5lU+nCCad6O1RoPYL5Jx7nUz7vUpiCKmCKBnG14BFbt1/acCr+U+Fb3+cwPRpG/c vwc8/DcWGwjUuyuVkmo0JIPzvkfGz9JI0pLFFygahOZPnEwcxt7AjABPLddiCT3E FJRTgv7JRLCiAB+JvJliXljaYQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFPby8Tia cW/jX8HFze6RsK0Ly5T6MB8GA1UdIwQYMBaAFI5lCnEtyE8iuJuPGLhkwp+d1xPF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQ0ExRS9GMDA2MkYyOEY2 MzQxMUVFOEFFQUM3NDdDNEY5QUUwMi9qbVVLY1MzSVR5SzRtNDhZdUdUQ241M1hF OFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ptVUtjUzNJVHlLNG00OFl1R1RDbjUzWEU4VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkNBMUUvRjAwNjJGMjhGNjM0MTFFRThBRUFDNzQ3QzRGOUFFMDIvQzkxMDREREFG NjM1MTFFRTk0NjFGNjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBADKUYgDBADKUYswDAMEAMpRkwMEAMpRlgMEAMpRmAMEAMpR nTANBgkqhkiG9w0BAQsFAAOCAQEAkmcvIw7HxEdDiB32g6LeDN7ua6F2MFRe2XZu 57KfamAV4Z/zFYF9E82XJZ9SOasc2plpH4lLAWOdFhMEJ2Jhx1Rfe0J5vzN7Dk9D cMGidILScRw5OXAKBAEb+Z//QTXSMye1dQ49uV1G1O8d9lU36qxfdAo/ZyuJU7op 4xRvoA4i7m73krUNBqpA0S9dAOi0jwUU3hApXuC7BLSO9TN6A9l4cKToiIYnBsMx 1UcQsaLCDCEopSs+qAy+g9eHkxcxpBTbBAdBEqfBZxIqE+/okAmwsE/dmJAWJNle Othxo3LCQFb2yW6vMAOIotVnPkForBlxYDgr55QpxnZg9u4MIQ== -----END CERTIFICATE-----Generated at Mon Aug 11 10:50:34 2025 by rpki-client