$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/485C422CA5FF11F08004B67CC4F9AE02.roa File: 485C422CA5FF11F08004B67CC4F9AE02.roa (raw, json) Hash identifier: ybEJ6ypns4vD/7VDe+vdDoeXho9P9fe6phtZ1wIUdQE= Subject key identifier: 74:E0:80:BC:5A:6B:0A:D7:2F:12:9F:5B:33:2B:49:7F:E7:AE:BC:6F Certificate issuer: /CN=A91E3493/serialNumber=31311CFCC1401BD6D0E6B6B39167B65C21092114 Certificate serial: 0F Authority key identifier: 31:31:1C:FC:C1:40:1B:D6:D0:E6:B6:B3:91:67:B6:5C:21:09:21:14 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MTEc_MFAG9bQ5razkWe2XCEJIRQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/485C422CA5FF11F08004B67CC4F9AE02.roa Signing time: Fri 10 Oct 2025 17:33:50 +0000 ROA not before: Fri 10 Oct 2025 17:33:50 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 19527 IP address blocks: 152.65.192.0/18 maxlen: 21 152.65.192.0/19 maxlen: 24 152.65.224.0/20 maxlen: 24 152.65.240.0/21 maxlen: 24 152.65.248.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/MTEc_MFAG9bQ5razkWe2XCEJIRQ.crl rsync://rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/MTEc_MFAG9bQ5razkWe2XCEJIRQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MTEc_MFAG9bQ5razkWe2XCEJIRQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Oct 2025 01:51:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15 (0xf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3493, serialNumber=31311CFCC1401BD6D0E6B6B39167B65C21092114 Validity Not Before: Oct 10 17:33:50 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68e9437e-56d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:7c:a2:cf:48:7d:62:3a:59:b6:5b:16:ff:ff: bd:66:85:d4:e9:98:55:a3:92:58:bb:70:3b:52:4c: 08:98:8b:38:35:a1:ae:56:ce:fc:72:ea:d4:7f:9c: cf:af:63:49:50:51:09:cc:d8:6b:76:e5:b6:f0:c7: e1:41:4e:e9:2c:e6:12:2a:9e:aa:c9:06:fd:3f:e8: 6f:87:93:c0:29:dc:90:a1:53:ef:71:8a:29:4a:dc: 00:a8:fc:77:17:95:8b:c2:73:99:d9:d2:e7:1f:9a: d0:68:53:14:0f:c7:dc:42:2d:63:52:09:36:ae:f5: c2:bc:03:c1:26:e1:21:e2:0a:22:ad:c2:fa:11:22: 96:38:50:94:27:4d:eb:0e:79:31:c1:96:56:60:35: cf:c1:f1:00:5d:66:b5:5b:4e:76:17:12:ca:fb:ac: 78:b3:5c:c3:a7:30:6f:e5:a7:68:3b:b9:ae:de:1b: ca:54:f3:4f:39:f8:ce:b7:15:fb:64:0d:6d:73:41: 6d:bc:66:9c:3a:7b:ee:12:9c:a1:48:3f:88:09:31: 53:c4:c4:69:ce:dd:5d:ea:af:7f:05:44:d4:ef:d6: d4:f5:85:d9:03:5c:f4:95:5e:90:01:16:42:eb:e3: 62:f0:5c:72:3d:14:b2:d9:c9:c1:bd:4a:41:2a:81: 98:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:E0:80:BC:5A:6B:0A:D7:2F:12:9F:5B:33:2B:49:7F:E7:AE:BC:6F X509v3 Authority Key Identifier: keyid:31:31:1C:FC:C1:40:1B:D6:D0:E6:B6:B3:91:67:B6:5C:21:09:21:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/MTEc_MFAG9bQ5razkWe2XCEJIRQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MTEc_MFAG9bQ5razkWe2XCEJIRQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/485C422CA5FF11F08004B67CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 152.65.192.0/18 Signature Algorithm: sha256WithRSAEncryption d2:14:b9:ae:08:b4:d6:f1:90:ab:52:27:4b:8d:98:ce:f3:f3: 56:a0:9b:d3:cc:5a:22:76:c4:be:d9:ef:91:6d:c6:76:f1:45: 52:f9:aa:9d:6b:b3:bf:ab:9d:eb:e1:b5:b9:86:d6:4b:c3:49: c0:fd:11:51:32:ae:08:60:bc:cc:37:41:08:eb:38:8c:b0:f0: 7e:83:9c:72:86:28:0d:05:00:d9:d9:75:5d:c9:7a:bb:f5:d1: c6:ab:82:66:5e:50:2f:bc:a6:ab:37:9c:24:38:6d:05:53:88: 80:e2:b8:d0:fb:b4:a3:1c:05:87:2f:6a:d1:00:75:45:69:52: 4d:bf:d1:27:4f:f0:66:e9:32:dd:2f:36:0c:27:a2:6d:a1:20: b5:bd:3c:4c:67:d8:93:80:88:84:33:cf:00:76:2c:eb:fd:c7: dd:45:3d:00:d7:53:60:63:cc:45:36:42:47:13:d6:e5:c2:c0: a4:17:62:34:b3:fd:bc:8b:8f:ee:76:c1:f9:43:d2:c7:bd:1f: 5e:1d:08:f5:f9:2c:7c:ed:39:ef:01:b0:c9:a9:d8:2b:df:e2: 31:83:4d:16:3d:b7:e9:6e:11:28:49:9c:ec:74:2f:ab:59:bc: dd:e0:dd:c5:9b:64:e5:4c:82:10:b6:db:3e:d5:f6:0d:b3:03: 4f:ed:66:5c -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBDzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF MzQ5MzExMC8GA1UEBRMoMzEzMTFDRkNDMTQwMUJENkQwRTZCNkIzOTE2N0I2NUMy MTA5MjExNDAeFw0yNTEwMTAxNzMzNTBaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZTk0MzdlLTU2ZDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAfKLPSH1iOlm2Wxb//71mhdTpmFWjkli7cDtSTAiYizg1oa5Wzvxy6tR/nM+v Y0lQUQnM2Gt25bbwx+FBTuks5hIqnqrJBv0/6G+Hk8Ap3JChU+9xiilK3ACo/HcX lYvCc5nZ0ucfmtBoUxQPx9xCLWNSCTau9cK8A8Em4SHiCiKtwvoRIpY4UJQnTesO eTHBllZgNc/B8QBdZrVbTnYXEsr7rHizXMOnMG/lp2g7ua7eG8pU8085+M63Fftk DW1zQW28Zpw6e+4SnKFIP4gJMVPExGnO3V3qr38FRNTv1tT1hdkDXPSVXpABFkLr 42LwXHI9FLLZycG9SkEqgZhjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdOCAvFpr CtcvEp9bMytJf+euvG8wHwYDVR0jBBgwFoAUMTEc/MFAG9bQ5razkWe2XCEJIRQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzNDkzL0U1MkMxNEMwOUZG QTExRjBCQUQ1MEI2MUM0RjlBRTAyL01URWNfTUZBRzliUTVyYXprV2UyWENFSklS US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTVRFY19NRkFHOWJRNXJhemtXZTJYQ0VKSVJRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MzQ5My9FNTJDMTRDMDlGRkExMUYwQkFENTBCNjFDNEY5QUUwMi80ODVDNDIyQ0E1 RkYxMUYwODAwNEI2N0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEBphBwDANBgkqhkiG9w0BAQsFAAOCAQEA0hS5rgi01vGQq1In S42YzvPzVqCb08xaInbEvtnvkW3GdvFFUvmqnWuzv6ud6+G1uYbWS8NJwP0RUTKu CGC8zDdBCOs4jLDwfoOccoYoDQUA2dl1Xcl6u/XRxquCZl5QL7ymqzecJDhtBVOI gOK40Pu0oxwFhy9q0QB1RWlSTb/RJ0/wZuky3S82DCeibaEgtb08TGfYk4CIhDPP AHYs6/3H3UU9ANdTYGPMRTZCRxPW5cLApBdiNLP9vIuP7nbB+UPSx70fXh0I9fks fO057wGwyanYK9/iMYNNFj236W4RKEmc7HQvq1m83eDdxZtk5UyCELbbPtX2DbMD T+1mXA== -----END CERTIFICATE-----Generated at Sat Oct 11 14:15:49 2025 by rpki-client