$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/4988E222A5FF11F08004B67CC4F9AE02.roa File: 4988E222A5FF11F08004B67CC4F9AE02.roa (raw, json) Hash identifier: KjekvWkyVk2ufW3sUCxTn0USOTGpHbibGBSsaXBYXww= Subject key identifier: 04:5F:BC:BC:6C:C1:B5:EB:BD:18:86:67:77:F3:FD:29:D6:A5:29:FE Certificate issuer: /CN=A91E3493/serialNumber=31311CFCC1401BD6D0E6B6B39167B65C21092114 Certificate serial: 11 Authority key identifier: 31:31:1C:FC:C1:40:1B:D6:D0:E6:B6:B3:91:67:B6:5C:21:09:21:14 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MTEc_MFAG9bQ5razkWe2XCEJIRQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/4988E222A5FF11F08004B67CC4F9AE02.roa Signing time: Fri 10 Oct 2025 17:33:52 +0000 ROA not before: Fri 10 Oct 2025 17:33:52 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 53766 IP address blocks: 152.65.192.0/18 maxlen: 21 152.65.192.0/19 maxlen: 24 152.65.224.0/20 maxlen: 24 152.65.240.0/21 maxlen: 24 152.65.248.0/22 maxlen: 24 199.247.160.0/20 maxlen: 24 207.66.112.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/MTEc_MFAG9bQ5razkWe2XCEJIRQ.crl rsync://rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/MTEc_MFAG9bQ5razkWe2XCEJIRQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MTEc_MFAG9bQ5razkWe2XCEJIRQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Oct 2025 01:51:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3493, serialNumber=31311CFCC1401BD6D0E6B6B39167B65C21092114 Validity Not Before: Oct 10 17:33:52 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68e94380-6286 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:d4:e1:18:e6:ea:2b:6b:1f:c9:1a:4e:5f:8d: f7:2f:56:d8:e7:88:da:c5:b2:8f:85:8b:ae:00:b7: 18:41:64:20:03:7f:7f:70:c1:db:a4:5f:63:1c:c9: 01:b5:56:e8:90:14:9e:ee:c0:df:17:db:e6:24:3c: b0:83:6d:f2:72:46:53:a3:11:8f:96:33:83:8e:7e: 8a:b0:a3:12:36:60:84:16:90:c9:1b:51:19:d3:57: 4a:7f:e9:f5:81:fe:51:44:0e:e5:c5:17:21:eb:0e: 83:6f:a1:0b:a3:43:eb:28:b3:a6:79:bd:87:a4:2a: ea:31:78:13:c8:a4:4c:41:49:9a:3a:b1:3d:a2:6e: aa:f6:49:86:02:07:14:c8:2d:b9:2f:bf:7c:a7:fc: 43:6a:8a:4e:b6:34:74:c9:3e:91:44:39:80:5c:71: 87:66:34:06:f6:09:95:51:74:74:f4:f8:54:ca:72: fc:82:6a:bc:d4:db:fc:8b:61:ee:ef:a3:29:d1:91: 66:9b:36:1e:7a:f2:98:55:2a:5b:50:06:39:7d:27: 0a:4c:12:6d:3d:6f:4d:56:39:19:76:e4:05:49:e6: 78:31:8d:8a:95:11:62:ae:f0:7c:77:06:77:89:49: 65:b8:a1:13:13:1b:fb:12:0e:01:fc:67:1a:96:bb: f7:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:5F:BC:BC:6C:C1:B5:EB:BD:18:86:67:77:F3:FD:29:D6:A5:29:FE X509v3 Authority Key Identifier: keyid:31:31:1C:FC:C1:40:1B:D6:D0:E6:B6:B3:91:67:B6:5C:21:09:21:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/MTEc_MFAG9bQ5razkWe2XCEJIRQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MTEc_MFAG9bQ5razkWe2XCEJIRQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3493/E52C14C09FFA11F0BAD50B61C4F9AE02/4988E222A5FF11F08004B67CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 152.65.192.0/18 199.247.160.0/20 207.66.112.0/21 Signature Algorithm: sha256WithRSAEncryption 3e:6a:fd:3e:c4:14:b3:50:f4:b7:1c:3b:26:fe:82:22:6f:9b: 79:04:70:c7:61:0f:2a:b0:15:ce:8f:93:c6:1b:6e:0a:8e:db: e1:fc:76:3d:7e:70:07:8c:ed:56:27:07:96:61:93:52:e1:03: f2:c4:d6:5f:c1:5d:aa:3b:09:41:66:a2:c0:d3:40:2b:dd:5a: 1b:09:04:53:7e:04:90:27:92:0f:42:b2:3e:60:1e:d2:40:b5: 66:48:e4:1f:47:5b:83:fd:78:7e:c9:4e:f9:bd:c0:dd:7b:76: 4e:68:d9:df:66:47:e3:c9:be:bb:06:d3:07:8d:ac:75:3d:8e: 19:00:7c:c0:2b:df:7e:9f:58:1a:56:df:76:84:ee:1e:b6:6d: fa:7c:0d:1e:4a:28:f5:d9:53:e5:8f:33:7a:24:f7:3b:55:0c: b5:98:df:21:2e:fd:61:24:36:79:02:8d:64:39:03:ef:9f:5c: 82:70:a2:2b:5f:3c:44:8c:b5:1d:4d:74:40:72:ff:a6:58:1f: 3c:f0:1c:63:fa:6b:27:59:24:80:69:c2:5f:4c:94:68:93:ea: 14:c1:27:1b:64:49:91:72:a0:28:0f:51:6a:6b:91:bb:a8:9c: cd:76:6e:76:63:e9:15:dd:01:db:20:d2:6f:33:1f:56:c1:8c: 33:2c:44:49 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF MzQ5MzExMC8GA1UEBRMoMzEzMTFDRkNDMTQwMUJENkQwRTZCNkIzOTE2N0I2NUMy MTA5MjExNDAeFw0yNTEwMTAxNzMzNTJaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZTk0MzgwLTYyODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDN1OEY5uorax/JGk5fjfcvVtjniNrFso+Fi64AtxhBZCADf39wwdukX2McyQG1 VuiQFJ7uwN8X2+YkPLCDbfJyRlOjEY+WM4OOfoqwoxI2YIQWkMkbURnTV0p/6fWB /lFEDuXFFyHrDoNvoQujQ+sos6Z5vYekKuoxeBPIpExBSZo6sT2ibqr2SYYCBxTI Lbkvv3yn/ENqik62NHTJPpFEOYBccYdmNAb2CZVRdHT0+FTKcvyCarzU2/yLYe7v oynRkWabNh568phVKltQBjl9JwpMEm09b01WORl25AVJ5ngxjYqVEWKu8Hx3BneJ SWW4oRMTG/sSDgH8ZxqWu/crAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUBF+8vGzB teu9GIZnd/P9KdalKf4wHwYDVR0jBBgwFoAUMTEc/MFAG9bQ5razkWe2XCEJIRQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUzNDkzL0U1MkMxNEMwOUZG QTExRjBCQUQ1MEI2MUM0RjlBRTAyL01URWNfTUZBRzliUTVyYXprV2UyWENFSklS US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTVRFY19NRkFHOWJRNXJhemtXZTJYQ0VKSVJRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MzQ5My9FNTJDMTRDMDlGRkExMUYwQkFENTBCNjFDNEY5QUUwMi80OTg4RTIyMkE1 RkYxMUYwODAwNEI2N0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc MBowGAQCAAEwEgMEBphBwAMEBMf3oAMEA89CcDANBgkqhkiG9w0BAQsFAAOCAQEA Pmr9PsQUs1D0txw7Jv6CIm+beQRwx2EPKrAVzo+TxhtuCo7b4fx2PX5wB4ztVicH lmGTUuED8sTWX8FdqjsJQWaiwNNAK91aGwkEU34EkCeSD0KyPmAe0kC1ZkjkH0db g/14fslO+b3A3Xt2TmjZ32ZH48m+uwbTB42sdT2OGQB8wCvffp9YGlbfdoTuHrZt +nwNHkoo9dlT5Y8zeiT3O1UMtZjfIS79YSQ2eQKNZDkD759cgnCiK188RIy1HU10 QHL/plgfPPAcY/prJ1kkgGnCX0yUaJPqFMEnG2RJkXKgKA9RamuRu6iczXZudmPp Fd0B2yDSbzMfVsGMMyxESQ== -----END CERTIFICATE-----Generated at Sat Oct 11 06:45:14 2025 by rpki-client