$ rpki-client -vvf rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/9F25E6340ECA11F0BAAE344AC4F9AE02.roa File: 9F25E6340ECA11F0BAAE344AC4F9AE02.roa (raw, json) Hash identifier: S0xpbapYuUp7EVUcnIqHkGByKZFeAz8MROSbzxDfhw4= Subject key identifier: 3C:A3:AA:F5:0B:3A:6E:74:FB:C2:DE:41:0F:7A:81:A0:29:8B:A3:16 Certificate issuer: /CN=A91144C9/serialNumber=B0D525EA99D4C8EC75607126A49EF6707BD6F4AD Certificate serial: 2F Authority key identifier: B0:D5:25:EA:99:D4:C8:EC:75:60:71:26:A4:9E:F6:70:7B:D6:F4:AD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sNUl6pnUyOx1YHEmpJ72cHvW9K0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/9F25E6340ECA11F0BAAE344AC4F9AE02.roa Signing time: Tue 24 Jun 2025 03:59:04 +0000 ROA not before: Tue 24 Jun 2025 03:59:04 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 10099 IP address blocks: 162.219.32.0/21 maxlen: 24 162.219.84.0/24 maxlen: 24 162.245.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/sNUl6pnUyOx1YHEmpJ72cHvW9K0.crl rsync://rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/sNUl6pnUyOx1YHEmpJ72cHvW9K0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sNUl6pnUyOx1YHEmpJ72cHvW9K0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Nov 2025 10:53:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47 (0x2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91144C9, serialNumber=B0D525EA99D4C8EC75607126A49EF6707BD6F4AD Validity Not Before: Jun 24 03:59:04 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=685a2288-7670 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:87:1d:0f:2b:3d:53:02:cc:99:29:1a:38:eb: 2e:32:ba:07:e8:70:1d:0d:6d:99:3c:a8:0d:cf:c4: 1a:80:28:ca:17:37:67:68:d0:24:56:7f:8e:bc:cb: 0c:14:19:92:19:73:cd:ec:21:13:1a:ac:47:fa:96: 61:2f:ea:81:63:dd:77:9d:6c:59:92:4c:0d:3d:43: ae:c8:40:80:7c:74:19:6a:d3:82:fd:90:5d:45:08: 03:88:a8:97:a3:a0:e3:07:9f:76:8c:ab:6e:bc:14: c7:b7:92:80:45:81:da:ca:7d:dd:2d:cc:70:8b:96: 37:03:80:4a:e2:55:f2:33:1c:6e:40:24:8e:cc:21: d9:75:69:94:20:25:84:a1:b7:74:d4:ad:6e:a1:99: d8:33:d0:61:91:f3:ed:04:c7:9c:f5:9c:9c:8c:dc: 96:76:fd:af:25:a2:0d:c0:59:8b:92:65:67:7f:ad: 89:7c:85:b7:70:c1:0e:db:18:64:aa:df:db:13:a4: d7:06:c2:71:48:74:91:8b:18:62:ca:86:01:6f:8d: f9:f2:f2:0c:fc:06:45:46:d7:f9:ea:3d:ff:e3:bb: 94:ca:d7:16:20:68:39:a8:b0:89:11:c8:ac:68:9a: 1e:3a:6a:95:4d:7f:09:64:fa:eb:ef:3f:d5:e5:6f: 69:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:A3:AA:F5:0B:3A:6E:74:FB:C2:DE:41:0F:7A:81:A0:29:8B:A3:16 X509v3 Authority Key Identifier: keyid:B0:D5:25:EA:99:D4:C8:EC:75:60:71:26:A4:9E:F6:70:7B:D6:F4:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/sNUl6pnUyOx1YHEmpJ72cHvW9K0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sNUl6pnUyOx1YHEmpJ72cHvW9K0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91144C9/7BA3E70C0EC911F0A26FF144C4F9AE02/9F25E6340ECA11F0BAAE344AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 162.219.32.0/21 162.219.84.0/24 162.245.127.0/24 Signature Algorithm: sha256WithRSAEncryption c4:f0:cf:85:dd:17:83:65:ed:6b:46:65:b5:0f:12:b8:4f:0a: c5:83:c1:f9:ec:b7:d5:8f:71:34:d7:ba:8f:23:5c:23:e8:86: 68:e9:b2:ea:f6:4e:0c:e0:ae:87:4b:7f:aa:19:2d:de:44:20: c7:bb:39:47:e9:48:38:a4:9c:89:f1:f0:87:ec:02:a6:0c:f8: 19:01:7e:c0:a4:81:d5:d8:d6:90:28:79:0d:38:ff:be:c3:45: c6:c3:19:0a:32:50:5f:0f:d4:0a:0e:56:e4:9e:fc:52:d4:38: c4:fe:4f:fe:3f:32:4e:bc:d5:8b:cb:26:1b:b9:f0:23:18:35: 85:23:eb:c2:f0:f2:97:36:c3:42:0b:e6:d1:a7:16:c2:37:22: 3f:0b:dc:2c:78:87:f2:dc:05:6c:d1:86:ee:b9:14:4b:63:9f: 50:5f:7a:03:4b:6c:4d:5d:49:92:b3:d5:75:6b:e3:78:7e:61: d3:03:35:1f:b4:46:9e:4c:48:fc:18:87:54:47:19:4a:04:cc: 79:af:f0:2d:ac:9b:36:74:22:b6:d5:64:22:55:68:72:e8:ac: 2e:43:e1:f5:d0:50:cb:f8:40:27:87:58:32:96:53:c1:dd:3f: 52:7d:9c:8e:28:17:fb:15:f7:3d:ed:4d:a9:27:5d:6f:2d:b6: ae:56:85:ad -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIBLzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx NDRDOTExMC8GA1UEBRMoQjBENTI1RUE5OUQ0QzhFQzc1NjA3MTI2QTQ5RUY2NzA3 QkQ2RjRBRDAeFw0yNTA2MjQwMzU5MDRaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NWEyMjg4LTc2NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDRhx0PKz1TAsyZKRo46y4yugfocB0NbZk8qA3PxBqAKMoXN2do0CRWf468ywwU GZIZc83sIRMarEf6lmEv6oFj3XedbFmSTA09Q67IQIB8dBlq04L9kF1FCAOIqJej oOMHn3aMq268FMe3koBFgdrKfd0tzHCLljcDgEriVfIzHG5AJI7MIdl1aZQgJYSh t3TUrW6hmdgz0GGR8+0Ex5z1nJyM3JZ2/a8log3AWYuSZWd/rYl8hbdwwQ7bGGSq 39sTpNcGwnFIdJGLGGLKhgFvjfny8gz8BkVG1/nqPf/ju5TK1xYgaDmosIkRyKxo mh46apVNfwlk+uvvP9Xlb2m7AgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUPKOq9Qs6 bnT7wt5BD3qBoCmLoxYwHwYDVR0jBBgwFoAUsNUl6pnUyOx1YHEmpJ72cHvW9K0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE0NEM5LzdCQTNFNzBDMEVD OTExRjBBMjZGRjE0NEM0RjlBRTAyL3NOVWw2cG5VeU94MVlIRW1wSjcyY0h2VzlL MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvc05VbDZwblV5T3gxWUhFbXBKNzJjSHZXOUswLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NDRDOS83QkEzRTcwQzBFQzkxMUYwQTI2RkYxNDRDNEY5QUUwMi85RjI1RTYzNDBF Q0ExMUYwQkFBRTM0NEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc MBowGAQCAAEwEgMEA6LbIAMEAKLbVAMEAKL1fzANBgkqhkiG9w0BAQsFAAOCAQEA xPDPhd0Xg2Xta0ZltQ8SuE8KxYPB+ey31Y9xNNe6jyNcI+iGaOmy6vZODOCuh0t/ qhkt3kQgx7s5R+lIOKScifHwh+wCpgz4GQF+wKSB1djWkCh5DTj/vsNFxsMZCjJQ Xw/UCg5W5J78UtQ4xP5P/j8yTrzVi8smG7nwIxg1hSPrwvDylzbDQgvm0acWwjci PwvcLHiH8twFbNGG7rkUS2OfUF96A0tsTV1JkrPVdWvjeH5h0wM1H7RGnkxI/BiH VEcZSgTMea/wLaybNnQittVkIlVocuisLkPh9dBQy/hAJ4dYMpZTwd0/Un2cjigX +xX3Pe1NqSddby22rlaFrQ== -----END CERTIFICATE-----Generated at Mon Oct 27 09:23:40 2025 by rpki-client