$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/EC545C28A72B11EDAC3DA56CC4F9AE02.roa File: EC545C28A72B11EDAC3DA56CC4F9AE02.roa (raw, json) Hash identifier: uv9fFw+pkg9pgF9/d+q2xTVafbCWlh0YWB4iJUOPl98= Subject key identifier: 86:DA:65:9B:CA:1D:67:D6:2B:8C:19:DE:91:77:C3:B3:FD:B2:14:F2 Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Certificate serial: 06ED Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/EC545C28A72B11EDAC3DA56CC4F9AE02.roa Signing time: Wed 08 Oct 2025 22:24:19 +0000 ROA not before: Wed 08 Oct 2025 22:24:19 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 140220 IP address blocks: 161.29.208.0/20 maxlen: 24 161.65.208.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 23:48:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1773 (0x6ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA, serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101 Validity Not Before: Oct 8 22:24:19 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68e6e493-cad5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:a6:4b:19:59:95:a7:55:1b:fc:bc:ad:04:fc: b7:4d:b5:cd:24:34:2d:24:e5:c3:52:93:54:ac:69: da:d8:cc:16:0f:13:76:1d:ae:35:1f:07:68:20:b9: 8d:a0:28:a7:45:27:93:d0:aa:c1:5f:55:58:e6:55: b7:a1:e9:3c:d8:cd:03:f5:1b:bb:f8:68:6a:d2:90: 50:66:48:48:d8:4b:5c:30:f0:ea:08:21:8d:e0:e2: 62:7e:ce:de:66:80:84:e0:1b:db:93:f2:5f:82:03: 22:08:8e:be:10:0d:5c:db:39:e9:d5:05:d5:21:0a: b9:c9:a0:a1:f0:25:22:bb:4a:2e:ff:8e:50:8d:d9: 0e:35:39:eb:72:f2:5d:ac:49:18:d4:5c:96:28:1a: c4:f1:5a:7e:0d:05:4a:e9:e7:77:bd:08:1c:51:f3: 34:be:0a:3f:9b:4a:e0:ea:b0:4a:af:e1:0e:87:47: 3b:9f:34:30:e5:9b:cd:25:2e:91:f6:eb:b3:00:27: fc:21:2b:60:c9:a7:7f:61:8f:de:71:20:7d:ea:49: f4:02:a3:82:ba:97:5c:e1:44:56:77:10:ed:a3:09: 9c:41:37:f8:d2:7b:7d:c9:00:61:50:1f:3c:2a:ad: 65:92:ca:31:95:c2:2e:c3:51:91:33:a8:43:1d:d6: 8f:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:DA:65:9B:CA:1D:67:D6:2B:8C:19:DE:91:77:C3:B3:FD:B2:14:F2 X509v3 Authority Key Identifier: keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/EC545C28A72B11EDAC3DA56CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.29.208.0/20 161.65.208.0/20 Signature Algorithm: sha256WithRSAEncryption 8a:1c:97:66:33:23:f1:a5:c8:77:0f:6c:99:88:d8:41:5d:04: cb:d1:fa:b2:26:60:46:ba:e9:b3:1d:53:b6:f2:f1:ef:be:9a: 8a:3f:32:78:26:79:6e:72:c0:07:b6:5b:82:97:5b:a1:20:74: 1a:dc:af:3e:40:09:8e:c4:c1:e8:69:3e:69:3c:c5:e2:05:50: 31:74:e7:eb:b1:a9:eb:24:c3:0b:c9:f7:4c:d5:54:72:61:b7: a0:73:9f:d7:0c:23:79:5d:4f:ca:5c:95:e3:20:d9:0d:ee:de: 3b:6b:4e:9d:46:73:c6:5f:bb:db:d3:ab:27:91:03:cc:08:ee: 38:7d:23:7a:e7:32:b4:65:12:b4:d6:77:c6:e3:8b:2e:c5:70: a4:20:36:61:2d:22:1c:bf:f4:9a:fb:45:ad:ce:be:15:72:65: 93:00:70:7e:4c:a4:78:ac:0a:a3:1b:8a:2a:87:25:02:6e:2c: d1:25:27:f0:df:38:07:78:a8:97:24:e6:4b:f1:b9:0a:20:a0: b7:94:bb:92:de:c7:44:65:b4:fa:3f:70:cf:ed:59:a5:bd:a8: 98:61:3e:5e:5b:40:d4:2c:b8:19:e4:d3:a1:ed:f5:98:fc:c0: 7e:59:78:01:76:f3:6d:78:46:38:34:1d:52:0a:8d:f5:7d:47: 56:e9:83:84 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBu0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG QkNCMDAxMDEwHhcNMjUxMDA4MjIyNDE5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2ZTQ5My1jYWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAl6ZLGVmVp1Ub/LytBPy3TbXNJDQtJOXDUpNUrGna2MwWDxN2Ha41HwdoILmN oCinRSeT0KrBX1VY5lW3oek82M0D9Ru7+Ghq0pBQZkhI2EtcMPDqCCGN4OJifs7e ZoCE4Bvbk/JfggMiCI6+EA1c2znp1QXVIQq5yaCh8CUiu0ou/45QjdkONTnrcvJd rEkY1FyWKBrE8Vp+DQVK6ed3vQgcUfM0vgo/m0rg6rBKr+EOh0c7nzQw5ZvNJS6R 9uuzACf8IStgyad/YY/ecSB96kn0AqOCupdc4URWdxDtowmcQTf40nt9yQBhUB88 Kq1lksoxlcIuw1GRM6hDHdaPbwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIbaZZvK HWfWK4wZ3pF3w7P9shTyMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvODY1OEU0NjY4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvRUM1NDVDMjhB NzJCMTFFREFDM0RBNTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAShHdADBAShQdAwDQYJKoZIhvcNAQELBQADggEBAIocl2Yz I/GlyHcPbJmI2EFdBMvR+rImYEa66bMdU7by8e++moo/MngmeW5ywAe2W4KXW6Eg dBrcrz5ACY7EwehpPmk8xeIFUDF05+uxqeskwwvJ90zVVHJht6Bzn9cMI3ldT8pc leMg2Q3u3jtrTp1Gc8Zfu9vTqyeRA8wI7jh9I3rnMrRlErTWd8bjiy7FcKQgNmEt Ihy/9Jr7Ra3OvhVyZZMAcH5MpHisCqMbiiqHJQJuLNElJ/DfOAd4qJck5kvxuQog oLeUu5Lex0RltPo/cM/tWaW9qJhhPl5bQNQsuBnk06Ht9Zj8wH5ZeAF28214Rjg0 HVIKjfV9R1bpg4Q= -----END CERTIFICATE-----Generated at Wed Oct 22 21:25:34 2025 by rpki-client