$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3558D5DC1F1711EC924DB151C4F9AE02.roa File: 3558D5DC1F1711EC924DB151C4F9AE02.roa (raw, json) Hash identifier: HbL/11G4SZxTWAzxy5KqaTeGkZDTMehKI/EB9KGvwWE= Subject key identifier: C1:75:9F:CB:C2:FE:B7:47:B7:07:82:75:2C:48:78:54:7F:D3:C1:32 Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Certificate serial: 07FC Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3558D5DC1F1711EC924DB151C4F9AE02.roa Signing time: Wed 08 Oct 2025 22:24:34 +0000 ROA not before: Wed 08 Oct 2025 22:24:34 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 38793 IP address blocks: 118.148.0.0/15 maxlen: 16 118.148.0.0/24 maxlen: 24 118.148.1.0/24 maxlen: 24 118.148.2.0/24 maxlen: 24 118.148.3.0/24 maxlen: 24 118.148.5.0/24 maxlen: 24 118.148.128.0/18 maxlen: 18 118.148.128.0/19 maxlen: 19 118.148.192.0/18 maxlen: 18 118.148.192.0/19 maxlen: 19 118.149.1.0/24 maxlen: 24 118.149.2.0/24 maxlen: 24 118.149.3.0/24 maxlen: 24 118.149.5.0/24 maxlen: 24 118.149.25.0/24 maxlen: 24 118.149.128.0/17 maxlen: 18 118.149.128.0/19 maxlen: 19 118.149.192.0/19 maxlen: 19 2405:a400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 23:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2044 (0x7fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91406AA, serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C Validity Not Before: Oct 8 22:24:34 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68e6e4a2-a9ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:e6:35:f4:fc:1f:2b:15:da:f4:01:33:6b:eb: 40:78:3f:ab:78:2a:39:bd:a9:1b:28:10:53:6d:76: 2d:12:84:22:f2:8d:1b:48:b1:45:5b:f1:ce:6d:e2: 7a:52:c4:47:b7:bb:fd:7d:94:5a:4b:43:23:02:18: 74:5c:88:4b:aa:0a:ce:4e:dd:f0:72:db:b2:59:6e: f0:12:bf:72:ed:6c:8b:89:87:fb:cd:e6:1c:e3:7a: 62:a6:1f:e8:37:53:95:6e:e1:aa:f7:3d:77:21:0a: 60:09:a0:de:00:5d:ed:82:0a:58:58:c6:6d:6f:fa: 47:a0:59:71:16:7e:27:e8:3c:ec:3b:a1:85:55:93: 38:a4:15:73:ca:1b:6b:8e:6e:71:80:2f:5d:ac:e7: 70:04:08:7c:f5:2d:60:68:5f:75:f2:db:c1:2f:59: 3f:fa:b2:d2:cf:be:0a:cf:e4:08:5b:65:28:f2:82: d8:b2:bc:e9:ae:df:39:90:33:7f:cb:92:af:dc:bd: c9:b4:f3:24:d3:f1:fc:64:cf:34:eb:3b:44:7b:aa: 32:a0:86:3c:c5:d2:4b:7b:6c:73:4d:6a:67:e9:7a: eb:31:0b:65:36:a7:08:ab:0b:a2:7c:47:a3:28:bb: 01:e2:10:d0:5d:30:98:49:89:cd:1c:9c:11:cf:8e: 79:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:75:9F:CB:C2:FE:B7:47:B7:07:82:75:2C:48:78:54:7F:D3:C1:32 X509v3 Authority Key Identifier: keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3558D5DC1F1711EC924DB151C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 118.148.0.0/15 IPv6: 2405:a400::/32 Signature Algorithm: sha256WithRSAEncryption b5:c8:a2:a4:d8:b6:32:c8:f8:0f:17:56:7d:74:53:4a:5c:89: 5f:fa:45:9e:09:26:e2:27:e4:f2:13:63:2a:19:85:3f:b8:a0: 22:43:9b:35:68:da:00:5d:a3:d1:9a:70:e7:40:71:f7:68:7e: ff:b7:99:79:dd:65:08:d0:1e:36:60:e5:44:d5:5b:3c:07:d2: 0d:36:21:81:29:d7:c5:3f:93:61:a0:fd:31:14:72:0f:a8:08: fa:29:82:96:d0:70:68:70:e7:12:72:d2:02:12:82:40:44:fa: 92:8f:34:21:45:8b:f3:09:9c:f8:57:64:59:46:4d:d3:af:ce: 91:2a:09:09:00:f0:0a:75:7e:de:29:d2:da:43:4e:a7:0b:d7: d6:96:71:4b:8f:9d:2c:28:60:a0:39:88:3c:8a:75:20:ab:52: 19:df:b4:51:a6:d6:fc:26:30:62:37:db:a5:04:de:d6:38:7a: 0b:b8:3e:31:0b:3d:50:68:9b:1c:a6:c4:40:46:81:d1:32:e2: 7d:c3:0f:58:e6:80:43:3e:e5:46:47:16:68:88:48:00:82:ca: 7a:8f:ec:11:7e:58:2a:f4:3c:b0:93:5a:cc:65:bd:f5:8a:3d: db:dc:56:5c:b7:9e:2d:8b:26:95:cf:11:9f:ef:3f:6d:71:5b: 1f:06:ce:3e -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICB/wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC NjBEQjFCMkMwHhcNMjUxMDA4MjIyNDM0WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2ZTRhMi1hOWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx+Y19PwfKxXa9AEza+tAeD+reCo5vakbKBBTbXYtEoQi8o0bSLFFW/HObeJ6 UsRHt7v9fZRaS0MjAhh0XIhLqgrOTt3wctuyWW7wEr9y7WyLiYf7zeYc43piph/o N1OVbuGq9z13IQpgCaDeAF3tggpYWMZtb/pHoFlxFn4n6DzsO6GFVZM4pBVzyhtr jm5xgC9drOdwBAh89S1gaF918tvBL1k/+rLSz74Kz+QIW2Uo8oLYsrzprt85kDN/ y5Kv3L3JtPMk0/H8ZM806ztEe6oyoIY8xdJLe2xzTWpn6XrrMQtlNqcIqwuifEej KLsB4hDQXTCYSYnNHJwRz4551wIDAQABo4ICozCCAp8wHQYDVR0OBBYEFMF1n8vC /rdHtweCdSxIeFR/08EyMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2 QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvMzU1OEQ1REMx RjE3MTFFQzkyNERCMTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMAsEAgABMAUDAwF2lDANBAIAAjAHAwUAJAWkADANBgkqhkiG9w0BAQsFAAOC AQEAtciipNi2Msj4DxdWfXRTSlyJX/pFngkm4ifk8hNjKhmFP7igIkObNWjaAF2j 0Zpw50Bx92h+/7eZed1lCNAeNmDlRNVbPAfSDTYhgSnXxT+TYaD9MRRyD6gI+imC ltBwaHDnEnLSAhKCQET6ko80IUWL8wmc+FdkWUZN06/OkSoJCQDwCnV+3inS2kNO pwvX1pZxS4+dLChgoDmIPIp1IKtSGd+0UabW/CYwYjfbpQTe1jh6C7g+MQs9UGib HKbEQEaB0TLifcMPWOaAQz7lRkcWaIhIAILKeo/sEX5YKvQ8sJNazGW99Yo929xW XLeeLYsmlc8Rn+8/bXFbHwbOPg== -----END CERTIFICATE-----Generated at Thu Oct 23 01:29:41 2025 by rpki-client