$ rpki-client -vvf rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/31E9004E9A0F11F0BC057E7DC4F9AE02.roa File: 31E9004E9A0F11F0BC057E7DC4F9AE02.roa (raw, json) Hash identifier: lVwKB14i6OpwyRz8FsA7PbQdrXdHjD1P3S/SDqyzydg= Subject key identifier: A6:2A:D9:59:C3:E1:E2:D6:B2:A4:0C:4C:EF:F2:C7:C0:29:B2:7C:BD Certificate issuer: /CN=A91491CC/serialNumber=9C1E45A8084C311DD50044A173605E8EE3C4CC95 Certificate serial: 02 Authority key identifier: 9C:1E:45:A8:08:4C:31:1D:D5:00:44:A1:73:60:5E:8E:E3:C4:CC:95 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nB5FqAhMMR3VAEShc2BejuPEzJU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/31E9004E9A0F11F0BC057E7DC4F9AE02.roa Signing time: Thu 25 Sep 2025 12:57:30 +0000 ROA not before: Thu 25 Sep 2025 12:57:30 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 154084 IP address blocks: 192.51.174.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/nB5FqAhMMR3VAEShc2BejuPEzJU.crl rsync://rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/nB5FqAhMMR3VAEShc2BejuPEzJU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nB5FqAhMMR3VAEShc2BejuPEzJU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 11:50:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91491CC, serialNumber=9C1E45A8084C311DD50044A173605E8EE3C4CC95 Validity Not Before: Sep 25 12:57:30 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68d53c3a-680a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:fa:34:55:3a:1d:44:68:d9:b3:d6:b3:d8:65: 8c:0c:c0:99:c3:e6:57:bd:a9:53:e5:95:26:6c:01: cf:d2:71:b0:b8:8d:53:e1:c8:81:bd:6b:2c:bb:b7: 11:64:36:f4:6d:94:da:1b:d3:33:d3:76:c2:b0:63: 07:8d:24:9a:85:2b:d5:d0:45:c9:de:77:d2:04:f7: fb:39:f7:ba:5e:99:a6:7c:f4:59:1b:46:c5:32:44: a9:93:d6:48:72:92:16:43:1a:3d:1e:f7:40:75:2d: cb:40:b6:37:1c:7f:4d:a1:76:86:61:a2:d4:8b:2d: e6:32:71:93:55:02:ae:09:44:95:22:bc:f1:80:f2: 26:53:44:af:c9:a5:5a:e5:a2:a0:2b:cb:c3:de:f5: d5:5c:b5:ea:38:df:76:ca:11:f6:c4:97:42:7f:aa: e4:72:68:74:55:01:12:7c:a1:ec:1a:8c:b1:39:d7: 92:5a:8c:d0:cf:ec:c4:00:61:0a:25:16:a5:e4:28: 13:07:80:20:2f:1b:90:1e:47:ea:69:a0:45:db:35: 67:cf:7c:01:fa:fb:85:67:e5:70:4a:05:13:28:dc: fb:74:cb:09:9d:42:b4:e3:2a:5d:fd:76:07:b2:b5: 38:31:b9:1a:3c:07:51:bb:b8:66:c5:60:16:d1:8c: 0a:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:2A:D9:59:C3:E1:E2:D6:B2:A4:0C:4C:EF:F2:C7:C0:29:B2:7C:BD X509v3 Authority Key Identifier: keyid:9C:1E:45:A8:08:4C:31:1D:D5:00:44:A1:73:60:5E:8E:E3:C4:CC:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/nB5FqAhMMR3VAEShc2BejuPEzJU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nB5FqAhMMR3VAEShc2BejuPEzJU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91491CC/9DF07E449A0E11F089C88B7CC4F9AE02/31E9004E9A0F11F0BC057E7DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 192.51.174.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:89:7f:5d:17:e9:55:cb:54:ee:32:7b:cd:98:ff:6e:18:e1: ad:22:ae:ba:69:1f:dc:50:59:22:0e:99:44:f0:5a:52:2b:39: dd:b4:2d:4c:7a:fb:87:8b:fd:8b:7f:0c:2a:01:e6:bb:04:6b: 64:4f:df:dc:90:be:5e:b1:9b:48:88:49:4f:98:79:98:e8:4a: b7:99:5f:14:f9:68:d5:e9:fd:d6:e5:6a:6b:b6:d1:e6:e3:be: 7b:2e:7d:81:28:d9:35:69:5f:61:84:27:81:95:05:da:1d:45: 01:b3:8c:0d:35:a0:59:65:37:df:92:5e:4f:87:99:d1:24:5b: dd:d3:a4:82:d3:e1:af:f4:7e:6b:bd:be:ea:1d:12:4f:2b:a9: ec:46:86:50:e8:f1:5e:79:51:43:4c:d3:4e:06:74:c0:5f:9a: 4e:93:02:11:0f:27:9a:b9:c6:1f:0e:6a:86:dd:b4:45:97:f9: 0c:c2:82:2a:06:c2:87:95:73:20:fd:7b:6f:1d:8c:67:1d:c0: 7a:1c:5f:fe:72:b5:bf:22:21:47:e6:2d:cd:be:99:6c:d8:7c: 5c:79:26:79:22:78:17:8a:d1:b0:85:a7:20:37:a0:a5:2c:e4: f2:59:a0:23:77:6d:f9:74:9f:b8:d8:6f:81:f6:81:25:ac:cd: e6:78:d4:bd -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 OTFDQzExMC8GA1UEBRMoOUMxRTQ1QTgwODRDMzExREQ1MDA0NEExNzM2MDVFOEVF M0M0Q0M5NTAeFw0yNTA5MjUxMjU3MzBaFw0yNjEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZDUzYzNhLTY4MGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD1+jRVOh1EaNmz1rPYZYwMwJnD5le9qVPllSZsAc/ScbC4jVPhyIG9ayy7txFk NvRtlNob0zPTdsKwYweNJJqFK9XQRcned9IE9/s597pemaZ89FkbRsUyRKmT1khy khZDGj0e90B1LctAtjccf02hdoZhotSLLeYycZNVAq4JRJUivPGA8iZTRK/JpVrl oqAry8Pe9dVcteo433bKEfbEl0J/quRyaHRVARJ8oewajLE515JajNDP7MQAYQol FqXkKBMHgCAvG5AeR+ppoEXbNWfPfAH6+4Vn5XBKBRMo3Pt0ywmdQrTjKl39dgey tTgxuRo8B1G7uGbFYBbRjApFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUpirZWcPh 4taypAxM7/LHwCmyfL0wHwYDVR0jBBgwFoAUnB5FqAhMMR3VAEShc2BejuPEzJUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ5MUNDLzlERjA3RTQ0OUEw RTExRjA4OUM4OEI3Q0M0RjlBRTAyL25CNUZxQWhNTVIzVkFFU2hjMkJlanVQRXpK VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbkI1RnFBaE1NUjNWQUVTaGMyQmVqdVBFekpVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OTFDQy85REYwN0U0NDlBMEUxMUYwODlDODhCN0NDNEY5QUUwMi8zMUU5MDA0RTlB MEYxMUYwQkMwNTdFN0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAMAzrjANBgkqhkiG9w0BAQsFAAOCAQEAeol/XRfpVctU7jJ7 zZj/bhjhrSKuumkf3FBZIg6ZRPBaUis53bQtTHr7h4v9i38MKgHmuwRrZE/f3JC+ XrGbSIhJT5h5mOhKt5lfFPlo1en91uVqa7bR5uO+ey59gSjZNWlfYYQngZUF2h1F AbOMDTWgWWU335JeT4eZ0SRb3dOkgtPhr/R+a72+6h0STyup7EaGUOjxXnlRQ0zT TgZ0wF+aTpMCEQ8nmrnGHw5qht20RZf5DMKCKgbCh5VzIP17bx2MZx3Aehxf/nK1 vyIhR+Ytzb6ZbNh8XHkmeSJ4F4rRsIWnIDegpSzk8lmgI3dt+XSfuNhvgfaBJazN 5njUvQ== -----END CERTIFICATE-----Generated at Sun Oct 19 00:38:14 2025 by rpki-client