$ rpki-client -vvf rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa File: 2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa (raw, json) Hash identifier: RA6RFmE6k5HO1bBqRafgilu2yoyhiNE9rjZysYl9t3k= Subject key identifier: BF:00:20:E6:DC:9B:C3:32:0C:02:4A:09:CB:79:BC:45:9B:97:94:74 Certificate issuer: /CN=A91683D2/serialNumber=B1ACFB85149B86A11015D601810E314F6948C1CF Certificate serial: 34E0 Authority key identifier: B1:AC:FB:85:14:9B:86:A1:10:15:D6:01:81:0E:31:4F:69:48:C1:CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa Signing time: Sat 18 Oct 2025 14:50:44 +0000 ROA not before: Sat 18 Oct 2025 14:50:44 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 4770 IP address blocks: 202.14.100.0/24 maxlen: 24 202.36.36.0/22 maxlen: 22 202.37.140.0/22 maxlen: 22 202.37.144.0/21 maxlen: 21 202.37.200.0/22 maxlen: 22 202.37.224.0/21 maxlen: 21 202.41.136.0/22 maxlen: 22 202.74.224.0/21 maxlen: 21 210.48.0.0/17 maxlen: 17 210.56.32.0/20 maxlen: 20 210.185.0.0/18 maxlen: 18 2405:6000::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.crl rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:38:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13536 (0x34e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91683D2, serialNumber=B1ACFB85149B86A11015D601810E314F6948C1CF Validity Not Before: Oct 18 14:50:44 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68f3a944-40ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:23:f3:2c:76:97:37:9c:e1:46:ce:1f:59:36: a5:90:b7:21:bc:39:97:ee:b0:c3:aa:4e:be:36:02: 08:7f:8c:ba:b4:d3:68:3d:3e:fc:4c:76:96:11:77: ad:73:5a:1d:06:9e:10:32:b6:58:84:d9:1d:ab:3b: fd:52:74:8f:a8:00:ee:f9:f4:ac:ae:a3:48:5a:ee: 6d:ad:f8:9e:69:51:64:2d:10:27:d6:d4:12:be:ac: c6:54:b9:27:46:ee:e4:87:bb:4e:f6:c7:dd:61:9f: 60:fa:d1:ad:2c:c0:ae:15:91:73:9e:07:d6:9f:a3: db:cd:20:8f:5a:75:d2:f6:e8:e0:ca:fe:4c:b7:a5: b1:43:56:48:b6:90:a3:2f:42:7c:f4:dc:e4:ad:c3: c1:be:2d:5e:99:e1:99:85:cf:69:c9:d4:66:9a:94: 6e:8d:d0:72:0a:cb:cb:03:47:fe:bd:df:62:32:be: c3:18:1c:a7:37:a7:3e:49:70:a8:1e:75:f1:52:2a: 6e:10:5e:1a:90:96:81:b5:34:59:38:12:57:eb:37: b5:6c:86:51:b7:cc:d0:8d:8f:67:ea:90:7e:67:10: 86:11:19:a3:52:0f:82:1e:07:30:06:c5:e3:c0:e8: be:3d:c5:75:6b:6b:f3:ed:f3:23:2f:14:5f:93:69: c0:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:00:20:E6:DC:9B:C3:32:0C:02:4A:09:CB:79:BC:45:9B:97:94:74 X509v3 Authority Key Identifier: keyid:B1:AC:FB:85:14:9B:86:A1:10:15:D6:01:81:0E:31:4F:69:48:C1:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/saz7hRSbhqEQFdYBgQ4xT2lIwc8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91683D2/19C55F6C1D8B11E290C578E508B02CD2/2DD1EECEEC7A11EEBAE5E319C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.14.100.0/24 202.36.36.0/22 202.37.140.0-202.37.151.255 202.37.200.0/22 202.37.224.0/21 202.41.136.0/22 202.74.224.0/21 210.48.0.0/17 210.56.32.0/20 210.185.0.0/18 IPv6: 2405:6000::/32 Signature Algorithm: sha256WithRSAEncryption 6b:de:ea:65:c2:e4:82:8c:f2:5e:47:a5:96:e3:47:ba:70:44: 24:06:30:75:3b:a5:9f:1d:95:d8:e6:7a:b8:c8:94:4a:5c:7d: f3:be:32:b2:e1:e1:3e:b3:4f:3a:42:53:71:43:3a:ec:7d:87: 37:39:ce:21:bb:52:87:28:ff:8e:4b:a4:7d:19:de:64:5b:33: 96:0b:f9:d2:0a:62:4f:10:3a:4d:1c:42:07:b6:4f:f1:d0:e3: 2d:1a:67:34:5f:49:ab:e9:ea:c1:47:df:48:5e:c3:61:77:52: 7f:8d:61:46:49:0a:c2:91:f0:3d:a3:5a:2c:f3:47:8b:a7:b9: 17:e1:ed:17:27:5d:76:cd:d5:33:11:1a:6b:6f:e2:e2:72:2c: 11:3d:4e:42:16:33:10:cf:ec:47:86:27:ee:88:91:88:94:6d: 04:6c:ff:bf:67:f4:17:6e:6e:22:90:a2:35:2c:35:56:f4:c1: 8e:4a:1a:1e:4c:33:2a:39:97:39:17:6e:0d:6b:42:8a:5b:88: 29:90:b1:c6:42:59:7c:33:8f:cf:41:de:a5:25:aa:41:9a:96: c0:b5:71:ed:33:96:9e:15:58:8f:b5:7c:f7:4c:b8:4b:c8:78: ee:4c:9b:12:a4:0b:a7:52:91:32:f7:e7:3a:b3:b8:98:ae:78: 32:bb:8e:c4 -----BEGIN CERTIFICATE----- MIIFvjCCBKagAwIBAgICNOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjgzRDIxMTAvBgNVBAUTKEIxQUNGQjg1MTQ5Qjg2QTExMDE1RDYwMTgxMEUzMTRG Njk0OEMxQ0YwHhcNMjUxMDE4MTQ1MDQ0WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGYzYTk0NC00MGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7CPzLHaXN5zhRs4fWTalkLchvDmX7rDDqk6+NgIIf4y6tNNoPT78THaWEXet c1odBp4QMrZYhNkdqzv9UnSPqADu+fSsrqNIWu5trfieaVFkLRAn1tQSvqzGVLkn Ru7kh7tO9sfdYZ9g+tGtLMCuFZFzngfWn6PbzSCPWnXS9ujgyv5Mt6WxQ1ZItpCj L0J89NzkrcPBvi1emeGZhc9pydRmmpRujdByCsvLA0f+vd9iMr7DGBynN6c+SXCo HnXxUipuEF4akJaBtTRZOBJX6ze1bIZRt8zQjY9n6pB+ZxCGERmjUg+CHgcwBsXj wOi+PcV1a2vz7fMjLxRfk2nADQIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFL8AIObc m8MyDAJKCct5vEWbl5R0MB8GA1UdIwQYMBaAFLGs+4UUm4ahEBXWAYEOMU9pSMHP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODNEMi8xOUM1NUY2QzFE OEIxMUUyOTBDNTc4RTUwOEIwMkNEMi9zYXo3aFJTYmhxRVFGZFlCZ1E0eFQybEl3 YzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NhejdoUlNiaHFFUUZkWUJnUTR4VDJsSXdjOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjgzRDIvMTlDNTVGNkMxRDhCMTFFMjkwQzU3OEU1MDhCMDJDRDIvMkREMUVFQ0VF QzdBMTFFRUJBRTVFMzE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E XTBbMEoEAgABMEQDBADKDmQDBALKJCQwDAMEAsoljAMEA8olkAMEAsolyAMEA8ol 4AMEAsopiAMEA8pK4AMEB9IwAAMEBNI4IAMEBtK5ADANBAIAAjAHAwUAJAVgADAN BgkqhkiG9w0BAQsFAAOCAQEAa97qZcLkgozyXkelluNHunBEJAYwdTulnx2V2OZ6 uMiUSlx9874ysuHhPrNPOkJTcUM67H2HNznOIbtShyj/jkukfRneZFszlgv50gpi TxA6TRxCB7ZP8dDjLRpnNF9Jq+nqwUffSF7DYXdSf41hRkkKwpHwPaNaLPNHi6e5 F+HtFyddds3VMxEaa2/i4nIsET1OQhYzEM/sR4Yn7oiRiJRtBGz/v2f0F25uIpCi NSw1VvTBjkoaHkwzKjmXORduDWtCiluIKZCxxkJZfDOPz0HepSWqQZqWwLVx7TOW nhVYj7V890y4S8h47kybEqQLp1KRMvfnOrO4mK54MruOxA== -----END CERTIFICATE-----Generated at Wed Nov 5 00:45:52 2025 by rpki-client