$ rpki-client -vvf rpki.apnic.net/member_repository/A91936BE/CA06668CE44811EA810B0380C4F9AE02/538866F6E44B11EAA31DD984C4F9AE02.roa File: 538866F6E44B11EAA31DD984C4F9AE02.roa (raw, json) Hash identifier: bESggwBVi2r8+ztWK2qOS9Hu8xH3ds99tl1f1AVVNNc= Subject key identifier: 42:57:6B:38:1B:BD:28:23:17:95:CC:75:2A:5F:7B:22:43:4B:4C:CF Certificate issuer: /CN=A91936BE/serialNumber=8021B16B92421F77B7260E97E6AD8C1D24BD299A Certificate serial: 085D Authority key identifier: 80:21:B1:6B:92:42:1F:77:B7:26:0E:97:E6:AD:8C:1D:24:BD:29:9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCGxa5JCH3e3Jg6X5q2MHSS9KZo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91936BE/CA06668CE44811EA810B0380C4F9AE02/538866F6E44B11EAA31DD984C4F9AE02.roa Signing time: Tue 04 Nov 2025 21:10:15 +0000 ROA not before: Tue 04 Nov 2025 21:10:15 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 24183 IP address blocks: 45.125.168.0/22 maxlen: 22 103.226.32.0/22 maxlen: 22 103.226.32.0/23 maxlen: 23 103.226.34.0/24 maxlen: 24 103.226.35.0/24 maxlen: 24 202.20.0.0/21 maxlen: 21 202.68.80.0/20 maxlen: 20 202.174.176.0/20 maxlen: 20 202.174.176.0/23 maxlen: 23 2402:9e00::/32 maxlen: 32 2402:9e00:400::/48 maxlen: 48 2402:9e00:401::/48 maxlen: 48 2402:9e00:402::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91936BE/CA06668CE44811EA810B0380C4F9AE02/gCGxa5JCH3e3Jg6X5q2MHSS9KZo.crl rsync://rpki.apnic.net/member_repository/A91936BE/CA06668CE44811EA810B0380C4F9AE02/gCGxa5JCH3e3Jg6X5q2MHSS9KZo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCGxa5JCH3e3Jg6X5q2MHSS9KZo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 21:10:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2141 (0x85d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91936BE, serialNumber=8021B16B92421F77B7260E97E6AD8C1D24BD299A Validity Not Before: Nov 4 21:10:15 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=690a6bb6-c10e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:00:91:41:92:c6:5e:36:ac:57:2d:81:4f:13: d7:2b:65:6a:8b:c8:cd:7e:9e:3c:26:44:9b:e9:e1: 66:63:04:e6:a2:c9:9f:45:71:a6:04:50:b5:85:7f: 71:19:af:09:7c:0f:58:4a:f4:98:1f:28:f0:2a:88: 89:4f:38:56:cd:0f:b4:ba:fe:3e:48:b7:32:c0:51: df:c5:5c:1e:46:9e:fb:84:ed:b3:ee:97:6a:55:68: 27:69:e4:d1:69:b0:aa:e7:01:de:3a:62:97:f0:29: c0:b5:ff:93:62:5d:2e:bc:aa:8f:ee:f5:3b:05:b0: cd:3f:92:ee:ee:05:e8:da:ec:64:06:60:21:ce:4d: 85:36:48:a1:b4:76:55:55:a8:63:b3:97:c5:02:33: 0e:49:6e:8a:da:b9:40:ca:0e:f1:6e:9e:75:15:28: ea:79:d1:4a:6e:86:09:1c:f3:86:83:81:6e:0f:1c: d1:27:e7:99:e3:87:61:16:10:fb:75:37:50:fc:b4: 5b:27:47:af:3c:71:ff:a5:ba:c7:f1:3a:4c:42:5d: 7b:df:e0:f8:45:77:78:75:fa:e7:56:06:a2:66:35: 92:de:2c:57:20:fe:98:a1:ec:9c:8b:4c:51:5e:37: a4:9c:4e:ad:cb:9d:9c:92:f5:dd:3d:cf:26:9c:be: 2a:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:57:6B:38:1B:BD:28:23:17:95:CC:75:2A:5F:7B:22:43:4B:4C:CF X509v3 Authority Key Identifier: keyid:80:21:B1:6B:92:42:1F:77:B7:26:0E:97:E6:AD:8C:1D:24:BD:29:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91936BE/CA06668CE44811EA810B0380C4F9AE02/gCGxa5JCH3e3Jg6X5q2MHSS9KZo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCGxa5JCH3e3Jg6X5q2MHSS9KZo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91936BE/CA06668CE44811EA810B0380C4F9AE02/538866F6E44B11EAA31DD984C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.125.168.0/22 103.226.32.0/22 202.20.0.0/21 202.68.80.0/20 202.174.176.0/20 IPv6: 2402:9e00::/32 Signature Algorithm: sha256WithRSAEncryption 24:10:50:a1:2d:13:d2:2b:1e:7b:39:6a:7f:fc:9c:a9:fd:95: 6d:c2:1f:e5:92:e5:d8:8b:a3:c6:e6:b2:da:f8:a9:f1:7d:39: 8d:56:d7:af:03:d5:7a:d9:27:33:f6:dc:7c:9f:64:dc:00:3b: 7d:27:83:01:15:e9:03:89:81:f8:94:74:d5:9e:64:73:cc:67: 36:b8:8b:84:cd:e8:67:38:5f:df:bb:87:00:da:9d:0a:7b:0c: c1:df:a7:07:83:81:c9:97:f4:92:bb:b4:34:28:a5:fd:9a:94: 0e:67:af:ee:40:c6:e7:fc:e9:5b:9f:0a:88:ce:aa:16:ef:cc: d0:8a:1f:5e:6b:7d:a9:31:b4:b5:c7:1c:ac:ce:cb:2d:7c:dc: 80:90:c8:57:ef:28:7b:11:a1:15:b4:c2:8b:37:85:03:12:56: 14:fd:f5:c2:3c:0e:b3:99:3b:64:b6:3f:0c:fb:1c:d4:0a:d5: c4:17:46:9b:e3:59:b1:cb:4f:65:46:d3:e0:96:b6:88:11:74: b5:5b:c5:5e:94:c2:4a:a9:54:5d:da:69:a1:ce:62:c8:c5:a7: 52:7e:66:b0:f4:6c:c4:ba:cc:56:03:ea:89:7d:a2:ce:a3:56: c8:c1:e2:cc:78:7f:da:71:ba:73:3b:76:e0:9f:69:8b:d4:1c: e3:9e:21:fd -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICCF0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTM2QkUxMTAvBgNVBAUTKDgwMjFCMTZCOTI0MjFGNzdCNzI2MEU5N0U2QUQ4QzFE MjRCRDI5OUEwHhcNMjUxMTA0MjExMDE1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTBhNmJiNi1jMTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqwCRQZLGXjasVy2BTxPXK2Vqi8jNfp48JkSb6eFmYwTmosmfRXGmBFC1hX9x Ga8JfA9YSvSYHyjwKoiJTzhWzQ+0uv4+SLcywFHfxVweRp77hO2z7pdqVWgnaeTR abCq5wHeOmKX8CnAtf+TYl0uvKqP7vU7BbDNP5Lu7gXo2uxkBmAhzk2FNkihtHZV Vahjs5fFAjMOSW6K2rlAyg7xbp51FSjqedFKboYJHPOGg4FuDxzRJ+eZ44dhFhD7 dTdQ/LRbJ0evPHH/pbrH8TpMQl173+D4RXd4dfrnVgaiZjWS3ixXIP6Yoeyci0xR XjeknE6ty52ckvXdPc8mnL4q+wIDAQABo4ICvDCCArgwHQYDVR0OBBYEFEJXazgb vSgjF5XMdSpfeyJDS0zPMB8GA1UdIwQYMBaAFIAhsWuSQh93tyYOl+atjB0kvSma MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzZCRS9DQTA2NjY4Q0U0 NDgxMUVBODEwQjAzODBDNEY5QUUwMi9nQ0d4YTVKQ0gzZTNKZzZYNXEyTUhTUzlL Wm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dDR3hhNUpDSDNlM0pnNlg1cTJNSFNTOUtaby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTM2QkUvQ0EwNjY2OENFNDQ4MTFFQTgxMEIwMzgwQzRGOUFFMDIvNTM4ODY2RjZF NDRCMTFFQUEzMUREOTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAItfagDBAJn4iADBAPKFAADBATKRFADBATKrrAwDQQCAAIw BwMFACQCngAwDQYJKoZIhvcNAQELBQADggEBACQQUKEtE9IrHns5an/8nKn9lW3C H+WS5diLo8bmstr4qfF9OY1W168D1XrZJzP23HyfZNwAO30ngwEV6QOJgfiUdNWe ZHPMZza4i4TN6Gc4X9+7hwDanQp7DMHfpweDgcmX9JK7tDQopf2alA5nr+5Axuf8 6VufCojOqhbvzNCKH15rfakxtLXHHKzOyy183ICQyFfvKHsRoRW0wos3hQMSVhT9 9cI8DrOZO2S2Pwz7HNQK1cQXRpvjWbHLT2VG0+CWtogRdLVbxV6UwkqpVF3aaaHO YsjFp1J+ZrD0bMS6zFYD6ol9os6jVsjB4sx4f9pxunM7duCfaYvUHOOeIf0= -----END CERTIFICATE-----Generated at Wed Nov 5 12:23:25 2025 by rpki-client