$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/1585570A544C11E9BDFF2B2DC4F9AE02.roa File: 1585570A544C11E9BDFF2B2DC4F9AE02.roa (raw, json) Hash identifier: RkelPLg7E6uL52G5WbWQ45BxHbDDvE+59Nsvn5kHeGw= Subject key identifier: 5D:A4:15:24:B8:CA:53:0B:A5:23:24:21:AD:CC:4E:AD:AF:67:E2:0D Certificate issuer: /CN=A91AE9F7/serialNumber=0170B0E0D06E31473CAC164E4B0B6D21BDF4D237 Certificate serial: 102F Authority key identifier: 01:70:B0:E0:D0:6E:31:47:3C:AC:16:4E:4B:0B:6D:21:BD:F4:D2:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/1585570A544C11E9BDFF2B2DC4F9AE02.roa Signing time: Tue 04 Nov 2025 17:36:28 +0000 ROA not before: Tue 04 Nov 2025 17:36:28 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 138191 IP address blocks: 58.84.32.0/24 maxlen: 24 103.129.200.0/24 maxlen: 24 103.129.201.0/24 maxlen: 24 103.129.202.0/24 maxlen: 24 103.129.203.0/24 maxlen: 24 103.197.48.0/24 maxlen: 24 2403:8540::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.crl rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:36:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4143 (0x102f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE9F7, serialNumber=0170B0E0D06E31473CAC164E4B0B6D21BDF4D237 Validity Not Before: Nov 4 17:36:28 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=690a399c-9b5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:52:d2:7b:0f:24:41:c8:2a:bd:57:94:7c:f7: 95:b6:6b:f8:3c:f9:f7:e6:a7:0f:cf:20:78:61:75: 63:a0:12:06:5f:d8:e4:b3:bf:0e:46:44:88:61:65: fd:1d:51:15:fe:e7:f9:a8:02:bb:2f:40:57:a9:70: 9d:50:f6:41:a2:91:76:bf:bc:bb:4d:e7:f3:03:35: 2b:9b:89:6a:5a:83:01:62:7f:d2:d7:3e:1c:11:44: ff:5e:3b:72:aa:be:b3:82:c6:0e:97:6b:2f:32:ff: 66:3c:cd:21:44:e9:04:2a:2f:ec:56:dc:af:b6:48: 72:01:03:b6:c8:ea:91:92:05:b0:c8:26:44:97:e6: fa:8d:1c:ce:46:b5:ca:1a:5c:70:22:92:ed:99:40: 10:59:ef:34:03:38:37:a7:ce:0b:01:b4:26:5e:ff: 53:6d:10:e7:e6:a0:85:8e:e1:34:37:50:67:77:32: e4:36:b5:88:12:78:95:3b:27:11:ba:2d:92:a2:2e: 6b:86:02:76:bf:44:9a:41:a2:7b:5d:6a:69:9f:73: 5b:0e:81:27:ca:ae:0a:4d:71:f9:37:3f:1e:10:34: 32:6f:82:ad:f8:d1:78:c2:89:d7:ca:29:35:9b:af: 92:fe:ad:20:28:6e:58:84:73:8b:8b:dc:cc:0e:3d: 4c:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:A4:15:24:B8:CA:53:0B:A5:23:24:21:AD:CC:4E:AD:AF:67:E2:0D X509v3 Authority Key Identifier: keyid:01:70:B0:E0:D0:6E:31:47:3C:AC:16:4E:4B:0B:6D:21:BD:F4:D2:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/1585570A544C11E9BDFF2B2DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.84.32.0/24 103.129.200.0/22 103.197.48.0/24 IPv6: 2403:8540::/32 Signature Algorithm: sha256WithRSAEncryption 3c:6c:e7:e1:e0:1b:cb:93:a2:8c:d6:91:45:b5:dc:da:1a:f0: 2d:65:c1:e9:45:5b:50:2e:76:fa:1d:70:3f:bf:39:7b:56:66: eb:c0:ae:18:61:37:42:c9:7e:c0:66:a9:78:d6:3d:86:19:25: dd:f5:dd:99:b1:11:a0:d7:4d:0f:f4:cc:d3:97:2d:d4:1c:fe: cb:d3:e8:53:1a:3a:78:13:5d:23:b3:58:c2:bb:26:ad:43:db: ef:fc:c6:39:46:81:87:1c:67:a3:e9:97:25:f1:00:a1:1f:13: 70:5b:21:01:f4:4a:7a:fd:a9:9b:7d:26:19:ff:11:66:5d:52: 72:01:a1:33:1e:63:9b:06:7c:4d:53:99:c5:55:85:b2:f6:08: a2:2c:c9:55:8f:f7:54:b2:55:3a:7c:36:87:7e:dc:76:5e:c9: 95:55:fa:c3:4c:62:5f:ab:c2:40:96:86:6d:19:4a:ea:cc:dd: c1:51:8f:d1:1e:66:12:d4:7f:4e:43:83:96:2d:6d:a1:a2:29: b5:cc:1d:90:8c:1b:8d:d7:53:fd:f2:20:95:19:28:55:59:65: 6a:03:07:5f:a6:2c:df:a3:a8:45:e7:11:ef:02:8e:07:6a:7c: 13:f9:d9:ec:ed:9b:fc:d8:a0:26:32:1c:4e:01:8f:c4:48:87: e1:c9:d1:59 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICEC8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUU5RjcxMTAvBgNVBAUTKDAxNzBCMEUwRDA2RTMxNDczQ0FDMTY0RTRCMEI2RDIx QkRGNEQyMzcwHhcNMjUxMTA0MTczNjI4WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTBhMzk5Yy05YjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs1LSew8kQcgqvVeUfPeVtmv4PPn35qcPzyB4YXVjoBIGX9jks78ORkSIYWX9 HVEV/uf5qAK7L0BXqXCdUPZBopF2v7y7TefzAzUrm4lqWoMBYn/S1z4cEUT/Xjty qr6zgsYOl2svMv9mPM0hROkEKi/sVtyvtkhyAQO2yOqRkgWwyCZEl+b6jRzORrXK GlxwIpLtmUAQWe80Azg3p84LAbQmXv9TbRDn5qCFjuE0N1BndzLkNrWIEniVOycR ui2Soi5rhgJ2v0SaQaJ7XWppn3NbDoEnyq4KTXH5Nz8eEDQyb4Kt+NF4wonXyik1 m6+S/q0gKG5YhHOLi9zMDj1MJQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFF2kFSS4 ylMLpSMkIa3MTq2vZ+INMB8GA1UdIwQYMBaAFAFwsODQbjFHPKwWTksLbSG99NI3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTlGNy8zNzlFQzc0MjU0 NEExMUU5QTM1MEMxMjdDNEY5QUUwMi9BWEN3NE5CdU1VYzhyQlpPU3d0dEliMzAw amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FYQ3c0TkJ1TVVjOHJCWk9Td3R0SWIzMDBqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUU5RjcvMzc5RUM3NDI1NDRBMTFFOUEzNTBDMTI3QzRGOUFFMDIvMTU4NTU3MEE1 NDRDMTFFOUJERkYyQjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAA6VCADBAJngcgDBABnxTAwDQQCAAIwBwMFACQDhUAwDQYJ KoZIhvcNAQELBQADggEBADxs5+HgG8uToozWkUW13Noa8C1lwelFW1AudvodcD+/ OXtWZuvArhhhN0LJfsBmqXjWPYYZJd313ZmxEaDXTQ/0zNOXLdQc/svT6FMaOngT XSOzWMK7Jq1D2+/8xjlGgYccZ6PplyXxAKEfE3BbIQH0Snr9qZt9Jhn/EWZdUnIB oTMeY5sGfE1TmcVVhbL2CKIsyVWP91SyVTp8Nod+3HZeyZVV+sNMYl+rwkCWhm0Z SurM3cFRj9EeZhLUf05Dg5YtbaGiKbXMHZCMG43XU/3yIJUZKFVZZWoDB1+mLN+j qEXnEe8CjgdqfBP52eztm/zYoCYyHE4Bj8RIh+HJ0Vk= -----END CERTIFICATE-----Generated at Wed Nov 5 11:37:46 2025 by rpki-client