$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/A2B684F8BA0911F0B073056FC4F9AE02.roa File: A2B684F8BA0911F0B073056FC4F9AE02.roa (raw, json) Hash identifier: zUtjde86ZEu07ofBhk74IrESMSJ6MUCG4kf1KeTM2tE= Subject key identifier: 8C:05:6A:B1:DB:66:99:A4:7E:A0:AB:24:96:C4:A3:68:94:58:31:5A Certificate issuer: /CN=A91B6814/serialNumber=F63C46422912B45A9186E445C5A9DEA7BBA3428B Certificate serial: 0E Authority key identifier: F6:3C:46:42:29:12:B4:5A:91:86:E4:45:C5:A9:DE:A7:BB:A3:42:8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9jxGQikStFqRhuRFxanep7ujQos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/A2B684F8BA0911F0B073056FC4F9AE02.roa Signing time: Wed 05 Nov 2025 05:41:49 +0000 ROA not before: Wed 05 Nov 2025 05:41:49 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 136160 IP address blocks: 43.251.100.0/22 maxlen: 22 43.251.100.0/24 maxlen: 24 43.251.101.0/24 maxlen: 24 43.251.102.0/24 maxlen: 24 43.251.103.0/24 maxlen: 24 103.82.52.0/22 maxlen: 22 103.82.52.0/24 maxlen: 24 103.82.53.0/24 maxlen: 24 103.82.54.0/24 maxlen: 24 103.82.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/9jxGQikStFqRhuRFxanep7ujQos.crl rsync://rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/9jxGQikStFqRhuRFxanep7ujQos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9jxGQikStFqRhuRFxanep7ujQos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:17:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14 (0xe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6814, serialNumber=F63C46422912B45A9186E445C5A9DEA7BBA3428B Validity Not Before: Nov 5 05:41:49 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=690ae39d-a27a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:f1:36:2f:f6:f0:b9:b9:89:81:8b:55:4f:74: 18:03:e9:98:ad:25:15:c1:4c:fd:01:9c:a4:2a:f8: 7c:c6:59:f1:0e:7d:43:2e:7d:6d:d9:9b:7e:1f:9a: 6c:be:88:50:e9:e7:5d:9b:f4:cb:50:1c:c0:4d:b5: be:38:d9:cc:66:01:c9:d9:fb:02:73:cd:85:63:ca: 39:fd:dd:00:28:61:c5:65:db:e6:36:6b:20:3f:c4: 45:a8:5c:84:ff:ec:0f:2e:d3:47:9a:c5:be:43:aa: ab:9a:a4:62:db:08:9c:3e:40:17:a6:f0:41:67:61: 87:90:99:91:b0:4b:28:0d:75:21:eb:45:04:2b:d4: 41:4f:06:9b:ce:c9:82:8d:25:c7:ce:33:af:a9:4d: fe:a6:c5:bc:ed:82:e0:21:ae:e8:cc:a7:1f:b6:76: 52:dc:c6:f3:2d:d7:ac:ad:d4:da:63:5c:b6:72:c8: 3b:43:c8:ec:e5:4e:33:13:c8:93:d8:fe:da:29:a6: 63:af:d7:32:45:0f:0f:c9:a9:81:75:e5:4a:71:b3: 2d:96:c9:31:83:da:9c:0b:bd:03:29:68:73:23:c2: ba:ab:5d:60:b2:c5:3a:c0:3f:5d:35:f8:6d:d1:da: 6a:d3:47:ce:b2:6c:9c:ce:a1:68:26:a6:43:c4:1e: f8:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:05:6A:B1:DB:66:99:A4:7E:A0:AB:24:96:C4:A3:68:94:58:31:5A X509v3 Authority Key Identifier: keyid:F6:3C:46:42:29:12:B4:5A:91:86:E4:45:C5:A9:DE:A7:BB:A3:42:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/9jxGQikStFqRhuRFxanep7ujQos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9jxGQikStFqRhuRFxanep7ujQos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/A2B684F8BA0911F0B073056FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.251.100.0/22 103.82.52.0/22 Signature Algorithm: sha256WithRSAEncryption cb:f0:db:7c:1b:8e:f3:db:c9:e7:11:c9:ba:ff:3b:11:55:6f: 92:09:3a:e5:f9:c5:a2:f5:07:15:21:e1:e1:b3:cf:ad:19:89: 82:92:33:e9:a1:2b:87:8e:8f:0f:7e:1b:c8:0d:86:53:c6:e3: 64:4b:ad:84:9f:98:20:be:fb:c3:53:10:63:d4:c2:43:14:14: 63:2c:d0:3b:38:70:fc:17:99:2f:0d:c6:5a:b1:4d:c6:10:e0: 1c:9a:86:87:30:4e:85:01:eb:b0:e3:76:37:0b:3c:9b:4f:76: 63:bb:fb:ed:29:6a:69:38:6b:e8:ec:e4:ed:01:a3:d9:fd:87: 60:59:54:23:59:06:52:73:80:e7:39:04:79:16:bf:bc:f2:e5: 46:28:a3:12:ca:f1:dd:1c:c2:5a:4b:02:b8:85:3d:b7:83:3f: 33:c1:17:15:6e:78:fc:b9:0b:61:11:ff:f7:79:15:62:0a:65: c7:25:f2:aa:b1:5d:cb:e1:15:d4:8c:30:0b:1b:6b:eb:d8:57: 8b:62:3d:9e:04:5f:33:fc:5c:af:38:e1:da:c5:f1:ea:ee:c6: b2:81:18:c7:ff:da:a2:5b:fb:8b:b2:a9:a1:a0:c0:e0:64:a2: c7:04:d5:21:1d:9b:34:96:cd:c2:dd:e9:79:47:8e:6e:1b:e8: 3b:19:d5:ca -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NjgxNDExMC8GA1UEBRMoRjYzQzQ2NDIyOTEyQjQ1QTkxODZFNDQ1QzVBOURFQTdC QkEzNDI4QjAeFw0yNTExMDUwNTQxNDlaFw0yNjEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY5MGFlMzlkLWEyN2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDO8TYv9vC5uYmBi1VPdBgD6ZitJRXBTP0BnKQq+HzGWfEOfUMufW3Zm34fmmy+ iFDp512b9MtQHMBNtb442cxmAcnZ+wJzzYVjyjn93QAoYcVl2+Y2ayA/xEWoXIT/ 7A8u00eaxb5DqquapGLbCJw+QBem8EFnYYeQmZGwSygNdSHrRQQr1EFPBpvOyYKN JcfOM6+pTf6mxbztguAhrujMpx+2dlLcxvMt16yt1NpjXLZyyDtDyOzlTjMTyJPY /toppmOv1zJFDw/JqYF15Upxsy2WyTGD2pwLvQMpaHMjwrqrXWCyxTrAP101+G3R 2mrTR86ybJzOoWgmpkPEHvhvAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUjAVqsdtm maR+oKsklsSjaJRYMVowHwYDVR0jBBgwFoAU9jxGQikStFqRhuRFxanep7ujQosw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2ODE0LzA5NjdDNzk4Qjky NDExRjBCRkQ1QTU2RUM0RjlBRTAyLzlqeEdRaWtTdEZxUmh1UkZ4YW5lcDd1alFv cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvOWp4R1Fpa1N0RnFSaHVSRnhhbmVwN3VqUW9zLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NjgxNC8wOTY3Qzc5OEI5MjQxMUYwQkZENUE1NkVDNEY5QUUwMi9BMkI2ODRGOEJB MDkxMUYwQjA3MzA1NkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW MBQwEgQCAAEwDAMEAiv7ZAMEAmdSNDANBgkqhkiG9w0BAQsFAAOCAQEAy/DbfBuO 89vJ5xHJuv87EVVvkgk65fnFovUHFSHh4bPPrRmJgpIz6aErh46PD34byA2GU8bj ZEuthJ+YIL77w1MQY9TCQxQUYyzQOzhw/BeZLw3GWrFNxhDgHJqGhzBOhQHrsON2 Nws8m092Y7v77SlqaThr6Ozk7QGj2f2HYFlUI1kGUnOA5zkEeRa/vPLlRiijEsrx 3RzCWksCuIU9t4M/M8EXFW54/LkLYRH/93kVYgplxyXyqrFdy+EV1IwwCxtr69hX i2I9ngRfM/xcrzjh2sXx6u7GsoEYx//aolv7i7KpoaDA4GSixwTVIR2bNJbNwt3p eUeObhvoOxnVyg== -----END CERTIFICATE-----Generated at Wed Nov 5 21:44:52 2025 by rpki-client