$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/B2F39C9AB92B11F0AC1B1711C4F9AE02.roa File: B2F39C9AB92B11F0AC1B1711C4F9AE02.roa (raw, json) Hash identifier: S3lRr7tzng0tUC5BJ18B/jCz0mLC4ifARtM4eneyKsg= Subject key identifier: E1:CB:63:2B:F5:48:7F:45:E3:CB:52:CA:88:D4:F9:88:00:D7:BA:4B Certificate issuer: /CN=A91B6814/serialNumber=F63C46422912B45A9186E445C5A9DEA7BBA3428B Certificate serial: 08 Authority key identifier: F6:3C:46:42:29:12:B4:5A:91:86:E4:45:C5:A9:DE:A7:BB:A3:42:8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9jxGQikStFqRhuRFxanep7ujQos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/B2F39C9AB92B11F0AC1B1711C4F9AE02.roa Signing time: Tue 04 Nov 2025 03:09:38 +0000 ROA not before: Tue 04 Nov 2025 03:09:38 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 154054 IP address blocks: 43.251.100.0/22 maxlen: 22 43.251.100.0/24 maxlen: 24 43.251.101.0/24 maxlen: 24 43.251.102.0/24 maxlen: 24 43.251.103.0/24 maxlen: 24 103.82.52.0/22 maxlen: 22 103.82.52.0/24 maxlen: 24 103.82.53.0/24 maxlen: 24 103.82.54.0/24 maxlen: 24 103.82.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/9jxGQikStFqRhuRFxanep7ujQos.crl rsync://rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/9jxGQikStFqRhuRFxanep7ujQos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9jxGQikStFqRhuRFxanep7ujQos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:17:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8 (0x8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6814, serialNumber=F63C46422912B45A9186E445C5A9DEA7BBA3428B Validity Not Before: Nov 4 03:09:38 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69096e72-23df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:45:c4:2e:fb:50:69:f4:6f:e3:a8:c8:f3:59: 5f:ef:f4:d3:f7:05:5b:fe:50:67:f9:69:d9:3a:5b: c8:91:ae:12:d2:16:da:d6:c2:f2:e9:f9:c0:3b:23: 62:18:77:1b:0f:bc:ba:01:0b:50:50:a5:f7:77:41: 66:4c:4a:d1:c3:69:df:d5:65:b0:0d:d6:da:de:17: e9:1e:97:15:1c:54:0f:de:61:71:b2:87:51:7b:8d: c2:8e:d5:11:0a:26:32:6c:f8:4c:34:99:4c:0d:f8: e8:24:87:7c:b9:6e:14:c4:cf:2e:98:5c:ae:9f:ee: 6d:15:55:bb:ea:2c:5c:86:01:bb:97:82:e0:12:f4: 29:2c:f0:42:1a:a3:2d:fa:59:d3:8b:53:d6:83:00: 48:e9:7c:82:9d:f4:d7:13:dd:46:df:d2:01:40:c1: 5a:e8:13:8d:25:85:55:16:02:81:b0:96:35:61:4c: 0c:ab:14:48:2c:90:67:b0:9a:5d:3b:c6:05:89:4d: 9a:5c:71:32:00:1c:9c:a9:88:67:ea:2b:b7:4a:b1: 30:ea:d1:20:80:72:1c:8b:d5:29:2a:ea:4a:b6:23: f1:e8:de:51:e8:53:6f:b9:44:80:6d:31:ea:63:f6: 87:45:40:7f:70:55:5f:de:86:f7:6b:b7:7b:ac:a2: db:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:CB:63:2B:F5:48:7F:45:E3:CB:52:CA:88:D4:F9:88:00:D7:BA:4B X509v3 Authority Key Identifier: keyid:F6:3C:46:42:29:12:B4:5A:91:86:E4:45:C5:A9:DE:A7:BB:A3:42:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/9jxGQikStFqRhuRFxanep7ujQos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9jxGQikStFqRhuRFxanep7ujQos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6814/0967C798B92411F0BFD5A56EC4F9AE02/B2F39C9AB92B11F0AC1B1711C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.251.100.0/22 103.82.52.0/22 Signature Algorithm: sha256WithRSAEncryption a1:db:8a:23:60:d3:b8:d0:99:ea:85:f6:2c:98:c0:55:9e:34: b9:d3:5f:6c:14:87:b3:bd:2d:ae:4c:11:10:35:ac:a3:13:66: 2d:a4:25:6e:0d:88:ef:41:63:68:2e:00:46:a1:ff:38:ca:70: 5d:cb:ff:29:3d:57:9f:4e:24:9c:bd:6d:67:82:f7:8f:31:63: 78:44:ad:c1:bb:55:ff:82:ab:1f:a2:fa:9c:46:58:2b:5c:65: 9e:bf:38:c8:ba:0c:44:ee:8f:3b:c2:07:bd:6d:18:36:f2:ef: 83:88:0c:7f:1d:c5:3a:32:9f:9d:95:09:c8:b9:6e:f2:e5:97: d7:af:60:e7:99:7e:e2:8c:05:7f:e8:3b:67:46:88:f5:e6:cf: ab:b4:00:fb:fa:95:5b:1f:ff:28:a8:ca:1f:aa:0d:f5:00:85: 17:f5:e4:f9:17:00:fe:5a:0d:2b:17:a9:45:ab:b1:cf:b4:bb: dc:eb:f9:08:5e:98:6a:1b:1c:6d:d1:8e:6b:ed:0e:76:cb:e7: 40:9c:ba:19:e9:cd:df:e3:65:da:0d:df:b8:6f:24:2a:c6:70: 44:29:0f:06:85:c8:2e:87:c5:99:dd:13:0e:2b:0b:06:bf:bf: ca:ec:d2:c8:d8:ea:51:3e:e9:11:fa:d7:72:33:66:e7:bc:64: 34:92:d4:3a -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NjgxNDExMC8GA1UEBRMoRjYzQzQ2NDIyOTEyQjQ1QTkxODZFNDQ1QzVBOURFQTdC QkEzNDI4QjAeFw0yNTExMDQwMzA5MzhaFw0yNjEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY5MDk2ZTcyLTIzZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC5RcQu+1Bp9G/jqMjzWV/v9NP3BVv+UGf5adk6W8iRrhLSFtrWwvLp+cA7I2IY dxsPvLoBC1BQpfd3QWZMStHDad/VZbAN1treF+kelxUcVA/eYXGyh1F7jcKO1REK JjJs+Ew0mUwN+Ogkh3y5bhTEzy6YXK6f7m0VVbvqLFyGAbuXguAS9Cks8EIaoy36 WdOLU9aDAEjpfIKd9NcT3Ubf0gFAwVroE40lhVUWAoGwljVhTAyrFEgskGewml07 xgWJTZpccTIAHJypiGfqK7dKsTDq0SCAchyL1Skq6kq2I/Ho3lHoU2+5RIBtMepj 9odFQH9wVV/ehvdrt3usotuTAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU4ctjK/VI f0Xjy1LKiNT5iADXukswHwYDVR0jBBgwFoAU9jxGQikStFqRhuRFxanep7ujQosw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2ODE0LzA5NjdDNzk4Qjky NDExRjBCRkQ1QTU2RUM0RjlBRTAyLzlqeEdRaWtTdEZxUmh1UkZ4YW5lcDd1alFv cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvOWp4R1Fpa1N0RnFSaHVSRnhhbmVwN3VqUW9zLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NjgxNC8wOTY3Qzc5OEI5MjQxMUYwQkZENUE1NkVDNEY5QUUwMi9CMkYzOUM5QUI5 MkIxMUYwQUMxQjE3MTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW MBQwEgQCAAEwDAMEAiv7ZAMEAmdSNDANBgkqhkiG9w0BAQsFAAOCAQEAoduKI2DT uNCZ6oX2LJjAVZ40udNfbBSHs70trkwREDWsoxNmLaQlbg2I70FjaC4ARqH/OMpw Xcv/KT1Xn04knL1tZ4L3jzFjeEStwbtV/4KrH6L6nEZYK1xlnr84yLoMRO6PO8IH vW0YNvLvg4gMfx3FOjKfnZUJyLlu8uWX169g55l+4owFf+g7Z0aI9ebPq7QA+/qV Wx//KKjKH6oN9QCFF/Xk+RcA/loNKxepRauxz7S73Ov5CF6YahscbdGOa+0Odsvn QJy6GenN3+Nl2g3fuG8kKsZwRCkPBoXILofFmd0TDisLBr+/yuzSyNjqUT7pEfrX cjNm57xkNJLUOg== -----END CERTIFICATE-----Generated at Wed Nov 5 21:37:54 2025 by rpki-client