$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8E70/2D9970D8955A11EFBD9E024AC4F9AE02/20B2721A955B11EFBF0F5669C4F9AE02.roa File: 20B2721A955B11EFBF0F5669C4F9AE02.roa (raw, json) Hash identifier: b7PxFokUIXPBGz+iss/nauBD0ImGfyI3acw64tuMWC8= Subject key identifier: 1B:DD:A4:23:C6:8E:4A:5F:28:22:66:4B:DC:AF:9D:5C:1D:4D:76:F5 Certificate issuer: /CN=A91B8E70/serialNumber=81C26F3D8F4136E5190CC7A17D6AF722422EB66F Certificate serial: BF Authority key identifier: 81:C2:6F:3D:8F:41:36:E5:19:0C:C7:A1:7D:6A:F7:22:42:2E:B6:6F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gcJvPY9BNuUZDMehfWr3IkIutm8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B8E70/2D9970D8955A11EFBD9E024AC4F9AE02/20B2721A955B11EFBF0F5669C4F9AE02.roa Signing time: Thu 23 Oct 2025 08:20:26 +0000 ROA not before: Thu 23 Oct 2025 08:20:26 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 153378 IP address blocks: 160.191.116.0/23 maxlen: 23 160.191.116.0/24 maxlen: 24 160.191.117.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B8E70/2D9970D8955A11EFBD9E024AC4F9AE02/gcJvPY9BNuUZDMehfWr3IkIutm8.crl rsync://rpki.apnic.net/member_repository/A91B8E70/2D9970D8955A11EFBD9E024AC4F9AE02/gcJvPY9BNuUZDMehfWr3IkIutm8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gcJvPY9BNuUZDMehfWr3IkIutm8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:55:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 191 (0xbf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B8E70, serialNumber=81C26F3D8F4136E5190CC7A17D6AF722422EB66F Validity Not Before: Oct 23 08:20:26 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=68f9e54a-6cd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:4c:7f:29:fb:54:9d:5a:e4:e4:3a:d1:6b:d3: c9:6e:8b:74:3a:b9:4c:d1:b1:50:61:70:82:02:cd: 82:2b:2b:07:b3:50:2d:29:60:e0:4c:99:92:a2:81: 02:78:c2:ed:50:d2:12:b3:a8:c7:89:e8:28:12:63: 10:ba:4c:8b:fd:43:c0:c7:e7:e5:20:04:35:1c:9a: 6a:e4:88:49:a7:72:cc:20:0a:35:0b:39:6c:3f:08: 19:89:6c:a8:7f:82:2d:11:f0:e3:2e:86:e7:2f:28: 99:6a:3c:fe:47:5f:07:c0:a8:33:44:bf:92:b6:47: 28:3a:d2:92:86:84:a8:8d:b4:a8:3b:c0:d5:56:85: 17:63:4e:02:18:30:27:ae:16:fe:ce:09:e5:47:25: 91:ac:6a:12:9f:da:5e:f3:0b:66:64:16:b7:57:5f: e7:cf:02:59:d2:b5:fd:80:5a:6e:35:82:37:8e:38: bb:d7:4a:85:49:e8:ee:86:3f:99:a7:09:05:e6:51: 2e:c0:9f:c2:7d:34:f0:58:e7:f3:8b:ae:ac:a0:2f: 5a:2f:f3:a7:29:6a:13:f0:f6:37:dc:00:ff:2e:89: bb:73:d7:c2:0a:88:9e:4f:03:23:6d:ea:ec:76:f5: dd:44:0b:52:d2:3e:74:27:8a:ac:67:fc:ca:34:a2: 4c:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:DD:A4:23:C6:8E:4A:5F:28:22:66:4B:DC:AF:9D:5C:1D:4D:76:F5 X509v3 Authority Key Identifier: keyid:81:C2:6F:3D:8F:41:36:E5:19:0C:C7:A1:7D:6A:F7:22:42:2E:B6:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B8E70/2D9970D8955A11EFBD9E024AC4F9AE02/gcJvPY9BNuUZDMehfWr3IkIutm8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gcJvPY9BNuUZDMehfWr3IkIutm8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8E70/2D9970D8955A11EFBD9E024AC4F9AE02/20B2721A955B11EFBF0F5669C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.191.116.0/23 Signature Algorithm: sha256WithRSAEncryption ca:28:5a:23:f1:a9:c0:7d:ff:24:f2:90:59:0c:a8:f0:1c:26: 7e:24:ad:39:dc:b6:04:48:ff:c4:ec:6f:f2:ff:97:2d:ba:6e: 53:19:c0:6c:f3:cf:ec:c5:30:4e:91:0f:a8:bf:a7:86:12:6a: 52:58:ed:c8:b9:09:b8:53:35:1d:57:00:a7:d9:7b:4f:04:bd: 60:4a:48:02:88:58:00:cc:3c:81:e9:f1:56:7f:d8:fd:d8:ad: b6:36:6f:15:5f:4b:a9:c7:de:db:94:77:16:bb:77:07:62:93: b2:7e:ea:62:25:15:9b:52:62:3f:36:ff:fb:78:75:90:4b:9e: f9:64:58:2b:82:ab:18:09:8a:e8:e2:78:32:82:b6:9f:34:03: 48:d7:26:2e:c9:69:24:31:cb:0b:19:62:eb:73:16:e7:1b:0a: fb:17:9b:3f:7d:07:b5:2a:9c:28:01:87:78:aa:b3:98:9d:47: bc:76:72:cc:63:1f:61:2f:e4:f7:61:13:fb:47:8e:29:ef:96: 68:d0:c5:ac:8e:9c:e3:79:4c:08:10:b1:d3:16:32:93:20:b8: a7:37:12:62:72:80:af:34:4b:d3:e7:52:50:44:73:7b:4d:0b: e4:99:58:62:4f:6b:59:6b:27:d4:68:f3:61:27:95:e1:0f:e8: 59:ab:51:62 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjhFNzAxMTAvBgNVBAUTKDgxQzI2RjNEOEY0MTM2RTUxOTBDQzdBMTdENkFGNzIy NDIyRUI2NkYwHhcNMjUxMDIzMDgyMDI2WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY5ZTU0YS02Y2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoUx/KftUnVrk5DrRa9PJbot0OrlM0bFQYXCCAs2CKysHs1AtKWDgTJmSooEC eMLtUNISs6jHiegoEmMQukyL/UPAx+flIAQ1HJpq5IhJp3LMIAo1CzlsPwgZiWyo f4ItEfDjLobnLyiZajz+R18HwKgzRL+StkcoOtKShoSojbSoO8DVVoUXY04CGDAn rhb+zgnlRyWRrGoSn9pe8wtmZBa3V1/nzwJZ0rX9gFpuNYI3jji710qFSejuhj+Z pwkF5lEuwJ/CfTTwWOfzi66soC9aL/OnKWoT8PY33AD/Lom7c9fCCoieTwMjbers dvXdRAtS0j50J4qsZ/zKNKJMjQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBvdpCPG jkpfKCJmS9yvnVwdTXb1MB8GA1UdIwQYMBaAFIHCbz2PQTblGQzHoX1q9yJCLrZv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOEU3MC8yRDk5NzBEODk1 NUExMUVGQkQ5RTAyNEFDNEY5QUUwMi9nY0p2UFk5Qk51VVpETWVoZldyM0lrSXV0 bTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2djSnZQWTlCTnVVWkRNZWhmV3IzSWtJdXRtOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjhFNzAvMkQ5OTcwRDg5NTVBMTFFRkJEOUUwMjRBQzRGOUFFMDIvMjBCMjcyMUE5 NTVCMTFFRkJGMEY1NjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAGgv3QwDQYJKoZIhvcNAQELBQADggEBAMooWiPxqcB9/yTy kFkMqPAcJn4krTnctgRI/8Tsb/L/ly26blMZwGzzz+zFME6RD6i/p4YSalJY7ci5 CbhTNR1XAKfZe08EvWBKSAKIWADMPIHp8VZ/2P3YrbY2bxVfS6nH3tuUdxa7dwdi k7J+6mIlFZtSYj82//t4dZBLnvlkWCuCqxgJiujieDKCtp80A0jXJi7JaSQxywsZ YutzFucbCvsXmz99B7UqnCgBh3iqs5idR7x2csxjH2Ev5PdhE/tHjinvlmjQxayO nON5TAgQsdMWMpMguKc3EmJygK80S9PnUlBEc3tNC+SZWGJPa1lrJ9Ro82EnleEP 6FmrUWI= -----END CERTIFICATE-----Generated at Tue Nov 4 12:17:35 2025 by rpki-client