$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB000/E5A138D09D1711F0B42EF034C4F9AE02/C2B54C4E9D2611F0A7B9140CC4F9AE02.roa File: C2B54C4E9D2611F0A7B9140CC4F9AE02.roa (raw, json) Hash identifier: qXahNWKD3ULNKbUsqqR6NoyLBXctmb1mpVL8KL1rQa4= Subject key identifier: 74:BB:A6:31:94:F0:82:DF:5A:24:A2:21:B2:BF:D9:41:F8:58:AC:89 Certificate issuer: /CN=A91BB000/serialNumber=65AABEF17CCC080C9A362A08215304B11BD507FE Certificate serial: 03 Authority key identifier: 65:AA:BE:F1:7C:CC:08:0C:9A:36:2A:08:21:53:04:B1:1B:D5:07:FE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zaq-8XzMCAyaNioIIVMEsRvVB_4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB000/E5A138D09D1711F0B42EF034C4F9AE02/C2B54C4E9D2611F0A7B9140CC4F9AE02.roa Signing time: Mon 29 Sep 2025 11:23:45 +0000 ROA not before: Mon 29 Sep 2025 11:23:45 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 133484 IP address blocks: 160.30.96.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB000/E5A138D09D1711F0B42EF034C4F9AE02/Zaq-8XzMCAyaNioIIVMEsRvVB_4.crl rsync://rpki.apnic.net/member_repository/A91BB000/E5A138D09D1711F0B42EF034C4F9AE02/Zaq-8XzMCAyaNioIIVMEsRvVB_4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zaq-8XzMCAyaNioIIVMEsRvVB_4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 11:51:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB000, serialNumber=65AABEF17CCC080C9A362A08215304B11BD507FE Validity Not Before: Sep 29 11:23:45 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68da6c41-c687 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:81:77:b0:30:de:d1:2c:61:db:a7:0f:2d:7d: 3a:92:b1:e5:60:98:8e:53:98:23:19:f8:b2:6b:75: 44:d5:0f:09:0d:ae:47:db:75:5d:b4:7a:35:bc:d1: d5:3a:89:01:b1:1f:44:00:c4:03:82:23:c2:de:12: 5f:c3:2e:2f:23:2e:70:ab:cc:8e:a3:4c:01:2f:76: 51:83:a3:2b:37:37:29:af:a0:0a:47:c4:fe:93:40: 08:5d:ed:d3:1e:50:99:65:cc:81:39:e3:f3:4b:63: 72:04:b1:17:72:f8:30:53:8b:88:0e:ec:d1:d2:62: bd:49:8d:c3:7e:0f:59:1e:9f:ab:d6:52:55:6d:6a: 74:0d:85:3f:33:c1:bd:be:8a:a2:ee:70:64:11:cc: 52:10:78:be:85:ad:c8:14:ec:2f:ee:12:51:d4:00: 61:d0:c1:17:d4:fd:7d:07:75:a1:69:0f:cb:6b:6c: f5:b3:78:3f:21:c4:51:ad:09:a9:ca:d3:36:56:5e: 66:e5:01:10:ba:fe:f6:18:3a:03:6c:3f:41:99:32: 17:34:34:f5:7f:ed:88:e4:ca:af:e3:15:cc:a2:5a: b9:7d:ae:c5:38:d8:be:6e:5e:59:d8:e1:3c:5a:92: b2:5f:4c:83:a8:23:d9:53:32:e0:be:77:3f:c4:17: 6d:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:BB:A6:31:94:F0:82:DF:5A:24:A2:21:B2:BF:D9:41:F8:58:AC:89 X509v3 Authority Key Identifier: keyid:65:AA:BE:F1:7C:CC:08:0C:9A:36:2A:08:21:53:04:B1:1B:D5:07:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB000/E5A138D09D1711F0B42EF034C4F9AE02/Zaq-8XzMCAyaNioIIVMEsRvVB_4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zaq-8XzMCAyaNioIIVMEsRvVB_4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB000/E5A138D09D1711F0B42EF034C4F9AE02/C2B54C4E9D2611F0A7B9140CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.30.96.0/23 Signature Algorithm: sha256WithRSAEncryption 79:32:dd:53:a0:da:3d:7c:d6:19:1e:55:cd:f5:cb:f7:b8:f6: 87:3f:49:ab:45:9b:93:5c:11:a9:3a:90:44:dc:98:38:ce:06: 1d:87:30:b2:5c:ab:d3:8c:8e:5d:4b:b6:78:52:93:b4:c5:c9: 60:be:9f:c4:67:4a:e9:5e:1e:2e:9b:e2:78:a7:22:13:04:d1: 7c:8e:92:db:42:cf:c2:fa:e8:a8:06:8d:99:d2:62:8a:80:56: e5:a8:35:0b:3b:3d:86:5a:50:6c:5e:d1:32:9c:f5:48:dc:05: d5:d1:e4:b8:cf:9f:84:62:63:59:81:ee:3e:fc:b4:70:e4:cb: fe:d1:35:bd:73:4e:ca:7b:a4:6a:3a:67:f2:dc:cd:b3:c7:00: 6c:5d:67:b4:62:57:18:d6:3b:68:a0:f2:e9:5b:7e:16:04:cf: 26:97:d8:e5:9b:34:29:19:6c:1f:9c:08:96:d9:76:42:e2:e0: d2:9f:e9:6a:12:93:12:6b:b1:e0:45:30:67:d4:3b:39:e3:1a: 28:44:bb:0c:ab:74:aa:58:5f:cf:34:1a:f7:3f:d0:cd:0d:a3: 40:20:5f:68:46:4e:6b:71:85:6e:1f:b0:5a:a0:e9:a6:05:aa: d8:fb:9a:0b:3b:d8:d1:e1:f3:02:9d:3b:28:ed:2f:de:fd:20: 67:8f:1d:d3 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC QjAwMDExMC8GA1UEBRMoNjVBQUJFRjE3Q0NDMDgwQzlBMzYyQTA4MjE1MzA0QjEx QkQ1MDdGRTAeFw0yNTA5MjkxMTIzNDVaFw0yNjEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZGE2YzQxLWM2ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDIgXewMN7RLGHbpw8tfTqSseVgmI5TmCMZ+LJrdUTVDwkNrkfbdV20ejW80dU6 iQGxH0QAxAOCI8LeEl/DLi8jLnCrzI6jTAEvdlGDoys3NymvoApHxP6TQAhd7dMe UJllzIE54/NLY3IEsRdy+DBTi4gO7NHSYr1JjcN+D1ken6vWUlVtanQNhT8zwb2+ iqLucGQRzFIQeL6FrcgU7C/uElHUAGHQwRfU/X0HdaFpD8trbPWzeD8hxFGtCanK 0zZWXmblARC6/vYYOgNsP0GZMhc0NPV/7Yjkyq/jFcyiWrl9rsU42L5uXlnY4Txa krJfTIOoI9lTMuC+dz/EF22hAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdLumMZTw gt9aJKIhsr/ZQfhYrIkwHwYDVR0jBBgwFoAUZaq+8XzMCAyaNioIIVMEsRvVB/4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJCMDAwL0U1QTEzOEQwOUQx NzExRjBCNDJFRjAzNEM0RjlBRTAyL1phcS04WHpNQ0F5YU5pb0lJVk1Fc1J2VkJf NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWmFxLThYek1DQXlhTmlvSUlWTUVzUnZWQl80LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjAwMC9FNUExMzhEMDlEMTcxMUYwQjQyRUYwMzRDNEY5QUUwMi9DMkI1NEM0RTlE MjYxMUYwQTdCOTE0MENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaAeYDANBgkqhkiG9w0BAQsFAAOCAQEAeTLdU6DaPXzWGR5V zfXL97j2hz9Jq0Wbk1wRqTqQRNyYOM4GHYcwslyr04yOXUu2eFKTtMXJYL6fxGdK 6V4eLpvieKciEwTRfI6S20LPwvroqAaNmdJiioBW5ag1Czs9hlpQbF7RMpz1SNwF 1dHkuM+fhGJjWYHuPvy0cOTL/tE1vXNOynukajpn8tzNs8cAbF1ntGJXGNY7aKDy 6Vt+FgTPJpfY5Zs0KRlsH5wIltl2QuLg0p/pahKTEmux4EUwZ9Q7OeMaKES7DKt0 qlhfzzQa9z/QzQ2jQCBfaEZOa3GFbh+wWqDppgWq2PuaCzvY0eHzAp07KO0v3v0g Z48d0w== -----END CERTIFICATE-----Generated at Sun Oct 19 06:58:51 2025 by rpki-client