$ rpki-client -vvf rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/A88F22ECCC7011ED931BD15FC4F9AE02.roa File: A88F22ECCC7011ED931BD15FC4F9AE02.roa (raw, json) Hash identifier: aaU8k3sERlfvKSQaecOupsx6VnfFfPN20mE41wQjI/0= Subject key identifier: 91:5A:B7:36:8A:D4:3B:66:D4:F7:6A:DA:ED:3E:99:E8:B1:58:80:CD Certificate issuer: /CN=A91C23FE/serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B Certificate serial: 1C2A Authority key identifier: E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/A88F22ECCC7011ED931BD15FC4F9AE02.roa Signing time: Wed 22 Oct 2025 16:34:19 +0000 ROA not before: Wed 22 Oct 2025 16:34:19 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 134674 IP address blocks: 45.127.47.0/24 maxlen: 24 58.84.60.0/22 maxlen: 24 103.80.160.0/22 maxlen: 24 103.113.140.0/24 maxlen: 24 103.113.141.0/24 maxlen: 24 103.113.142.0/24 maxlen: 24 103.113.143.0/24 maxlen: 24 103.197.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.crl rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 16:13:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7210 (0x1c2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C23FE, serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B Validity Not Before: Oct 22 16:34:19 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68f9078b-a321 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:4c:6e:d1:1a:65:3a:8b:77:fa:37:a5:dc:3f: b7:03:a7:41:7a:26:a5:c3:9d:c2:d8:72:e2:54:ab: bd:61:fe:1b:4d:54:61:33:68:b5:70:42:18:43:7a: a2:44:b1:b4:e4:c1:92:04:3f:c5:a3:c7:be:c1:2d: e6:87:9d:4b:d6:81:8e:8a:17:34:1e:5f:20:d4:74: fe:71:54:3c:6c:86:86:94:31:74:e9:70:61:85:f6: 92:45:c7:3a:27:dd:e8:8e:23:38:36:e4:eb:be:1d: fa:db:b7:cc:68:9b:eb:63:d9:93:0a:72:9f:45:bb: c4:7a:e5:82:01:6c:91:bc:ec:6a:ef:ab:d4:02:28: bb:0d:a3:d6:f8:4a:43:49:53:92:cd:7a:5f:47:18: ee:ec:80:aa:13:7d:4d:88:d9:af:ce:e8:e1:ad:ed: ef:dc:f6:a5:60:21:05:89:f2:3f:1e:9f:b0:cd:54: 0d:01:2f:fb:ed:52:04:1b:fd:2c:90:28:9c:e8:b0: 07:ca:0e:d4:a7:29:f7:db:27:e8:26:ea:f8:4e:e2: ca:6d:96:99:18:83:0c:db:84:eb:75:a4:d6:14:23: 2a:4e:df:9d:3b:d7:1d:ed:e4:a9:dc:da:19:e8:81: 82:76:96:11:fc:69:4f:8f:85:ec:f4:f6:b4:ea:92: c8:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:5A:B7:36:8A:D4:3B:66:D4:F7:6A:DA:ED:3E:99:E8:B1:58:80:CD X509v3 Authority Key Identifier: keyid:E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/A88F22ECCC7011ED931BD15FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.127.47.0/24 58.84.60.0/22 103.80.160.0/22 103.113.140.0/22 103.197.72.0/22 Signature Algorithm: sha256WithRSAEncryption 55:d8:59:6b:4a:ee:36:89:cc:4d:e8:46:04:9d:f4:0d:8b:e7: 1a:2f:e3:2c:cb:18:11:6d:59:cd:1a:55:a8:ba:ad:92:28:4e: 96:d3:a8:72:24:95:1f:a0:e4:20:b6:c4:97:7c:94:9e:7c:b8: aa:4c:ee:9b:f8:9b:20:39:10:3b:96:e0:8f:1f:bf:d4:31:b8: d2:98:a3:64:e5:e9:a4:1e:2e:36:b3:cc:05:43:a9:e9:cb:7e: 89:ce:2c:a3:15:5f:54:8b:ad:bc:c3:0e:71:19:20:3f:5c:b0: cc:7b:b6:75:d0:34:b3:38:ac:db:99:23:78:53:80:64:40:71: c5:8b:50:ab:1b:3b:8b:97:cd:22:bb:05:9f:d3:82:28:55:8d: 6c:a7:12:f5:7c:11:56:87:35:ac:a5:f7:ae:31:6b:9e:2f:3f: 3a:8c:ed:70:a5:bd:57:3e:6c:ea:1f:19:7e:70:35:7e:b3:70: f6:01:05:93:22:70:bf:d1:5c:f2:31:96:1f:79:5d:bf:8c:e6: 21:cd:6b:39:a1:db:b5:e8:ff:0c:3f:53:91:55:87:16:a4:f0: a5:6f:60:e7:ab:0f:bd:62:82:07:4a:91:f9:00:ec:16:be:75: 98:4f:1d:8c:19:33:11:76:89:82:4e:a3:47:c4:37:15:9e:ba: 57:65:2e:54 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICHCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzIzRkUxMTAvBgNVBAUTKEUyRjA3NDJBRDgwQTlEQkIyODc1MTg0RUUwREQ1RTk0 REQ3NTc4NEIwHhcNMjUxMDIyMTYzNDE5WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY5MDc4Yi1hMzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwkxu0RplOot3+jel3D+3A6dBeialw53C2HLiVKu9Yf4bTVRhM2i1cEIYQ3qi RLG05MGSBD/Fo8e+wS3mh51L1oGOihc0Hl8g1HT+cVQ8bIaGlDF06XBhhfaSRcc6 J93ojiM4NuTrvh3627fMaJvrY9mTCnKfRbvEeuWCAWyRvOxq76vUAii7DaPW+EpD SVOSzXpfRxju7ICqE31NiNmvzujhre3v3PalYCEFifI/Hp+wzVQNAS/77VIEG/0s kCic6LAHyg7Upyn32yfoJur4TuLKbZaZGIMM24TrdaTWFCMqTt+dO9cd7eSp3NoZ 6IGCdpYR/GlPj4Xs9Pa06pLInQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJFatzaK 1Dtm1Pdq2u0+meixWIDNMB8GA1UdIwQYMBaAFOLwdCrYCp27KHUYTuDdXpTddXhL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjNGRS84MjVDRTlBQUY5 RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3RnS25ic29kUmhPNE4xZWxOMTFl RXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzR2QjBLdGdLbmJzb2RSaE80TjFlbE4xMWVFcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzIzRkUvODI1Q0U5QUFGOUVCMTFFNkJERTdBOTY4QzRGOUFFMDIvQTg4RjIyRUND QzcwMTFFRDkzMUJEMTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAAtfy8DBAI6VDwDBAJnUKADBAJncYwDBAJnxUgwDQYJKoZI hvcNAQELBQADggEBAFXYWWtK7jaJzE3oRgSd9A2L5xov4yzLGBFtWc0aVai6rZIo TpbTqHIklR+g5CC2xJd8lJ58uKpM7pv4myA5EDuW4I8fv9QxuNKYo2Tl6aQeLjaz zAVDqenLfonOLKMVX1SLrbzDDnEZID9csMx7tnXQNLM4rNuZI3hTgGRAccWLUKsb O4uXzSK7BZ/TgihVjWynEvV8EVaHNayl964xa54vPzqM7XClvVc+bOofGX5wNX6z cPYBBZMicL/RXPIxlh95Xb+M5iHNazmh27Xo/ww/U5FVhxak8KVvYOerD71iggdK kfkA7Ba+dZhPHYwZMxF2iYJOo0fENxWeuldlLlQ= -----END CERTIFICATE-----Generated at Tue Nov 4 01:08:27 2025 by rpki-client