$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/BD0AEB1CB0F611F09025CD6CC4F9AE02.roa File: BD0AEB1CB0F611F09025CD6CC4F9AE02.roa (raw, json) Hash identifier: s5e2KaoaNHIhgYuctx2jF9HLrW3miNzBfiW+7KmoDxI= Subject key identifier: 1B:0C:98:6E:0A:14:0F:51:5A:B8:2E:30:AF:EB:51:CC:19:74:DC:34 Certificate issuer: /CN=A91D17F2/serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9 Certificate serial: 0D8B Authority key identifier: 54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/BD0AEB1CB0F611F09025CD6CC4F9AE02.roa Signing time: Fri 24 Oct 2025 16:42:12 +0000 ROA not before: Fri 24 Oct 2025 16:42:12 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 213257 IP address blocks: 59.152.60.0/24 maxlen: 24 59.152.61.0/24 maxlen: 24 59.152.62.0/24 maxlen: 24 59.152.63.0/24 maxlen: 24 103.205.180.0/24 maxlen: 24 103.205.181.0/24 maxlen: 24 103.205.182.0/24 maxlen: 24 103.205.183.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 18:33:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3467 (0xd8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D17F2, serialNumber=5486376B05B8A2552329E361BD725C77E1F8D0C9 Validity Not Before: Oct 24 16:42:12 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68fbac63-4146 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:66:e5:a5:fe:ee:e0:95:17:52:b8:dd:4c:c7: 7a:e0:27:d1:75:e9:aa:89:54:a6:08:96:7a:b5:ce: 24:15:98:12:16:c0:07:ff:ee:00:3d:bb:e7:6a:28: 99:fb:98:60:a4:ee:ec:32:63:0b:7d:45:84:06:bf: 11:e0:a7:e4:cc:3d:ab:ff:f2:a4:ae:96:ca:00:9e: c9:da:d9:ef:aa:ce:07:e7:de:53:44:84:5e:e1:ec: d2:31:87:1a:13:b3:c3:cc:41:a0:8c:51:bc:70:98: f7:38:71:9b:a4:19:f6:c9:27:a3:87:9f:47:39:80: 58:04:7f:c1:07:ff:79:1c:f5:de:bb:cf:0f:0e:7b: af:23:d3:5f:36:32:c6:7c:8b:a6:0b:f6:2a:c6:41: d2:c5:e4:d7:36:b4:d1:84:36:d8:32:77:2d:6c:d7: e2:87:d3:97:a6:03:16:6d:6e:cd:f9:e0:ac:be:23: c4:55:4a:26:31:c6:c9:2c:9f:11:3d:71:60:45:ff: eb:13:5a:01:2d:8e:ef:97:c4:6e:ee:bc:31:21:e4: 04:fd:2c:88:e4:9f:df:2b:67:6e:61:d5:4b:89:a9: 66:e8:68:bd:10:cf:62:c3:3b:35:d1:c0:3a:4f:5a: 88:c4:0a:0b:b8:71:87:83:ea:55:8b:78:25:23:77: b0:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:0C:98:6E:0A:14:0F:51:5A:B8:2E:30:AF:EB:51:CC:19:74:DC:34 X509v3 Authority Key Identifier: keyid:54:86:37:6B:05:B8:A2:55:23:29:E3:61:BD:72:5C:77:E1:F8:D0:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/VIY3awW4olUjKeNhvXJcd-H40Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIY3awW4olUjKeNhvXJcd-H40Mk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17F2/4C88A7A0FDFE11E9BD667D1FC4F9AE02/BD0AEB1CB0F611F09025CD6CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.152.60.0/22 103.205.180.0/22 Signature Algorithm: sha256WithRSAEncryption 5e:5b:19:30:c2:75:55:a9:95:66:2d:64:3e:67:0b:2f:23:0e: 2f:09:0c:bf:ac:0e:96:32:c0:ca:27:4c:e3:80:cc:43:5c:2d: 12:62:41:c8:05:53:e0:96:3f:66:97:14:ff:45:e6:b1:58:9a: b9:02:59:1c:bc:ec:90:9e:42:5b:f2:5f:73:0b:88:6e:f7:28: b5:2c:cb:bd:fc:26:c1:66:2b:0d:aa:2b:1b:d6:bc:d6:4b:87: bc:2d:08:8b:8a:0b:01:4f:aa:00:03:0b:02:96:14:db:34:29: f1:23:d2:e1:d3:94:8b:3d:0c:7b:25:d2:93:27:62:d2:7a:7e: d7:ba:cb:c7:2b:08:a5:ec:b8:87:77:63:b7:8c:2e:3f:df:90: aa:f7:ed:51:aa:ee:a7:0d:21:3d:92:c8:ef:e4:d0:cf:43:ca: c0:06:bf:41:52:4a:f8:9e:00:06:c2:a9:2f:89:25:6c:96:2c: f1:b6:7a:ea:00:b7:60:c7:64:d0:62:b2:b6:b4:86:06:61:5a: 79:ab:6b:2b:6c:1f:21:23:9f:9d:bf:ef:3b:a1:97:8b:75:bf: c1:f8:16:a1:1c:49:42:9c:d4:db:49:da:b8:fe:62:73:82:3b: ac:74:51:62:54:35:84:e7:25:2d:f4:4e:14:23:e8:7b:e0:0c: cd:b7:9b:ce -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICDYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDE3RjIxMTAvBgNVBAUTKDU0ODYzNzZCMDVCOEEyNTUyMzI5RTM2MUJENzI1Qzc3 RTFGOEQwQzkwHhcNMjUxMDI0MTY0MjEyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGZiYWM2My00MTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyGblpf7u4JUXUrjdTMd64CfRdemqiVSmCJZ6tc4kFZgSFsAH/+4APbvnaiiZ +5hgpO7sMmMLfUWEBr8R4KfkzD2r//KkrpbKAJ7J2tnvqs4H595TRIRe4ezSMYca E7PDzEGgjFG8cJj3OHGbpBn2ySejh59HOYBYBH/BB/95HPXeu88PDnuvI9NfNjLG fIumC/YqxkHSxeTXNrTRhDbYMnctbNfih9OXpgMWbW7N+eCsviPEVUomMcbJLJ8R PXFgRf/rE1oBLY7vl8Ru7rwxIeQE/SyI5J/fK2duYdVLialm6Gi9EM9iwzs10cA6 T1qIxAoLuHGHg+pVi3glI3ewWwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBsMmG4K FA9RWrguMK/rUcwZdNw0MB8GA1UdIwQYMBaAFFSGN2sFuKJVIynjYb1yXHfh+NDJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdGMi80Qzg4QTdBMEZE RkUxMUU5QkQ2NjdEMUZDNEY5QUUwMi9WSVkzYXdXNG9sVWpLZU5odlhKY2QtSDQw TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZJWTNhd1c0b2xVaktlTmh2WEpjZC1INDBNay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDE3RjIvNEM4OEE3QTBGREZFMTFFOUJENjY3RDFGQzRGOUFFMDIvQkQwQUVCMUNC MEY2MTFGMDkwMjVDRDZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAI7mDwDBAJnzbQwDQYJKoZIhvcNAQELBQADggEBAF5bGTDC dVWplWYtZD5nCy8jDi8JDL+sDpYywMonTOOAzENcLRJiQcgFU+CWP2aXFP9F5rFY mrkCWRy87JCeQlvyX3MLiG73KLUsy738JsFmKw2qKxvWvNZLh7wtCIuKCwFPqgAD CwKWFNs0KfEj0uHTlIs9DHsl0pMnYtJ6fte6y8crCKXsuId3Y7eMLj/fkKr37VGq 7qcNIT2SyO/k0M9DysAGv0FSSvieAAbCqS+JJWyWLPG2euoAt2DHZNBisra0hgZh WnmraytsHyEjn52/7zuhl4t1v8H4FqEcSUKc1NtJ2rj+YnOCO6x0UWJUNYTnJS30 ThQj6HvgDM23m84= -----END CERTIFICATE-----Generated at Mon Oct 27 05:24:47 2025 by rpki-client