$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/611D8094B13D11E59299870AC4F9AE02.roa File: 611D8094B13D11E59299870AC4F9AE02.roa (raw, json) Hash identifier: dVMsL8EJuwFThJbot7dFtq6YNUkqPMYmgPIcaOtsyp8= Subject key identifier: 3F:35:54:8C:E7:FB:96:B9:FA:A1:72:EC:7E:EC:2A:26:F5:FF:B6:26 Certificate issuer: /CN=A91D3102/serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Certificate serial: 2E2A Authority key identifier: F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/611D8094B13D11E59299870AC4F9AE02.roa Signing time: Tue 04 Nov 2025 15:32:14 +0000 ROA not before: Tue 04 Nov 2025 15:32:14 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 133075 IP address blocks: 103.72.208.0/23 maxlen: 23 103.242.68.0/22 maxlen: 22 220.158.212.0/22 maxlen: 22 220.158.212.0/24 maxlen: 24 220.158.213.0/24 maxlen: 24 220.158.214.0/24 maxlen: 24 220.158.215.0/24 maxlen: 24 2407:f100::/32 maxlen: 32 2407:f100:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:32:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11818 (0x2e2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3102, serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Validity Not Before: Nov 4 15:32:14 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=690a1c7e-95b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:72:69:01:9e:02:a8:ec:0f:a5:f5:3e:61:02: ca:d0:4e:94:33:fa:5b:a2:08:9e:2d:f9:5f:f5:be: c6:dd:ea:86:b0:6d:2d:60:36:fa:7d:14:c8:9a:b5: b0:31:b1:ba:8c:d3:cc:6b:48:bd:59:b2:a1:03:c9: af:f8:3c:4c:e9:6a:c1:7e:06:1f:3a:c9:81:2e:e0: 5e:af:44:ba:ac:ff:0f:8a:d4:cf:06:6b:79:14:40: ed:48:ac:5b:b2:0d:3c:cd:a0:f7:bf:f9:84:96:70: b4:9b:cb:bf:58:7a:f8:5a:15:04:7c:e4:f7:da:97: 32:a4:bf:65:2e:bb:80:94:84:23:04:a8:07:0c:50: 00:38:7b:9b:93:fe:8d:ad:ec:3c:f3:ef:76:81:ac: da:10:65:d5:29:30:81:e0:ba:c9:93:3b:8a:4c:f0: 9a:fc:10:2f:f4:96:6c:8b:08:60:48:73:75:d2:df: ef:d3:6e:b6:16:b0:e8:ad:4e:57:c6:cf:67:b6:f0: 51:34:ae:4f:d1:96:9e:c6:a3:7e:51:67:82:b8:4b: e8:f5:16:e3:43:0f:5b:ba:bc:c6:eb:3b:36:5d:cb: e2:ed:65:2c:73:3e:d9:bf:0a:d9:33:d2:f9:73:52: de:d6:8a:c9:e5:a7:00:ca:5c:f5:9d:b0:c5:22:4a: e9:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:35:54:8C:E7:FB:96:B9:FA:A1:72:EC:7E:EC:2A:26:F5:FF:B6:26 X509v3 Authority Key Identifier: keyid:F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/611D8094B13D11E59299870AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.208.0/23 103.242.68.0/22 220.158.212.0/22 IPv6: 2407:f100::/32 Signature Algorithm: sha256WithRSAEncryption b7:a6:69:75:a0:c4:42:d7:31:53:f9:eb:c8:a1:a1:ff:da:9f: 9a:3d:fe:66:09:83:18:ca:b9:98:38:42:64:9b:58:99:d2:e8: c0:28:33:01:53:72:7e:82:c8:cf:3e:59:3c:34:cf:63:71:cd: 8f:9f:e4:c9:b5:c9:31:ae:a2:4a:f5:57:20:78:c5:a7:d2:f7: 1e:56:65:2d:ee:05:a6:26:75:08:54:28:f9:a1:0e:56:a7:d1: 9d:3a:39:e2:9a:10:91:99:90:5b:95:57:43:70:ef:4d:a8:f4: d4:0f:0c:57:8c:63:a8:1e:42:6c:1c:e0:9e:78:be:ea:04:16: 89:c7:9b:49:44:58:07:95:39:04:56:d7:68:c7:cd:df:ea:ad: 54:fd:e6:a1:92:39:a2:c5:d3:23:7f:66:9e:42:ff:0a:df:03: 93:e4:38:c2:0e:6c:9d:fa:4c:e4:08:98:9f:f9:92:03:3c:8e: 90:99:da:f3:09:d0:be:18:31:13:6d:0a:bc:99:5b:0a:5a:f2: 58:ac:ef:fa:c9:b6:22:4a:b2:19:da:01:f2:ed:43:81:38:50: e6:67:f4:db:aa:0e:58:44:9e:62:34:6b:dd:f6:a6:7c:26:6f: 7d:eb:e4:36:7f:17:f7:27:ed:5e:82:aa:e3:65:7a:28:3a:72: 3c:70:52:4b -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICLiowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMxMDIxMTAvBgNVBAUTKEY5MUEzQTk4MzE0Mzg0QzQwM0E4RkYyMkE0NTNCQ0Ex QTNCQTZDRDgwHhcNMjUxMTA0MTUzMjE0WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTBhMWM3ZS05NWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0HJpAZ4CqOwPpfU+YQLK0E6UM/pbogieLflf9b7G3eqGsG0tYDb6fRTImrWw MbG6jNPMa0i9WbKhA8mv+DxM6WrBfgYfOsmBLuBer0S6rP8PitTPBmt5FEDtSKxb sg08zaD3v/mElnC0m8u/WHr4WhUEfOT32pcypL9lLruAlIQjBKgHDFAAOHubk/6N rew88+92gazaEGXVKTCB4LrJkzuKTPCa/BAv9JZsiwhgSHN10t/v0262FrDorU5X xs9ntvBRNK5P0ZaexqN+UWeCuEvo9RbjQw9burzG6zs2Xcvi7WUscz7ZvwrZM9L5 c1Le1orJ5acAylz1nbDFIkrp2wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFD81VIzn +5a5+qFy7H7sKib1/7YmMB8GA1UdIwQYMBaAFPkaOpgxQ4TEA6j/IqRTvKGjumzY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzEwMi9ENEFFRTJDODc2 OEUxMUUzOTlBOTU3NDU1OTExRUEzMi8tUm82bURGRGhNUURxUDhpcEZPOG9hTzZi TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1SbzZtREZEaE1RRHFQOGlwRk84b2FPNmJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDMxMDIvRDRBRUUyQzg3NjhFMTFFMzk5QTk1NzQ1NTkxMUVBMzIvNjExRDgwOTRC MTNEMTFFNTkyOTk4NzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAFnSNADBAJn8kQDBALcntQwDQQCAAIwBwMFACQH8QAwDQYJ KoZIhvcNAQELBQADggEBALemaXWgxELXMVP568ihof/an5o9/mYJgxjKuZg4QmSb WJnS6MAoMwFTcn6CyM8+WTw0z2NxzY+f5Mm1yTGuokr1VyB4xafS9x5WZS3uBaYm dQhUKPmhDlan0Z06OeKaEJGZkFuVV0Nw702o9NQPDFeMY6geQmwc4J54vuoEFonH m0lEWAeVOQRW12jHzd/qrVT95qGSOaLF0yN/Zp5C/wrfA5PkOMIObJ36TOQImJ/5 kgM8jpCZ2vMJ0L4YMRNtCryZWwpa8lis7/rJtiJKshnaAfLtQ4E4UOZn9NuqDlhE nmI0a932pnwmb33r5DZ/F/cn7V6CquNleig6cjxwUks= -----END CERTIFICATE-----Generated at Wed Nov 5 15:44:46 2025 by rpki-client