$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD25E/355BEC86A27B11F0980FD04AC4F9AE02/9CF6A89AA27B11F09D816A4BC4F9AE02.roa File: 9CF6A89AA27B11F09D816A4BC4F9AE02.roa (raw, json) Hash identifier: 0eBxKaOD/grMOoAgLIRsVrl+pKw/EreQcuXwa4ak1TU= Subject key identifier: 87:2A:FA:64:7F:BC:97:DD:F7:B0:31:37:1F:27:D6:B8:A7:B3:C6:E9 Certificate issuer: /CN=A91DD25E/serialNumber=89BA90CB7D442A8387C6AB930738CA200E137BAD Certificate serial: 02 Authority key identifier: 89:BA:90:CB:7D:44:2A:83:87:C6:AB:93:07:38:CA:20:0E:13:7B:AD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ibqQy31EKoOHxquTBzjKIA4Te60.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD25E/355BEC86A27B11F0980FD04AC4F9AE02/9CF6A89AA27B11F09D816A4BC4F9AE02.roa Signing time: Mon 06 Oct 2025 06:13:45 +0000 ROA not before: Mon 06 Oct 2025 06:13:45 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 134349 IP address blocks: 157.15.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD25E/355BEC86A27B11F0980FD04AC4F9AE02/ibqQy31EKoOHxquTBzjKIA4Te60.crl rsync://rpki.apnic.net/member_repository/A91DD25E/355BEC86A27B11F0980FD04AC4F9AE02/ibqQy31EKoOHxquTBzjKIA4Te60.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ibqQy31EKoOHxquTBzjKIA4Te60.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 11:54:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD25E, serialNumber=89BA90CB7D442A8387C6AB930738CA200E137BAD Validity Not Before: Oct 6 06:13:45 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68e35e18-fbb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:0d:51:1d:0f:7c:19:33:76:e8:64:be:21:78: f9:36:b4:69:fe:ee:3f:76:c1:f2:f3:9f:c6:0d:2c: af:a1:e0:ef:11:01:2e:b9:a8:70:b4:31:4a:0b:d0: 53:e1:82:ac:71:9c:db:8f:7b:7a:9c:fd:a5:99:97: af:a2:00:e7:8d:32:62:0b:1b:94:6e:d8:b0:78:3e: 90:a7:e2:59:8e:f2:bb:f5:44:25:55:0b:76:d6:8c: 64:65:b6:0f:69:0e:31:c1:3b:36:eb:25:2d:b4:d2: 19:35:e0:2d:6b:b0:2d:cd:81:5c:44:50:ac:0f:b0: dd:34:d7:e5:30:08:11:c9:6a:a1:b5:45:09:c3:d1: c0:67:23:02:fc:19:f4:4e:7a:34:63:8e:61:7c:27: 15:59:2b:b5:4f:d9:e7:3b:ba:c8:69:a1:67:55:29: 33:d1:ca:e7:e4:ca:f6:66:50:d9:68:ed:0b:d7:8a: a6:8e:d9:4d:e1:5a:b2:80:d4:e0:24:8f:3b:1c:69: b8:fc:55:d1:3b:77:4e:d8:5c:60:de:52:2d:b7:df: fb:ae:c8:dc:ce:4a:a5:a7:37:98:c4:e1:56:47:3a: c2:a6:9d:4b:61:37:92:ef:a9:cf:40:a3:27:31:ba: a9:df:cb:c4:d8:8a:84:ea:06:d4:8e:17:94:32:a6: 5e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:2A:FA:64:7F:BC:97:DD:F7:B0:31:37:1F:27:D6:B8:A7:B3:C6:E9 X509v3 Authority Key Identifier: keyid:89:BA:90:CB:7D:44:2A:83:87:C6:AB:93:07:38:CA:20:0E:13:7B:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD25E/355BEC86A27B11F0980FD04AC4F9AE02/ibqQy31EKoOHxquTBzjKIA4Te60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ibqQy31EKoOHxquTBzjKIA4Te60.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD25E/355BEC86A27B11F0980FD04AC4F9AE02/9CF6A89AA27B11F09D816A4BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.15.191.0/24 Signature Algorithm: sha256WithRSAEncryption 24:db:06:32:f6:a4:f2:65:b4:66:bf:49:f3:f6:38:aa:5d:00: 9b:5b:2e:9c:78:e5:56:b6:de:48:1f:69:45:eb:ba:44:5c:22: bb:02:ae:7a:8f:0b:06:c5:a6:49:e8:6f:00:ac:65:76:1d:8d: 98:b4:67:31:ed:53:35:19:f5:c5:aa:00:28:83:79:e3:79:40: 94:39:a0:9d:88:cc:96:00:b8:33:a9:61:54:47:75:ce:3d:e5: 31:f4:40:e3:59:df:12:a5:34:90:57:5e:67:d4:1e:f5:5f:5a: 22:55:d6:1b:76:4d:3f:b9:22:82:f9:b3:62:5b:4f:3e:49:cb: 1c:46:4a:54:9c:5e:85:24:85:bc:4f:42:61:fb:fa:01:95:88: 3a:ad:a8:a3:09:25:3e:de:93:4b:b9:14:f4:3b:36:cd:ef:a3: fd:78:6c:54:8e:c9:7d:7a:c9:34:9c:36:9f:2f:c1:db:1c:58: d6:44:ff:78:4d:ce:c6:13:06:ef:c9:4c:bb:33:49:98:1f:b3: 62:da:bd:29:ef:f7:a3:46:0e:fa:83:b0:73:f9:9f:77:c5:51: 60:d5:a5:be:bb:88:c3:cc:af:d2:f3:66:84:fa:86:6a:f7:e3: f5:a1:8b:f1:c1:d0:f2:55:4d:18:75:10:21:7b:37:3b:2d:42: e6:d0:53:31 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE RDI1RTExMC8GA1UEBRMoODlCQTkwQ0I3RDQ0MkE4Mzg3QzZBQjkzMDczOENBMjAw RTEzN0JBRDAeFw0yNTEwMDYwNjEzNDVaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZTM1ZTE4LWZiYjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+DVEdD3wZM3boZL4hePk2tGn+7j92wfLzn8YNLK+h4O8RAS65qHC0MUoL0FPh gqxxnNuPe3qc/aWZl6+iAOeNMmILG5Ru2LB4PpCn4lmO8rv1RCVVC3bWjGRltg9p DjHBOzbrJS200hk14C1rsC3NgVxEUKwPsN001+UwCBHJaqG1RQnD0cBnIwL8GfRO ejRjjmF8JxVZK7VP2ec7ushpoWdVKTPRyufkyvZmUNlo7QvXiqaO2U3hWrKA1OAk jzscabj8VdE7d07YXGDeUi233/uuyNzOSqWnN5jE4VZHOsKmnUthN5Lvqc9Aoycx uqnfy8TYioTqBtSOF5Qypl49AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUhyr6ZH+8 l933sDE3HyfWuKezxukwHwYDVR0jBBgwFoAUibqQy31EKoOHxquTBzjKIA4Te60w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUREMjVFLzM1NUJFQzg2QTI3 QjExRjA5ODBGRDA0QUM0RjlBRTAyL2licVF5MzFFS29PSHhxdVRCempLSUE0VGU2 MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaWJxUXkzMUVLb09IeHF1VEJ6aktJQTRUZTYwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RDI1RS8zNTVCRUM4NkEyN0IxMUYwOTgwRkQwNEFDNEY5QUUwMi85Q0Y2QTg5QUEy N0IxMUYwOUQ4MTZBNEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAJ0PvzANBgkqhkiG9w0BAQsFAAOCAQEAJNsGMvak8mW0Zr9J 8/Y4ql0Am1sunHjlVrbeSB9pReu6RFwiuwKueo8LBsWmSehvAKxldh2NmLRnMe1T NRn1xaoAKIN543lAlDmgnYjMlgC4M6lhVEd1zj3lMfRA41nfEqU0kFdeZ9Qe9V9a IlXWG3ZNP7kigvmzYltPPknLHEZKVJxehSSFvE9CYfv6AZWIOq2oowklPt6TS7kU 9Ds2ze+j/XhsVI7JfXrJNJw2ny/B2xxY1kT/eE3OxhMG78lMuzNJmB+zYtq9Ke/3 o0YO+oOwc/mfd8VRYNWlvruIw8yv0vNmhPqGavfj9aGL8cHQ8lVNGHUQIXs3Oy1C 5tBTMQ== -----END CERTIFICATE-----Generated at Sun Oct 19 06:58:04 2025 by rpki-client