$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1257/A90F1EE6442011EB856CD162C4F9AE02/D41A1814442211EBBF7D9D65C4F9AE02.roa File: D41A1814442211EBBF7D9D65C4F9AE02.roa (raw, json) Hash identifier: tB96Uz17EX40eZdARikwxQwcb8AmCNS9rm6xwYx8La0= Subject key identifier: 4A:2D:13:BC:0F:36:4F:66:80:55:96:42:56:7A:56:67:15:8A:44:5B Certificate issuer: /CN=A91E1257/serialNumber=1ED782BE62D71017668B28A32689E470EDA201F8 Certificate serial: 0756 Authority key identifier: 1E:D7:82:BE:62:D7:10:17:66:8B:28:A3:26:89:E4:70:ED:A2:01:F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HteCvmLXEBdmiyijJonkcO2iAfg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E1257/A90F1EE6442011EB856CD162C4F9AE02/D41A1814442211EBBF7D9D65C4F9AE02.roa Signing time: Wed 22 Oct 2025 22:41:08 +0000 ROA not before: Wed 22 Oct 2025 22:41:08 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 141216 IP address blocks: 103.156.154.0/24 maxlen: 24 103.156.155.0/24 maxlen: 24 2407:d3c0::/32 maxlen: 32 2407:d3c0:2001::/48 maxlen: 48 2407:d3c0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E1257/A90F1EE6442011EB856CD162C4F9AE02/HteCvmLXEBdmiyijJonkcO2iAfg.crl rsync://rpki.apnic.net/member_repository/A91E1257/A90F1EE6442011EB856CD162C4F9AE02/HteCvmLXEBdmiyijJonkcO2iAfg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HteCvmLXEBdmiyijJonkcO2iAfg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 21:47:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1878 (0x756) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E1257, serialNumber=1ED782BE62D71017668B28A32689E470EDA201F8 Validity Not Before: Oct 22 22:41:08 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68f95d84-6cc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:58:b5:43:d4:ae:ee:40:ed:15:57:c5:d8:5c: e5:be:7a:88:34:e0:46:f2:f2:94:c1:7a:de:43:f0: e4:a8:ed:ae:7b:f9:4f:e2:39:21:d3:ea:2d:68:4d: 37:7b:b3:f7:da:a5:55:6e:d4:61:db:51:31:58:81: 2e:ce:86:71:7e:cf:92:e2:0d:d1:8a:27:56:c5:a2: 77:f7:0f:a3:2a:0c:94:d9:c8:a0:6a:59:2d:9d:83: a7:c8:8b:d5:39:0d:40:d0:ed:20:2a:b0:b1:c6:07: eb:68:cc:24:ac:ea:db:da:c0:80:f3:8e:22:a0:54: da:c7:83:14:7b:67:0d:92:ce:cf:0f:d4:54:1a:a5: 24:ad:5c:a0:a3:2b:07:e7:6d:4a:c2:cd:86:2c:ff: 2e:66:d9:54:8b:17:fa:5b:30:08:ca:e1:7d:c5:a8: b5:a2:9f:0e:ac:1e:1a:90:28:77:f7:bc:dd:40:ad: ad:c6:37:97:b2:4e:02:be:2b:6a:92:a3:e6:02:b6: d1:ab:99:ac:25:35:2e:cd:c3:6c:9a:f9:53:15:ea: 60:72:85:8e:f3:07:ff:81:f4:9a:ba:e1:e8:9b:f2: 9a:4d:3c:48:d8:f2:48:b7:14:4a:42:13:84:da:80: 4b:da:cf:b6:52:5e:74:98:9b:b6:5a:cf:ef:b7:81: 83:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:2D:13:BC:0F:36:4F:66:80:55:96:42:56:7A:56:67:15:8A:44:5B X509v3 Authority Key Identifier: keyid:1E:D7:82:BE:62:D7:10:17:66:8B:28:A3:26:89:E4:70:ED:A2:01:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E1257/A90F1EE6442011EB856CD162C4F9AE02/HteCvmLXEBdmiyijJonkcO2iAfg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HteCvmLXEBdmiyijJonkcO2iAfg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1257/A90F1EE6442011EB856CD162C4F9AE02/D41A1814442211EBBF7D9D65C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.156.154.0/23 IPv6: 2407:d3c0::/32 Signature Algorithm: sha256WithRSAEncryption 48:29:55:ee:e5:23:56:74:f2:8b:12:c6:53:3d:3c:f0:12:02: f7:d7:20:46:5b:ca:f7:a1:fb:4f:b9:2a:0d:6d:66:0c:a4:5b: 5d:46:48:12:a4:e1:f7:50:ff:50:10:5a:57:5b:f1:a5:04:de: e1:d6:ac:a2:53:0c:2a:bc:41:a7:27:da:b7:ab:66:ec:15:78: 00:bf:ab:32:c6:b0:47:5a:5b:b2:05:e5:83:3f:99:54:fb:e1: 1c:9b:ff:7b:88:a7:d7:6a:92:80:60:e5:e7:45:e3:ae:4b:8b: fc:e0:88:ed:b2:63:a0:b4:60:a7:27:5c:c5:27:9a:7e:24:cc: 49:a7:34:7b:b5:89:73:d9:0b:57:4e:9e:68:3f:c8:57:d3:af: 42:50:07:00:dd:ea:61:3e:b8:8b:24:f5:fb:71:23:fc:98:cb: ed:02:86:50:04:83:46:fe:bd:ce:d5:ae:ab:eb:67:b0:ce:ce: b6:cc:bc:c7:7f:49:b3:a8:86:6c:85:53:bf:b9:be:a4:89:2c: e4:d4:a9:18:1a:da:66:1a:d4:fd:b5:be:f2:99:0a:fd:79:0c: f4:db:de:05:6b:57:3f:35:06:d6:03:de:5e:23:fd:d0:a6:32: 2b:cc:05:56:db:31:1b:ab:3f:f6:68:6f:7d:71:6c:04:0b:be: eb:00:97:88 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICB1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTEyNTcxMTAvBgNVBAUTKDFFRDc4MkJFNjJENzEwMTc2NjhCMjhBMzI2ODlFNDcw RURBMjAxRjgwHhcNMjUxMDIyMjI0MTA4WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY5NWQ4NC02Y2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5Vi1Q9Su7kDtFVfF2FzlvnqINOBG8vKUwXreQ/DkqO2ue/lP4jkh0+otaE03 e7P32qVVbtRh21ExWIEuzoZxfs+S4g3RiidWxaJ39w+jKgyU2cigalktnYOnyIvV OQ1A0O0gKrCxxgfraMwkrOrb2sCA844ioFTax4MUe2cNks7PD9RUGqUkrVygoysH 521Kws2GLP8uZtlUixf6WzAIyuF9xai1op8OrB4akCh397zdQK2txjeXsk4Cvitq kqPmArbRq5msJTUuzcNsmvlTFepgcoWO8wf/gfSauuHom/KaTTxI2PJItxRKQhOE 2oBL2s+2Ul50mJu2Ws/vt4GD3QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEotE7wP Nk9mgFWWQlZ6VmcVikRbMB8GA1UdIwQYMBaAFB7Xgr5i1xAXZosooyaJ5HDtogH4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTI1Ny9BOTBGMUVFNjQ0 MjAxMUVCODU2Q0QxNjJDNEY5QUUwMi9IdGVDdm1MWEVCZG1peWlqSm9ua2NPMmlB ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0h0ZUN2bUxYRUJkbWl5aWpKb25rY08yaUFmZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTEyNTcvQTkwRjFFRTY0NDIwMTFFQjg1NkNEMTYyQzRGOUFFMDIvRDQxQTE4MTQ0 NDIyMTFFQkJGN0Q5RDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnnJowDQQCAAIwBwMFACQH08AwDQYJKoZIhvcNAQELBQAD ggEBAEgpVe7lI1Z08osSxlM9PPASAvfXIEZbyveh+0+5Kg1tZgykW11GSBKk4fdQ /1AQWldb8aUE3uHWrKJTDCq8Qacn2rerZuwVeAC/qzLGsEdaW7IF5YM/mVT74Ryb /3uIp9dqkoBg5edF465Li/zgiO2yY6C0YKcnXMUnmn4kzEmnNHu1iXPZC1dOnmg/ yFfTr0JQBwDd6mE+uIsk9ftxI/yYy+0ChlAEg0b+vc7VrqvrZ7DOzrbMvMd/SbOo hmyFU7+5vqSJLOTUqRga2mYa1P21vvKZCv15DPTb3gVrVz81BtYD3l4j/dCmMivM BVbbMRurP/Zob31xbAQLvusAl4g= -----END CERTIFICATE-----Generated at Wed Nov 5 18:09:34 2025 by rpki-client