$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/CE3FCE34AF1611F0B50BFF7AC4F9AE02.roa File: CE3FCE34AF1611F0B50BFF7AC4F9AE02.roa (raw, json) Hash identifier: DtVrkChmZWRD5+fP2Qn5fAqp1kmHQeghAdi18ignO50= Subject key identifier: 82:FA:62:80:1F:28:E6:D8:2F:18:E3:11:C3:81:56:68:C9:CD:E2:DA Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Certificate serial: 0DF2 Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/CE3FCE34AF1611F0B50BFF7AC4F9AE02.roa Signing time: Wed 22 Oct 2025 07:14:54 +0000 ROA not before: Wed 22 Oct 2025 07:14:54 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 19551 IP address blocks: 211.24.174.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3570 (0xdf2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Validity Not Before: Oct 22 07:14:54 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68f8846d-a66f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:08:46:ca:89:07:60:10:5f:03:7c:67:ab:29: 04:0d:18:01:04:c4:aa:39:6f:d7:e0:fb:2d:73:81: d9:43:0a:60:bd:ed:4d:3d:4e:23:95:27:d2:f4:15: b0:ca:06:6c:3e:6c:91:de:80:f4:a1:90:48:cc:7d: 1b:3b:8c:71:fa:7d:c5:8c:37:b3:dd:84:32:de:f5: ef:c1:1b:86:16:06:b3:22:6a:c3:ce:64:c4:68:65: 71:13:97:ff:4d:aa:4c:c5:eb:1a:b7:46:ee:80:5e: c7:c3:97:d9:9c:dd:2b:be:8a:bc:a9:ab:6e:61:7f: 65:b0:e5:7c:cd:b9:89:6b:a6:96:5f:8c:3a:f0:01: 0e:9c:9a:61:f8:b4:98:4f:ff:b4:38:64:52:ee:94: e1:00:7d:64:fe:04:b2:2c:50:57:dd:0e:b0:ff:a0: 98:36:5d:23:ea:d7:d7:3e:80:71:31:38:66:d7:ae: 4e:73:e6:5a:39:37:a2:e6:73:be:a4:5b:7a:fa:f8: ce:95:18:f8:76:0b:b9:ff:f9:be:4b:62:ce:b6:77: 6e:86:9f:f9:02:55:fb:81:74:0c:ec:c3:93:25:ee: 78:be:5b:40:40:93:f8:48:92:d5:77:fe:ea:7f:47: 1c:99:36:51:90:2c:f4:a6:0c:b4:eb:af:89:bf:32: d1:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:FA:62:80:1F:28:E6:D8:2F:18:E3:11:C3:81:56:68:C9:CD:E2:DA X509v3 Authority Key Identifier: keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/CE3FCE34AF1611F0B50BFF7AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 211.24.174.0/24 Signature Algorithm: sha256WithRSAEncryption 25:63:a0:7d:9d:11:8e:f3:13:30:bb:4b:a1:bf:a6:9d:0e:13: 50:40:f8:44:0c:da:91:4f:b8:30:38:24:b9:80:d3:aa:80:2c: f8:55:d2:2d:ca:da:b0:83:9e:3d:e5:d3:5d:11:b8:c9:64:5c: 45:c3:3b:72:97:43:57:e4:91:45:b1:e2:1b:43:1e:e7:a8:11: be:3c:de:34:55:81:81:10:a3:7d:f7:e1:bc:f7:af:f1:4e:42: cb:a4:a4:51:51:68:5e:d3:53:19:fc:28:6b:fe:a3:bb:46:dd: e8:b3:01:68:4b:e3:1d:7f:7c:c2:30:02:eb:83:44:2b:68:84: 4a:2f:02:55:ce:70:f7:48:bb:73:45:15:c6:f9:d7:f0:31:d3: 3d:ed:27:8a:c3:2d:90:9a:35:34:e6:c0:4a:96:68:21:9e:50: 46:ba:9a:40:30:a8:1e:87:27:c6:bc:13:cd:b2:15:55:a7:6a: 9d:dd:a0:ef:bc:ff:ba:2d:df:af:e9:7e:08:ee:03:4d:0b:6e: 59:b0:bf:c9:fc:e1:b2:54:e6:92:36:35:55:0b:fa:ce:d6:f5: a9:bc:a5:82:3c:02:8f:19:43:86:01:1e:c6:cc:a5:bb:46:a4: 26:7d:2d:a1:2e:47:b3:aa:fc:11:89:44:93:17:2b:61:82:39: 12:01:d4:25 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDfIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3 MEQ1N0JENzYwHhcNMjUxMDIyMDcxNDU0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY4ODQ2ZC1hNjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2whGyokHYBBfA3xnqykEDRgBBMSqOW/X4Pstc4HZQwpgve1NPU4jlSfS9BWw ygZsPmyR3oD0oZBIzH0bO4xx+n3FjDez3YQy3vXvwRuGFgazImrDzmTEaGVxE5f/ TapMxesat0bugF7Hw5fZnN0rvoq8qatuYX9lsOV8zbmJa6aWX4w68AEOnJph+LSY T/+0OGRS7pThAH1k/gSyLFBX3Q6w/6CYNl0j6tfXPoBxMThm165Oc+ZaOTei5nO+ pFt6+vjOlRj4dgu5//m+S2LOtnduhp/5AlX7gXQM7MOTJe54vltAQJP4SJLVd/7q f0ccmTZRkCz0pgy066+JvzLRRwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIL6YoAf KObYLxjjEcOBVmjJzeLaMB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2 WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTdCQzQvMkQxQTU5NUFENTBEMTFFOUJBRDZDMjI2QzRGOUFFMDIvQ0UzRkNFMzRB RjE2MTFGMEI1MEJGRjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBADTGK4wDQYJKoZIhvcNAQELBQADggEBACVjoH2dEY7zEzC7 S6G/pp0OE1BA+EQM2pFPuDA4JLmA06qALPhV0i3K2rCDnj3l010RuMlkXEXDO3KX Q1fkkUWx4htDHueoEb483jRVgYEQo3334bz3r/FOQsukpFFRaF7TUxn8KGv+o7tG 3eizAWhL4x1/fMIwAuuDRCtohEovAlXOcPdIu3NFFcb51/Ax0z3tJ4rDLZCaNTTm wEqWaCGeUEa6mkAwqB6HJ8a8E82yFVWnap3doO+8/7ot36/pfgjuA00Lblmwv8n8 4bJU5pI2NVUL+s7W9am8pYI8Ao8ZQ4YBHsbMpbtGpCZ9LaEuR7Oq/BGJRJMXK2GC ORIB1CU= -----END CERTIFICATE-----Generated at Tue Nov 4 21:10:27 2025 by rpki-client