$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8161/670612B0FA6411E7A4C2693EC4F9AE02/C109FFF4FC0511E7BAFB3E48C4F9AE02.roa File: C109FFF4FC0511E7BAFB3E48C4F9AE02.roa (raw, json) Hash identifier: h+OprAj4V1ZkpAEr5nFzxG5bkNU3flbAc659nqXKwps= Subject key identifier: 0F:C1:3C:12:7E:48:44:27:D8:E6:76:66:CE:A8:A0:0F:B4:D0:0A:FB Certificate issuer: /CN=A91E8161/serialNumber=0F0BCEE15ADB6D57D02CD04B45223AB8066A545D Certificate serial: 1702 Authority key identifier: 0F:0B:CE:E1:5A:DB:6D:57:D0:2C:D0:4B:45:22:3A:B8:06:6A:54:5D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DwvO4VrbbVfQLNBLRSI6uAZqVF0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8161/670612B0FA6411E7A4C2693EC4F9AE02/C109FFF4FC0511E7BAFB3E48C4F9AE02.roa Signing time: Wed 01 Oct 2025 09:42:10 +0000 ROA not before: Wed 01 Oct 2025 09:42:10 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 64089 IP address blocks: 45.253.130.0/23 maxlen: 24 103.85.42.0/23 maxlen: 24 103.247.36.0/23 maxlen: 24 2402:5c40:1000::/40 maxlen: 40 2402:5c40:1100::/40 maxlen: 40 2402:5c40:1200::/40 maxlen: 40 2402:5c40:1300::/40 maxlen: 40 2402:5c40:1400::/40 maxlen: 40 2402:5c40:1500::/40 maxlen: 40 2402:5c40:5c00::/40 maxlen: 40 2402:5c40:5c40::/48 maxlen: 48 2402:5c40:5c41::/48 maxlen: 48 2402:5c40:5c42::/48 maxlen: 48 2402:5c40:5c43::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8161/670612B0FA6411E7A4C2693EC4F9AE02/DwvO4VrbbVfQLNBLRSI6uAZqVF0.crl rsync://rpki.apnic.net/member_repository/A91E8161/670612B0FA6411E7A4C2693EC4F9AE02/DwvO4VrbbVfQLNBLRSI6uAZqVF0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DwvO4VrbbVfQLNBLRSI6uAZqVF0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 16:50:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5890 (0x1702) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8161, serialNumber=0F0BCEE15ADB6D57D02CD04B45223AB8066A545D Validity Not Before: Oct 1 09:42:10 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=68dcf772-37ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:cd:d6:98:80:48:b0:6c:8a:98:55:ec:1f:0c: e3:f1:ee:b9:92:33:c9:92:98:07:e5:2e:da:71:b1: 84:6d:63:60:b3:20:e5:5b:bc:01:98:23:8a:56:9e: 3c:77:7c:18:31:69:2a:c0:c9:c2:3a:5d:4a:df:d5: 4d:c1:dc:30:83:f2:b2:9c:86:f4:12:c8:79:ea:69: ce:12:48:56:3d:1a:64:86:26:c4:41:4a:bb:21:c4: f7:f2:86:99:89:d7:3c:9f:57:7a:88:68:b5:ae:68: 61:2a:c5:f8:de:18:78:3e:2a:51:d2:73:0a:36:b2: 6c:30:f4:a5:d8:0b:f5:36:3f:f2:43:d4:22:2a:81: ef:2f:c5:74:6b:f9:60:62:8d:af:c2:59:e6:5f:e3: 55:e2:39:99:7c:9c:7d:75:f9:f5:1c:84:43:35:af: 58:16:f1:59:31:d3:ce:a0:98:ef:d8:31:8a:ef:16: ed:53:15:9e:13:31:b2:92:c8:dd:55:ec:e3:8c:4a: e3:b1:30:c6:8c:9c:71:df:ed:c4:b3:77:aa:a7:35: a5:a8:58:47:c3:51:6e:21:15:25:3f:84:40:0e:b9: ef:c0:3e:1b:9f:12:5e:13:04:8c:bf:c0:fb:85:e9: c2:e0:4a:05:05:60:84:39:b3:cc:3b:71:6a:f1:5a: 94:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:C1:3C:12:7E:48:44:27:D8:E6:76:66:CE:A8:A0:0F:B4:D0:0A:FB X509v3 Authority Key Identifier: keyid:0F:0B:CE:E1:5A:DB:6D:57:D0:2C:D0:4B:45:22:3A:B8:06:6A:54:5D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8161/670612B0FA6411E7A4C2693EC4F9AE02/DwvO4VrbbVfQLNBLRSI6uAZqVF0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DwvO4VrbbVfQLNBLRSI6uAZqVF0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8161/670612B0FA6411E7A4C2693EC4F9AE02/C109FFF4FC0511E7BAFB3E48C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.253.130.0/23 103.85.42.0/23 103.247.36.0/23 IPv6: 2402:5c40:1000::-2402:5c40:15ff:ffff:ffff:ffff:ffff:ffff 2402:5c40:5c00::/40 Signature Algorithm: sha256WithRSAEncryption 40:6b:3f:31:ee:80:8d:61:62:99:51:de:a3:5f:59:f1:be:91: 9e:44:42:0b:01:e7:16:01:89:dd:48:4a:59:bd:a0:38:78:44: 69:78:c4:c1:3b:c7:eb:88:e4:fd:0b:2b:76:a4:8b:26:14:64: 5c:ff:ae:d0:01:2c:f6:1c:50:6d:a5:95:f2:57:22:d5:09:bb: 14:21:5e:c6:fa:7e:a1:58:b0:3f:4c:ca:ac:30:c3:c7:2d:b2: eb:03:cc:aa:f4:29:52:4e:b6:b4:d3:7e:d7:47:2a:68:dd:2d: 18:f5:89:fb:47:48:c2:88:24:40:15:d5:21:91:bc:9f:a3:9f: 01:4c:b6:fe:b7:a8:84:55:5b:49:54:3e:54:12:f4:ad:fb:d3: 61:e4:79:0e:5a:ba:29:62:f1:1e:70:fc:89:ce:b7:8f:3d:6e: d9:c3:9c:0c:1b:39:44:44:36:5c:c7:a5:f7:5e:89:45:6b:83: e2:b5:d0:38:e2:a5:bd:43:ab:d7:d9:a0:71:5b:0f:58:33:05: 50:3f:98:30:6d:85:b1:20:04:41:df:3d:01:fc:77:10:e0:2b: f5:16:1d:1b:87:64:94:52:b5:55:b4:88:b9:3f:76:49:5b:85: ad:d5:d8:e2:d0:b7:94:d6:83:f0:0b:a5:33:62:2f:99:d6:a0: d2:0b:a3:f0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICFwIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTgxNjExMTAvBgNVBAUTKDBGMEJDRUUxNUFEQjZENTdEMDJDRDA0QjQ1MjIzQUI4 MDY2QTU0NUQwHhcNMjUxMDAxMDk0MjEwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRjZjc3Mi0zN2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxs3WmIBIsGyKmFXsHwzj8e65kjPJkpgH5S7acbGEbWNgsyDlW7wBmCOKVp48 d3wYMWkqwMnCOl1K39VNwdwwg/KynIb0Esh56mnOEkhWPRpkhibEQUq7IcT38oaZ idc8n1d6iGi1rmhhKsX43hh4PipR0nMKNrJsMPSl2Av1Nj/yQ9QiKoHvL8V0a/lg Yo2vwlnmX+NV4jmZfJx9dfn1HIRDNa9YFvFZMdPOoJjv2DGK7xbtUxWeEzGyksjd VezjjErjsTDGjJxx3+3Es3eqpzWlqFhHw1FuIRUlP4RADrnvwD4bnxJeEwSMv8D7 henC4EoFBWCEObPMO3Fq8VqUfQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFA/BPBJ+ SEQn2OZ2Zs6ooA+00Ar7MB8GA1UdIwQYMBaAFA8LzuFa221X0CzQS0UiOrgGalRd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODE2MS82NzA2MTJCMEZB NjQxMUU3QTRDMjY5M0VDNEY5QUUwMi9Ed3ZPNFZyYmJWZlFMTkJMUlNJNnVBWnFW RjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0R3dk80VnJiYlZmUUxOQkxSU0k2dUFacVZGMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTgxNjEvNjcwNjEyQjBGQTY0MTFFN0E0QzI2OTNFQzRGOUFFMDIvQzEwOUZGRjRG QzA1MTFFN0JBRkIzRTQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MBgEAgABMBIDBAEt/YIDBAFnVSoDBAFn9yQwIAQCAAIwGjAQAwYEJAJcQBAD BgEkAlxAFAMGACQCXEBcMA0GCSqGSIb3DQEBCwUAA4IBAQBAaz8x7oCNYWKZUd6j X1nxvpGeREILAecWAYndSEpZvaA4eERpeMTBO8friOT9Cyt2pIsmFGRc/67QASz2 HFBtpZXyVyLVCbsUIV7G+n6hWLA/TMqsMMPHLbLrA8yq9ClSTra0037XRypo3S0Y 9Yn7R0jCiCRAFdUhkbyfo58BTLb+t6iEVVtJVD5UEvSt+9Nh5HkOWropYvEecPyJ zrePPW7Zw5wMGzlERDZcx6X3XolFa4PitdA44qW9Q6vX2aBxWw9YMwVQP5gwbYWx IARB3z0B/HcQ4Cv1Fh0bh2SUUrVVtIi5P3ZJW4Wt1dji0LeU1oPwC6UzYi+Z1qDS C6Pw -----END CERTIFICATE-----Generated at Tue Oct 28 10:36:15 2025 by rpki-client