$ rpki-client -vvf rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa File: C8C64A4AED4D11EA895BC037C4F9AE02.roa (raw, json) Hash identifier: DYR7hTrI+N8bTdN4wmisSUlD2zvzUkj32q6n8M3PxAo= Subject key identifier: 53:82:12:BF:23:12:A1:D4:24:BF:53:8F:28:D2:99:C2:22:6F:4F:02 Certificate issuer: /CN=A91E96D9/serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Certificate serial: 08A2 Authority key identifier: 21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa Signing time: Wed 22 Oct 2025 21:39:52 +0000 ROA not before: Wed 22 Oct 2025 21:39:52 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 38488 IP address blocks: 116.0.42.0/24 maxlen: 24 202.123.240.0/24 maxlen: 24 202.123.242.0/24 maxlen: 24 202.123.243.0/24 maxlen: 24 202.123.244.0/24 maxlen: 24 202.123.245.0/24 maxlen: 24 202.123.246.0/24 maxlen: 24 2400:a960::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 21:39:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2210 (0x8a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E96D9, serialNumber=219EA63C6AC966DDB285886BD711C78A14DF512B Validity Not Before: Oct 22 21:39:52 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68f94f28-af6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ad:f4:de:28:c7:8f:53:f5:e2:90:b9:d8:4e: 97:59:fe:90:4d:ce:1f:7a:2f:8a:98:bb:6f:c5:14: 8e:46:55:cc:21:8a:d1:c8:40:12:b2:8c:50:21:21: 49:c8:1c:f7:c2:09:f0:2e:c0:ac:4c:e1:71:17:5b: 93:6d:e1:d7:40:56:54:3f:d9:4d:44:6f:b4:da:e1: c1:e1:ca:c0:43:15:a6:f7:d8:ef:5a:42:26:04:5e: 4d:1a:fd:fe:75:83:03:21:68:ec:38:00:3a:92:84: d8:c6:9a:bb:db:41:29:79:63:9b:05:60:07:0e:b7: a2:26:62:69:3e:27:5a:28:74:03:24:c9:68:fa:c4: 18:6d:6c:93:2b:69:8c:a0:94:69:f6:7c:7f:82:24: 0f:6d:28:50:f0:22:66:b2:77:4a:3e:66:99:c8:fd: 50:c8:fb:bb:d5:6b:7b:8a:67:54:57:a9:42:69:13: 4c:ed:14:6e:9b:bf:1a:8d:a2:0c:1b:f8:b9:3f:3c: 9b:6a:0e:5b:de:4b:d6:89:fa:23:4e:3c:8b:69:fa: a0:a3:f5:cd:51:05:17:ea:03:5b:1d:8a:ea:e2:08: 57:6d:b3:a8:3e:80:a7:13:73:6b:0d:0a:18:00:58: ce:c2:86:0a:a6:31:32:36:8e:e3:b5:55:3b:8b:79: 72:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:82:12:BF:23:12:A1:D4:24:BF:53:8F:28:D2:99:C2:22:6F:4F:02 X509v3 Authority Key Identifier: keyid:21:9E:A6:3C:6A:C9:66:DD:B2:85:88:6B:D7:11:C7:8A:14:DF:51:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/IZ6mPGrJZt2yhYhr1xHHihTfUSs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZ6mPGrJZt2yhYhr1xHHihTfUSs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E96D9/80DFDEC0E5DD11EAB2468D65C4F9AE02/C8C64A4AED4D11EA895BC037C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.0.42.0/24 202.123.240.0/24 202.123.242.0-202.123.246.255 IPv6: 2400:a960::/48 Signature Algorithm: sha256WithRSAEncryption 60:b6:2b:63:5d:4a:89:5d:81:7d:d2:89:eb:5f:c8:29:1c:c5: 43:aa:0f:c6:96:61:f4:9c:cf:70:ab:9e:4f:b3:f1:06:b4:bd: b0:13:24:4f:1d:40:36:a2:23:05:4b:9c:54:7a:da:e0:62:6c: 3c:ac:9d:d8:96:c3:46:f2:1a:1c:d6:65:e8:46:72:d2:1a:77: 6c:7d:71:f1:ba:8b:d6:ee:43:cd:50:ee:1d:18:ec:0d:1e:d7: 67:3a:cb:61:9d:f1:f7:11:8b:15:86:ab:30:26:c8:4d:de:32: 3d:95:1c:a0:05:23:85:78:91:11:76:f0:42:6a:3f:cf:cf:4c: 45:c8:ef:b1:7e:97:d8:fe:3b:79:3f:85:c6:6f:e9:25:42:57: 81:cc:af:4d:a0:70:7f:4a:24:f7:09:57:c0:72:a5:97:1a:9d: 42:79:64:31:75:9d:6a:b5:34:69:fd:fc:41:86:50:78:20:52: a5:0a:28:7a:fa:48:f0:f6:75:5e:b1:96:26:1a:4f:f2:d5:52: b7:57:fa:cf:b9:74:ce:a9:60:d8:d0:a8:bd:aa:5d:87:e5:29: 22:d2:91:6b:fc:6f:51:a0:5e:7f:55:9e:1e:1d:69:21:dc:a1: 79:56:d7:f2:04:15:9e:9b:70:80:72:91:38:4a:e3:ff:40:77: f5:3b:d4:0a -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICCKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk2RDkxMTAvBgNVBAUTKDIxOUVBNjNDNkFDOTY2RERCMjg1ODg2QkQ3MTFDNzhB MTRERjUxMkIwHhcNMjUxMDIyMjEzOTUyWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY5NGYyOC1hZjZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp6303ijHj1P14pC52E6XWf6QTc4fei+KmLtvxRSORlXMIYrRyEASsoxQISFJ yBz3wgnwLsCsTOFxF1uTbeHXQFZUP9lNRG+02uHB4crAQxWm99jvWkImBF5NGv3+ dYMDIWjsOAA6koTYxpq720EpeWObBWAHDreiJmJpPidaKHQDJMlo+sQYbWyTK2mM oJRp9nx/giQPbShQ8CJmsndKPmaZyP1QyPu71Wt7imdUV6lCaRNM7RRum78ajaIM G/i5Pzybag5b3kvWifojTjyLafqgo/XNUQUX6gNbHYrq4ghXbbOoPoCnE3NrDQoY AFjOwoYKpjEyNo7jtVU7i3lywwIDAQABo4ICujCCArYwHQYDVR0OBBYEFFOCEr8j EqHUJL9TjyjSmcIib08CMB8GA1UdIwQYMBaAFCGepjxqyWbdsoWIa9cRx4oU31Er MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTZEOS84MERGREVDMEU1 REQxMUVBQjI0NjhENjVDNEY5QUUwMi9JWjZtUEdySlp0MnloWWhyMXhISGloVGZV U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laNm1QR3JKWnQyeWhZaHIxeEhIaWhUZlVTcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk2RDkvODBERkRFQzBFNUREMTFFQUIyNDY4RDY1QzRGOUFFMDIvQzhDNjRBNEFF RDREMTFFQTg5NUJDMDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMCAEAgABMBoDBAB0ACoDBADKe/AwDAMEAcp78gMEAMp79jAPBAIAAjAJAwcA JACpYAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBgtitjXUqJXYF90onrX8gpHMVDqg/G lmH0nM9wq55Ps/EGtL2wEyRPHUA2oiMFS5xUetrgYmw8rJ3YlsNG8hoc1mXoRnLS GndsfXHxuovW7kPNUO4dGOwNHtdnOsthnfH3EYsVhqswJshN3jI9lRygBSOFeJER dvBCaj/Pz0xFyO+xfpfY/jt5P4XGb+klQleBzK9NoHB/SiT3CVfAcqWXGp1CeWQx dZ1qtTRp/fxBhlB4IFKlCih6+kjw9nVesZYmGk/y1VK3V/rPuXTOqWDY0Ki9ql2H 5Ski0pFr/G9RoF5/VZ4eHWkh3KF5VtfyBBWem3CAcpE4SuP/QHf1O9QK -----END CERTIFICATE-----Generated at Fri Oct 24 20:47:22 2025 by rpki-client