$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/192418F6AA1811EA97BC574CC4F9AE02.roa File: 192418F6AA1811EA97BC574CC4F9AE02.roa (raw, json) Hash identifier: XJKFjiP3tvsMhs6LmvK7B6XUUWrtRbubwh2zJ/jKEZ0= Subject key identifier: 4D:8B:FB:5A:F5:E6:6B:A5:C0:FE:5F:D8:72:EB:A3:E2:89:AA:4A:ED Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD Certificate serial: 1F1A Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/192418F6AA1811EA97BC574CC4F9AE02.roa Signing time: Mon 22 Sep 2025 10:07:21 +0000 ROA not before: Mon 22 Sep 2025 10:07:21 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 24429 IP address blocks: 43.91.0.0/16 maxlen: 24 43.102.128.0/20 maxlen: 24 43.102.144.0/20 maxlen: 24 43.109.0.0/16 maxlen: 24 2404:2280:100::/40 maxlen: 48 2404:2280:200::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 16:20:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7962 (0x1f1a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA198, serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD Validity Not Before: Sep 22 10:07:21 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=68d11fd9-9209 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:59:53:2a:58:1c:08:36:f8:c8:26:2d:09:b6: 14:f0:0b:8c:03:fe:b6:cc:0a:a4:77:15:b4:11:b9: 48:1d:24:a5:62:9f:15:74:3b:53:85:3e:c9:c8:47: 46:98:db:e6:93:c0:71:9b:c5:18:03:2e:ef:3c:6e: db:56:33:3b:60:d7:08:06:95:48:87:3a:99:70:4b: 0a:94:53:67:e3:50:8f:9d:04:8c:76:ec:2c:66:4f: 6a:86:69:a2:df:2f:96:8b:39:51:6e:a1:27:30:65: bf:80:07:14:79:8f:59:b2:5d:c9:9a:06:92:e3:ad: 7c:60:00:13:5b:4a:5a:c9:4e:ad:33:47:b1:c4:19: cb:d6:b9:b6:74:d6:f6:c2:56:13:fe:a3:9b:b2:15: 52:a5:92:80:c6:c6:b6:7a:91:a0:8a:de:c5:2e:c7: 2f:31:02:8a:87:53:3a:db:53:ef:fa:47:4b:dd:bf: ed:53:51:fc:b9:fa:74:7d:61:95:e6:4e:da:63:53: c0:b0:5b:a8:ae:b1:25:9f:94:a8:41:b2:49:22:24: 30:1e:66:24:10:52:f5:52:e7:89:8f:b1:47:0d:d5: 6f:b2:69:ce:5b:de:c6:0d:c2:9a:fb:e0:97:2e:47: f0:26:d8:5e:74:66:2e:64:82:f0:75:c6:db:69:29: 94:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:8B:FB:5A:F5:E6:6B:A5:C0:FE:5F:D8:72:EB:A3:E2:89:AA:4A:ED X509v3 Authority Key Identifier: keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/192418F6AA1811EA97BC574CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.91.0.0/16 43.102.128.0/19 43.109.0.0/16 IPv6: 2404:2280:100::-2404:2280:2ff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 7e:8a:47:71:4f:78:62:a5:d8:10:ae:78:74:db:77:2f:fd:3b: f1:c3:cd:f7:5d:b2:54:40:59:71:60:5d:04:3a:9c:84:c8:eb: 3a:7c:fe:1d:bc:4d:31:0a:c6:00:90:3c:23:6a:8f:a4:cd:d2: 80:48:66:69:46:d6:12:81:18:da:3d:27:dd:03:24:98:14:5a: 30:d2:37:c3:fd:91:4d:2a:60:5f:b2:9f:35:43:fb:ac:0e:09: 7b:50:6e:2f:e6:4c:eb:71:ca:e7:36:40:02:ba:1b:9b:5e:0b: 33:00:73:2d:7c:59:34:46:c4:e7:e6:dd:ba:4a:6f:b8:24:8a: 9d:d9:c1:df:c9:52:97:db:23:e2:e5:28:1d:9e:85:d6:1b:1a: ba:5e:9c:10:18:b1:22:33:c1:3a:89:00:00:14:a1:cf:12:9e: 9f:0d:70:d1:b4:36:a2:80:63:47:db:e6:0d:ba:0b:1d:5e:08: 97:8a:5f:00:95:28:1d:f5:4a:e0:59:ea:04:1c:32:4b:63:25: 3c:f9:9a:0b:20:ed:55:b0:c6:eb:28:d9:ba:16:37:d8:8c:32: a7:aa:5a:de:c7:bc:0e:8d:66:4b:82:bb:87:01:e1:17:a2:bd: 30:09:a3:6e:21:2d:0e:14:48:ce:ca:11:80:55:f7:fa:06:07: f2:66:49:c5 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICHxowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG QkNCQkQ4QkQwHhcNMjUwOTIyMTAwNzIxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQxMWZkOS05MjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwFlTKlgcCDb4yCYtCbYU8AuMA/62zAqkdxW0EblIHSSlYp8VdDtThT7JyEdG mNvmk8Bxm8UYAy7vPG7bVjM7YNcIBpVIhzqZcEsKlFNn41CPnQSMduwsZk9qhmmi 3y+WizlRbqEnMGW/gAcUeY9Zsl3JmgaS4618YAATW0payU6tM0exxBnL1rm2dNb2 wlYT/qObshVSpZKAxsa2epGgit7FLscvMQKKh1M621Pv+kdL3b/tU1H8ufp0fWGV 5k7aY1PAsFuorrEln5SoQbJJIiQwHmYkEFL1UueJj7FHDdVvsmnOW97GDcKa++CX LkfwJthedGYuZILwdcbbaSmUVQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFE2L+1r1 5mulwP5f2HLro+KJqkrtMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvMTkyNDE4RjZB QTE4MTFFQTk3QkM1NzRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMBYEAgABMBADAwArWwMEBStmgAMDACttMBgEAgACMBIwEAMGACQEIoABAwYA JAQigAIwDQYJKoZIhvcNAQELBQADggEBAH6KR3FPeGKl2BCueHTbdy/9O/HDzfdd slRAWXFgXQQ6nITI6zp8/h28TTEKxgCQPCNqj6TN0oBIZmlG1hKBGNo9J90DJJgU WjDSN8P9kU0qYF+ynzVD+6wOCXtQbi/mTOtxyuc2QAK6G5teCzMAcy18WTRGxOfm 3bpKb7gkip3Zwd/JUpfbI+LlKB2ehdYbGrpenBAYsSIzwTqJAAAUoc8Snp8NcNG0 NqKAY0fb5g26Cx1eCJeKXwCVKB31SuBZ6gQcMktjJTz5mgsg7VWwxuso2boWN9iM MqeqWt7HvA6NZkuCu4cB4ReivTAJo24hLQ4USM7KEYBV9/oGB/JmScU= -----END CERTIFICATE-----Generated at Thu Oct 23 02:51:48 2025 by rpki-client