$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/29F2A6202EF711F08A285219C4F9AE02.roa File: 29F2A6202EF711F08A285219C4F9AE02.roa (raw, json) Hash identifier: BDQ/cIT9onHOd5JfvUTITTE8/WzzYdypmVwFJRuUaNk= Subject key identifier: B7:5A:5B:7A:39:2F:10:5E:8D:6B:AF:E2:20:B3:94:94:51:EB:A1:BE Certificate issuer: /CN=A91EB2B8/serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F Certificate serial: 02EE Authority key identifier: A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/29F2A6202EF711F08A285219C4F9AE02.roa Signing time: Mon 04 Aug 2025 03:36:32 +0000 ROA not before: Mon 04 Aug 2025 03:36:32 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 149981 IP address blocks: 123.108.74.0/24 maxlen: 24 2407:2440:21::/48 maxlen: 48 2407:2440:24::/48 maxlen: 48 2407:2440:26::/48 maxlen: 48 2407:2440:29::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 30 Oct 2025 03:07:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 750 (0x2ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB2B8, serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F Validity Not Before: Aug 4 03:36:32 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68902ac0-cebb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:67:5b:87:d8:28:96:d6:61:9e:21:fc:d8:8a: 4d:ab:0a:a3:44:12:7c:3e:6f:71:77:39:01:63:0b: 1e:dd:8b:fd:b1:9d:05:03:7d:6f:bb:39:78:cf:f5: a8:f7:6b:2a:11:ec:da:ef:bd:ea:c4:e2:dd:f9:43: 39:e7:cd:05:38:71:d2:16:06:b8:ba:41:d9:3d:45: 4c:11:29:08:02:80:94:4f:4d:2e:21:a3:d1:7e:4d: 81:54:f1:17:b8:da:ca:d1:db:e8:c1:a0:87:91:7d: 70:ef:a9:c2:f2:1c:84:4d:ce:4f:77:86:0b:53:fd: 36:cf:5a:75:c9:dd:a8:85:49:fe:fc:fc:3e:0d:a8: af:de:bf:78:fe:0f:56:f0:65:a6:48:c7:a4:a6:3f: 6e:43:2d:71:5f:5d:6a:71:01:e1:0b:80:51:ce:04: 2d:9d:b4:36:01:50:43:59:e5:39:a8:cb:8e:2c:04: 20:7c:b3:72:f0:e8:a1:8a:d7:d4:d4:d5:78:86:87: be:58:03:09:ee:ac:8c:8f:a8:3c:23:ad:45:75:30: 01:ee:91:2c:bb:c0:0c:02:b6:da:5d:96:94:4a:6f: fa:a1:16:be:4f:fe:f3:83:f5:79:54:f3:4c:6c:af: 27:58:c8:12:84:1a:48:15:2c:3e:09:cd:b1:3c:3e: 86:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:5A:5B:7A:39:2F:10:5E:8D:6B:AF:E2:20:B3:94:94:51:EB:A1:BE X509v3 Authority Key Identifier: keyid:A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/29F2A6202EF711F08A285219C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.108.74.0/24 IPv6: 2407:2440:21::/48 2407:2440:24::/48 2407:2440:26::/48 2407:2440:29::/48 Signature Algorithm: sha256WithRSAEncryption 2b:85:ba:7d:fd:1a:a4:92:7f:bf:be:56:a7:6f:23:ed:86:b5: f3:62:47:2e:28:2f:90:e0:b6:07:94:e9:ff:42:2b:24:15:54: 05:7d:a3:f5:61:eb:44:a0:69:0f:39:68:05:a0:cf:29:b0:af: 6d:af:54:cf:9e:fc:6c:9a:d3:7c:d8:13:ac:cb:21:21:25:39: 46:0e:71:36:0a:f6:55:6e:eb:4b:d1:e7:45:a3:10:f6:76:f4: d9:ed:64:b7:c2:0d:cd:f4:9c:ad:09:21:fd:62:a7:12:5e:32: 38:9b:e0:8c:47:7c:69:ac:a6:c1:3e:19:8b:a3:f1:41:b4:82: 5c:3b:0f:3d:ac:e0:38:46:37:2b:b9:39:93:b4:a4:c8:8b:27: 72:1f:6f:4a:0f:16:0b:18:50:7a:c6:a2:b8:9a:23:b6:17:b8: c1:95:37:82:ff:c4:f7:e9:bb:de:77:ae:37:61:5f:e3:d6:4a: cc:1d:d8:39:21:e8:87:df:cd:cf:05:a8:e9:b1:91:28:7c:ce: bd:57:22:48:63:c1:ae:95:29:f1:b1:06:12:05:94:95:0e:c7: b0:f5:27:6c:7a:d5:42:03:b8:fd:84:3f:58:ca:74:8c:3c:69: fc:5c:6e:a1:30:64:c9:0a:df:e5:35:b5:a4:bf:d9:f3:b4:c8: 82:86:16:7e -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICAu4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUIyQjgxMTAvBgNVBAUTKEE2OTcwMEU3OEQwQzgxMkFEMkUyQzExNEM4MkM2NTVB MEFDRDQ0N0YwHhcNMjUwODA0MDMzNjMyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODkwMmFjMC1jZWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqmdbh9goltZhniH82IpNqwqjRBJ8Pm9xdzkBYwse3Yv9sZ0FA31vuzl4z/Wo 92sqEeza773qxOLd+UM5580FOHHSFga4ukHZPUVMESkIAoCUT00uIaPRfk2BVPEX uNrK0dvowaCHkX1w76nC8hyETc5Pd4YLU/02z1p1yd2ohUn+/Pw+Daiv3r94/g9W 8GWmSMekpj9uQy1xX11qcQHhC4BRzgQtnbQ2AVBDWeU5qMuOLAQgfLNy8OihitfU 1NV4hoe+WAMJ7qyMj6g8I61FdTAB7pEsu8AMArbaXZaUSm/6oRa+T/7zg/V5VPNM bK8nWMgShBpIFSw+Cc2xPD6GqQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFLdaW3o5 LxBejWuv4iCzlJRR66G+MB8GA1UdIwQYMBaAFKaXAOeNDIEq0uLBFMgsZVoKzUR/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjJCOC8zRjQ0Q0JBRTJG NEQxMUVEOEY1QTZBNjRDNEY5QUUwMi9wcGNBNTQwTWdTclM0c0VVeUN4bFdnck5S SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BwY0E1NDBNZ1NyUzRzRVV5Q3hsV2dyTlJIOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUIyQjgvM0Y0NENCQUUyRjREMTFFRDhGNUE2QTY0QzRGOUFFMDIvMjlGMkE2MjAy RUY3MTFGMDhBMjg1MjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MAwEAgABMAYDBAB7bEowKgQCAAIwJAMHACQHJEAAIQMHACQHJEAAJAMHACQH JEAAJgMHACQHJEAAKTANBgkqhkiG9w0BAQsFAAOCAQEAK4W6ff0apJJ/v75Wp28j 7Ya182JHLigvkOC2B5Tp/0IrJBVUBX2j9WHrRKBpDzloBaDPKbCvba9Uz578bJrT fNgTrMshISU5Rg5xNgr2VW7rS9HnRaMQ9nb02e1kt8INzfScrQkh/WKnEl4yOJvg jEd8aaymwT4Zi6PxQbSCXDsPPazgOEY3K7k5k7SkyIsnch9vSg8WCxhQesaiuJoj the4wZU3gv/E9+m73neuN2Ff49ZKzB3YOSHoh9/NzwWo6bGRKHzOvVciSGPBrpUp 8bEGEgWUlQ7HsPUnbHrVQgO4/YQ/WMp0jDxp/FxuoTBkyQrf5TW1pL/Z87TIgoYW fg== -----END CERTIFICATE-----Generated at Thu Oct 23 23:56:34 2025 by rpki-client