$ rpki-client -vvf rpki.apnic.net/member_repository/A91ECB9B/39DA287045DE11ECA823C571C4F9AE02/48BEEFFEF52F11EDADE1B280C4F9AE02.roa File: 48BEEFFEF52F11EDADE1B280C4F9AE02.roa (raw, json) Hash identifier: mciOFoWN4OGu4gy01Ach9NNCm4o/f8zqGbHO8EJqoLw= Subject key identifier: 42:3B:4A:D4:3A:86:83:7D:7B:AD:1B:A8:B8:DB:E9:8D:06:98:72:99 Certificate issuer: /CN=A91ECB9B/serialNumber=0D654D6FCECD33E1516E20C2E3734F85406E7246 Certificate serial: 04C1 Authority key identifier: 0D:65:4D:6F:CE:CD:33:E1:51:6E:20:C2:E3:73:4F:85:40:6E:72:46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DWVNb87NM-FRbiDC43NPhUBuckY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ECB9B/39DA287045DE11ECA823C571C4F9AE02/48BEEFFEF52F11EDADE1B280C4F9AE02.roa Signing time: Mon 13 Oct 2025 01:55:56 +0000 ROA not before: Mon 13 Oct 2025 01:55:56 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 133041 IP address blocks: 45.120.44.0/24 maxlen: 24 45.120.45.0/24 maxlen: 24 45.120.46.0/24 maxlen: 24 45.120.47.0/24 maxlen: 24 103.75.0.0/24 maxlen: 24 103.75.1.0/24 maxlen: 24 103.75.2.0/24 maxlen: 24 103.75.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ECB9B/39DA287045DE11ECA823C571C4F9AE02/DWVNb87NM-FRbiDC43NPhUBuckY.crl rsync://rpki.apnic.net/member_repository/A91ECB9B/39DA287045DE11ECA823C571C4F9AE02/DWVNb87NM-FRbiDC43NPhUBuckY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DWVNb87NM-FRbiDC43NPhUBuckY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:56:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1217 (0x4c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ECB9B, serialNumber=0D654D6FCECD33E1516E20C2E3734F85406E7246 Validity Not Before: Oct 13 01:55:56 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68ec5c2c-88e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:3f:b3:74:82:7c:2b:f5:e3:54:5c:60:af:01: ef:b8:93:46:8e:00:a3:8c:04:1e:a6:70:a2:0a:b4: 7b:e6:ba:ba:9e:e0:84:be:a1:be:a7:11:88:29:9f: f7:7c:35:ff:ac:7e:56:9c:e3:3c:a5:48:1e:e1:41: 1d:ac:f2:c1:7d:05:b1:7a:1b:e6:20:6b:ab:aa:8d: 94:1a:5e:48:c7:41:fd:66:1a:4e:68:25:d0:df:25: b1:b3:75:71:9d:d9:e1:40:3b:3f:2d:b0:6e:96:95: 4e:7a:20:f2:b5:8f:94:40:e6:20:b8:70:01:dd:e7: 6f:0e:78:99:84:09:5a:47:51:88:e8:28:d4:78:f2: de:9d:a5:98:bf:c2:a5:e2:a3:7c:25:8c:69:b0:9c: d1:5c:08:d4:38:67:75:91:23:89:5f:1d:aa:32:17: 6c:69:a2:27:d2:d3:c8:3c:3c:8d:e2:1b:0c:fb:49: 8c:05:54:b4:4c:e6:91:ec:f8:ac:97:a6:76:41:d8: 9b:64:28:cf:89:82:e8:72:25:4b:16:55:8c:83:b6: 64:74:50:f3:3a:a0:cb:17:a5:88:6a:82:3b:7c:8f: 0b:79:f1:7c:d6:7c:c9:f7:7d:24:f1:d7:fc:cf:40: a0:77:29:71:8c:01:97:48:93:eb:56:d6:a2:b1:3f: 90:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:3B:4A:D4:3A:86:83:7D:7B:AD:1B:A8:B8:DB:E9:8D:06:98:72:99 X509v3 Authority Key Identifier: keyid:0D:65:4D:6F:CE:CD:33:E1:51:6E:20:C2:E3:73:4F:85:40:6E:72:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ECB9B/39DA287045DE11ECA823C571C4F9AE02/DWVNb87NM-FRbiDC43NPhUBuckY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DWVNb87NM-FRbiDC43NPhUBuckY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ECB9B/39DA287045DE11ECA823C571C4F9AE02/48BEEFFEF52F11EDADE1B280C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.120.44.0/22 103.75.0.0/22 Signature Algorithm: sha256WithRSAEncryption a9:6d:a8:da:45:df:e0:94:7b:1f:2e:44:b5:c9:16:05:d8:7b: 45:87:80:3f:8b:12:09:95:3f:67:2f:2f:61:8d:9b:22:1e:40: 27:62:fc:60:fa:86:96:3f:ea:c1:ef:95:6f:95:61:f0:31:31: 8d:df:2b:71:32:58:67:9d:6f:2a:d3:e3:b0:c1:41:be:98:ce: 26:f5:91:b2:ab:b8:f2:d5:25:24:56:a9:03:cb:9f:ce:d4:09: 3e:2f:be:b3:43:0a:46:1d:50:3b:62:ee:31:f7:04:14:50:80: 98:6d:67:f5:76:e6:d8:82:96:ca:33:8c:ba:ac:c1:69:67:35: 38:a7:9b:0f:f5:9f:dd:7f:e0:fd:6d:16:36:46:62:87:73:de: 53:1f:11:07:ca:9f:6b:5f:84:56:a4:1d:77:a9:4f:37:3e:24: 4c:79:22:b0:c2:62:40:e4:32:60:1f:a8:c4:74:68:68:1f:7f: 6a:f7:a8:14:eb:df:e4:66:69:63:c9:57:4d:46:d2:ac:c5:a5: 9b:43:6f:08:b2:79:44:f4:be:83:56:c4:4a:5e:26:ba:44:7e: 7c:59:05:1c:55:0b:76:d8:51:42:2e:75:65:a0:24:bb:39:af: 97:2a:e5:ff:af:73:7d:22:97:31:49:bb:0a:5e:67:53:f4:e9: 99:bb:d0:dd -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBMEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUNCOUIxMTAvBgNVBAUTKDBENjU0RDZGQ0VDRDMzRTE1MTZFMjBDMkUzNzM0Rjg1 NDA2RTcyNDYwHhcNMjUxMDEzMDE1NTU2WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGVjNWMyYy04OGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArj+zdIJ8K/XjVFxgrwHvuJNGjgCjjAQepnCiCrR75rq6nuCEvqG+pxGIKZ/3 fDX/rH5WnOM8pUge4UEdrPLBfQWxehvmIGurqo2UGl5Ix0H9ZhpOaCXQ3yWxs3Vx ndnhQDs/LbBulpVOeiDytY+UQOYguHAB3edvDniZhAlaR1GI6CjUePLenaWYv8Kl 4qN8JYxpsJzRXAjUOGd1kSOJXx2qMhdsaaIn0tPIPDyN4hsM+0mMBVS0TOaR7Pis l6Z2QdibZCjPiYLociVLFlWMg7ZkdFDzOqDLF6WIaoI7fI8LefF81nzJ930k8df8 z0CgdylxjAGXSJPrVtaisT+QJwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEI7StQ6 hoN9e60bqLjb6Y0GmHKZMB8GA1UdIwQYMBaAFA1lTW/OzTPhUW4gwuNzT4VAbnJG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQ0I5Qi8zOURBMjg3MDQ1 REUxMUVDQTgyM0M1NzFDNEY5QUUwMi9EV1ZOYjg3Tk0tRlJiaURDNDNOUGhVQnVj a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RXVk5iODdOTS1GUmJpREM0M05QaFVCdWNrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUNCOUIvMzlEQTI4NzA0NURFMTFFQ0E4MjNDNTcxQzRGOUFFMDIvNDhCRUVGRkVG NTJGMTFFREFERTFCMjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIteCwDBAJnSwAwDQYJKoZIhvcNAQELBQADggEBAKltqNpF 3+CUex8uRLXJFgXYe0WHgD+LEgmVP2cvL2GNmyIeQCdi/GD6hpY/6sHvlW+VYfAx MY3fK3EyWGedbyrT47DBQb6Yzib1kbKruPLVJSRWqQPLn87UCT4vvrNDCkYdUDti 7jH3BBRQgJhtZ/V25tiClsozjLqswWlnNTinmw/1n91/4P1tFjZGYodz3lMfEQfK n2tfhFakHXepTzc+JEx5IrDCYkDkMmAfqMR0aGgff2r3qBTr3+RmaWPJV01G0qzF pZtDbwiyeUT0voNWxEpeJrpEfnxZBRxVC3bYUUIudWWgJLs5r5cq5f+vc30ilzFJ uwpeZ1P06Zm70N0= -----END CERTIFICATE-----Generated at Wed Nov 5 20:01:29 2025 by rpki-client