$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/08FA1EC60C0911EDBDF8C44FC4F9AE02.roa File: 08FA1EC60C0911EDBDF8C44FC4F9AE02.roa (raw, json) Hash identifier: kYoJR47X3kVYZwmuVMeLLYOoJYr+wMR5mBYYm9JId0w= Subject key identifier: CC:3B:6B:66:02:AF:86:CD:CC:1C:2C:F5:84:78:08:AF:1C:4B:95:08 Certificate issuer: /CN=A91F2CA8/serialNumber=1E752C3D16048C3F3F6323D2B91070BF247D6866 Certificate serial: 34EF Authority key identifier: 1E:75:2C:3D:16:04:8C:3F:3F:63:23:D2:B9:10:70:BF:24:7D:68:66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/08FA1EC60C0911EDBDF8C44FC4F9AE02.roa Signing time: Tue 28 Oct 2025 15:00:53 +0000 ROA not before: Tue 28 Oct 2025 15:00:53 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 45768 IP address blocks: 27.111.64.0/21 maxlen: 24 113.29.208.0/21 maxlen: 21 180.95.0.0/24 maxlen: 24 180.95.64.0/19 maxlen: 19 180.95.96.0/20 maxlen: 20 180.95.112.0/21 maxlen: 21 202.134.51.0/24 maxlen: 24 203.34.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:59:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13551 (0x34ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CA8, serialNumber=1E752C3D16048C3F3F6323D2B91070BF247D6866 Validity Not Before: Oct 28 15:00:53 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=6900daa5-a179 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:ec:b0:7b:68:0e:1d:23:e7:ef:71:4c:09:e4: 61:12:e3:ba:29:5d:b9:66:b3:45:64:e1:9a:2c:15: 65:8c:2c:d1:b3:d7:39:09:94:ca:ed:e2:78:15:3a: ff:1e:fe:8f:e0:e5:a8:1d:0d:e2:a8:36:a7:4a:c6: 25:a2:18:94:29:71:fc:7c:01:6b:8d:af:8e:88:5d: e5:f3:36:80:88:e8:28:a0:0f:07:ca:4b:82:1f:a7: 6a:38:aa:f4:cd:90:32:03:3a:e3:cb:5a:ea:f7:66: 3e:46:d5:40:a4:c5:01:11:34:6a:7a:2c:e8:4f:0e: da:e2:4b:0f:92:18:15:e1:0b:5a:ce:fa:0c:4f:e3: 6d:77:84:d9:a4:1e:fd:b9:bc:c0:53:95:7b:60:70: 20:5c:9e:f4:71:91:08:f3:1b:25:53:a2:e7:34:66: b5:8e:0f:4a:33:4e:7c:be:06:ee:c0:4e:78:bc:ca: 89:86:00:47:57:6c:8e:a2:3c:df:70:2a:af:3d:e6: 37:25:c2:c7:de:de:75:c1:b6:45:1e:e9:c9:ec:de: 42:96:e3:d3:65:11:86:be:c1:bc:a6:21:9a:76:7b: 2d:19:ef:f5:24:da:68:28:8f:1c:09:94:20:77:91: 13:3d:02:43:4c:b1:c7:a5:bc:db:29:38:37:ee:58: 36:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:3B:6B:66:02:AF:86:CD:CC:1C:2C:F5:84:78:08:AF:1C:4B:95:08 X509v3 Authority Key Identifier: keyid:1E:75:2C:3D:16:04:8C:3F:3F:63:23:D2:B9:10:70:BF:24:7D:68:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/08FA1EC60C0911EDBDF8C44FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.111.64.0/21 113.29.208.0/21 180.95.0.0/24 180.95.64.0-180.95.119.255 202.134.51.0/24 203.34.155.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:29:c4:01:87:fe:34:fe:ba:b2:c4:fb:be:35:f4:c6:70:27: 81:ab:5b:84:0c:3d:eb:0d:fb:a4:55:53:0f:6a:ed:1f:bb:70: 44:16:8f:c1:a6:22:2b:a1:9f:20:28:77:61:e1:c8:04:89:ac: 5a:03:56:76:ec:bf:13:4e:a6:c8:ed:38:2e:78:cb:ea:cb:00: 29:e9:33:65:ca:3a:14:e4:1c:b8:c3:e2:57:47:46:12:77:8f: 6e:0a:1d:21:03:50:52:9c:62:8e:da:38:72:20:d4:9a:2e:e2: 7c:e1:4b:0f:a5:f0:34:1e:63:eb:3f:85:25:1d:aa:97:48:e5: 3a:01:93:79:79:84:80:87:e2:d1:8f:00:04:fb:32:ae:4d:94: 30:20:b8:10:e2:51:10:4c:8d:72:6b:30:a5:01:20:c5:aa:e6: e9:2a:75:6c:6f:4c:7d:b3:9d:57:7b:9b:3b:24:71:17:f7:03: e7:2e:5d:f3:12:6d:d0:ad:d7:66:c5:cd:cc:3d:91:37:82:c2: 63:ae:7f:d2:bc:64:a8:ca:5e:67:88:17:83:ad:f5:1f:81:99: 18:c3:6c:00:5c:c1:6a:26:3f:f7:fb:86:eb:82:72:16:74:49: c3:95:56:bb:05:ec:90:69:a9:e1:8f:87:8f:3d:a8:b8:98:64: 9d:1a:4d:d1 -----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgICNO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJDQTgxMTAvBgNVBAUTKDFFNzUyQzNEMTYwNDhDM0YzRjYzMjNEMkI5MTA3MEJG MjQ3RDY4NjYwHhcNMjUxMDI4MTUwMDUzWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTAwZGFhNS1hMTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoOywe2gOHSPn73FMCeRhEuO6KV25ZrNFZOGaLBVljCzRs9c5CZTK7eJ4FTr/ Hv6P4OWoHQ3iqDanSsYlohiUKXH8fAFrja+OiF3l8zaAiOgooA8HykuCH6dqOKr0 zZAyAzrjy1rq92Y+RtVApMUBETRqeizoTw7a4ksPkhgV4QtazvoMT+Ntd4TZpB79 ubzAU5V7YHAgXJ70cZEI8xslU6LnNGa1jg9KM058vgbuwE54vMqJhgBHV2yOojzf cCqvPeY3JcLH3t51wbZFHunJ7N5CluPTZRGGvsG8piGadnstGe/1JNpoKI8cCZQg d5ETPQJDTLHHpbzbKTg37lg2owIDAQABo4ICuzCCArcwHQYDVR0OBBYEFMw7a2YC r4bNzBws9YR4CK8cS5UIMB8GA1UdIwQYMBaAFB51LD0WBIw/P2Mj0rkQcL8kfWhm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNBOC84NzAzMjI1ODFE OUExMUUyQUE4NkMyODcwOEIwMkNEMi9IblVzUFJZRWpEOF9ZeVBTdVJCd3Z5Ujlh R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0huVXNQUllFakQ4X1l5UFN1UkJ3dnlSOWFHWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjJDQTgvODcwMzIyNTgxRDlBMTFFMkFBODZDMjg3MDhCMDJDRDIvMDhGQTFFQzYw QzA5MTFFREJERjhDNDRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E NjA0MDIEAgABMCwDBAMbb0ADBANxHdADBAC0XwAwDAMEBrRfQAMEA7RfcAMEAMqG MwMEAMsimzANBgkqhkiG9w0BAQsFAAOCAQEAfynEAYf+NP66ssT7vjX0xnAngatb hAw96w37pFVTD2rtH7twRBaPwaYiK6GfICh3YeHIBImsWgNWduy/E06myO04LnjL 6ssAKekzZco6FOQcuMPiV0dGEnePbgodIQNQUpxijto4ciDUmi7ifOFLD6XwNB5j 6z+FJR2ql0jlOgGTeXmEgIfi0Y8ABPsyrk2UMCC4EOJREEyNcmswpQEgxarm6Sp1 bG9MfbOdV3ubOyRxF/cD5y5d8xJt0K3XZsXNzD2RN4LCY65/0rxkqMpeZ4gXg631 H4GZGMNsAFzBaiY/9/uG64JyFnRJw5VWuwXskGmp4Y+Hjz2ouJhknRpN0Q== -----END CERTIFICATE-----Generated at Wed Nov 5 14:40:30 2025 by rpki-client