$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D91A51FE753E11ED91728868C4F9AE02.roa File: D91A51FE753E11ED91728868C4F9AE02.roa (raw, json) Hash identifier: iYvtcxoFunWW6dUyLDYffZlErW8kK88N6/E9cgqU2NA= Subject key identifier: 28:33:55:1A:D5:05:99:BD:C5:94:C3:51:53:B4:54:AE:D3:6A:02:8D Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 4E01 Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D91A51FE753E11ED91728868C4F9AE02.roa Signing time: Thu 28 Aug 2025 14:56:57 +0000 ROA not before: Thu 28 Aug 2025 14:56:57 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 38244 IP address blocks: 45.127.252.0/22 maxlen: 24 49.213.64.0/18 maxlen: 24 58.84.0.0/22 maxlen: 24 61.28.224.0/19 maxlen: 24 103.196.236.0/22 maxlen: 24 103.245.248.0/22 maxlen: 24 118.102.0.0/21 maxlen: 24 120.138.64.0/20 maxlen: 24 122.201.8.0/21 maxlen: 24 2001:df0:13::/48 maxlen: 48 2001:df0:1a::/48 maxlen: 48 2402:4e0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 14:36:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19969 (0x4e01) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Aug 28 14:56:57 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b06e39-f712 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:e9:6b:7b:f2:5e:1c:3c:00:67:c6:d6:93:dd: 7f:bc:27:ca:33:11:8b:6d:27:22:42:f0:ee:97:a1: c9:65:d7:9e:dc:d6:4b:e1:66:49:1e:f9:fb:0d:18: 31:0d:f7:88:fa:dc:57:0a:57:e3:60:6b:2c:41:3d: 93:56:99:8d:f9:cd:39:0b:8b:ca:ce:23:49:6e:71: d6:64:6e:e0:57:bc:ab:2b:3c:da:fe:9c:f2:c9:31: 66:97:8a:dc:f5:89:8f:af:30:ac:3c:2a:a9:29:00: 8b:d2:bf:89:78:ee:e9:41:d1:ef:20:85:76:be:b2: 21:2d:46:aa:72:e0:4d:ad:86:f3:16:26:b5:c6:7f: b0:79:ec:7e:1a:aa:05:2a:ed:11:51:14:18:06:0c: b2:98:d2:13:02:90:ab:32:a4:be:db:07:81:2f:00: 1a:f0:3e:26:a0:12:e3:67:13:48:5f:6d:af:f0:20: b8:d4:63:5b:d2:64:bf:64:41:f6:34:70:49:96:48: 65:59:fd:a6:4e:4c:06:d7:fe:25:7a:54:0b:54:d0: f0:bb:5a:ac:52:bf:6d:bb:63:50:7d:1c:4f:29:dc: 00:e2:71:22:39:cb:9e:e7:1e:d3:94:f7:85:dd:d7: 08:c1:20:43:c6:ec:bf:b0:25:4c:75:e0:fa:7c:72: 95:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:33:55:1A:D5:05:99:BD:C5:94:C3:51:53:B4:54:AE:D3:6A:02:8D X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D91A51FE753E11ED91728868C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.127.252.0/22 49.213.64.0/18 58.84.0.0/22 61.28.224.0/19 103.196.236.0/22 103.245.248.0/22 118.102.0.0/21 120.138.64.0/20 122.201.8.0/21 IPv6: 2001:df0:13::/48 2001:df0:1a::/48 2402:4e0::/32 Signature Algorithm: sha256WithRSAEncryption 5b:1b:4c:f7:a7:4a:13:89:7d:be:7a:d7:88:3c:05:8c:52:f6: 5e:8b:13:a4:ab:de:1b:4f:25:8e:f0:70:1f:8c:d1:bc:6e:7a: 39:8a:3f:58:b6:56:db:d9:d0:fa:d9:42:de:41:71:ad:b3:d6: a1:d1:03:48:64:b8:95:06:85:b3:84:14:bb:3a:5d:27:08:3c: 5c:12:10:0a:79:90:b2:dd:f1:3f:1f:83:17:d0:23:2c:21:2a: 97:63:bd:b1:04:89:fb:05:99:c8:e7:a7:0b:78:7a:6d:41:1b: c0:44:15:ef:aa:ea:99:48:b8:a4:5f:5c:38:c1:8e:9f:be:5f: 35:6b:ea:6c:dd:ac:ec:d0:de:ec:99:72:b8:82:0f:74:9f:53: b7:0d:06:3d:e3:4b:55:79:3b:c2:d0:1c:ad:c9:59:e0:e0:68: ae:10:30:a5:d7:ad:7d:66:cc:7c:54:a9:44:da:c3:ec:e5:e2: 8c:8a:21:02:d4:95:f1:f5:9f:c0:f0:cc:8a:3c:7a:88:e0:f4: 02:34:9f:87:61:99:f6:49:74:c0:f0:d2:a6:6e:f9:7d:82:fb: f5:e2:4a:61:72:53:88:43:3e:2d:e3:66:62:96:7a:6f:20:fe: 53:62:bf:c1:a4:80:4d:b7:fa:dc:61:a5:a8:9d:ce:67:f5:db: 88:71:bb:5c -----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgICTgEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwODI4MTQ1NjU3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIwNmUzOS1mNzEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5elre/JeHDwAZ8bWk91/vCfKMxGLbSciQvDul6HJZdee3NZL4WZJHvn7DRgx DfeI+txXClfjYGssQT2TVpmN+c05C4vKziNJbnHWZG7gV7yrKzza/pzyyTFml4rc 9YmPrzCsPCqpKQCL0r+JeO7pQdHvIIV2vrIhLUaqcuBNrYbzFia1xn+weex+GqoF Ku0RURQYBgyymNITApCrMqS+2weBLwAa8D4moBLjZxNIX22v8CC41GNb0mS/ZEH2 NHBJlkhlWf2mTkwG1/4lelQLVNDwu1qsUr9tu2NQfRxPKdwA4nEiOcue5x7TlPeF 3dcIwSBDxuy/sCVMdeD6fHKVawIDAQABo4IC5jCCAuIwHQYDVR0OBBYEFCgzVRrV BZm9xZTDUVO0VK7TagKNMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRDkxQTUxRkU3 NTNFMTFFRDkxNzI4ODY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcAYIKwYBBQUHAQcBAf8E YTBfMDwEAgABMDYDBAItf/wDBAYx1UADBAI6VAADBAU9HOADBAJnxOwDBAJn9fgD BAN2ZgADBAR4ikADBAN6yQgwHwQCAAIwGQMHACABDfAAEwMHACABDfAAGgMFACQC BOAwDQYJKoZIhvcNAQELBQADggEBAFsbTPenShOJfb5614g8BYxS9l6LE6Sr3htP JY7wcB+M0bxuejmKP1i2VtvZ0PrZQt5Bca2z1qHRA0hkuJUGhbOEFLs6XScIPFwS EAp5kLLd8T8fgxfQIywhKpdjvbEEifsFmcjnpwt4em1BG8BEFe+q6plIuKRfXDjB jp++XzVr6mzdrOzQ3uyZcriCD3SfU7cNBj3jS1V5O8LQHK3JWeDgaK4QMKXXrX1m zHxUqUTaw+zl4oyKIQLUlfH1n8DwzIo8eojg9AI0n4dhmfZJdMDw0qZu+X2C+/Xi SmFyU4hDPi3jZmKWem8g/lNiv8GkgE23+txhpaidzmf124hxu1w= -----END CERTIFICATE-----Generated at Mon Oct 20 14:21:55 2025 by rpki-client