$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5F82/3107B3ECF7C511EABC34950AC4F9AE02/59F7EF4E0A4611ECAE818D54C4F9AE02.roa File: 59F7EF4E0A4611ECAE818D54C4F9AE02.roa (raw, json) Hash identifier: x40FMjyhrIBfTk8/yc4c2wF8kybpgUwEO3HTguXSoZY= Subject key identifier: C2:95:92:6E:94:CD:0B:32:73:84:3D:6F:51:56:BB:84:FE:9E:02:35 Certificate issuer: /CN=A91A5F82/serialNumber=7447B2835EACB88AC48727CB726BB87B97BA778A Certificate serial: 080B Authority key identifier: 74:47:B2:83:5E:AC:B8:8A:C4:87:27:CB:72:6B:B8:7B:97:BA:77:8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dEeyg16suIrEhyfLcmu4e5e6d4o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5F82/3107B3ECF7C511EABC34950AC4F9AE02/59F7EF4E0A4611ECAE818D54C4F9AE02.roa Signing time: Tue 16 Sep 2025 21:32:11 +0000 ROA not before: Tue 16 Sep 2025 21:32:11 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 4845 IP address blocks: 202.165.128.0/19 maxlen: 19 202.165.128.0/20 maxlen: 24 202.165.144.0/20 maxlen: 24 2400:7000::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5F82/3107B3ECF7C511EABC34950AC4F9AE02/dEeyg16suIrEhyfLcmu4e5e6d4o.crl rsync://rpki.apnic.net/member_repository/A91A5F82/3107B3ECF7C511EABC34950AC4F9AE02/dEeyg16suIrEhyfLcmu4e5e6d4o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dEeyg16suIrEhyfLcmu4e5e6d4o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 22:09:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2059 (0x80b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5F82, serialNumber=7447B2835EACB88AC48727CB726BB87B97BA778A Validity Not Before: Sep 16 21:32:11 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68c9d75b-0a03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c3:55:19:bc:4c:ab:75:b2:3e:9c:93:f9:14: bd:fc:04:ad:bf:26:a2:75:df:dd:68:3c:f9:c2:0f: cb:ec:e0:6f:a5:c1:6c:88:c8:c3:ca:c4:71:cf:0c: 44:bf:8d:9d:5b:be:57:b8:a6:21:08:12:fc:46:df: 87:15:61:d9:d1:26:67:9a:8c:ee:bc:a3:56:2b:1d: 5b:cc:7c:0e:22:cb:b3:1c:2d:28:c0:5a:72:10:e9: b7:3d:45:a5:2b:af:bc:a5:5d:9c:be:d9:4a:2b:7f: b7:a5:70:d3:db:86:be:4d:d6:bb:2e:15:82:92:34: 3b:b1:d4:b4:fa:d1:a1:2b:fd:23:24:a1:9c:1e:1f: 16:3b:99:af:83:6f:73:0a:6f:36:9f:4e:4e:f9:92: e3:fc:33:45:96:4b:00:52:3c:93:35:06:bf:ac:13: 3f:4d:8f:a0:82:0e:30:49:0a:99:50:11:3b:3a:bf: 8f:d1:b0:ee:cc:5f:59:da:68:26:0b:22:e5:39:69: bc:3f:2f:6e:2a:44:3a:ca:88:fe:26:dd:1e:1d:94: d4:d9:cc:df:d4:32:82:85:6e:b8:55:0d:4d:63:47: 5c:57:a2:ae:65:ff:47:17:e6:d9:75:6d:90:c2:69: 89:4f:7b:04:d2:77:e4:94:94:3a:f2:a6:45:3b:09: 49:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:95:92:6E:94:CD:0B:32:73:84:3D:6F:51:56:BB:84:FE:9E:02:35 X509v3 Authority Key Identifier: keyid:74:47:B2:83:5E:AC:B8:8A:C4:87:27:CB:72:6B:B8:7B:97:BA:77:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5F82/3107B3ECF7C511EABC34950AC4F9AE02/dEeyg16suIrEhyfLcmu4e5e6d4o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dEeyg16suIrEhyfLcmu4e5e6d4o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5F82/3107B3ECF7C511EABC34950AC4F9AE02/59F7EF4E0A4611ECAE818D54C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.165.128.0/19 IPv6: 2400:7000::/32 Signature Algorithm: sha256WithRSAEncryption 70:2c:1f:4a:ef:7b:6a:ed:25:f3:44:38:f1:84:64:fb:c6:3c: 6c:47:6d:67:9c:e7:02:0c:72:b3:1c:97:08:70:b0:d6:b6:e7: 92:f3:ab:4f:2c:41:1c:4d:d2:dd:0a:9a:0d:f2:94:1d:fe:72: d5:f6:3f:97:12:09:07:ae:3e:99:cc:43:d8:1f:bb:be:0f:1c: f5:b2:33:89:5e:73:3d:df:a0:36:dc:71:32:d4:a5:58:e1:ba: 57:1a:45:12:5c:77:2f:1c:e8:e9:06:09:9c:2a:f8:42:e9:b0: 9e:28:36:f7:20:d6:ef:23:dd:25:2d:07:ee:18:10:34:09:55: 9e:d5:9c:d1:a6:3a:da:08:11:20:84:e0:9c:4c:7e:44:6d:a8: 46:a6:4c:5d:7d:30:d2:a4:d3:b3:b3:95:d2:a3:ac:c4:6f:b2: 2e:f7:be:01:4f:a1:3e:47:1b:20:5f:65:d3:e1:0d:84:a5:49: 43:e5:5a:34:1d:9b:3a:47:cb:1b:97:a3:17:6f:b1:63:d1:2b: 43:d2:c1:ca:97:e6:b1:d7:20:f3:c8:32:0e:3b:32:a5:b4:35: ca:9f:23:20:f8:ac:a0:57:5b:18:cd:95:8c:3d:82:d9:73:fc: 88:54:90:c6:99:7f:56:b8:91:29:64:8e:65:81:33:00:4c:4f: f4:67:1e:34 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCAswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTVGODIxMTAvBgNVBAUTKDc0NDdCMjgzNUVBQ0I4OEFDNDg3MjdDQjcyNkJCODdC OTdCQTc3OEEwHhcNMjUwOTE2MjEzMjExWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGM5ZDc1Yi0wYTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs8NVGbxMq3WyPpyT+RS9/AStvyaidd/daDz5wg/L7OBvpcFsiMjDysRxzwxE v42dW75XuKYhCBL8Rt+HFWHZ0SZnmozuvKNWKx1bzHwOIsuzHC0owFpyEOm3PUWl K6+8pV2cvtlKK3+3pXDT24a+Tda7LhWCkjQ7sdS0+tGhK/0jJKGcHh8WO5mvg29z Cm82n05O+ZLj/DNFlksAUjyTNQa/rBM/TY+ggg4wSQqZUBE7Or+P0bDuzF9Z2mgm CyLlOWm8Py9uKkQ6yoj+Jt0eHZTU2czf1DKChW64VQ1NY0dcV6KuZf9HF+bZdW2Q wmmJT3sE0nfklJQ68qZFOwlJ+wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMKVkm6U zQsyc4Q9b1FWu4T+ngI1MB8GA1UdIwQYMBaAFHRHsoNerLiKxIcny3JruHuXuneK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUY4Mi8zMTA3QjNFQ0Y3 QzUxMUVBQkMzNDk1MEFDNEY5QUUwMi9kRWV5ZzE2c3VJckVoeWZMY211NGU1ZTZk NG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RFZXlnMTZzdUlyRWh5ZkxjbXU0ZTVlNmQ0by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTVGODIvMzEwN0IzRUNGN0M1MTFFQUJDMzQ5NTBBQzRGOUFFMDIvNTlGN0VGNEUw QTQ2MTFFQ0FFODE4RDU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAXKpYAwDQQCAAIwBwMFACQAcAAwDQYJKoZIhvcNAQELBQAD ggEBAHAsH0rve2rtJfNEOPGEZPvGPGxHbWec5wIMcrMclwhwsNa255Lzq08sQRxN 0t0Kmg3ylB3+ctX2P5cSCQeuPpnMQ9gfu74PHPWyM4lecz3foDbccTLUpVjhulca RRJcdy8c6OkGCZwq+ELpsJ4oNvcg1u8j3SUtB+4YEDQJVZ7VnNGmOtoIESCE4JxM fkRtqEamTF19MNKk07OzldKjrMRvsi73vgFPoT5HGyBfZdPhDYSlSUPlWjQdmzpH yxuXoxdvsWPRK0PSwcqX5rHXIPPIMg47MqW0NcqfIyD4rKBXWxjNlYw9gtlz/IhU kMaZf1a4kSlkjmWBMwBMT/RnHjQ= -----END CERTIFICATE-----Generated at Mon Oct 20 14:12:56 2025 by rpki-client