$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/21C0B7E23BD311F0B1BF6C56C4F9AE02.roa File: 21C0B7E23BD311F0B1BF6C56C4F9AE02.roa (raw, json) Hash identifier: unO0oTKhnor9ebnRuAfkAYkGc9LOIbi0DbBC0WH9UfY= Subject key identifier: 18:EB:F0:CB:10:9F:1C:2D:13:41:1B:0E:46:9E:41:7B:44:DF:6C:6D Certificate issuer: /CN=A91AA48F/serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503 Certificate serial: 3514 Authority key identifier: BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/21C0B7E23BD311F0B1BF6C56C4F9AE02.roa Signing time: Thu 02 Oct 2025 14:40:48 +0000 ROA not before: Thu 02 Oct 2025 14:40:48 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 3758 IP address blocks: 111.65.100.0/24 maxlen: 24 111.65.101.0/24 maxlen: 24 111.65.102.0/23 maxlen: 23 111.65.104.0/21 maxlen: 22 111.65.112.0/20 maxlen: 20 202.78.52.0/22 maxlen: 22 202.78.55.0/24 maxlen: 24 2400:1c00:13::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 14:41:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13588 (0x3514) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA48F, serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503 Validity Not Before: Oct 2 14:40:48 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68de8eef-a4c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:88:65:c1:79:12:82:dd:84:25:6e:ce:a0:f6: 65:39:bc:ba:10:57:d9:2e:e9:1d:6e:7e:9b:84:c6: fa:78:95:b1:c7:9d:e7:cd:71:a3:91:95:4a:17:61: ae:f3:bb:9a:8e:2d:ca:79:d9:0b:2b:d7:c8:cd:48: b3:1a:57:57:42:03:bb:2f:16:01:01:06:95:40:38: d0:51:80:04:18:e4:10:b3:6f:8a:9a:64:34:b2:3c: c1:16:89:82:15:5e:6e:3c:34:b6:a7:a8:49:14:8a: 1f:bc:da:93:2e:ed:8d:71:05:39:c4:49:0d:85:26: a0:dd:b6:b9:13:f0:5e:2a:50:fb:ff:8e:56:6f:eb: 33:f3:4e:06:15:5b:87:a1:8d:bd:e4:6a:b2:39:cf: 20:d4:a0:d3:12:33:e5:e8:09:2e:aa:79:d0:f8:03: 5c:0e:8f:be:64:f8:de:db:5f:c2:94:87:a6:94:37: fe:3c:13:ec:e7:c1:b7:92:32:e2:56:f3:70:65:f8: 4f:ee:7f:c9:e0:83:37:e3:d7:19:ec:d6:bf:c0:90: ad:78:cd:48:4d:b2:81:3f:6a:79:db:d6:72:04:ad: e6:07:b1:2f:e5:c6:ee:5c:c4:d9:d4:12:86:2a:58: 2d:4a:c9:1a:56:55:65:25:07:f9:3e:e8:91:16:f1: 9b:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:EB:F0:CB:10:9F:1C:2D:13:41:1B:0E:46:9E:41:7B:44:DF:6C:6D X509v3 Authority Key Identifier: keyid:BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/21C0B7E23BD311F0B1BF6C56C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 111.65.100.0-111.65.127.255 202.78.52.0/22 IPv6: 2400:1c00:13::/48 Signature Algorithm: sha256WithRSAEncryption 3d:8d:b5:eb:65:94:38:d0:fa:4f:28:bb:d4:bb:4c:eb:7e:1f: 85:83:b1:71:e8:02:56:b2:c4:fe:5b:2e:d4:5f:f8:dc:12:0d: cc:0c:54:d7:6e:bd:0a:07:4b:4a:64:f9:b4:0e:28:26:51:99: ff:2e:5a:b7:4c:0c:7e:59:98:e9:3c:aa:30:54:00:fd:5c:45: 23:8b:df:3d:7c:6d:b2:d3:21:6f:8c:38:c8:75:fc:c3:cd:17: a4:a7:a5:e3:9e:4b:0e:6c:cf:4b:cf:e0:d9:72:32:6d:46:c4: 69:73:82:c2:85:14:52:33:91:aa:8b:a8:33:62:4f:e5:e6:a6: e7:21:ed:2d:fc:f4:27:07:8a:e4:7f:10:22:af:f4:c5:ad:b8: e1:a0:4d:00:50:2e:42:ee:d5:b3:3e:6d:ba:04:b2:9f:00:4d: bc:28:69:48:8c:a7:72:d9:93:1f:4b:f0:7a:53:cb:4a:cd:1b: 08:09:37:08:64:8e:45:75:1a:d3:ea:1d:10:8e:5f:57:d5:2b: f6:af:a7:f2:3f:44:fa:ad:e1:da:8a:85:de:b1:aa:51:48:02: 85:d5:a9:8d:42:a7:76:a9:bb:93:24:04:46:7a:34:2a:1b:6d: 27:1a:a6:03:3c:11:1d:49:30:cd:d2:83:41:ad:5a:49:0f:2b: a6:79:a1:d5 -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgICNRQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE0OEYxMTAvBgNVBAUTKEJFMEU3QTg5MEY3MjgxQzY1NDYzMkU4QkU4MEVCQkY5 RkZCNTY1MDMwHhcNMjUxMDAyMTQ0MDQ4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRlOGVlZi1hNGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9YhlwXkSgt2EJW7OoPZlOby6EFfZLukdbn6bhMb6eJWxx53nzXGjkZVKF2Gu 87uaji3KedkLK9fIzUizGldXQgO7LxYBAQaVQDjQUYAEGOQQs2+KmmQ0sjzBFomC FV5uPDS2p6hJFIofvNqTLu2NcQU5xEkNhSag3ba5E/BeKlD7/45Wb+sz804GFVuH oY295GqyOc8g1KDTEjPl6AkuqnnQ+ANcDo++ZPje21/ClIemlDf+PBPs58G3kjLi VvNwZfhP7n/J4IM349cZ7Na/wJCteM1ITbKBP2p529ZyBK3mB7Ev5cbuXMTZ1BKG KlgtSskaVlVlJQf5PuiRFvGbJQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFBjr8MsQ nxwtE0EbDkaeQXtE32xtMB8GA1UdIwQYMBaAFL4OeokPcoHGVGMui+gOu/n/tWUD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ4Ri84QzgxQTg1NjFE OEQxMUUyODY2QzUwRUIwOEIwMkNEMi92ZzU2aVE5eWdjWlVZeTZMNkE2Ny1mLTFa UU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZnNTZpUTl5Z2NaVVl5Nkw2QTY3LWYtMVpRTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUE0OEYvOEM4MUE4NTYxRDhEMTFFMjg2NkM1MEVCMDhCMDJDRDIvMjFDMEI3RTIz QkQzMTFGMEIxQkY2QzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E LzAtMBoEAgABMBQwDAMEAm9BZAMEB29BAAMEAspONDAPBAIAAjAJAwcAJAAcAAAT MA0GCSqGSIb3DQEBCwUAA4IBAQA9jbXrZZQ40PpPKLvUu0zrfh+Fg7Fx6AJWssT+ Wy7UX/jcEg3MDFTXbr0KB0tKZPm0DigmUZn/Llq3TAx+WZjpPKowVAD9XEUji989 fG2y0yFvjDjIdfzDzRekp6XjnksObM9Lz+DZcjJtRsRpc4LChRRSM5Gqi6gzYk/l 5qbnIe0t/PQnB4rkfxAir/TFrbjhoE0AUC5C7tWzPm26BLKfAE28KGlIjKdy2ZMf S/B6U8tKzRsICTcIZI5FdRrT6h0Qjl9X1Sv2r6fyP0T6reHaioXesapRSAKF1amN Qqd2qbuTJARGejQqG20nGqYDPBEdSTDN0oNBrVpJDyumeaHV -----END CERTIFICATE-----Generated at Mon Oct 20 08:00:47 2025 by rpki-client