$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2F4FE7325B7C11EDAAFAB831C4F9AE02.roa File: 2F4FE7325B7C11EDAAFAB831C4F9AE02.roa (raw, json) Hash identifier: dqWEuxtnbfWU4nZkFSb2NotigdJvsBeg81R5KHdp3N8= Subject key identifier: 5B:CE:5F:A6:75:E3:6D:4D:F8:B0:61:D9:4E:4D:6A:F1:EF:DD:A4:1F Certificate issuer: /CN=A91ADB98/serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Certificate serial: 02AD Authority key identifier: 66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2F4FE7325B7C11EDAAFAB831C4F9AE02.roa Signing time: Wed 01 Oct 2025 02:29:07 +0000 ROA not before: Wed 01 Oct 2025 02:29:07 +0000 ROA not after: Fri 30 Jan 2026 00:00:00 +0000 asID: 65501 IP address blocks: 140.168.244.0/22 maxlen: 22 140.168.244.0/24 maxlen: 24 140.168.245.0/24 maxlen: 24 140.168.246.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 04:04:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 685 (0x2ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ADB98, serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Validity Not Before: Oct 1 02:29:07 2025 GMT Not After : Jan 30 00:00:00 2026 GMT Subject: CN=68dc91f2-fc59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:2f:fc:46:28:e0:61:a5:74:4a:6d:03:74:e0: 1e:f3:d1:9f:75:10:9c:83:e8:13:0f:73:a2:37:47: fa:14:4e:0b:6a:81:02:fb:37:0b:9e:ab:2b:f2:52: ef:df:5e:bb:1b:ac:ba:53:64:5c:06:d9:88:ab:02: d3:a4:87:87:9b:04:d3:78:f7:a5:37:ca:63:83:41: 39:06:c4:77:a0:8e:10:f7:4e:e7:a7:1f:0f:f3:48: 77:75:77:7e:4f:dc:44:45:d0:d0:85:ca:84:6c:82: 2e:a0:90:5e:25:85:75:16:58:da:6a:97:bd:ce:00: 92:d8:4f:de:b8:7a:da:75:d2:1b:d4:dc:ae:ea:0f: 0e:a0:df:d9:46:ed:85:38:b6:f3:f4:47:52:b5:97: 51:11:c5:ef:94:16:2c:51:ec:c1:2e:5f:89:41:b3: 98:ae:20:57:29:7d:ef:86:26:ff:3c:58:ed:e7:d1: 18:d5:e5:79:45:a3:0b:9b:35:ed:b1:14:03:98:19: f7:e3:fc:d3:2f:32:fa:b2:bb:43:91:14:4b:2c:2f: 99:3d:8a:e1:5e:37:58:6d:e8:74:21:06:13:1e:46: bc:9b:a5:fe:f6:a0:80:0e:b5:11:68:e7:15:b2:4b: 23:b0:a3:35:5c:86:75:ea:98:67:6f:99:17:36:7e: 56:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:CE:5F:A6:75:E3:6D:4D:F8:B0:61:D9:4E:4D:6A:F1:EF:DD:A4:1F X509v3 Authority Key Identifier: keyid:66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2F4FE7325B7C11EDAAFAB831C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 140.168.244.0/22 Signature Algorithm: sha256WithRSAEncryption 13:74:60:66:f9:f5:a8:09:f5:d8:34:99:76:0c:b2:39:e5:b4: ea:c5:d8:fc:a0:55:32:e8:41:37:cd:e8:5a:1c:a1:f2:18:c4: c7:94:52:fd:8b:b0:46:19:f8:c3:c6:3a:9b:c7:ca:b1:d2:7e: 8c:a5:d5:af:2f:7f:f6:b3:da:25:a3:7b:b2:08:e4:34:f2:67: 38:1a:3f:fc:dd:30:f1:b2:f6:d0:9b:12:7d:ef:ea:5c:d8:43: 0b:93:6c:44:2f:b1:ca:08:38:d9:89:55:98:b8:2d:62:12:77: 2b:46:26:cc:85:b2:0a:40:af:77:68:a9:2d:5a:88:0a:ea:93: 57:ed:0a:c0:1f:c3:96:32:7e:1c:2c:f2:73:5b:0f:8a:77:6b: 7e:43:57:26:5d:48:d4:7f:6b:bd:1f:43:c3:f2:eb:55:3a:69: ee:8d:69:80:2e:1c:83:1a:27:8f:bb:97:89:b0:d9:40:18:f8: 41:02:7e:32:e0:85:f2:86:53:f2:ad:fe:ca:f1:d0:2f:9b:46: 04:60:f5:d2:e1:44:87:57:0c:30:34:63:51:2d:8b:cf:09:ad: f0:7e:59:54:19:e4:c3:a9:3b:1c:6a:e8:69:2b:ee:a6:0e:88: a1:fe:bf:f8:ec:ee:51:18:1a:55:b5:bc:85:d5:0c:53:08:c8: b2:09:61:d3 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QURCOTgxMTAvBgNVBAUTKDY2MUM2NEUyOTNCODdGNDczQUY2MUQ4OURFNDhGQzQ1 Mzg1NzAxNTcwHhcNMjUxMDAxMDIyOTA3WhcNMjYwMTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRjOTFmMi1mYzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAry/8RijgYaV0Sm0DdOAe89GfdRCcg+gTD3OiN0f6FE4LaoEC+zcLnqsr8lLv 3167G6y6U2RcBtmIqwLTpIeHmwTTePelN8pjg0E5BsR3oI4Q907npx8P80h3dXd+ T9xERdDQhcqEbIIuoJBeJYV1Fljaape9zgCS2E/euHraddIb1Nyu6g8OoN/ZRu2F OLbz9EdStZdREcXvlBYsUezBLl+JQbOYriBXKX3vhib/PFjt59EY1eV5RaMLmzXt sRQDmBn34/zTLzL6srtDkRRLLC+ZPYrhXjdYbeh0IQYTHka8m6X+9qCADrURaOcV sksjsKM1XIZ16phnb5kXNn5WjwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFvOX6Z1 421N+LBh2U5NavHv3aQfMB8GA1UdIwQYMBaAFGYcZOKTuH9HOvYdid5I/EU4VwFX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREI5OC9EOTNFOTNEQzQ5 MjExMUVEQUJENTlDNTNDNEY5QUUwMi9aaHhrNHBPNGYwYzY5aDJKM2tqOFJUaFhB VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1poeGs0cE80ZjBjNjloMkoza2o4UlRoWEFWYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QURCOTgvRDkzRTkzREM0OTIxMTFFREFCRDU5QzUzQzRGOUFFMDIvMkY0RkU3MzI1 QjdDMTFFREFBRkFCODMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAKMqPQwDQYJKoZIhvcNAQELBQADggEBABN0YGb59agJ9dg0 mXYMsjnltOrF2PygVTLoQTfN6FocofIYxMeUUv2LsEYZ+MPGOpvHyrHSfoyl1a8v f/az2iWje7II5DTyZzgaP/zdMPGy9tCbEn3v6lzYQwuTbEQvscoIONmJVZi4LWIS dytGJsyFsgpAr3doqS1aiArqk1ftCsAfw5Yyfhws8nNbD4p3a35DVyZdSNR/a70f Q8Py61U6ae6NaYAuHIMaJ4+7l4mw2UAY+EECfjLghfKGU/Kt/srx0C+bRgRg9dLh RIdXDDA0Y1Eti88JrfB+WVQZ5MOpOxxq6Gkr7qYOiKH+v/js7lEYGlW1vIXVDFMI yLIJYdM= -----END CERTIFICATE-----Generated at Mon Oct 20 14:21:55 2025 by rpki-client