$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2FD8A46E5B7C11EDAAFAB831C4F9AE02.roa File: 2FD8A46E5B7C11EDAAFAB831C4F9AE02.roa (raw, json) Hash identifier: lFcxWTnHl633f4QvQDWMLUYmUkZFYUPdGoBmb8KL4MM= Subject key identifier: A7:34:67:94:4E:10:43:92:41:48:95:FA:54:62:49:30:4C:D3:61:F6 Certificate issuer: /CN=A91ADB98/serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Certificate serial: 02AE Authority key identifier: 66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2FD8A46E5B7C11EDAAFAB831C4F9AE02.roa Signing time: Wed 01 Oct 2025 02:29:08 +0000 ROA not before: Wed 01 Oct 2025 02:29:08 +0000 ROA not after: Fri 30 Jan 2026 00:00:00 +0000 asID: 65510 IP address blocks: 140.168.64.0/19 maxlen: 19 140.168.78.0/24 maxlen: 24 140.168.79.0/24 maxlen: 24 140.168.87.0/24 maxlen: 24 140.168.96.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 04:04:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 686 (0x2ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ADB98, serialNumber=661C64E293B87F473AF61D89DE48FC4538570157 Validity Not Before: Oct 1 02:29:08 2025 GMT Not After : Jan 30 00:00:00 2026 GMT Subject: CN=68dc91f3-6df7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:45:a0:b0:4b:83:f6:19:8a:19:6e:a1:20:b3: 9a:83:d6:13:c8:94:c0:ee:91:fa:77:6b:37:6d:66: c8:00:d5:7f:bf:e5:30:4f:ac:0e:f5:1d:25:0c:0a: 4b:9d:06:7b:25:06:a9:df:82:70:90:23:9c:11:f0: 4d:38:9b:79:04:6f:b1:cb:68:78:e8:f1:75:4c:19: 4b:66:9a:49:df:e9:7b:d0:62:a8:ce:6c:4d:8b:17: d5:46:f0:56:99:2f:de:dd:c9:14:b9:b8:30:08:10: 16:d2:6e:57:f3:da:e9:f4:37:4d:47:1c:7f:c2:c0: 51:a6:ce:b1:f0:53:36:93:c8:8e:78:c6:83:26:d4: 07:75:f4:a9:d7:b8:a3:d1:05:b7:02:d3:76:78:99: 3b:90:ac:52:7a:c3:b2:04:e9:d8:f2:76:26:9d:00: 22:6c:16:69:70:07:f8:69:53:77:3c:48:9a:44:1e: d3:39:e5:5e:d7:53:1e:58:40:a1:36:f4:ff:35:55: ec:ec:fe:fb:82:a5:49:d0:f6:ec:98:42:47:71:9a: 27:d9:5e:10:cb:6e:e2:95:69:87:ee:de:fd:31:d3: d7:29:0e:4c:7d:28:08:63:a7:d9:f4:57:69:f2:98: dd:86:a4:8f:b9:80:66:32:30:a5:3c:da:76:10:99: 9c:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:34:67:94:4E:10:43:92:41:48:95:FA:54:62:49:30:4C:D3:61:F6 X509v3 Authority Key Identifier: keyid:66:1C:64:E2:93:B8:7F:47:3A:F6:1D:89:DE:48:FC:45:38:57:01:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/Zhxk4pO4f0c69h2J3kj8RThXAVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zhxk4pO4f0c69h2J3kj8RThXAVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADB98/D93E93DC492111EDABD59C53C4F9AE02/2FD8A46E5B7C11EDAAFAB831C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 140.168.64.0/18 Signature Algorithm: sha256WithRSAEncryption 74:d3:96:d3:80:05:4f:90:14:11:19:4f:53:16:ee:fd:e6:7f: ff:f4:ec:30:39:76:08:3c:39:6c:9b:5f:04:9e:d0:4d:5a:90: 28:21:3a:49:15:e8:47:40:e2:40:2e:e1:05:1e:57:f1:d5:fb: 68:7d:db:f0:b7:67:72:b2:91:ce:99:61:d1:dd:82:fa:23:29: 39:a3:65:5d:86:f8:c1:f8:50:52:df:d0:d6:ab:04:a8:cc:28: b1:f4:23:2b:8c:4e:ee:30:50:cc:c0:75:54:9c:f9:b9:89:8a: 97:7d:31:9e:8b:97:0a:35:0e:b8:cc:ee:16:69:6f:3a:93:6b: 3c:75:7c:cf:87:b0:bd:a0:f6:6f:45:2c:5f:f9:4d:6d:d5:82: e7:d6:9b:7b:dc:cd:a2:0b:2d:93:1e:13:fd:f1:5c:a7:2c:26: df:2d:14:c5:25:e9:21:78:a9:4c:4e:4a:15:ed:d9:62:69:42: 7e:b3:82:36:2e:5e:52:22:9e:e8:97:15:31:ce:6e:4f:c2:01: 40:eb:d3:06:3b:a9:52:20:e5:96:55:28:15:5f:6a:2e:82:e6: 25:d5:b4:09:ae:24:f1:51:84:fe:4a:81:f4:c3:17:8a:73:ec: 8f:5f:3b:2a:10:75:9e:b9:12:03:5a:b9:7a:23:80:67:de:f2: df:36:aa:8b -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAq4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QURCOTgxMTAvBgNVBAUTKDY2MUM2NEUyOTNCODdGNDczQUY2MUQ4OURFNDhGQzQ1 Mzg1NzAxNTcwHhcNMjUxMDAxMDIyOTA4WhcNMjYwMTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRjOTFmMy02ZGY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwUWgsEuD9hmKGW6hILOag9YTyJTA7pH6d2s3bWbIANV/v+UwT6wO9R0lDApL nQZ7JQap34JwkCOcEfBNOJt5BG+xy2h46PF1TBlLZppJ3+l70GKozmxNixfVRvBW mS/e3ckUubgwCBAW0m5X89rp9DdNRxx/wsBRps6x8FM2k8iOeMaDJtQHdfSp17ij 0QW3AtN2eJk7kKxSesOyBOnY8nYmnQAibBZpcAf4aVN3PEiaRB7TOeVe11MeWECh NvT/NVXs7P77gqVJ0PbsmEJHcZon2V4Qy27ilWmH7t79MdPXKQ5MfSgIY6fZ9Fdp 8pjdhqSPuYBmMjClPNp2EJmc3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFKc0Z5RO EEOSQUiV+lRiSTBM02H2MB8GA1UdIwQYMBaAFGYcZOKTuH9HOvYdid5I/EU4VwFX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREI5OC9EOTNFOTNEQzQ5 MjExMUVEQUJENTlDNTNDNEY5QUUwMi9aaHhrNHBPNGYwYzY5aDJKM2tqOFJUaFhB VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1poeGs0cE80ZjBjNjloMkoza2o4UlRoWEFWYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QURCOTgvRDkzRTkzREM0OTIxMTFFREFCRDU5QzUzQzRGOUFFMDIvMkZEOEE0NkU1 QjdDMTFFREFBRkFCODMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAaMqEAwDQYJKoZIhvcNAQELBQADggEBAHTTltOABU+QFBEZ T1MW7v3mf//07DA5dgg8OWybXwSe0E1akCghOkkV6EdA4kAu4QUeV/HV+2h92/C3 Z3Kykc6ZYdHdgvojKTmjZV2G+MH4UFLf0NarBKjMKLH0IyuMTu4wUMzAdVSc+bmJ ipd9MZ6Llwo1DrjM7hZpbzqTazx1fM+HsL2g9m9FLF/5TW3VgufWm3vczaILLZMe E/3xXKcsJt8tFMUl6SF4qUxOShXt2WJpQn6zgjYuXlIinuiXFTHObk/CAUDr0wY7 qVIg5ZZVKBVfai6C5iXVtAmuJPFRhP5KgfTDF4pz7I9fOyoQdZ65EgNauXojgGfe 8t82qos= -----END CERTIFICATE-----Generated at Mon Oct 20 14:20:46 2025 by rpki-client