$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3247/32044BFE71EE11F093C22E18C4F9AE02/095B5200A5B111F09CCCE85FC4F9AE02.roa File: 095B5200A5B111F09CCCE85FC4F9AE02.roa (raw, json) Hash identifier: 9Zb0Av6EsVPUvpAr5Wo6+2kZEuOjOMIuyYuVnzvL3ro= Subject key identifier: 9D:C6:EF:F3:FE:68:93:87:AC:26:E2:01:DC:11:FA:14:7F:A3:AF:39 Certificate issuer: /CN=A91B3247/serialNumber=0DDABBF31EEC68766EF669AF9735240C38993459 Certificate serial: 2D Authority key identifier: 0D:DA:BB:F3:1E:EC:68:76:6E:F6:69:AF:97:35:24:0C:38:99:34:59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ddq78x7saHZu9mmvlzUkDDiZNFk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B3247/32044BFE71EE11F093C22E18C4F9AE02/095B5200A5B111F09CCCE85FC4F9AE02.roa Signing time: Fri 10 Oct 2025 08:13:43 +0000 ROA not before: Fri 10 Oct 2025 08:13:43 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 154112 IP address blocks: 203.9.215.0/24 maxlen: 24 2001:df5:f241::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B3247/32044BFE71EE11F093C22E18C4F9AE02/Ddq78x7saHZu9mmvlzUkDDiZNFk.crl rsync://rpki.apnic.net/member_repository/A91B3247/32044BFE71EE11F093C22E18C4F9AE02/Ddq78x7saHZu9mmvlzUkDDiZNFk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ddq78x7saHZu9mmvlzUkDDiZNFk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:15:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45 (0x2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B3247, serialNumber=0DDABBF31EEC68766EF669AF9735240C38993459 Validity Not Before: Oct 10 08:13:43 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68e8c037-42a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:90:c8:52:3b:b3:e9:40:77:5e:63:f6:73:5b: 3b:68:1a:2f:6b:cb:99:9b:cb:24:8b:f3:2a:66:57: e3:e3:cb:3d:f7:5d:b5:a1:b9:37:d5:42:56:9e:70: 42:88:f3:90:d0:70:fc:d1:37:0e:21:f2:7f:fd:b9: 9c:f4:5f:81:b9:07:d5:79:dc:a6:f3:fd:68:a1:e0: 5d:b3:9a:b1:57:1b:a5:45:20:cc:01:37:3f:e0:01: e3:da:a5:c4:2c:68:00:d7:81:91:50:74:8c:e7:e7: e0:5c:c2:4d:71:86:45:98:fe:2f:36:f6:32:18:3e: 9d:6c:5d:3a:78:2f:f6:dc:cd:37:73:b6:72:0e:67: 3b:fa:80:b6:7f:82:6f:83:02:83:cd:92:89:ae:89: 57:9d:fd:3f:76:3f:04:35:60:fe:a5:73:31:c9:47: bf:f4:33:92:71:65:88:12:4e:bf:49:53:f0:0c:4b: d8:99:59:1e:38:29:5c:33:10:17:bf:15:75:35:9a: d0:42:10:b1:be:6b:47:b3:59:76:c2:d4:bc:d3:f6: 0f:58:4c:36:15:50:a8:fe:4f:bb:3e:47:1a:91:a5: 3b:5f:98:2d:80:e9:1f:99:ea:13:0a:77:a9:f9:24: 12:0e:f5:24:6c:fd:36:5e:a9:a1:5f:4b:fb:93:cf: 44:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:C6:EF:F3:FE:68:93:87:AC:26:E2:01:DC:11:FA:14:7F:A3:AF:39 X509v3 Authority Key Identifier: keyid:0D:DA:BB:F3:1E:EC:68:76:6E:F6:69:AF:97:35:24:0C:38:99:34:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B3247/32044BFE71EE11F093C22E18C4F9AE02/Ddq78x7saHZu9mmvlzUkDDiZNFk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ddq78x7saHZu9mmvlzUkDDiZNFk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3247/32044BFE71EE11F093C22E18C4F9AE02/095B5200A5B111F09CCCE85FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.9.215.0/24 IPv6: 2001:df5:f241::/48 Signature Algorithm: sha256WithRSAEncryption 9d:bd:a9:a2:24:0e:c2:05:de:e8:29:04:ea:9e:ae:6e:57:a3: e1:ea:17:ba:aa:38:cb:8c:b6:d0:59:d8:c7:ad:d4:d5:12:bd: a9:a2:b6:fa:7d:4a:17:6e:31:b3:c5:ff:31:59:1c:62:10:eb: 6f:28:14:a1:85:32:fc:dd:c6:b9:90:6e:b9:e4:fc:97:da:e1: bc:86:7f:d7:df:ae:36:46:5f:48:6a:bb:f7:f5:46:4a:f7:6e: 72:15:8c:b3:ea:05:52:4f:0b:61:7f:2f:b6:95:c0:c3:a7:8b: 34:81:ab:7f:96:a6:f4:0d:17:95:7d:58:cc:c1:1b:5c:c6:8a: 00:0e:4f:9d:61:2e:4d:b1:9e:a1:b2:a5:93:ee:30:a4:cb:7d: f5:04:1b:4c:ae:fb:06:c6:d3:a4:de:55:6b:0e:c5:fb:30:2f: d6:7a:d0:1b:67:74:7f:a9:09:35:41:74:7b:4e:d6:f2:f6:37: b1:26:24:d9:51:13:10:c3:7b:bf:02:ab:d0:1f:cb:44:7f:9c: 5e:cd:84:19:1d:77:02:c5:bf:c5:6f:41:e5:5b:c5:08:72:10: 2a:25:a8:3e:b5:9e:30:7a:82:f4:67:72:5f:0d:55:c7:16:36: 8e:b4:52:9b:84:b3:b1:c7:0f:ab:ce:aa:95:61:b5:07:84:c7: c3:8d:08:72 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBLTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MzI0NzExMC8GA1UEBRMoMEREQUJCRjMxRUVDNjg3NjZFRjY2OUFGOTczNTI0MEMz ODk5MzQ1OTAeFw0yNTEwMTAwODEzNDNaFw0yNjEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZThjMDM3LTQyYTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8kMhSO7PpQHdeY/ZzWztoGi9ry5mbyySL8ypmV+Pjyz33XbWhuTfVQlaecEKI 85DQcPzRNw4h8n/9uZz0X4G5B9V53Kbz/Wih4F2zmrFXG6VFIMwBNz/gAePapcQs aADXgZFQdIzn5+Bcwk1xhkWY/i829jIYPp1sXTp4L/bczTdztnIOZzv6gLZ/gm+D AoPNkomuiVed/T92PwQ1YP6lczHJR7/0M5JxZYgSTr9JU/AMS9iZWR44KVwzEBe/ FXU1mtBCELG+a0ezWXbC1LzT9g9YTDYVUKj+T7s+RxqRpTtfmC2A6R+Z6hMKd6n5 JBIO9SRs/TZeqaFfS/uTz0QrAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUncbv8/5o k4esJuIB3BH6FH+jrzkwHwYDVR0jBBgwFoAUDdq78x7saHZu9mmvlzUkDDiZNFkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIzMjQ3LzMyMDQ0QkZFNzFF RTExRjA5M0MyMkUxOEM0RjlBRTAyL0RkcTc4eDdzYUhadTltbXZselVrRERpWk5G ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvRGRxNzh4N3NhSFp1OW1tdmx6VWtERGlaTkZrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MzI0Ny8zMjA0NEJGRTcxRUUxMUYwOTNDMjJFMThDNEY5QUUwMi8wOTVCNTIwMEE1 QjExMUYwOUNDQ0U4NUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAMsJ1zAPBAIAAjAJAwcAIAEN9fJBMA0GCSqGSIb3DQEBCwUA A4IBAQCdvamiJA7CBd7oKQTqnq5uV6Ph6he6qjjLjLbQWdjHrdTVEr2porb6fUoX bjGzxf8xWRxiEOtvKBShhTL83ca5kG655PyX2uG8hn/X3642Rl9Iarv39UZK925y FYyz6gVSTwthfy+2lcDDp4s0gat/lqb0DReVfVjMwRtcxooADk+dYS5NsZ6hsqWT 7jCky331BBtMrvsGxtOk3lVrDsX7MC/WetAbZ3R/qQk1QXR7Ttby9jexJiTZURMQ w3u/AqvQH8tEf5xezYQZHXcCxb/Fb0HlW8UIchAqJag+tZ4weoL0Z3JfDVXHFjaO tFKbhLOxxw+rzqqVYbUHhMfDjQhy -----END CERTIFICATE-----Generated at Tue Oct 21 12:18:43 2025 by rpki-client