$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/C24FF4C8050D11EA8626AD5DC4F9AE02.roa File: C24FF4C8050D11EA8626AD5DC4F9AE02.roa (raw, json) Hash identifier: nHJYnVN764I+a01wg+TzZ5hfwKIk6KrVw4NGUGzTSaE= Subject key identifier: 5A:C6:94:05:3D:1C:50:0C:69:E4:75:57:3D:CA:6A:C8:8F:EC:A9:C0 Certificate issuer: /CN=A91BC847/serialNumber=79D66C64A6165A2E4CB37D49700E6C761841C39A Certificate serial: 142A Authority key identifier: 79:D6:6C:64:A6:16:5A:2E:4C:B3:7D:49:70:0E:6C:76:18:41:C3:9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/edZsZKYWWi5Ms31JcA5sdhhBw5o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/C24FF4C8050D11EA8626AD5DC4F9AE02.roa Signing time: Thu 18 Sep 2025 17:26:10 +0000 ROA not before: Thu 18 Sep 2025 17:26:10 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 45588 IP address blocks: 114.130.128.0/18 maxlen: 24 114.130.224.0/20 maxlen: 24 123.49.0.0/18 maxlen: 24 180.211.128.0/17 maxlen: 24 203.112.192.0/19 maxlen: 24 2407:5000::/32 maxlen: 40 2407:5000:88::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/edZsZKYWWi5Ms31JcA5sdhhBw5o.crl rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/edZsZKYWWi5Ms31JcA5sdhhBw5o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/edZsZKYWWi5Ms31JcA5sdhhBw5o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 17:25:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5162 (0x142a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC847, serialNumber=79D66C64A6165A2E4CB37D49700E6C761841C39A Validity Not Before: Sep 18 17:26:10 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68cc40b2-5dd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:da:9b:01:2e:d4:f1:cc:c7:19:c0:c2:61:d9: ed:e9:f0:aa:46:40:11:d6:bd:16:80:14:03:ae:2f: 59:af:ee:bc:34:aa:52:d0:0d:13:f7:3f:b0:0f:7c: 14:12:99:4c:2f:d6:5e:45:98:fb:78:01:0d:6b:26: f2:e8:f8:ba:ea:14:58:09:a2:83:1e:19:a6:99:a8: c7:b7:d1:d3:ef:9c:38:d9:a0:28:30:09:ac:8b:c1: 84:31:72:48:e3:20:b4:bc:9f:b9:f9:ba:c3:52:71: b1:71:46:2e:1e:92:76:bf:1f:95:30:b0:19:86:ce: 2e:9c:4f:53:0d:30:8e:da:53:52:09:0f:b0:5e:b4: 33:a0:0b:e2:b3:a2:de:88:45:67:95:44:68:b0:9f: 51:7f:f7:06:4e:0f:58:c5:c6:01:a4:1d:56:ae:9a: c5:ce:08:a9:66:0e:00:10:dc:9e:4b:a7:e8:93:12: 70:55:d6:14:c4:e0:f0:ed:ee:7c:ba:31:7a:36:f4: c3:0d:34:cd:18:59:5e:2a:9a:f6:a3:6a:de:5b:ac: 71:b6:8e:4c:53:a1:d3:00:43:c0:8b:fc:e6:fa:65: 00:a1:f3:d9:c1:8c:19:1c:3a:f0:c8:08:98:6e:07: bc:2a:dd:b3:c3:50:5c:0b:2e:e6:6d:14:07:7a:9d: 68:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:C6:94:05:3D:1C:50:0C:69:E4:75:57:3D:CA:6A:C8:8F:EC:A9:C0 X509v3 Authority Key Identifier: keyid:79:D6:6C:64:A6:16:5A:2E:4C:B3:7D:49:70:0E:6C:76:18:41:C3:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/edZsZKYWWi5Ms31JcA5sdhhBw5o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/edZsZKYWWi5Ms31JcA5sdhhBw5o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC847/ACF943529AF311E8AAB4D55DC4F9AE02/C24FF4C8050D11EA8626AD5DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.130.128.0/18 114.130.224.0/20 123.49.0.0/18 180.211.128.0/17 203.112.192.0/19 IPv6: 2407:5000::/32 Signature Algorithm: sha256WithRSAEncryption bb:93:ca:a7:08:ce:85:b9:83:a7:e3:62:a9:38:3d:a8:4f:38: c5:1b:68:26:55:50:14:76:62:70:73:18:6a:25:6d:11:ae:8b: 3c:89:38:26:28:8d:c1:c0:b9:9e:3a:c5:bb:66:1d:2f:30:eb: 2d:c1:40:5b:16:7f:f9:18:a3:97:6c:1d:68:97:db:e6:b9:bb: 44:44:4c:e3:9a:b6:a1:f6:0e:16:1b:83:af:9c:60:6f:df:92: 0d:fd:c0:a0:d5:f9:c1:23:a5:db:84:9b:71:d4:5a:a4:50:e5: 1c:4c:53:80:3b:c1:d9:de:4b:5f:eb:b9:29:45:ee:15:dc:3c: f6:32:2a:d5:dd:c5:f6:67:e5:08:0f:da:14:f8:18:32:c9:ac: 5e:c9:91:5a:3d:a6:e0:ab:17:b1:88:32:d9:d3:ab:d7:5c:4e: d6:85:f2:05:df:59:67:d5:21:7f:c6:4e:60:76:fe:2a:e4:17: 33:e1:cb:87:ec:3e:b9:3e:84:de:f8:85:86:21:22:7e:5e:8f: b8:c6:4b:21:51:cf:e5:2d:66:a1:0c:25:ce:17:88:4b:e9:a6: e4:90:d1:0c:93:19:e5:f1:68:8b:6b:d9:0c:19:c1:45:ba:44: 57:e0:ab:1e:0a:7f:2e:09:94:ca:4f:b9:40:7b:83:84:56:de: ea:47:1a:22 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICFCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkM4NDcxMTAvBgNVBAUTKDc5RDY2QzY0QTYxNjVBMkU0Q0IzN0Q0OTcwMEU2Qzc2 MTg0MUMzOUEwHhcNMjUwOTE4MTcyNjEwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGNjNDBiMi01ZGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0dqbAS7U8czHGcDCYdnt6fCqRkAR1r0WgBQDri9Zr+68NKpS0A0T9z+wD3wU EplML9ZeRZj7eAENayby6Pi66hRYCaKDHhmmmajHt9HT75w42aAoMAmsi8GEMXJI 4yC0vJ+5+brDUnGxcUYuHpJ2vx+VMLAZhs4unE9TDTCO2lNSCQ+wXrQzoAvis6Le iEVnlURosJ9Rf/cGTg9YxcYBpB1WrprFzgipZg4AENyeS6fokxJwVdYUxODw7e58 ujF6NvTDDTTNGFleKpr2o2reW6xxto5MU6HTAEPAi/zm+mUAofPZwYwZHDrwyAiY bge8Kt2zw1BcCy7mbRQHep1oaQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFFrGlAU9 HFAMaeR1Vz3KasiP7KnAMB8GA1UdIwQYMBaAFHnWbGSmFlouTLN9SXAObHYYQcOa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzg0Ny9BQ0Y5NDM1MjlB RjMxMUU4QUFCNEQ1NURDNEY5QUUwMi9lZFpzWktZV1dpNU1zMzFKY0E1c2RoaEJ3 NW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VkWnNaS1lXV2k1TXMzMUpjQTVzZGhoQnc1by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkM4NDcvQUNGOTQzNTI5QUYzMTFFOEFBQjRENTVEQzRGOUFFMDIvQzI0RkY0Qzgw NTBEMTFFQTg2MjZBRDVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAZygoADBARyguADBAZ7MQADBAe004ADBAXLcMAwDQQCAAIw BwMFACQHUAAwDQYJKoZIhvcNAQELBQADggEBALuTyqcIzoW5g6fjYqk4PahPOMUb aCZVUBR2YnBzGGolbRGuizyJOCYojcHAuZ46xbtmHS8w6y3BQFsWf/kYo5dsHWiX 2+a5u0RETOOatqH2DhYbg6+cYG/fkg39wKDV+cEjpduEm3HUWqRQ5RxMU4A7wdne S1/ruSlF7hXcPPYyKtXdxfZn5QgP2hT4GDLJrF7JkVo9puCrF7GIMtnTq9dcTtaF 8gXfWWfVIX/GTmB2/irkFzPhy4fsPrk+hN74hYYhIn5ej7jGSyFRz+UtZqEMJc4X iEvppuSQ0QyTGeXxaItr2QwZwUW6RFfgqx4Kfy4JlMpPuUB7g4RW3upHGiI= -----END CERTIFICATE-----Generated at Mon Oct 20 10:02:18 2025 by rpki-client