$ rpki-client -vvf rpki.apnic.net/member_repository/A91CCAF1/00313C328AAD11EFBEF9166AC4F9AE02/CEF8F2768AAD11EF9133DE6EC4F9AE02.roa File: CEF8F2768AAD11EF9133DE6EC4F9AE02.roa (raw, json) Hash identifier: OPmEmqIaKed2x77tjIp4ZdpM1ffHxBwU3VDB8mthG20= Subject key identifier: E3:0A:D9:3F:8A:E1:1F:A7:F4:B8:AC:49:FE:2E:1D:BE:84:D0:0E:C6 Certificate issuer: /CN=A91CCAF1/serialNumber=66941DA7EAF30E9344E0321F0B754E7AEFFC3529 Certificate serial: BB Authority key identifier: 66:94:1D:A7:EA:F3:0E:93:44:E0:32:1F:0B:75:4E:7A:EF:FC:35:29 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZpQdp-rzDpNE4DIfC3VOeu_8NSk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CCAF1/00313C328AAD11EFBEF9166AC4F9AE02/CEF8F2768AAD11EF9133DE6EC4F9AE02.roa Signing time: Fri 03 Oct 2025 06:33:29 +0000 ROA not before: Fri 03 Oct 2025 06:33:29 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 45248 IP address blocks: 160.187.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CCAF1/00313C328AAD11EFBEF9166AC4F9AE02/ZpQdp-rzDpNE4DIfC3VOeu_8NSk.crl rsync://rpki.apnic.net/member_repository/A91CCAF1/00313C328AAD11EFBEF9166AC4F9AE02/ZpQdp-rzDpNE4DIfC3VOeu_8NSk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZpQdp-rzDpNE4DIfC3VOeu_8NSk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 187 (0xbb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CCAF1, serialNumber=66941DA7EAF30E9344E0321F0B754E7AEFFC3529 Validity Not Before: Oct 3 06:33:29 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68df6e39-da98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:6c:7c:f8:ce:6e:af:a7:e1:4f:a4:c3:de:26: e3:12:ba:1c:c9:c5:c9:fa:2c:06:1e:56:ec:69:f6: 84:79:04:02:58:19:94:68:f4:4c:79:ae:3f:a8:b9: d9:3d:8c:57:bc:f9:31:09:a9:6a:ad:5b:9a:47:69: 98:48:14:22:e4:db:a6:15:69:42:ce:ff:09:9d:01: 70:c6:c6:51:ba:92:34:f8:b4:ad:69:69:a2:85:89: 14:ae:05:b7:3e:30:7d:eb:44:fd:ee:a0:e9:b7:a1: 67:ac:bf:4c:36:fe:70:6a:df:7d:3e:80:be:fd:ed: 90:df:36:ba:e7:65:28:87:37:64:00:59:7b:65:e3: fb:11:a3:8e:72:9b:75:23:71:de:aa:a5:66:83:15: fb:f5:f5:d7:e8:b0:cd:d7:58:10:1d:49:d2:72:90: 84:6d:68:7f:23:81:c8:67:57:8d:72:ea:73:19:5f: 27:6d:be:19:b7:a5:63:b4:b0:b5:65:7f:04:68:96: 3c:bd:c1:0a:ad:8c:40:93:75:83:f7:d1:3a:e5:dd: dd:09:99:94:d3:31:a3:5b:ce:83:ef:2b:c5:98:4d: ca:86:1a:f1:0c:44:2d:6e:ef:b4:ef:0f:1e:28:3e: 41:ed:df:44:10:82:39:c2:68:95:d3:0a:82:50:6f: 0c:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:0A:D9:3F:8A:E1:1F:A7:F4:B8:AC:49:FE:2E:1D:BE:84:D0:0E:C6 X509v3 Authority Key Identifier: keyid:66:94:1D:A7:EA:F3:0E:93:44:E0:32:1F:0B:75:4E:7A:EF:FC:35:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CCAF1/00313C328AAD11EFBEF9166AC4F9AE02/ZpQdp-rzDpNE4DIfC3VOeu_8NSk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZpQdp-rzDpNE4DIfC3VOeu_8NSk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CCAF1/00313C328AAD11EFBEF9166AC4F9AE02/CEF8F2768AAD11EF9133DE6EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.187.248.0/24 Signature Algorithm: sha256WithRSAEncryption 70:ec:8a:24:20:d8:d5:86:3a:36:7e:dc:96:00:f1:29:14:7d: bb:68:45:04:ec:34:f7:30:99:87:15:f8:4a:d4:6c:69:03:dc: b4:95:04:73:14:d5:2b:74:d4:f9:a6:83:5a:2e:07:28:8c:6c: c0:8f:df:7f:93:9c:0a:39:14:16:8d:3a:c7:d1:d2:ad:e0:db: 3b:ee:2a:67:ad:2f:e1:81:89:6b:f1:df:c2:83:d5:79:6b:4f: 23:38:47:54:36:fe:21:96:db:43:70:16:b8:24:ff:34:22:e6: 4d:fe:ee:dd:62:28:d1:93:7d:ed:e4:d0:65:a8:a7:79:ee:bd: e6:51:22:cb:8e:6e:4a:31:5b:87:05:c7:2f:0b:b2:a4:b7:5a: 47:8b:35:c4:e3:62:b2:c4:a3:19:79:a9:ce:6b:f2:8d:08:c4: ae:54:0b:01:8d:5b:20:c6:4e:7e:56:e6:53:cf:62:84:8c:78: 50:96:2e:98:13:cd:c2:da:a4:31:ee:06:c5:59:36:16:15:f3: a1:2c:ff:10:4f:c4:4d:c1:c6:8c:83:73:7e:57:6a:b7:e8:ff: 69:76:6b:1e:3e:b2:1c:cd:7b:66:4f:15:16:90:02:6d:47:fd: 56:af:cb:47:ef:c4:54:17:32:93:09:c0:62:e0:8e:5f:a0:a8: 32:24:ed:c7 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICALswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0NBRjExMTAvBgNVBAUTKDY2OTQxREE3RUFGMzBFOTM0NEUwMzIxRjBCNzU0RTdB RUZGQzM1MjkwHhcNMjUxMDAzMDYzMzI5WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRmNmUzOS1kYTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsmx8+M5ur6fhT6TD3ibjErocycXJ+iwGHlbsafaEeQQCWBmUaPRMea4/qLnZ PYxXvPkxCalqrVuaR2mYSBQi5NumFWlCzv8JnQFwxsZRupI0+LStaWmihYkUrgW3 PjB960T97qDpt6FnrL9MNv5wat99PoC+/e2Q3za652UohzdkAFl7ZeP7EaOOcpt1 I3HeqqVmgxX79fXX6LDN11gQHUnScpCEbWh/I4HIZ1eNcupzGV8nbb4Zt6VjtLC1 ZX8EaJY8vcEKrYxAk3WD99E65d3dCZmU0zGjW86D7yvFmE3KhhrxDEQtbu+07w8e KD5B7d9EEII5wmiV0wqCUG8MpwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOMK2T+K 4R+n9LisSf4uHb6E0A7GMB8GA1UdIwQYMBaAFGaUHafq8w6TROAyHwt1Tnrv/DUp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQ0FGMS8wMDMxM0MzMjhB QUQxMUVGQkVGOTE2NkFDNEY5QUUwMi9acFFkcC1yekRwTkU0RElmQzNWT2V1XzhO U2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1pwUWRwLXJ6RHBORTRESWZDM1ZPZXVfOE5Tay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0NBRjEvMDAzMTNDMzI4QUFEMTFFRkJFRjkxNjZBQzRGOUFFMDIvQ0VGOEYyNzY4 QUFEMTFFRjkxMzNERTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBACgu/gwDQYJKoZIhvcNAQELBQADggEBAHDsiiQg2NWGOjZ+ 3JYA8SkUfbtoRQTsNPcwmYcV+ErUbGkD3LSVBHMU1St01Pmmg1ouByiMbMCP33+T nAo5FBaNOsfR0q3g2zvuKmetL+GBiWvx38KD1XlrTyM4R1Q2/iGW20NwFrgk/zQi 5k3+7t1iKNGTfe3k0GWop3nuveZRIsuObkoxW4cFxy8LsqS3WkeLNcTjYrLEoxl5 qc5r8o0IxK5UCwGNWyDGTn5W5lPPYoSMeFCWLpgTzcLapDHuBsVZNhYV86Es/xBP xE3BxoyDc35Xarfo/2l2ax4+shzNe2ZPFRaQAm1H/Vavy0fvxFQXMpMJwGLgjl+g qDIk7cc= -----END CERTIFICATE-----Generated at Tue Oct 21 07:13:48 2025 by rpki-client