$ rpki-client -vvf rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/339F0FFA9D9D11F0981B7A12C4F9AE02.roa File: 339F0FFA9D9D11F0981B7A12C4F9AE02.roa (raw, json) Hash identifier: YDUGJInCxGYNvztq3dbMwJMAM402KtbRyKKGjQJtcPg= Subject key identifier: 3F:2B:16:4B:BC:B0:36:54:9B:ED:B2:1C:EC:53:59:42:52:E9:2A:9C Certificate issuer: /CN=A91D41AC/serialNumber=BF98688E98B01E84D7366F67864CE8F3EBBD4377 Certificate serial: 98 Authority key identifier: BF:98:68:8E:98:B0:1E:84:D7:36:6F:67:86:4C:E8:F3:EB:BD:43:77 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v5hojpiwHoTXNm9nhkzo8-u9Q3c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/339F0FFA9D9D11F0981B7A12C4F9AE02.roa Signing time: Tue 30 Sep 2025 01:39:01 +0000 ROA not before: Tue 30 Sep 2025 01:39:01 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 55573 IP address blocks: 121.200.215.0/24 maxlen: 24 2405:7d80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/v5hojpiwHoTXNm9nhkzo8-u9Q3c.crl rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/v5hojpiwHoTXNm9nhkzo8-u9Q3c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v5hojpiwHoTXNm9nhkzo8-u9Q3c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:57:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 152 (0x98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D41AC, serialNumber=BF98688E98B01E84D7366F67864CE8F3EBBD4377 Validity Not Before: Sep 30 01:39:01 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=68db34b4-aa78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:c9:f1:f2:13:ef:9f:2d:3c:15:56:e3:76:00: 44:78:7e:d2:e8:6a:0c:78:3a:fe:59:99:fd:c1:44: 81:ca:e8:81:1c:6c:1e:87:ae:da:b7:66:67:4c:50: 2e:b2:ff:21:df:95:4a:c9:8f:7e:ae:96:3c:90:46: cf:1c:25:79:f2:c2:6d:24:1f:22:3a:f8:06:60:0b: 9c:32:04:8e:ba:54:e2:2b:c0:01:a8:f9:b2:0f:41: cb:86:d8:b9:aa:09:e5:9b:43:55:86:38:f0:5b:0a: 5d:7d:80:b1:23:43:ab:d5:20:31:47:3c:17:55:28: 66:b7:48:6d:50:1a:b0:fa:78:a3:ce:46:96:dc:e7: 82:85:24:f6:18:0b:ee:28:23:89:37:b3:ed:6c:05: ed:7c:72:6e:e8:a2:b3:dc:c5:b2:66:0d:ae:9e:fa: ce:57:1e:9d:3f:c4:3c:30:2d:99:1f:45:4c:24:3d: d5:be:07:3d:25:1b:d9:ec:d4:ae:f1:b2:e3:9e:a9: 18:a6:b3:d7:2e:22:12:e0:d5:17:04:a6:86:85:e9: 7d:86:f7:a2:b9:e9:10:0f:b7:85:55:6e:b3:78:91: 74:46:55:32:36:6f:e7:70:5e:83:85:88:d9:48:2f: cb:79:f7:5a:3a:de:eb:b2:fd:0f:4e:a3:d3:3d:a4: cb:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:2B:16:4B:BC:B0:36:54:9B:ED:B2:1C:EC:53:59:42:52:E9:2A:9C X509v3 Authority Key Identifier: keyid:BF:98:68:8E:98:B0:1E:84:D7:36:6F:67:86:4C:E8:F3:EB:BD:43:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/v5hojpiwHoTXNm9nhkzo8-u9Q3c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v5hojpiwHoTXNm9nhkzo8-u9Q3c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/339F0FFA9D9D11F0981B7A12C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 121.200.215.0/24 IPv6: 2405:7d80::/48 Signature Algorithm: sha256WithRSAEncryption 4a:9a:c2:fd:57:2d:61:42:42:c8:06:f1:5e:bf:11:65:28:21: fc:7e:70:4b:ec:c7:3a:b4:21:e0:93:72:66:3e:30:ab:c2:23: 2f:76:4f:a4:6f:61:a6:0a:8a:e7:7d:5d:9d:c1:1d:c0:e2:80: b9:c4:f2:c2:09:8b:44:cf:0d:47:a2:ab:ba:cd:1a:ad:90:4f: c5:9b:42:5a:19:bc:24:6b:c0:3c:9d:d3:df:c9:6b:b3:46:d6: e4:e7:03:b6:dc:6f:bb:03:74:4c:37:85:19:bb:83:8f:ca:0d: ef:fa:1c:86:9d:c2:39:78:72:a9:fe:fb:4e:85:ba:f7:22:f3: 1d:a1:5d:5d:4e:e9:31:1b:47:6d:d8:46:61:fc:4d:c8:97:b8: fb:8e:7d:25:db:9a:b3:01:c5:ab:ef:58:f6:98:e7:af:ad:73: b6:f8:e3:72:e7:70:34:af:1f:61:12:79:6b:0d:e5:80:ef:25: 42:f3:48:5b:d3:b0:42:bf:2e:dc:a5:7e:ad:ec:db:64:20:21: d7:89:d8:97:80:7b:b8:cb:9f:52:47:98:da:94:49:4f:f2:81: a4:3e:64:d5:e8:35:50:5c:cf:7a:b9:74:d6:6f:34:75:7c:87: c7:5e:ea:f7:a8:12:22:33:f8:ef:65:41:7e:51:a6:48:e9:99: 24:5f:ea:64 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQxQUMxMTAvBgNVBAUTKEJGOTg2ODhFOThCMDFFODRENzM2NkY2Nzg2NENFOEYz RUJCRDQzNzcwHhcNMjUwOTMwMDEzOTAxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OGRiMzRiNC1hYTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApcnx8hPvny08FVbjdgBEeH7S6GoMeDr+WZn9wUSByuiBHGweh67at2ZnTFAu sv8h35VKyY9+rpY8kEbPHCV58sJtJB8iOvgGYAucMgSOulTiK8ABqPmyD0HLhti5 qgnlm0NVhjjwWwpdfYCxI0Or1SAxRzwXVShmt0htUBqw+nijzkaW3OeChST2GAvu KCOJN7PtbAXtfHJu6KKz3MWyZg2unvrOVx6dP8Q8MC2ZH0VMJD3Vvgc9JRvZ7NSu 8bLjnqkYprPXLiIS4NUXBKaGhel9hveiuekQD7eFVW6zeJF0RlUyNm/ncF6DhYjZ SC/LefdaOt7rsv0PTqPTPaTLZQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFD8rFku8 sDZUm+2yHOxTWUJS6SqcMB8GA1UdIwQYMBaAFL+YaI6YsB6E1zZvZ4ZM6PPrvUN3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDFBQy8yNDQ1QkNFMkU5 M0YxMUVGOERGMUUwMzVDNEY5QUUwMi92NWhvanBpd0hvVFhObTluaGt6bzgtdTlR M2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Y1aG9qcGl3SG9UWE5tOW5oa3pvOC11OVEzYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDQxQUMvMjQ0NUJDRTJFOTNGMTFFRjhERjFFMDM1QzRGOUFFMDIvMzM5RjBGRkE5 RDlEMTFGMDk4MUI3QTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAB5yNcwDwQCAAIwCQMHACQFfYAAADANBgkqhkiG9w0BAQsF AAOCAQEASprC/VctYUJCyAbxXr8RZSgh/H5wS+zHOrQh4JNyZj4wq8IjL3ZPpG9h pgqK531dncEdwOKAucTywgmLRM8NR6Krus0arZBPxZtCWhm8JGvAPJ3T38lrs0bW 5OcDttxvuwN0TDeFGbuDj8oN7/ochp3COXhyqf77ToW69yLzHaFdXU7pMRtHbdhG YfxNyJe4+459JduaswHFq+9Y9pjnr61ztvjjcudwNK8fYRJ5aw3lgO8lQvNIW9Ow Qr8u3KV+rezbZCAh14nYl4B7uMufUkeY2pRJT/KBpD5k1eg1UFzPerl01m80dXyH x17q96gSIjP472VBflGmSOmZJF/qZA== -----END CERTIFICATE-----Generated at Mon Oct 20 09:58:22 2025 by rpki-client