$ rpki-client -vvf rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/064D129A56EA11EA84DC982BC4F9AE02.roa File: 064D129A56EA11EA84DC982BC4F9AE02.roa (raw, json) Hash identifier: u1TNJ+cS4eVAcfkpJ21oJA8p8MXvtPlstoexuvgtfIM= Subject key identifier: 45:B2:E1:91:9F:D5:3D:5C:2B:C4:4A:19:31:84:21:80:D4:8A:72:76 Certificate issuer: /CN=A91D66A0/serialNumber=9C94A5DCCF6A65B68986C7043846C721BD33BE99 Certificate serial: 0D49 Authority key identifier: 9C:94:A5:DC:CF:6A:65:B6:89:86:C7:04:38:46:C7:21:BD:33:BE:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nJSl3M9qZbaJhscEOEbHIb0zvpk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/064D129A56EA11EA84DC982BC4F9AE02.roa Signing time: Tue 08 Jul 2025 18:27:48 +0000 ROA not before: Tue 08 Jul 2025 18:27:48 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 38566 IP address blocks: 45.116.216.0/22 maxlen: 24 103.246.24.0/22 maxlen: 24 116.68.144.0/20 maxlen: 23 116.68.144.0/21 maxlen: 24 116.68.152.0/22 maxlen: 24 116.68.156.0/24 maxlen: 24 116.68.158.0/24 maxlen: 24 180.222.144.0/20 maxlen: 24 2403:2800:e15::/48 maxlen: 48 2403:2800:e16::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/nJSl3M9qZbaJhscEOEbHIb0zvpk.crl rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/nJSl3M9qZbaJhscEOEbHIb0zvpk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nJSl3M9qZbaJhscEOEbHIb0zvpk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 18:38:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3401 (0xd49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D66A0, serialNumber=9C94A5DCCF6A65B68986C7043846C721BD33BE99 Validity Not Before: Jul 8 18:27:48 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=686d6324-c31d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:07:58:67:bd:37:95:a5:73:2f:1c:29:21:2c: fd:86:5e:6f:e2:e9:d3:62:3f:07:f6:a9:79:7a:da: 26:6f:b2:55:3d:24:9d:76:23:da:7d:98:0c:e2:3b: 9d:0b:11:11:d0:2d:e9:c9:04:dd:f9:9a:d3:bb:51: 76:48:d4:ee:77:0b:8b:b5:d5:c0:78:94:14:42:f9: cb:c2:e4:ee:a9:ec:11:60:1b:f7:fd:69:65:e8:be: 04:65:19:3c:94:cf:d5:4c:54:29:6b:ec:3f:93:55: 82:d4:40:3a:13:e1:b6:5f:69:5d:df:dd:df:6e:6c: 6f:74:7c:ca:f9:b1:e0:1b:08:23:3d:b8:f1:db:42: f8:ca:ea:f9:9c:db:a2:1d:07:f1:f1:78:ba:24:52: 11:b5:58:ad:da:e1:9c:a8:82:fb:7a:f8:36:b3:95: f5:a8:26:4a:5f:bc:d3:ed:50:c2:93:cf:0a:31:ab: ab:5c:e4:8a:39:1a:97:1d:c7:ee:ca:ed:7e:3b:c2: 17:32:16:18:6b:72:3d:c3:4d:9e:11:aa:74:99:3a: 91:68:78:8e:1b:91:cb:71:c3:3e:67:72:b7:e2:d9: 7e:98:ff:81:6f:bc:62:91:ed:9c:8f:1b:17:bc:ea: 74:a2:60:3b:5e:f4:fb:aa:5a:c8:f2:e9:1c:55:17: f5:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:B2:E1:91:9F:D5:3D:5C:2B:C4:4A:19:31:84:21:80:D4:8A:72:76 X509v3 Authority Key Identifier: keyid:9C:94:A5:DC:CF:6A:65:B6:89:86:C7:04:38:46:C7:21:BD:33:BE:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/nJSl3M9qZbaJhscEOEbHIb0zvpk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nJSl3M9qZbaJhscEOEbHIb0zvpk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D66A0/625FF726D9E711E988054016C4F9AE02/064D129A56EA11EA84DC982BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.116.216.0/22 103.246.24.0/22 116.68.144.0/20 180.222.144.0/20 IPv6: 2403:2800:e15::-2403:2800:e16:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 31:90:54:4a:38:3e:49:e1:01:11:01:3d:3b:bd:5c:b1:98:92: d8:b4:fb:2d:26:15:af:e2:c4:dc:93:eb:5d:2a:88:9c:10:a7: 87:5f:c8:7e:34:cd:2c:f4:ef:29:20:3d:a7:40:6f:86:93:3a: 2f:60:98:c0:da:43:fd:29:1f:0f:d5:0c:05:1f:fe:2c:b5:50: 00:ba:df:2f:97:e0:9f:4f:4d:8b:aa:dd:e5:52:19:96:46:f4: 9a:4f:5c:bf:0b:85:54:a0:f1:65:af:59:aa:23:23:01:e4:21: b9:03:38:2f:97:d0:62:84:7d:12:b3:9c:bb:e4:36:80:f3:87: 6b:5d:85:d7:48:69:01:db:ea:9f:e1:50:77:ee:28:82:c0:87: fc:98:c4:c6:d4:72:61:dd:08:a6:f5:85:c3:c7:99:ba:65:ce: a8:4e:2c:76:af:37:56:74:db:85:ce:6b:a0:bf:cc:d1:d6:8d: 5f:e6:df:c6:3f:05:80:b4:b2:69:ca:14:f3:a7:65:00:2d:87: b8:28:5f:65:80:0c:70:b7:61:41:11:8a:d1:07:92:cb:e4:b5: 82:ee:99:bb:4d:a8:83:ad:7c:72:58:e7:d6:e2:d6:9e:50:a7: 1b:45:ba:34:89:eb:9b:67:cf:6d:17:b7:f0:9f:25:24:fb:77: 7b:3c:dc:c2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICDUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDY2QTAxMTAvBgNVBAUTKDlDOTRBNURDQ0Y2QTY1QjY4OTg2QzcwNDM4NDZDNzIx QkQzM0JFOTkwHhcNMjUwNzA4MTgyNzQ4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODZkNjMyNC1jMzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuAdYZ703laVzLxwpISz9hl5v4unTYj8H9ql5etomb7JVPSSddiPafZgM4jud CxER0C3pyQTd+ZrTu1F2SNTudwuLtdXAeJQUQvnLwuTuqewRYBv3/Wll6L4EZRk8 lM/VTFQpa+w/k1WC1EA6E+G2X2ld393fbmxvdHzK+bHgGwgjPbjx20L4yur5nNui HQfx8Xi6JFIRtVit2uGcqIL7evg2s5X1qCZKX7zT7VDCk88KMaurXOSKORqXHcfu yu1+O8IXMhYYa3I9w02eEap0mTqRaHiOG5HLccM+Z3K34tl+mP+Bb7xike2cjxsX vOp0omA7XvT7qlrI8ukcVRf15QIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFEWy4ZGf 1T1cK8RKGTGEIYDUinJ2MB8GA1UdIwQYMBaAFJyUpdzPamW2iYbHBDhGxyG9M76Z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjZBMC82MjVGRjcyNkQ5 RTcxMUU5ODgwNTQwMTZDNEY5QUUwMi9uSlNsM005cVpiYUpoc2NFT0ViSEliMHp2 cGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25KU2wzTTlxWmJhSmhzY0VPRWJISWIwenZway5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDY2QTAvNjI1RkY3MjZEOUU3MTFFOTg4MDU0MDE2QzRGOUFFMDIvMDY0RDEyOUE1 NkVBMTFFQTg0REM5ODJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MB4EAgABMBgDBAItdNgDBAJn9hgDBAR0RJADBAS03pAwGgQCAAIwFDASAwcA JAMoAA4VAwcAJAMoAA4WMA0GCSqGSIb3DQEBCwUAA4IBAQAxkFRKOD5J4QERAT07 vVyxmJLYtPstJhWv4sTck+tdKoicEKeHX8h+NM0s9O8pID2nQG+GkzovYJjA2kP9 KR8P1QwFH/4stVAAut8vl+CfT02Lqt3lUhmWRvSaT1y/C4VUoPFlr1mqIyMB5CG5 Azgvl9BihH0Ss5y75DaA84drXYXXSGkB2+qf4VB37iiCwIf8mMTG1HJh3Qim9YXD x5m6Zc6oTix2rzdWdNuFzmugv8zR1o1f5t/GPwWAtLJpyhTzp2UALYe4KF9lgAxw t2FBEYrRB5LL5LWC7pm7TaiDrXxyWOfW4taeUKcbRbo0ieubZ89tF7fwnyUk+3d7 PNzC -----END CERTIFICATE-----Generated at Mon Oct 20 19:13:10 2025 by rpki-client