$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa File: 9CB5878688DD11ECAC36C11FC4F9AE02.roa (raw, json) Hash identifier: /p1nc+7VxWl9wJcQ4iUMoK6PHm48jxAJkzvga1eMyM8= Subject key identifier: 0E:19:0F:F1:A7:F9:99:8E:0C:52:0A:26:A5:33:A5:62:C0:F0:CD:84 Certificate issuer: /CN=A91DDCB6/serialNumber=FEA14F23FDB977AC6489D2106E35E023B28968DC Certificate serial: 08C5 Authority key identifier: FE:A1:4F:23:FD:B9:77:AC:64:89:D2:10:6E:35:E0:23:B2:89:68:DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa Signing time: Wed 08 Oct 2025 20:51:36 +0000 ROA not before: Wed 08 Oct 2025 20:51:36 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 132420 IP address blocks: 43.252.88.0/22 maxlen: 24 101.53.128.0/19 maxlen: 24 103.20.212.0/22 maxlen: 24 103.250.244.0/22 maxlen: 24 116.204.172.0/22 maxlen: 24 139.5.188.0/22 maxlen: 24 2001:df0:411::/48 maxlen: 48 2001:df4:3500::/48 maxlen: 48 2406:69c0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.crl rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 21:42:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2245 (0x8c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDCB6, serialNumber=FEA14F23FDB977AC6489D2106E35E023B28968DC Validity Not Before: Oct 8 20:51:36 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68e6ced8-2ac8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b7:34:8c:ce:e5:e4:4a:f3:da:c8:52:23:ad: f3:18:df:c9:7a:0f:6b:6f:05:f5:ef:97:5a:23:80: 66:c6:eb:34:b8:19:ba:2a:20:b4:e3:8f:c7:15:8b: f0:c5:b4:8d:40:ea:b5:24:e9:d7:aa:7b:14:cd:2e: 8c:8d:f0:59:5e:9e:1f:d0:6b:df:c9:9c:71:c5:9d: 61:ac:92:0f:53:82:a4:49:ef:34:14:4c:17:58:3e: 7f:a7:bc:83:40:a2:bf:ec:18:41:ad:97:9d:be:4b: c5:9e:5c:e3:0c:eb:ad:8a:eb:5b:33:d0:b7:07:1a: ae:9b:17:dd:24:a9:49:79:5e:ac:9e:e6:a9:86:be: 6b:50:57:7c:2b:51:18:da:4b:af:03:86:70:cf:14: 89:bf:dd:fb:49:37:05:b1:1c:f9:d3:8c:7b:9f:74: ed:81:d2:38:74:70:79:78:ad:0c:08:95:7c:05:e8: b7:8a:91:f7:4f:c4:57:9e:d9:c4:b7:4a:24:2e:e6: 88:a7:a0:45:11:6a:2a:d3:86:d1:0f:e6:fb:57:a0: 9f:4c:73:3d:08:2f:ad:3f:f1:7a:c9:90:c1:67:82: fd:9a:f1:f7:5a:97:34:f2:31:7d:6c:0c:f7:05:2f: c6:27:66:77:dc:f6:b6:ed:78:bb:f2:b5:5c:58:7b: 84:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:19:0F:F1:A7:F9:99:8E:0C:52:0A:26:A5:33:A5:62:C0:F0:CD:84 X509v3 Authority Key Identifier: keyid:FE:A1:4F:23:FD:B9:77:AC:64:89:D2:10:6E:35:E0:23:B2:89:68:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/_qFPI_25d6xkidIQbjXgI7KJaNw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_qFPI_25d6xkidIQbjXgI7KJaNw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/F077598ECC3D11EA8BC45C29C4F9AE02/9CB5878688DD11ECAC36C11FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.88.0/22 101.53.128.0/19 103.20.212.0/22 103.250.244.0/22 116.204.172.0/22 139.5.188.0/22 IPv6: 2001:df0:411::/48 2001:df4:3500::/48 2406:69c0::/32 Signature Algorithm: sha256WithRSAEncryption 9b:e5:7b:3a:9e:d0:ea:70:e5:df:7d:f4:90:8b:76:35:c7:31: a6:3f:8a:83:6b:7a:6c:1d:f3:76:58:69:fc:bc:aa:8c:78:2a: d7:fc:17:c6:79:ca:2f:38:20:02:15:46:b5:2b:98:fd:57:2e: 7d:b8:e7:41:82:03:01:36:48:82:f5:74:92:7e:b3:0d:0b:89: c0:e4:42:15:6e:97:6c:cb:67:2f:0b:66:b3:13:df:93:37:a3: 57:88:7a:2b:4b:cf:a0:55:ec:40:1a:27:de:93:f5:3b:80:de: 16:35:f3:48:e5:bf:e2:ff:ee:9c:6a:da:d0:78:7f:dc:85:22: 4f:6e:34:89:fd:3a:94:f1:dc:eb:e2:ff:9d:bb:92:34:4a:46: 9c:fe:b2:54:71:ba:dd:00:b9:a8:60:f3:b6:10:86:dc:c5:82: b7:76:9b:8d:fd:5f:bc:4a:23:90:b2:a2:cd:5c:6f:e4:f5:df: 5e:81:03:d3:0d:b6:0a:46:ee:27:13:05:94:84:56:6b:2b:82: ed:f6:b4:cd:24:79:46:65:35:89:40:57:28:35:63:46:2b:2e: 35:33:3b:f8:b0:6d:67:23:29:04:e7:50:8d:20:21:d4:b6:eb: 80:71:e1:79:42:fb:5c:e9:d0:5d:e0:e7:ac:bd:e6:fd:e2:35: ea:ba:6c:85 -----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgICCMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RERDQjYxMTAvBgNVBAUTKEZFQTE0RjIzRkRCOTc3QUM2NDg5RDIxMDZFMzVFMDIz QjI4OTY4REMwHhcNMjUxMDA4MjA1MTM2WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2Y2VkOC0yYWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwLc0jM7l5Erz2shSI63zGN/Jeg9rbwX175daI4Bmxus0uBm6KiC044/HFYvw xbSNQOq1JOnXqnsUzS6MjfBZXp4f0GvfyZxxxZ1hrJIPU4KkSe80FEwXWD5/p7yD QKK/7BhBrZedvkvFnlzjDOutiutbM9C3BxqumxfdJKlJeV6snuaphr5rUFd8K1EY 2kuvA4ZwzxSJv937STcFsRz504x7n3TtgdI4dHB5eK0MCJV8Bei3ipH3T8RXntnE t0okLuaIp6BFEWoq04bRD+b7V6CfTHM9CC+tP/F6yZDBZ4L9mvH3Wpc08jF9bAz3 BS/GJ2Z33Pa27Xi78rVcWHuEhQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFA4ZD/Gn +ZmODFIKJqUzpWLA8M2EMB8GA1UdIwQYMBaAFP6hTyP9uXesZInSEG414COyiWjc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERENCNi9GMDc3NTk4RUND M0QxMUVBOEJDNDVDMjlDNEY5QUUwMi9fcUZQSV8yNWQ2eGtpZElRYmpYZ0k3S0ph TncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19xRlBJXzI1ZDZ4a2lkSVFialhnSTdLSmFOdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RERDQjYvRjA3NzU5OEVDQzNEMTFFQThCQzQ1QzI5QzRGOUFFMDIvOUNCNTg3ODY4 OEREMTFFQ0FDMzZDMTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E TzBNMCoEAgABMCQDBAIr/FgDBAVlNYADBAJnFNQDBAJn+vQDBAJ0zKwDBAKLBbww HwQCAAIwGQMHACABDfAEEQMHACABDfQ1AAMFACQGacAwDQYJKoZIhvcNAQELBQAD ggEBAJvlezqe0Opw5d999JCLdjXHMaY/ioNremwd83ZYafy8qox4Ktf8F8Z5yi84 IAIVRrUrmP1XLn2450GCAwE2SIL1dJJ+sw0LicDkQhVul2zLZy8LZrMT35M3o1eI eitLz6BV7EAaJ96T9TuA3hY180jlv+L/7pxq2tB4f9yFIk9uNIn9OpTx3Ovi/527 kjRKRpz+slRxut0Auahg87YQhtzFgrd2m439X7xKI5Cyos1cb+T1316BA9MNtgpG 7icTBZSEVmsrgu32tM0keUZlNYlAVyg1Y0YrLjUzO/iwbWcjKQTnUI0gIdS264Bx 4XlC+1zp0F3g56y95v3iNeq6bIU= -----END CERTIFICATE-----Generated at Mon Oct 20 08:03:09 2025 by rpki-client