$ rpki-client -vvf rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/331F345A383611E6B2282B5DC4F9AE02.roa File: 331F345A383611E6B2282B5DC4F9AE02.roa (raw, json) Hash identifier: BOms9OY6+UIB6aMBGACYroj4QGSk/YT0f0983Woe8qE= Subject key identifier: F2:2A:BA:BF:3D:1F:ED:97:DD:2D:90:16:FB:22:87:08:3E:E6:75:67 Certificate issuer: /CN=A91E170B/serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268 Certificate serial: 3662 Authority key identifier: 6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/331F345A383611E6B2282B5DC4F9AE02.roa Signing time: Tue 30 Sep 2025 14:40:12 +0000 ROA not before: Tue 30 Sep 2025 14:40:12 +0000 ROA not after: Fri 30 Jan 2026 00:00:00 +0000 asID: 135537 IP address blocks: 61.45.252.0/24 maxlen: 24 2401:4601:252::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.crl rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 14:18:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13922 (0x3662) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E170B, serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268 Validity Not Before: Sep 30 14:40:12 2025 GMT Not After : Jan 30 00:00:00 2026 GMT Subject: CN=68dbebcc-3bb3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:8c:0e:35:77:8a:88:ce:4e:4a:13:1c:e3:cf: 26:04:a5:d8:f1:8f:c2:22:2d:db:32:be:c9:f1:f8: 36:e1:48:7e:a1:ba:f7:1e:16:93:49:a5:ff:bc:da: cd:46:70:d6:23:fe:75:11:f0:d1:91:80:56:59:7b: a3:03:0c:62:44:28:84:14:5c:f5:03:3a:1a:23:43: c6:de:df:8b:07:98:5d:23:42:14:fb:d4:8b:98:57: 28:8d:b3:2c:58:77:dc:d2:b7:fc:6b:87:f1:4a:08: ca:4a:02:4c:52:bb:71:18:6c:16:9b:05:04:16:79: 97:d9:02:af:5a:f5:7d:1f:e0:54:67:35:a5:1e:4c: 0f:7f:00:4e:2e:8c:7b:e4:b4:cf:62:2e:e7:84:81: c0:ec:e8:41:cf:19:41:b5:39:22:c2:3a:c3:ca:94: 91:15:e7:91:ac:c9:b3:89:e7:d8:75:1e:e4:e5:1d: 30:a7:1d:fc:c0:ff:fd:d5:48:7f:7f:f5:14:1d:36: 9d:b7:52:0e:d1:0c:ad:87:29:14:bc:b4:30:60:19: 0c:85:d4:ef:19:24:09:9f:75:d4:09:87:25:85:3a: 9d:5b:7d:e3:b5:04:2f:45:69:c5:2c:04:b4:f6:84: ed:c9:bf:af:32:9e:92:db:64:97:9d:27:65:05:af: 38:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:2A:BA:BF:3D:1F:ED:97:DD:2D:90:16:FB:22:87:08:3E:E6:75:67 X509v3 Authority Key Identifier: keyid:6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/331F345A383611E6B2282B5DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 61.45.252.0/24 IPv6: 2401:4601:252::/48 Signature Algorithm: sha256WithRSAEncryption 2d:5f:16:ce:82:02:4d:43:ae:90:b7:eb:c9:b1:29:77:84:33: 6b:bb:3b:9d:90:f1:f9:5d:19:6d:e8:66:2a:78:6e:f2:1a:38: c5:b0:0b:75:ee:e5:be:64:35:6c:df:19:24:ba:ce:a9:32:f0: 54:3b:31:d4:ad:23:e2:cd:48:fa:e1:20:97:05:35:fe:35:1c: 68:30:fb:a6:18:bc:33:8d:82:fd:87:ac:05:9a:20:66:0b:c6: 0e:30:c4:69:af:69:d5:68:ed:39:8c:57:2f:9b:57:e6:51:ef: 00:fe:23:9a:c3:3c:39:2d:1f:fd:e4:e4:6f:3b:2b:93:c7:64: 52:e5:5d:b6:85:c0:f6:32:2b:86:a7:fa:6e:29:fb:d2:6a:2e: 62:85:e5:9a:36:47:5f:91:4a:e7:7c:75:21:79:1c:0d:9f:1e: 6f:a1:aa:b2:2b:bd:7f:05:f9:a5:70:de:e2:87:8c:ab:3b:c5: 15:be:e6:80:e8:b1:45:60:89:a6:cc:5f:23:a1:24:f8:fa:f5: b1:27:d1:42:74:15:3d:24:78:6f:bd:0f:30:a5:fb:89:94:db: 40:0b:1a:1d:28:b9:02:5c:1f:d3:ea:71:93:7c:3a:e4:6f:0d: 58:e9:6b:bd:c8:6a:7b:7c:ac:6c:09:d0:b8:5c:c4:75:f8:92: 13:df:7d:91 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICNmIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTE3MEIxMTAvBgNVBAUTKDZEMzhDNUI0Q0Y0QkFEM0Q5ODQ4NzFBNzMyMUE5RDE2 OTYwQkUyNjgwHhcNMjUwOTMwMTQ0MDEyWhcNMjYwMTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRiZWJjYy0zYmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn4wONXeKiM5OShMc488mBKXY8Y/CIi3bMr7J8fg24Uh+obr3HhaTSaX/vNrN RnDWI/51EfDRkYBWWXujAwxiRCiEFFz1AzoaI0PG3t+LB5hdI0IU+9SLmFcojbMs WHfc0rf8a4fxSgjKSgJMUrtxGGwWmwUEFnmX2QKvWvV9H+BUZzWlHkwPfwBOLox7 5LTPYi7nhIHA7OhBzxlBtTkiwjrDypSRFeeRrMmziefYdR7k5R0wpx38wP/91Uh/ f/UUHTadt1IO0QythykUvLQwYBkMhdTvGSQJn3XUCYclhTqdW33jtQQvRWnFLAS0 9oTtyb+vMp6S22SXnSdlBa84ZwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPIqur89 H+2X3S2QFvsihwg+5nVnMB8GA1UdIwQYMBaAFG04xbTPS609mEhxpzIanRaWC+Jo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTcwQi85N0FGNkRGMDFE NkQxMUUyQTEyRDlFQUUwOEIwMkNEMi9iVGpGdE05THJUMllTSEduTWhxZEZwWUw0 bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JUakZ0TTlMclQyWVNIR25NaHFkRnBZTDRtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTE3MEIvOTdBRjZERjAxRDZEMTFFMkExMkQ5RUFFMDhCMDJDRDIvMzMxRjM0NUEz ODM2MTFFNkIyMjgyQjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAA9LfwwDwQCAAIwCQMHACQBRgECUjANBgkqhkiG9w0BAQsF AAOCAQEALV8WzoICTUOukLfrybEpd4Qza7s7nZDx+V0ZbehmKnhu8ho4xbALde7l vmQ1bN8ZJLrOqTLwVDsx1K0j4s1I+uEglwU1/jUcaDD7phi8M42C/YesBZogZgvG DjDEaa9p1WjtOYxXL5tX5lHvAP4jmsM8OS0f/eTkbzsrk8dkUuVdtoXA9jIrhqf6 bin70mouYoXlmjZHX5FK53x1IXkcDZ8eb6Gqsiu9fwX5pXDe4oeMqzvFFb7mgOix RWCJpsxfI6Ek+Pr1sSfRQnQVPSR4b70PMKX7iZTbQAsaHSi5Alwf0+pxk3w65G8N WOlrvchqe3ysbAnQuFzEdfiSE999kQ== -----END CERTIFICATE-----Generated at Mon Oct 20 18:54:07 2025 by rpki-client