$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/651072686CBB11EA95256D30C4F9AE02.roa File: 651072686CBB11EA95256D30C4F9AE02.roa (raw, json) Hash identifier: 6Cva/MAM9NxBoaAYG/HBqjbHLWksXNLd6d8hzeYffrs= Subject key identifier: B8:CA:10:D1:37:23:34:25:FA:3C:F5:99:DB:5A:E3:06:B3:53:C6:FB Certificate issuer: /CN=A91EBBD7/serialNumber=A9BB0DFB6D4FF63B728833BE0AD6623796EC8A19 Certificate serial: 0A74 Authority key identifier: A9:BB:0D:FB:6D:4F:F6:3B:72:88:33:BE:0A:D6:62:37:96:EC:8A:19 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbsN-21P9jtyiDO-CtZiN5bsihk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/651072686CBB11EA95256D30C4F9AE02.roa Signing time: Tue 30 Sep 2025 20:21:21 +0000 ROA not before: Tue 30 Sep 2025 20:21:21 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 38004 IP address blocks: 202.89.24.0/21 maxlen: 21 202.89.24.0/25 maxlen: 25 202.89.24.128/25 maxlen: 25 202.89.25.0/24 maxlen: 25 202.89.26.0/24 maxlen: 24 202.89.29.0/24 maxlen: 24 2401:5f40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/qbsN-21P9jtyiDO-CtZiN5bsihk.crl rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/qbsN-21P9jtyiDO-CtZiN5bsihk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbsN-21P9jtyiDO-CtZiN5bsihk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:35:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2676 (0xa74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBBD7, serialNumber=A9BB0DFB6D4FF63B728833BE0AD6623796EC8A19 Validity Not Before: Sep 30 20:21:21 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68dc3bc0-436a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a9:5e:9c:65:60:5f:f7:2a:32:51:f9:28:01: a0:19:aa:61:87:0f:66:0f:3b:11:75:11:74:98:a9: fb:6a:72:a7:66:95:bb:c1:b6:88:e1:e0:12:59:25: b5:db:da:c0:3b:5d:fc:69:36:0e:72:5c:4a:fe:9d: 9b:49:2e:2f:a5:43:09:2b:91:f0:aa:ad:9e:61:ae: 90:7b:52:11:9e:46:54:bf:fe:cf:cb:12:2e:f5:4c: 40:28:00:79:52:6b:46:31:e6:04:9d:c1:23:29:55: 2b:12:ae:27:81:5e:8f:fd:8a:98:e3:d4:90:52:45: 0f:2a:be:8b:ba:be:0c:c0:d6:b8:43:6a:dc:2e:c3: 43:5d:3c:ee:9d:1b:ca:99:b6:af:b8:58:1b:9b:2d: 27:d8:4e:48:36:39:80:41:8f:4f:59:38:07:d9:9e: f6:07:4d:88:9d:1b:31:00:fa:df:c8:28:6b:46:f9: b9:59:c6:f5:03:c9:2b:81:95:7d:cf:68:a0:4b:ab: 6d:d8:4d:71:60:d0:86:76:28:6e:0d:18:49:18:3e: f2:81:12:2b:9c:41:13:67:1c:83:a9:c3:e6:e4:b7: c7:06:14:22:7f:6c:2e:cd:8a:56:7d:53:59:a3:ee: 4b:8d:99:38:71:ca:1a:6d:89:a5:6a:49:f9:d1:c9: f9:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:CA:10:D1:37:23:34:25:FA:3C:F5:99:DB:5A:E3:06:B3:53:C6:FB X509v3 Authority Key Identifier: keyid:A9:BB:0D:FB:6D:4F:F6:3B:72:88:33:BE:0A:D6:62:37:96:EC:8A:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/qbsN-21P9jtyiDO-CtZiN5bsihk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbsN-21P9jtyiDO-CtZiN5bsihk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBBD7/F93219126CB911EA80832E2EC4F9AE02/651072686CBB11EA95256D30C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.89.24.0/21 IPv6: 2401:5f40::/32 Signature Algorithm: sha256WithRSAEncryption 1c:b9:e6:09:76:d3:22:98:c7:1d:a6:d8:8e:80:de:9c:91:03: 70:e4:f3:f8:c3:46:74:69:12:1c:d8:9d:ba:12:e4:91:14:a6: be:4b:00:73:b3:56:33:b8:40:9d:2b:f5:cf:ed:fe:c8:e6:1c: b0:83:e2:e1:6f:ed:18:48:3a:c0:26:78:b4:a1:de:1a:da:1f: 61:34:bf:9d:59:d7:50:a9:7a:30:ba:62:e9:d7:01:d7:d0:6e: 33:71:91:d3:81:ac:8d:8a:65:3e:56:18:68:54:9d:a9:14:af: 2c:d0:b5:42:36:3f:2d:dc:ec:92:22:52:85:38:11:4b:97:ea: e1:9f:e9:19:df:56:5d:c7:40:67:d6:a2:fa:4e:65:af:e6:6c: 2d:71:b0:3c:8c:7d:24:84:fe:ca:ae:0e:5c:f2:00:ad:f4:d9: 82:2d:a2:47:17:76:87:9a:78:b9:ce:03:dd:00:a6:a4:ed:28: e7:05:d4:be:31:9c:1b:7a:4e:f7:97:6f:98:70:18:5c:3d:8a: 2f:68:c6:92:f2:b9:60:3b:a4:f9:e7:6d:6c:6c:13:a4:e1:b6: 79:6a:bd:e6:f6:fa:c7:1f:40:19:48:46:50:aa:32:51:4a:c1: 4f:1e:de:ba:f6:72:c3:e5:47:c0:84:e7:95:ee:e3:fe:6b:c6: 98:0c:73:3b -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJCRDcxMTAvBgNVBAUTKEE5QkIwREZCNkQ0RkY2M0I3Mjg4MzNCRTBBRDY2MjM3 OTZFQzhBMTkwHhcNMjUwOTMwMjAyMTIxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRjM2JjMC00MzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxqlenGVgX/cqMlH5KAGgGaphhw9mDzsRdRF0mKn7anKnZpW7wbaI4eASWSW1 29rAO138aTYOclxK/p2bSS4vpUMJK5Hwqq2eYa6Qe1IRnkZUv/7PyxIu9UxAKAB5 UmtGMeYEncEjKVUrEq4ngV6P/YqY49SQUkUPKr6Lur4MwNa4Q2rcLsNDXTzunRvK mbavuFgbmy0n2E5INjmAQY9PWTgH2Z72B02InRsxAPrfyChrRvm5Wcb1A8krgZV9 z2igS6tt2E1xYNCGdihuDRhJGD7ygRIrnEETZxyDqcPm5LfHBhQif2wuzYpWfVNZ o+5LjZk4ccoabYmlakn50cn5tQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLjKENE3 IzQl+jz1mdta4wazU8b7MB8GA1UdIwQYMBaAFKm7DfttT/Y7cogzvgrWYjeW7IoZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkJENy9GOTMyMTkxMjZD QjkxMUVBODA4MzJFMkVDNEY5QUUwMi9xYnNOLTIxUDlqdHlpRE8tQ3RaaU41YnNp aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Fic04tMjFQOWp0eWlETy1DdFppTjVic2loay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUJCRDcvRjkzMjE5MTI2Q0I5MTFFQTgwODMyRTJFQzRGOUFFMDIvNjUxMDcyNjg2 Q0JCMTFFQTk1MjU2RDMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAPKWRgwDQQCAAIwBwMFACQBX0AwDQYJKoZIhvcNAQELBQAD ggEBABy55gl20yKYxx2m2I6A3pyRA3Dk8/jDRnRpEhzYnboS5JEUpr5LAHOzVjO4 QJ0r9c/t/sjmHLCD4uFv7RhIOsAmeLSh3hraH2E0v51Z11CpejC6YunXAdfQbjNx kdOBrI2KZT5WGGhUnakUryzQtUI2Py3c7JIiUoU4EUuX6uGf6RnfVl3HQGfWovpO Za/mbC1xsDyMfSSE/squDlzyAK302YItokcXdoeaeLnOA90ApqTtKOcF1L4xnBt6 TveXb5hwGFw9ii9oxpLyuWA7pPnnbWxsE6Thtnlqveb2+scfQBlIRlCqMlFKwU8e 3rr2csPlR8CE55Xu4/5rxpgMczs= -----END CERTIFICATE-----Generated at Mon Oct 20 12:43:59 2025 by rpki-client