$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/9BC411EEA03F11F094CBF530C4F9AE02.roa File: 9BC411EEA03F11F094CBF530C4F9AE02.roa (raw, json) Hash identifier: WA/tDmga3l8gZvc4ZjpwlBlP3nDfqhnwsfFvTM1otOg= Subject key identifier: 6D:47:39:20:03:61:D3:ED:C6:30:8A:F1:78:9F:81:04:08:8B:F1:3B Certificate issuer: /CN=A91F9605/serialNumber=681884C0C7557E526EF2BC4D1E5ABC336AE27F9E Certificate serial: 06A0 Authority key identifier: 68:18:84:C0:C7:55:7E:52:6E:F2:BC:4D:1E:5A:BC:33:6A:E2:7F:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBiEwMdVflJu8rxNHlq8M2rif54.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/9BC411EEA03F11F094CBF530C4F9AE02.roa Signing time: Fri 03 Oct 2025 09:59:11 +0000 ROA not before: Fri 03 Oct 2025 09:59:11 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 17648 IP address blocks: 110.50.32.0/20 maxlen: 20 110.50.48.0/21 maxlen: 21 110.50.56.0/22 maxlen: 22 110.50.60.0/24 maxlen: 24 110.50.61.0/24 maxlen: 24 110.50.62.0/23 maxlen: 24 202.134.192.0/20 maxlen: 20 202.134.192.0/24 maxlen: 24 202.134.193.0/24 maxlen: 24 202.134.194.0/24 maxlen: 24 202.134.195.0/24 maxlen: 24 202.134.196.0/24 maxlen: 24 202.134.197.0/24 maxlen: 24 202.134.198.0/24 maxlen: 24 202.134.199.0/24 maxlen: 24 202.134.200.0/24 maxlen: 24 202.134.201.0/24 maxlen: 24 202.134.202.0/24 maxlen: 24 202.134.203.0/24 maxlen: 24 202.134.204.0/24 maxlen: 24 202.134.205.0/24 maxlen: 24 202.134.206.0/24 maxlen: 24 202.134.207.0/24 maxlen: 24 2406:2e00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/aBiEwMdVflJu8rxNHlq8M2rif54.crl rsync://rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/aBiEwMdVflJu8rxNHlq8M2rif54.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBiEwMdVflJu8rxNHlq8M2rif54.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 23:48:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1696 (0x6a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9605, serialNumber=681884C0C7557E526EF2BC4D1E5ABC336AE27F9E Validity Not Before: Oct 3 09:59:11 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68df9e6e-528e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:af:68:ca:aa:31:11:62:45:97:26:1d:f4:da: 73:c6:d9:74:8e:01:9a:ab:ca:46:6f:f9:db:e6:09: dd:99:40:08:2a:cb:11:b7:f7:08:48:ad:0b:21:9f: c0:33:cb:1a:7e:62:4e:a8:d3:e8:98:ca:46:ba:bb: 25:4b:e8:4f:24:27:bf:de:c8:56:12:62:44:4c:a3: a7:9f:7b:b9:5a:24:d8:50:28:0d:c8:7f:7c:75:87: 5c:57:b9:06:f4:28:ab:a8:12:1e:5b:7f:c6:73:c8: 8d:0b:df:36:34:89:96:0a:9a:94:fc:d9:9c:23:ad: e0:f8:7c:60:db:31:ec:30:69:77:2f:8c:89:4b:b7: de:9c:38:76:7e:63:bd:5e:c6:cd:bc:0f:83:b5:46: 6d:f4:42:c9:39:81:21:4a:3f:f9:ce:c6:a0:db:ff: 8c:ea:07:84:70:fb:f5:2c:49:cb:7e:7f:98:76:1f: 37:4c:00:5e:4c:34:1e:3f:c1:98:c6:f1:86:ee:1f: 20:8e:a5:37:c8:4e:4f:3c:32:f7:e9:2d:a9:85:c8: db:b5:d0:16:f3:45:fa:9b:8f:db:22:17:e1:d2:6d: 7d:8b:12:4b:df:4d:42:2f:31:44:74:01:11:d7:cf: 3c:a6:0f:b9:13:f6:f2:85:ae:8b:86:e1:51:99:ad: ef:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:47:39:20:03:61:D3:ED:C6:30:8A:F1:78:9F:81:04:08:8B:F1:3B X509v3 Authority Key Identifier: keyid:68:18:84:C0:C7:55:7E:52:6E:F2:BC:4D:1E:5A:BC:33:6A:E2:7F:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/aBiEwMdVflJu8rxNHlq8M2rif54.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBiEwMdVflJu8rxNHlq8M2rif54.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9605/36666D6E870911EB823B3356C4F9AE02/9BC411EEA03F11F094CBF530C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 110.50.32.0/19 202.134.192.0/20 IPv6: 2406:2e00::/32 Signature Algorithm: sha256WithRSAEncryption 90:38:09:83:ba:a7:ee:eb:b4:88:1d:1e:dc:8c:a0:20:ff:08: 76:e1:52:6e:93:d5:08:7e:83:e7:08:f1:4c:68:1f:36:80:38: f1:21:e1:b1:6c:26:9b:58:77:54:5e:78:29:45:67:7c:ba:fc: a6:e5:ff:72:0d:46:40:7b:ad:7c:d4:40:15:cd:14:96:f8:b7: 18:ca:b6:27:0c:21:4b:9a:94:da:b5:ae:1c:11:59:9e:b8:c4: d6:3c:08:8d:74:bd:a0:68:79:35:61:1a:db:19:3f:a4:af:31: 68:a3:15:ce:84:d0:c1:56:9a:2a:56:17:e7:f6:01:43:ff:c9: 6d:f3:d5:4b:95:1e:6b:6a:b1:f4:cb:6b:76:97:4e:a0:92:7d: 31:14:3f:cc:38:c3:ac:cb:d3:c0:75:80:42:3d:f9:3a:3c:e4: ad:03:36:a4:f0:57:45:05:2b:07:79:99:bd:89:d3:36:3c:87: 7d:f4:d4:8f:ad:da:3f:03:30:71:25:f4:b5:8b:67:97:ea:f3: f9:b5:77:37:87:f8:69:52:dc:b1:a8:f6:e2:fc:78:1c:4c:c4: 61:f9:fe:15:76:91:89:99:22:00:40:8a:a9:57:37:c3:a3:db: cb:8f:ac:62:a7:6b:9a:a9:fc:b3:ff:65:3a:3e:76:85:1a:c3: 9b:b8:bb:59 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBqAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjk2MDUxMTAvBgNVBAUTKDY4MTg4NEMwQzc1NTdFNTI2RUYyQkM0RDFFNUFCQzMz NkFFMjdGOUUwHhcNMjUxMDAzMDk1OTExWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRmOWU2ZS01MjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2K9oyqoxEWJFlyYd9Npzxtl0jgGaq8pGb/nb5gndmUAIKssRt/cISK0LIZ/A M8safmJOqNPomMpGurslS+hPJCe/3shWEmJETKOnn3u5WiTYUCgNyH98dYdcV7kG 9CirqBIeW3/Gc8iNC982NImWCpqU/NmcI63g+Hxg2zHsMGl3L4yJS7fenDh2fmO9 XsbNvA+DtUZt9ELJOYEhSj/5zsag2/+M6geEcPv1LEnLfn+Ydh83TABeTDQeP8GY xvGG7h8gjqU3yE5PPDL36S2phcjbtdAW80X6m4/bIhfh0m19ixJL301CLzFEdAER 1888pg+5E/byha6LhuFRma3vXwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFG1HOSAD YdPtxjCK8XifgQQIi/E7MB8GA1UdIwQYMBaAFGgYhMDHVX5SbvK8TR5avDNq4n+e MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTYwNS8zNjY2NkQ2RTg3 MDkxMUVCODIzQjMzNTZDNEY5QUUwMi9hQmlFd01kVmZsSnU4cnhOSGxxOE0ycmlm NTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FCaUV3TWRWZmxKdThyeE5IbHE4TTJyaWY1NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Rjk2MDUvMzY2NjZENkU4NzA5MTFFQjgyM0IzMzU2QzRGOUFFMDIvOUJDNDExRUVB MDNGMTFGMDk0Q0JGNTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAVuMiADBATKhsAwDQQCAAIwBwMFACQGLgAwDQYJKoZIhvcN AQELBQADggEBAJA4CYO6p+7rtIgdHtyMoCD/CHbhUm6T1Qh+g+cI8UxoHzaAOPEh 4bFsJptYd1ReeClFZ3y6/Kbl/3INRkB7rXzUQBXNFJb4txjKticMIUualNq1rhwR WZ64xNY8CI10vaBoeTVhGtsZP6SvMWijFc6E0MFWmipWF+f2AUP/yW3z1UuVHmtq sfTLa3aXTqCSfTEUP8w4w6zL08B1gEI9+To85K0DNqTwV0UFKwd5mb2J0zY8h330 1I+t2j8DMHEl9LWLZ5fq8/m1dzeH+GlS3LGo9uL8eBxMxGH5/hV2kYmZIgBAiqlX N8Oj28uPrGKna5qp/LP/ZTo+doUaw5u4u1k= -----END CERTIFICATE-----Generated at Mon Oct 20 08:33:01 2025 by rpki-client