$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDBE8/9D363178152B11EB9BD4EB46C4F9AE02/06F011A2134B11F0AA41F90AC4F9AE02.roa File: 06F011A2134B11F0AA41F90AC4F9AE02.roa (raw, json) Hash identifier: rQ3HbUHQH7eVX3Cnh8/MApZL6I89rN2JY57V2VKSths= Subject key identifier: 9E:9B:27:0D:55:E7:F3:56:EF:EA:8C:4A:08:60:2A:FC:2B:13:DB:68 Certificate issuer: /CN=A91FDBE8/serialNumber=F35409394866FB408A0D188E0B7D00CC5A73948E Certificate serial: 07EE Authority key identifier: F3:54:09:39:48:66:FB:40:8A:0D:18:8E:0B:7D:00:CC:5A:73:94:8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/81QJOUhm-0CKDRiOC30AzFpzlI4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDBE8/9D363178152B11EB9BD4EB46C4F9AE02/06F011A2134B11F0AA41F90AC4F9AE02.roa Signing time: Tue 30 Sep 2025 21:54:06 +0000 ROA not before: Tue 30 Sep 2025 21:54:06 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 38880 IP address blocks: 45.65.60.0/22 maxlen: 22 45.65.60.0/24 maxlen: 24 45.65.61.0/24 maxlen: 24 45.65.62.0/24 maxlen: 24 45.65.63.0/24 maxlen: 24 45.114.204.0/22 maxlen: 22 45.114.204.0/24 maxlen: 24 45.114.205.0/24 maxlen: 24 45.114.206.0/24 maxlen: 24 45.114.207.0/24 maxlen: 24 103.37.8.0/23 maxlen: 23 103.37.8.0/24 maxlen: 24 103.37.9.0/24 maxlen: 24 103.52.168.0/23 maxlen: 23 103.52.168.0/24 maxlen: 24 103.52.169.0/24 maxlen: 24 103.80.136.0/22 maxlen: 22 103.80.136.0/24 maxlen: 24 103.80.137.0/24 maxlen: 24 103.80.138.0/24 maxlen: 24 103.80.139.0/24 maxlen: 24 2402:3680::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDBE8/9D363178152B11EB9BD4EB46C4F9AE02/81QJOUhm-0CKDRiOC30AzFpzlI4.crl rsync://rpki.apnic.net/member_repository/A91FDBE8/9D363178152B11EB9BD4EB46C4F9AE02/81QJOUhm-0CKDRiOC30AzFpzlI4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/81QJOUhm-0CKDRiOC30AzFpzlI4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 22:34:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2030 (0x7ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDBE8, serialNumber=F35409394866FB408A0D188E0B7D00CC5A73948E Validity Not Before: Sep 30 21:54:06 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68dc517e-dc61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:46:66:2a:ed:c7:30:99:91:8e:c3:4c:da:70: 04:96:7d:ac:4a:f8:cd:1e:a3:2e:be:4d:7a:ec:73: d7:31:f3:cf:dd:97:f7:ff:a6:eb:90:96:d8:bf:05: e0:9c:16:23:e6:af:5d:54:90:67:ba:84:20:b7:5e: 28:f1:24:3b:b5:76:39:ae:56:c1:6a:cc:f4:d0:4b: bb:71:da:d4:66:27:b1:13:12:aa:de:f4:ab:dc:24: 77:48:d5:ff:75:b6:02:b3:2d:15:31:35:79:d3:06: 32:4a:ee:a1:fa:44:d6:a2:2c:82:e5:01:de:67:61: 42:4c:a6:f9:cc:d7:05:8f:be:97:12:3c:36:5e:95: e3:f4:71:a8:01:7e:f6:f0:96:7b:21:49:c7:07:b7: fa:c8:a7:51:a6:b2:39:d8:0a:4a:85:1d:69:8e:48: 15:c8:21:98:ba:08:85:ec:8a:39:2c:f0:53:11:68: 02:fd:45:a4:3e:8b:94:a2:dc:0d:a8:9c:01:ec:9a: cd:52:44:79:b5:11:78:9d:d9:19:e8:45:9e:f4:aa: c0:d2:77:bb:ec:a3:7c:cc:c7:62:17:75:28:37:90: 81:54:eb:70:9c:35:b3:69:00:d3:3b:09:54:aa:54: 95:26:8f:47:b4:f8:ec:d8:e0:a0:16:73:25:2f:e5: ef:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:9B:27:0D:55:E7:F3:56:EF:EA:8C:4A:08:60:2A:FC:2B:13:DB:68 X509v3 Authority Key Identifier: keyid:F3:54:09:39:48:66:FB:40:8A:0D:18:8E:0B:7D:00:CC:5A:73:94:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDBE8/9D363178152B11EB9BD4EB46C4F9AE02/81QJOUhm-0CKDRiOC30AzFpzlI4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/81QJOUhm-0CKDRiOC30AzFpzlI4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDBE8/9D363178152B11EB9BD4EB46C4F9AE02/06F011A2134B11F0AA41F90AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.65.60.0/22 45.114.204.0/22 103.37.8.0/23 103.52.168.0/23 103.80.136.0/22 IPv6: 2402:3680::/32 Signature Algorithm: sha256WithRSAEncryption 63:81:0f:33:59:78:87:db:85:22:e4:56:00:e7:23:dc:1f:b0: c6:47:55:73:49:66:c4:9f:35:ec:0f:db:d5:b6:2a:99:f5:b8: 46:6c:40:cf:90:39:78:c6:82:68:46:73:b5:62:04:50:da:b6: ef:32:61:55:46:d4:40:d5:b1:b0:ea:39:bb:56:e8:63:b7:2e: 3c:9e:97:ca:12:c3:7b:5c:4c:e6:34:42:4c:cd:e3:7d:1c:f4: 3d:82:90:48:24:bb:a6:2c:f9:73:30:b3:8b:5c:15:9b:7e:2d: 45:f4:96:ee:77:fe:fb:c6:d1:a8:35:d8:e9:e4:fe:d3:de:95: ad:36:26:88:c4:95:73:17:d1:cc:e9:72:0e:ce:0d:c6:fc:d6: a1:23:34:7b:0d:df:93:85:76:f6:41:e8:87:cb:7c:9d:7e:b4: 45:d4:04:fe:f0:b5:e0:d8:ab:65:bf:eb:13:60:2e:e7:00:14: f9:22:eb:c0:f7:95:7c:d0:30:dc:6c:9c:12:3d:37:bb:9c:74: 3a:a7:92:20:d7:e0:fa:23:8d:8e:ed:df:27:2e:c5:78:b4:54: 48:6c:38:26:bc:dd:1a:ba:24:ad:25:45:4f:95:7f:71:1b:e2: 8c:27:2b:96:82:f6:fe:4c:80:39:17:42:c1:53:79:91:12:ec: 84:ae:9d:d3 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICB+4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRCRTgxMTAvBgNVBAUTKEYzNTQwOTM5NDg2NkZCNDA4QTBEMTg4RTBCN0QwMEND NUE3Mzk0OEUwHhcNMjUwOTMwMjE1NDA2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRjNTE3ZS1kYzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2UZmKu3HMJmRjsNM2nAEln2sSvjNHqMuvk167HPXMfPP3Zf3/6brkJbYvwXg nBYj5q9dVJBnuoQgt14o8SQ7tXY5rlbBasz00Eu7cdrUZiexExKq3vSr3CR3SNX/ dbYCsy0VMTV50wYySu6h+kTWoiyC5QHeZ2FCTKb5zNcFj76XEjw2XpXj9HGoAX72 8JZ7IUnHB7f6yKdRprI52ApKhR1pjkgVyCGYugiF7Io5LPBTEWgC/UWkPouUotwN qJwB7JrNUkR5tRF4ndkZ6EWe9KrA0ne77KN8zMdiF3UoN5CBVOtwnDWzaQDTOwlU qlSVJo9HtPjs2OCgFnMlL+XvqwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFJ6bJw1V 5/NW7+qMSghgKvwrE9toMB8GA1UdIwQYMBaAFPNUCTlIZvtAig0Yjgt9AMxac5SO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREJFOC85RDM2MzE3ODE1 MkIxMUVCOUJENEVCNDZDNEY5QUUwMi84MVFKT1VobS0wQ0tEUmlPQzMwQXpGcHps STQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzgxUUpPVWhtLTBDS0RSaU9DMzBBekZwemxJNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkRCRTgvOUQzNjMxNzgxNTJCMTFFQjlCRDRFQjQ2QzRGOUFFMDIvMDZGMDExQTIx MzRCMTFGMEFBNDFGOTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAItQTwDBAItcswDBAFnJQgDBAFnNKgDBAJnUIgwDQQCAAIw BwMFACQCNoAwDQYJKoZIhvcNAQELBQADggEBAGOBDzNZeIfbhSLkVgDnI9wfsMZH VXNJZsSfNewP29W2Kpn1uEZsQM+QOXjGgmhGc7ViBFDatu8yYVVG1EDVsbDqObtW 6GO3Ljyel8oSw3tcTOY0QkzN430c9D2CkEgku6Ys+XMws4tcFZt+LUX0lu53/vvG 0ag12Onk/tPela02JojElXMX0czpcg7ODcb81qEjNHsN35OFdvZB6IfLfJ1+tEXU BP7wteDYq2W/6xNgLucAFPki68D3lXzQMNxsnBI9N7ucdDqnkiDX4PojjY7t3ycu xXi0VEhsOCa83Rq6JK0lRU+Vf3Eb4ownK5aC9v5MgDkXQsFTeZES7ISundM= -----END CERTIFICATE-----Generated at Mon Oct 20 05:04:59 2025 by rpki-client