$ rpki-client -vvf rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/96AD16C6B5FA11F0A1583C84C4F9AE02.roa File: 96AD16C6B5FA11F0A1583C84C4F9AE02.roa (raw, json) Hash identifier: X1CXYIMIZkpo0trxnTIO9Mj79rEmc2HBewb/GCod5Qw= Subject key identifier: C5:9B:1E:C8:0E:31:5E:02:FF:CA:8C:59:D0:9F:BB:52:82:DD:20:43 Certificate issuer: /CN=A91139AB/serialNumber=C1424C4CCC59C9A031BE1ACDF7982D87AB57D068 Certificate serial: 02 Authority key identifier: C1:42:4C:4C:CC:59:C9:A0:31:BE:1A:CD:F7:98:2D:87:AB:57:D0:68 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUJMTMxZyaAxvhrN95gth6tX0Gg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/96AD16C6B5FA11F0A1583C84C4F9AE02.roa Signing time: Fri 31 Oct 2025 01:40:32 +0000 ROA not before: Fri 31 Oct 2025 01:40:32 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 4857 IP address blocks: 202.147.96.0/20 maxlen: 20 202.147.112.0/20 maxlen: 24 203.82.160.0/20 maxlen: 24 203.82.176.0/20 maxlen: 24 203.201.64.0/20 maxlen: 24 203.201.80.0/20 maxlen: 24 203.201.96.0/20 maxlen: 20 203.201.112.0/20 maxlen: 24 221.120.128.0/20 maxlen: 24 221.120.144.0/24 maxlen: 24 221.120.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/wUJMTMxZyaAxvhrN95gth6tX0Gg.crl rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/wUJMTMxZyaAxvhrN95gth6tX0Gg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUJMTMxZyaAxvhrN95gth6tX0Gg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 21:30:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91139AB, serialNumber=C1424C4CCC59C9A031BE1ACDF7982D87AB57D068 Validity Not Before: Oct 31 01:40:32 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=69041390-a345 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:8d:44:09:b8:19:5f:40:1e:f8:14:fa:7a:74: 31:08:3f:40:3a:74:d9:98:19:80:4a:a2:38:9e:c8: 2f:fc:98:ad:81:57:61:48:6a:fa:c0:de:14:e3:cc: ce:b5:03:c1:ee:26:0d:c5:ff:91:a9:55:5b:a1:b2: a4:f0:ec:4e:b5:c4:7f:0e:23:26:18:54:cb:3c:5e: 55:d2:10:f0:47:1d:a0:0e:fd:d5:95:11:42:72:9c: f4:b7:d3:17:10:18:96:37:78:ab:bc:cc:48:1e:46: 83:a7:10:95:55:d6:d0:96:b6:1d:44:bf:c1:57:1c: a0:50:74:9d:c3:6d:83:83:0f:2e:1a:62:64:f5:7f: 7d:55:2b:d0:ab:55:5a:21:b3:f8:91:2e:38:f7:35: 28:17:e7:87:dc:07:2d:5d:f1:c6:06:df:25:78:32: 72:ed:ea:16:78:62:92:57:da:77:26:da:1d:09:4f: 39:32:b7:dc:fa:37:94:ab:db:b7:8a:c0:4c:b6:14: d0:6e:6b:4d:1e:95:04:a3:ed:4b:f0:8e:5b:ac:3b: 95:eb:e9:3c:a7:48:d5:3f:44:ee:5c:d1:9a:54:c6: 42:44:a2:44:c5:e8:24:28:8a:cd:d5:05:e7:b6:8f: 97:db:38:d1:03:d0:25:db:d7:d7:e7:b8:8f:3d:14: 47:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:9B:1E:C8:0E:31:5E:02:FF:CA:8C:59:D0:9F:BB:52:82:DD:20:43 X509v3 Authority Key Identifier: keyid:C1:42:4C:4C:CC:59:C9:A0:31:BE:1A:CD:F7:98:2D:87:AB:57:D0:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/wUJMTMxZyaAxvhrN95gth6tX0Gg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUJMTMxZyaAxvhrN95gth6tX0Gg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/96AD16C6B5FA11F0A1583C84C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.147.96.0/19 203.82.160.0/19 203.201.64.0/18 221.120.128.0-221.120.145.255 Signature Algorithm: sha256WithRSAEncryption 3a:88:ee:24:a6:ec:0b:ab:b9:4f:65:48:96:17:5c:40:8f:fe: 1a:a0:cd:c0:d9:ef:bb:17:5c:0b:00:d2:ca:71:99:03:34:1c: 04:75:3b:3b:bc:1d:d0:6d:9f:cd:07:c6:ed:e9:83:5b:67:57: 1f:97:d0:9b:bd:aa:26:7f:d6:6a:98:f5:ed:4b:0f:be:02:4b: d8:d6:92:06:37:5a:9f:99:1a:85:9b:ce:dd:b8:d7:1e:00:4f: 96:6e:1d:20:9a:22:68:db:11:1a:f1:d9:3f:b5:f0:09:f3:9b: c7:71:7f:7f:94:c0:58:5c:ee:14:c4:86:07:6a:65:df:f8:8d: 24:33:77:95:34:04:77:b1:3c:be:fa:f1:9d:c0:d2:22:67:f6: 80:9b:a2:32:c9:39:5d:b0:4c:67:a4:e7:c0:60:2b:55:b2:2b: ad:38:1d:b2:0f:96:a2:48:d3:2b:d3:bc:1b:42:1e:50:bd:b5: 2e:eb:3d:5a:73:6b:f1:91:da:c7:77:2a:f5:31:59:f8:df:32: da:ee:a0:93:48:f1:55:a8:7a:ab:77:3c:31:16:35:9c:61:c9: 71:91:79:10:75:5d:3f:cc:6a:c4:ab:bc:ac:89:05:3a:8c:88: 2b:fa:c9:66:fe:03:7b:c2:0f:e5:79:c4:94:19:28:21:b9:58: 12:ee:ed:94 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx MzlBQjExMC8GA1UEBRMoQzE0MjRDNENDQzU5QzlBMDMxQkUxQUNERjc5ODJEODdB QjU3RDA2ODAeFw0yNTEwMzEwMTQwMzJaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY5MDQxMzkwLWEzNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDjjUQJuBlfQB74FPp6dDEIP0A6dNmYGYBKojieyC/8mK2BV2FIavrA3hTjzM61 A8HuJg3F/5GpVVuhsqTw7E61xH8OIyYYVMs8XlXSEPBHHaAO/dWVEUJynPS30xcQ GJY3eKu8zEgeRoOnEJVV1tCWth1Ev8FXHKBQdJ3DbYODDy4aYmT1f31VK9CrVVoh s/iRLjj3NSgX54fcBy1d8cYG3yV4MnLt6hZ4YpJX2ncm2h0JTzkyt9z6N5Sr27eK wEy2FNBua00elQSj7UvwjlusO5Xr6TynSNU/RO5c0ZpUxkJEokTF6CQois3VBee2 j5fbONED0CXb19fnuI89FEc3AgMBAAGjggKvMIICqzAdBgNVHQ4EFgQUxZseyA4x XgL/yoxZ0J+7UoLdIEMwHwYDVR0jBBgwFoAUwUJMTMxZyaAxvhrN95gth6tX0Ggw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEzOUFCLzE1OEQ0OTA2MjU1 QjExRUJBOUY1NjAxQUM0RjlBRTAyL3dVSk1UTXhaeWFBeHZock45NWd0aDZ0WDBH Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvd1VKTVRNeFp5YUF4dmhyTjk1Z3RoNnRYMEdnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx MzlBQi8xNThENDkwNjI1NUIxMUVCQTlGNTYwMUFDNEY5QUUwMi85NkFEMTZDNkI1 RkExMUYwQTE1ODNDODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq MCgwJgQCAAEwIAMEBcqTYAMEBctSoAMEBsvJQDAMAwQH3XiAAwQB3XiQMA0GCSqG SIb3DQEBCwUAA4IBAQA6iO4kpuwLq7lPZUiWF1xAj/4aoM3A2e+7F1wLANLKcZkD NBwEdTs7vB3QbZ/NB8bt6YNbZ1cfl9Cbvaomf9ZqmPXtSw++AkvY1pIGN1qfmRqF m87duNceAE+Wbh0gmiJo2xEa8dk/tfAJ85vHcX9/lMBYXO4UxIYHamXf+I0kM3eV NAR3sTy++vGdwNIiZ/aAm6IyyTldsExnpOfAYCtVsiutOB2yD5aiSNMr07wbQh5Q vbUu6z1ac2vxkdrHdyr1MVn43zLa7qCTSPFVqHqrdzwxFjWcYclxkXkQdV0/zGrE q7ysiQU6jIgr+slm/gN7wg/lecSUGSghuVgS7u2U -----END CERTIFICATE-----Generated at Wed Nov 5 22:32:53 2025 by rpki-client