$ rpki-client -vvf rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/8D57E1664D0911EEA9837D4AC4F9AE02.roa File: 8D57E1664D0911EEA9837D4AC4F9AE02.roa (raw, json) Hash identifier: mbjRZ38hTmzNJxu5Qy/hpIsa9dhCLIHmpMwMWiWa89U= Subject key identifier: BF:F0:37:BE:86:4A:75:63:78:B2:BE:08:ED:2C:25:E0:F0:6D:A5:B5 Certificate issuer: /CN=A91889B6/serialNumber=E93674B1F3B6916B2B6363B861D6B77B3905DDD8 Certificate serial: 34DB Authority key identifier: E9:36:74:B1:F3:B6:91:6B:2B:63:63:B8:61:D6:B7:7B:39:05:DD:D8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/8D57E1664D0911EEA9837D4AC4F9AE02.roa Signing time: Fri 24 Oct 2025 15:00:55 +0000 ROA not before: Fri 24 Oct 2025 15:00:55 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 4768 IP address blocks: 192.173.16.0/21 maxlen: 21 192.173.16.0/24 maxlen: 24 192.173.17.0/24 maxlen: 24 192.173.18.0/24 maxlen: 24 192.173.19.0/24 maxlen: 24 192.173.20.0/24 maxlen: 24 192.173.23.0/24 maxlen: 24 192.173.24.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.crl rsync://rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:53:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13531 (0x34db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91889B6, serialNumber=E93674B1F3B6916B2B6363B861D6B77B3905DDD8 Validity Not Before: Oct 24 15:00:55 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68fb94a7-1abf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:41:77:d1:a5:e5:cd:c6:5b:e2:b4:7e:56:8b: 3a:88:7c:ff:e2:e2:cb:20:3f:bc:3a:cb:11:f3:cf: 57:f8:7b:63:78:e7:63:ff:65:80:5f:9c:3e:f9:21: 7d:63:7f:e1:44:6f:45:c7:8c:41:2f:29:1b:ea:a3: 05:8d:3f:23:5b:5d:66:e7:fe:73:20:d3:98:17:bb: f0:52:f9:da:4f:49:c9:d9:86:66:aa:69:e2:53:b6: 17:33:7c:ad:de:f1:02:cc:6c:40:e6:88:17:9a:3e: 7a:56:c2:f8:e2:a8:e2:fa:56:f8:04:5a:29:62:c2: fa:a8:b4:e4:fb:98:9f:93:8d:df:b8:3d:5f:01:2d: 66:78:67:10:54:32:02:89:1f:c8:79:17:51:3c:ed: b8:59:f6:ba:a6:91:38:cb:eb:1b:1e:9b:d2:f6:c5: 9e:85:c0:93:a8:51:69:ee:6d:32:05:d4:ae:7c:33: d8:0a:32:83:91:9a:21:73:23:f4:ed:6f:46:c6:59: 99:bf:97:b3:38:4d:26:1e:89:71:48:00:90:bc:e3: ce:ec:f4:af:25:d8:68:5f:5f:5c:2e:7f:93:30:05: c3:6a:a4:3a:81:49:db:9a:f3:6c:9f:1c:15:5a:4f: 81:d2:92:f1:c2:b7:37:d4:f3:42:d0:07:68:e7:67: 4e:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:F0:37:BE:86:4A:75:63:78:B2:BE:08:ED:2C:25:E0:F0:6D:A5:B5 X509v3 Authority Key Identifier: keyid:E9:36:74:B1:F3:B6:91:6B:2B:63:63:B8:61:D6:B7:7B:39:05:DD:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6TZ0sfO2kWsrY2O4Yda3ezkF3dg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91889B6/2C4EF9761D9611E2A6548E7E08B02CD2/8D57E1664D0911EEA9837D4AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 192.173.16.0-192.173.24.255 Signature Algorithm: sha256WithRSAEncryption 06:99:38:e6:d0:c3:33:60:02:34:97:92:6e:5d:e8:73:4d:90: db:12:90:32:0a:d7:58:e9:7e:c9:2a:03:41:91:a6:e3:47:04: 41:b5:d5:0c:fe:35:0d:87:91:61:67:19:95:5e:60:44:31:d7: 96:0f:23:0d:30:73:4d:5a:de:f0:34:e7:c2:cd:72:7c:a5:1f: 88:77:7c:90:0f:f6:8b:fe:7e:f6:0f:de:63:6d:4f:d1:c1:23: 87:f4:3b:94:0c:4f:2d:f8:b9:c2:71:21:35:33:c5:d8:fa:37: 10:ab:3f:f5:0d:8d:2d:d6:35:3d:74:db:40:79:08:03:d8:5c: 3c:20:b7:d8:c9:ee:06:cf:33:2d:f5:81:b3:b2:02:42:36:71: b7:bb:ff:88:66:c6:a8:da:d3:e1:05:36:31:3d:fe:c7:ef:f7: e0:ca:02:51:b0:63:0e:7f:0c:51:78:e5:04:08:02:ca:dc:c4: b0:a1:ce:a5:0b:17:ba:cb:99:c6:c9:81:d3:25:99:c8:84:d3: 3e:fc:b6:db:e5:19:dc:3b:31:ac:c1:04:e0:81:23:96:e8:48: 58:96:51:c1:77:58:6c:3f:c2:38:76:0c:bd:33:fe:48:27:db: e1:7c:8a:1c:0b:0d:1d:04:34:ff:2c:44:60:72:19:e9:86:f3: 7b:09:43:3b -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgICNNswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODg5QjYxMTAvBgNVBAUTKEU5MzY3NEIxRjNCNjkxNkIyQjYzNjNCODYxRDZCNzdC MzkwNURERDgwHhcNMjUxMDI0MTUwMDU1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGZiOTRhNy0xYWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuUF30aXlzcZb4rR+Vos6iHz/4uLLID+8OssR889X+HtjeOdj/2WAX5w++SF9 Y3/hRG9Fx4xBLykb6qMFjT8jW11m5/5zINOYF7vwUvnaT0nJ2YZmqmniU7YXM3yt 3vECzGxA5ogXmj56VsL44qji+lb4BFopYsL6qLTk+5ifk43fuD1fAS1meGcQVDIC iR/IeRdRPO24Wfa6ppE4y+sbHpvS9sWehcCTqFFp7m0yBdSufDPYCjKDkZohcyP0 7W9GxlmZv5ezOE0mHolxSACQvOPO7PSvJdhoX19cLn+TMAXDaqQ6gUnbmvNsnxwV Wk+B0pLxwrc31PNC0Ado52dOhwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFL/wN76G SnVjeLK+CO0sJeDwbaW1MB8GA1UdIwQYMBaAFOk2dLHztpFrK2NjuGHWt3s5Bd3Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4ODlCNi8yQzRFRjk3NjFE OTYxMUUyQTY1NDhFN0UwOEIwMkNEMi82VFowc2ZPMmtXc3JZMk80WWRhM2V6a0Yz ZGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzZUWjBzZk8ya1dzclkyTzRZZGEzZXprRjNkZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODg5QjYvMkM0RUY5NzYxRDk2MTFFMkE2NTQ4RTdFMDhCMDJDRDIvOEQ1N0UxNjY0 RDA5MTFFRUE5ODM3RDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E GDAWMBQEAgABMA4wDAMEBMCtEAMEAMCtGDANBgkqhkiG9w0BAQsFAAOCAQEABpk4 5tDDM2ACNJeSbl3oc02Q2xKQMgrXWOl+ySoDQZGm40cEQbXVDP41DYeRYWcZlV5g RDHXlg8jDTBzTVre8DTnws1yfKUfiHd8kA/2i/5+9g/eY21P0cEjh/Q7lAxPLfi5 wnEhNTPF2Po3EKs/9Q2NLdY1PXTbQHkIA9hcPCC32MnuBs8zLfWBs7ICQjZxt7v/ iGbGqNrT4QU2MT3+x+/34MoCUbBjDn8MUXjlBAgCytzEsKHOpQsXusuZxsmB0yWZ yITTPvy22+UZ3DsxrMEE4IEjluhIWJZRwXdYbD/COHYMvTP+SCfb4XyKHAsNHQQ0 /yxEYHIZ6YbzewlDOw== -----END CERTIFICATE-----Generated at Wed Nov 5 15:04:13 2025 by rpki-client