$ rpki-client -vvf rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/2ECF71C4B0A111F0B537573FC4F9AE02.roa File: 2ECF71C4B0A111F0B537573FC4F9AE02.roa (raw, json) Hash identifier: 1BBcWkcMpF06powsKVAV0f8YZkxmR/VN9BDTB/ElxGA= Subject key identifier: F6:CB:9B:A9:C5:CF:E7:D4:60:29:E1:D8:FA:F8:C0:35:5A:36:5C:7D Certificate issuer: /CN=A91A423D/serialNumber=3CCEEB9D2059CFE9F6085677D4B7FA264F533A0F Certificate serial: 04 Authority key identifier: 3C:CE:EB:9D:20:59:CF:E9:F6:08:56:77:D4:B7:FA:26:4F:53:3A:0F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/2ECF71C4B0A111F0B537573FC4F9AE02.roa Signing time: Fri 24 Oct 2025 06:17:57 +0000 ROA not before: Fri 24 Oct 2025 06:17:57 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 154319 IP address blocks: 161.229.208.0/20 maxlen: 20 161.229.208.0/24 maxlen: 24 161.229.209.0/24 maxlen: 24 161.229.210.0/24 maxlen: 24 161.229.211.0/24 maxlen: 24 161.229.212.0/24 maxlen: 24 161.229.213.0/24 maxlen: 24 161.229.214.0/24 maxlen: 24 161.229.215.0/24 maxlen: 24 161.229.216.0/24 maxlen: 24 161.229.217.0/24 maxlen: 24 161.229.218.0/24 maxlen: 24 161.229.219.0/24 maxlen: 24 161.229.220.0/24 maxlen: 24 161.229.221.0/24 maxlen: 24 161.229.222.0/24 maxlen: 24 161.229.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.crl rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:13:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A423D, serialNumber=3CCEEB9D2059CFE9F6085677D4B7FA264F533A0F Validity Not Before: Oct 24 06:17:57 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68fb1a15-1ced Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:02:11:7a:cb:dd:da:0b:f6:81:29:ce:b9:ff: 97:70:f6:ac:5d:dd:1b:68:42:20:9a:70:c5:8f:b0: 16:92:4d:2c:74:ce:11:2b:76:fb:f7:8c:57:56:fc: 07:71:73:fd:5b:0b:a9:9f:e3:c7:98:07:14:43:e0: 67:f4:4a:66:a1:bb:60:10:f4:04:4c:e6:8e:75:1d: 4f:3e:4a:ec:f3:40:a2:d8:0f:f1:b8:67:69:a6:7f: ff:11:f3:5f:98:4a:2d:dd:0d:a3:b0:2a:ae:54:2a: e8:b8:aa:1f:ab:c8:fa:19:bb:5d:aa:49:6f:88:a1: a8:f1:88:6b:d7:60:48:a1:a1:df:71:13:2b:e9:e5: 2f:45:14:e7:5a:fa:69:31:4a:f7:c3:49:34:cd:69: bb:7c:1b:0c:ce:1c:65:33:b3:ba:c2:33:a9:1d:9d: 61:65:b9:54:c7:6a:e9:d3:e4:21:c1:04:8d:a0:f2: a2:26:b1:2b:e4:21:5f:a4:02:8d:3b:58:de:85:e0: 3f:13:e5:49:17:9e:c9:53:3f:bc:b5:fc:eb:4b:eb: 21:94:24:28:1e:3c:87:0e:43:ae:10:07:98:48:43: 7a:9f:0e:24:94:da:1c:81:e1:5b:17:c0:6d:73:b8: 74:11:4c:f7:18:dd:39:26:f8:17:3f:b5:61:77:17: 6d:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:CB:9B:A9:C5:CF:E7:D4:60:29:E1:D8:FA:F8:C0:35:5A:36:5C:7D X509v3 Authority Key Identifier: keyid:3C:CE:EB:9D:20:59:CF:E9:F6:08:56:77:D4:B7:FA:26:4F:53:3A:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/2ECF71C4B0A111F0B537573FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.229.208.0/20 Signature Algorithm: sha256WithRSAEncryption 95:08:d6:a4:75:52:10:3c:42:74:ad:98:59:c7:df:a1:d9:22: 31:52:22:89:ea:0e:55:6f:86:9b:22:93:1b:81:d0:78:b4:92: 1d:c5:fc:c5:d9:88:40:16:84:90:b9:78:02:8b:26:e8:2a:b2: ee:42:58:5a:0f:8c:7a:b0:16:d8:d9:fe:d0:7d:92:da:a3:7c: c4:50:a5:5d:4e:0c:a8:8f:4a:a4:35:48:21:e7:69:f7:1c:44: a5:3c:eb:18:7d:24:55:2e:92:e7:cb:d8:3a:28:58:63:a4:32: 5f:14:4d:5f:d4:11:9a:b3:0c:a2:b2:2b:0e:60:3d:10:5c:e9: 10:13:06:ed:95:da:81:14:43:fc:4c:c0:17:f8:4a:d9:cb:44: a5:d6:b8:c1:60:6a:0d:b8:f0:a8:62:54:fd:8a:a9:3a:1c:7c: 84:0c:aa:c9:75:ad:f6:7d:1a:16:0c:7e:af:f1:87:00:32:e7: 72:48:8d:98:53:d3:32:d6:48:82:7d:1f:6a:bc:a6:67:5f:d8: fe:36:6b:17:0d:48:3f:a9:e4:fb:2d:cc:72:37:59:cc:89:1a: 48:6e:1e:af:9c:6a:ed:f6:ac:e0:22:dd:cc:6e:54:06:93:98: 17:fa:3b:73:c4:ee:77:f0:7a:79:d3:a0:a6:ad:b5:d9:4a:5f: cd:f5:3a:af -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NDIzRDExMC8GA1UEBRMoM0NDRUVCOUQyMDU5Q0ZFOUY2MDg1Njc3RDRCN0ZBMjY0 RjUzM0EwRjAeFw0yNTEwMjQwNjE3NTdaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZmIxYTE1LTFjZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGAhF6y93aC/aBKc65/5dw9qxd3RtoQiCacMWPsBaSTSx0zhErdvv3jFdW/Adx c/1bC6mf48eYBxRD4Gf0Smahu2AQ9ARM5o51HU8+SuzzQKLYD/G4Z2mmf/8R81+Y Si3dDaOwKq5UKui4qh+ryPoZu12qSW+IoajxiGvXYEihod9xEyvp5S9FFOda+mkx SvfDSTTNabt8GwzOHGUzs7rCM6kdnWFluVTHaunT5CHBBI2g8qImsSvkIV+kAo07 WN6F4D8T5UkXnslTP7y1/OtL6yGUJCgePIcOQ64QB5hIQ3qfDiSU2hyB4VsXwG1z uHQRTPcY3Tkm+Bc/tWF3F21xAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU9subqcXP 59RgKeHY+vjANVo2XH0wHwYDVR0jBBgwFoAUPM7rnSBZz+n2CFZ31Lf6Jk9TOg8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0MjNEL0I5NzY5QkQ4QjA5 NTExRjA4QzE1Mjc3OEM0RjlBRTAyL1BNN3JuU0Jaei1uMkNGWjMxTGY2Sms5VE9n OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUE03cm5TQlp6LW4yQ0ZaMzFMZjZKazlUT2c4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDIzRC9COTc2OUJEOEIwOTUxMUYwOEMxNTI3NzhDNEY5QUUwMi8yRUNGNzFDNEIw QTExMUYwQjUzNzU3M0ZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEBKHl0DANBgkqhkiG9w0BAQsFAAOCAQEAlQjWpHVSEDxCdK2Y WcffodkiMVIiieoOVW+GmyKTG4HQeLSSHcX8xdmIQBaEkLl4Aosm6Cqy7kJYWg+M erAW2Nn+0H2S2qN8xFClXU4MqI9KpDVIIedp9xxEpTzrGH0kVS6S58vYOihYY6Qy XxRNX9QRmrMMorIrDmA9EFzpEBMG7ZXagRRD/EzAF/hK2ctEpda4wWBqDbjwqGJU /YqpOhx8hAyqyXWt9n0aFgx+r/GHADLnckiNmFPTMtZIgn0farymZ1/Y/jZrFw1I P6nk+y3McjdZzIkaSG4er5xq7fas4CLdzG5UBpOYF/o7c8Tud/B6edOgpq212Upf zfU6rw== -----END CERTIFICATE-----Generated at Wed Nov 5 17:04:52 2025 by rpki-client