$ rpki-client -vvf rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/DEE9FAB2B0A011F0B752B713C4F9AE02.roa File: DEE9FAB2B0A011F0B752B713C4F9AE02.roa (raw, json) Hash identifier: OzIgivIWTesGqIFKDMHLDa65rC0IAhR7ENJM9kOUiG0= Subject key identifier: 1C:70:87:55:4E:E2:87:CC:BE:06:E1:27:76:07:02:5C:11:83:2E:9F Certificate issuer: /CN=A91A423D/serialNumber=3CCEEB9D2059CFE9F6085677D4B7FA264F533A0F Certificate serial: 02 Authority key identifier: 3C:CE:EB:9D:20:59:CF:E9:F6:08:56:77:D4:B7:FA:26:4F:53:3A:0F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/DEE9FAB2B0A011F0B752B713C4F9AE02.roa Signing time: Fri 24 Oct 2025 06:15:43 +0000 ROA not before: Fri 24 Oct 2025 06:15:43 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 154316 IP address blocks: 161.229.192.0/20 maxlen: 20 161.229.192.0/24 maxlen: 24 161.229.193.0/24 maxlen: 24 161.229.194.0/24 maxlen: 24 161.229.195.0/24 maxlen: 24 161.229.196.0/24 maxlen: 24 161.229.197.0/24 maxlen: 24 161.229.198.0/24 maxlen: 24 161.229.199.0/24 maxlen: 24 161.229.200.0/24 maxlen: 24 161.229.201.0/24 maxlen: 24 161.229.202.0/24 maxlen: 24 161.229.203.0/24 maxlen: 24 161.229.204.0/24 maxlen: 24 161.229.205.0/24 maxlen: 24 161.229.206.0/24 maxlen: 24 161.229.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.crl rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:13:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A423D, serialNumber=3CCEEB9D2059CFE9F6085677D4B7FA264F533A0F Validity Not Before: Oct 24 06:15:43 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68fb198f-711c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:6f:7c:c0:ec:49:6b:25:b2:d3:51:60:1d:0c: 33:fe:5e:55:55:79:10:69:12:92:ee:18:06:5a:e0: 61:3a:8c:0d:a1:6d:b8:07:78:28:4d:d9:1d:d7:31: 77:5b:f0:51:4b:2e:f0:b7:f7:e4:8f:20:4a:76:f4: e0:c4:86:a4:80:da:42:3e:cb:15:51:aa:29:57:f5: 0a:c5:e4:97:b6:00:a6:4b:71:43:6d:26:23:02:c5: d5:22:de:77:2f:3c:76:5b:ef:77:31:2b:bd:2f:44: a6:d9:a7:4d:45:d6:10:c2:73:c2:30:94:14:c1:a3: c7:c1:9d:19:c8:9d:94:ba:25:fd:04:28:2e:17:8b: de:39:13:6c:22:fc:86:5b:b7:4b:ac:50:cd:97:ef: fa:a2:db:cb:19:63:81:f0:5e:65:6b:03:a6:6b:05: fb:1d:02:60:43:6f:39:f6:a0:b0:14:b2:c9:17:f9: a9:67:dd:5f:a0:9c:e7:b6:b2:b9:9f:89:d5:8d:be: 39:3b:57:24:88:4a:41:1b:a3:ff:dd:61:6f:b9:51: 16:af:19:f5:1d:7a:21:67:07:61:9a:5a:97:5c:59: fd:9a:66:3c:8a:fc:6e:92:d1:a9:d5:1e:bf:e5:4c: 6f:07:4f:fd:2d:6f:5d:d2:7f:09:ca:1b:15:7d:e4: 33:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:70:87:55:4E:E2:87:CC:BE:06:E1:27:76:07:02:5C:11:83:2E:9F X509v3 Authority Key Identifier: keyid:3C:CE:EB:9D:20:59:CF:E9:F6:08:56:77:D4:B7:FA:26:4F:53:3A:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/DEE9FAB2B0A011F0B752B713C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.229.192.0/20 Signature Algorithm: sha256WithRSAEncryption 88:66:fc:cd:ee:66:29:1e:14:96:59:83:5a:24:9a:e7:24:f9: d5:62:df:05:8d:3f:c9:98:eb:ec:a0:d0:e7:68:ed:98:98:22: 99:a8:02:d4:5a:83:0d:5a:34:17:6e:b1:72:b7:e0:93:7f:b0: 96:a8:06:80:b9:d6:ff:eb:ff:18:4c:fc:29:c5:6c:56:ad:5c: ca:ce:6f:3a:65:af:ed:87:40:85:dc:27:5a:ce:00:fe:df:6c: b6:e1:00:f6:85:2b:36:2f:7d:43:fd:ea:8a:30:1a:46:7d:13: 90:ef:f4:9c:82:0b:02:00:2b:53:01:cf:13:e4:77:40:0b:f3: b4:ae:91:d3:e1:32:59:40:e9:e8:8a:51:67:c6:1d:d6:03:4d: df:01:07:df:5b:70:43:8a:98:c3:17:dc:79:d7:14:f7:d0:33: c9:7b:66:2b:63:be:da:e6:0d:a1:e1:a9:9e:f1:d8:fb:87:2d: c6:84:05:f8:21:f4:8c:8d:95:7c:95:3f:f1:61:c7:7c:c0:b8: 3c:99:8e:be:db:a3:fe:0e:d1:01:3c:67:4c:37:64:56:bc:c4: 7d:81:10:42:b5:df:3c:02:b7:dd:47:9e:40:3a:8c:87:e6:27: 93:9e:0a:4a:ff:5d:16:33:7d:cc:36:6b:45:34:ae:37:0e:da: ea:d3:a5:3e -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NDIzRDExMC8GA1UEBRMoM0NDRUVCOUQyMDU5Q0ZFOUY2MDg1Njc3RDRCN0ZBMjY0 RjUzM0EwRjAeFw0yNTEwMjQwNjE1NDNaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZmIxOThmLTcxMWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDVb3zA7ElrJbLTUWAdDDP+XlVVeRBpEpLuGAZa4GE6jA2hbbgHeChN2R3XMXdb 8FFLLvC39+SPIEp29ODEhqSA2kI+yxVRqilX9QrF5Je2AKZLcUNtJiMCxdUi3ncv PHZb73cxK70vRKbZp01F1hDCc8IwlBTBo8fBnRnInZS6Jf0EKC4Xi945E2wi/IZb t0usUM2X7/qi28sZY4HwXmVrA6ZrBfsdAmBDbzn2oLAUsskX+aln3V+gnOe2srmf idWNvjk7VySISkEbo//dYW+5URavGfUdeiFnB2GaWpdcWf2aZjyK/G6S0anVHr/l TG8HT/0tb13SfwnKGxV95DNXAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUHHCHVU7i h8y+BuEndgcCXBGDLp8wHwYDVR0jBBgwFoAUPM7rnSBZz+n2CFZ31Lf6Jk9TOg8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0MjNEL0I5NzY5QkQ4QjA5 NTExRjA4QzE1Mjc3OEM0RjlBRTAyL1BNN3JuU0Jaei1uMkNGWjMxTGY2Sms5VE9n OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUE03cm5TQlp6LW4yQ0ZaMzFMZjZKazlUT2c4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDIzRC9COTc2OUJEOEIwOTUxMUYwOEMxNTI3NzhDNEY5QUUwMi9ERUU5RkFCMkIw QTAxMUYwQjc1MkI3MTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEBKHlwDANBgkqhkiG9w0BAQsFAAOCAQEAiGb8ze5mKR4UllmD WiSa5yT51WLfBY0/yZjr7KDQ52jtmJgimagC1FqDDVo0F26xcrfgk3+wlqgGgLnW /+v/GEz8KcVsVq1cys5vOmWv7YdAhdwnWs4A/t9stuEA9oUrNi99Q/3qijAaRn0T kO/0nIILAgArUwHPE+R3QAvztK6R0+EyWUDp6IpRZ8Yd1gNN3wEH31twQ4qYwxfc edcU99AzyXtmK2O+2uYNoeGpnvHY+4ctxoQF+CH0jI2VfJU/8WHHfMC4PJmOvtuj /g7RATxnTDdkVrzEfYEQQrXfPAK33UeeQDqMh+Ynk54KSv9dFjN9zDZrRTSuNw7a 6tOlPg== -----END CERTIFICATE-----Generated at Wed Nov 5 22:41:20 2025 by rpki-client