$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/248F325863DE11EC8CB33722C4F9AE02.roa File: 248F325863DE11EC8CB33722C4F9AE02.roa (raw, json) Hash identifier: 7h3E4hU0MHnZQVf9JjxBbvuKIH7/I9Eitqj+oJbhauk= Subject key identifier: B1:42:8C:1E:E8:B3:7E:33:3D:E7:07:BD:9A:CB:78:F7:43:64:DC:88 Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 4DF5 Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/248F325863DE11EC8CB33722C4F9AE02.roa Signing time: Thu 28 Aug 2025 14:56:47 +0000 ROA not before: Thu 28 Aug 2025 14:56:47 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 23902 IP address blocks: 203.119.8.0/22 maxlen: 24 203.119.72.0/22 maxlen: 24 2001:dc8::/48 maxlen: 48 2001:dc8:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:37:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19957 (0x4df5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: Aug 28 14:56:47 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b06e2f-d251 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:3a:fd:b1:a3:51:88:66:be:98:b5:8c:92:76: 56:04:c2:96:f9:38:fc:c9:cd:1c:9b:54:dd:c1:7c: 70:8f:b7:a6:a1:b1:b0:f1:c0:e5:26:74:57:0a:eb: d2:25:bf:8a:ff:3c:a9:00:0d:29:86:02:67:d9:4d: 21:24:53:bd:6c:a3:6b:5e:28:75:52:3d:00:4a:42: 98:c9:53:14:8d:85:d7:c5:02:c4:ac:75:c9:db:2b: 4f:37:e5:f6:84:6d:6b:ab:63:90:d1:b3:0b:d7:45: 85:ef:53:15:3e:de:84:c4:bc:96:46:0a:4e:65:63: 3d:61:e5:31:d6:74:8d:53:69:e7:c2:11:bf:83:99: 06:6b:20:a9:26:19:d1:66:6e:4b:23:64:07:c6:2c: 1c:d2:a8:8c:74:82:69:62:2f:58:20:eb:15:12:41: cc:ae:9c:55:85:29:7c:ac:7d:5f:ee:2b:84:9d:5e: d6:03:c8:34:b3:cd:bb:3e:90:e8:e7:36:68:b7:64: 9d:cd:c3:6f:d2:85:bb:e8:26:98:c3:dd:7e:4e:f7: 90:9f:58:4b:5f:38:29:00:70:10:39:37:d1:ba:16: 64:44:81:03:cd:a0:18:d7:2c:03:ed:c8:c3:b9:6e: a0:48:09:8b:f7:93:02:e3:9a:3a:62:1e:ec:ef:20: 1f:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:42:8C:1E:E8:B3:7E:33:3D:E7:07:BD:9A:CB:78:F7:43:64:DC:88 X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/248F325863DE11EC8CB33722C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.119.8.0/22 203.119.72.0/22 IPv6: 2001:dc8::/47 Signature Algorithm: sha256WithRSAEncryption 85:f5:8d:d5:d6:5c:dc:dc:a2:db:1c:b9:1a:a3:19:97:66:a9: 93:69:1f:5e:5b:17:f2:e5:f3:d4:88:6a:28:f6:8d:88:48:62: 2d:d4:35:a3:8c:65:f1:53:73:56:3f:51:6d:67:ca:a2:b2:22: b6:38:be:aa:64:d2:2d:d7:32:78:76:92:d5:e0:fe:24:a4:66: 79:c1:97:ed:23:ac:51:05:3a:b5:88:26:15:59:61:82:7b:f6: d4:57:2b:f1:ce:e2:ed:91:83:ef:ac:bd:db:bf:63:1e:09:8f: 45:e8:d2:9c:a9:29:98:e3:9c:01:b6:b1:db:ee:41:82:0a:5d: e4:e7:40:6c:6a:3d:18:4e:3f:46:4c:00:9b:b6:33:66:6a:9d: 2d:69:81:16:5a:3a:e6:58:23:a9:2d:5c:5c:6c:17:3b:df:39: 9e:89:d4:67:1c:6e:5a:87:63:ab:68:e8:44:93:9d:92:73:63: 84:67:f4:b6:01:37:28:2e:47:e0:3e:cf:2f:0a:9a:49:87:97: 8c:48:22:55:28:4c:4e:98:ae:b4:5f:8d:8a:6d:6f:f0:a9:16: e0:d5:30:c2:75:44:99:68:22:47:21:c4:d8:9a:29:09:ee:a7: 66:a9:ec:dd:de:0a:98:16:c1:ed:86:cd:d7:c9:d0:bd:35:ff: 9c:1e:7d:b1 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICTfUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwODI4MTQ1NjQ3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIwNmUyZi1kMjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvzr9saNRiGa+mLWMknZWBMKW+Tj8yc0cm1TdwXxwj7emobGw8cDlJnRXCuvS Jb+K/zypAA0phgJn2U0hJFO9bKNrXih1Uj0ASkKYyVMUjYXXxQLErHXJ2ytPN+X2 hG1rq2OQ0bML10WF71MVPt6ExLyWRgpOZWM9YeUx1nSNU2nnwhG/g5kGayCpJhnR Zm5LI2QHxiwc0qiMdIJpYi9YIOsVEkHMrpxVhSl8rH1f7iuEnV7WA8g0s827PpDo 5zZot2SdzcNv0oW76CaYw91+TveQn1hLXzgpAHAQOTfRuhZkRIEDzaAY1ywD7cjD uW6gSAmL95MC45o6Yh7s7yAfjQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFLFCjB7o s34zPecHvZrLePdDZNyIMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMjQ4RjMyNTg2 M0RFMTFFQzhDQjMzNzIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBALLdwgDBALLd0gwDwQCAAIwCQMHASABDcgAADANBgkqhkiG 9w0BAQsFAAOCAQEAhfWN1dZc3Nyi2xy5GqMZl2apk2kfXlsX8uXz1IhqKPaNiEhi LdQ1o4xl8VNzVj9RbWfKorIitji+qmTSLdcyeHaS1eD+JKRmecGX7SOsUQU6tYgm FVlhgnv21Fcr8c7i7ZGD76y9279jHgmPRejSnKkpmOOcAbax2+5Bggpd5OdAbGo9 GE4/RkwAm7YzZmqdLWmBFlo65lgjqS1cXGwXO985nonUZxxuWodjq2joRJOdknNj hGf0tgE3KC5H4D7PLwqaSYeXjEgiVShMTpiutF+Nim1v8KkW4NUwwnVEmWgiRyHE 2JopCe6nZqns3d4KmBbB7YbN18nQvTX/nB59sQ== -----END CERTIFICATE-----Generated at Tue Nov 4 21:33:35 2025 by rpki-client