$ rpki-client -vvf rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/EC1B43EA393111EAA1873746C4F9AE02.roa File: EC1B43EA393111EAA1873746C4F9AE02.roa (raw, json) Hash identifier: mbirPrlAXH5YzuouoktzvpQ1tw+oe1CclK8OL36QAb4= Subject key identifier: C2:B9:BE:E9:05:40:0C:F8:C6:9D:E3:7B:FD:E0:78:12:66:91:BB:E3 Certificate issuer: /CN=A91A70FA/serialNumber=363952B7F417820609300AE8914812184B8FC3DC Certificate serial: 1CAF Authority key identifier: 36:39:52:B7:F4:17:82:06:09:30:0A:E8:91:48:12:18:4B:8F:C3:DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NjlSt_QXggYJMArokUgSGEuPw9w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/EC1B43EA393111EAA1873746C4F9AE02.roa Signing time: Fri 31 Oct 2025 16:33:46 +0000 ROA not before: Fri 31 Oct 2025 16:33:46 +0000 ROA not after: Sun 01 Mar 2026 00:00:00 +0000 asID: 45773 IP address blocks: 45.64.24.0/22 maxlen: 24 103.4.92.0/22 maxlen: 24 111.68.96.0/20 maxlen: 24 121.52.144.0/20 maxlen: 24 2400:fc00::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/NjlSt_QXggYJMArokUgSGEuPw9w.crl rsync://rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/NjlSt_QXggYJMArokUgSGEuPw9w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NjlSt_QXggYJMArokUgSGEuPw9w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7343 (0x1caf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A70FA, serialNumber=363952B7F417820609300AE8914812184B8FC3DC Validity Not Before: Oct 31 16:33:46 2025 GMT Not After : Mar 1 00:00:00 2026 GMT Subject: CN=6904e4ea-c02e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a7:35:9d:3a:e3:2a:41:69:d8:17:91:e6:f9: 56:58:25:d8:6e:97:9d:46:38:e7:fd:73:8b:d7:ac: 85:95:5d:b2:e8:cd:21:2b:e5:d8:bc:1c:b2:6e:0c: 7f:94:e7:52:69:db:2b:37:23:de:c9:13:7e:34:a8: 0c:53:80:01:02:53:ea:84:91:94:d7:f7:a7:9b:e4: b0:ce:52:0b:69:e0:8b:a3:f4:23:ab:e8:8e:6a:fb: 7b:61:ca:8d:cc:d7:d4:33:7c:c8:3e:5d:fc:8e:7a: f6:86:df:9a:2c:41:ca:0b:5d:ef:cb:fc:99:e3:ba: 59:40:5b:cd:f7:87:59:ca:2e:7e:2c:d2:3e:62:d1: 66:77:9a:45:66:3f:e3:8d:31:45:05:e7:9a:60:16: 6c:51:3a:92:f6:f6:c2:3d:b0:50:15:da:7a:40:af: d1:6b:58:1e:63:05:fd:9f:5c:e4:4a:15:b4:37:98: ce:96:2a:bc:3c:42:da:44:e5:57:49:38:60:ea:27: 06:35:44:44:b6:9d:17:8f:5a:25:af:8c:b7:8c:83: 96:11:31:56:19:dd:96:da:db:49:f9:bf:1f:90:0d: 85:09:a0:59:35:2d:b3:21:f9:97:25:da:4a:13:c9: 2e:f9:c5:09:5e:76:86:ea:01:1d:a4:1b:32:4d:65: 41:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:B9:BE:E9:05:40:0C:F8:C6:9D:E3:7B:FD:E0:78:12:66:91:BB:E3 X509v3 Authority Key Identifier: keyid:36:39:52:B7:F4:17:82:06:09:30:0A:E8:91:48:12:18:4B:8F:C3:DC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/NjlSt_QXggYJMArokUgSGEuPw9w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NjlSt_QXggYJMArokUgSGEuPw9w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A70FA/64FB7E1CE3A711E6A5B20178C4F9AE02/EC1B43EA393111EAA1873746C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.24.0/22 103.4.92.0/22 111.68.96.0/20 121.52.144.0/20 IPv6: 2400:fc00::/32 Signature Algorithm: sha256WithRSAEncryption 3f:d6:4f:8f:ab:d0:ce:5f:53:42:53:b8:94:45:31:8e:14:0e: f4:62:71:b2:57:58:ea:bf:af:90:65:ec:a0:b4:47:c9:77:e0: b4:8f:89:7b:98:bf:cf:39:ed:11:43:6b:0f:c4:73:a7:c5:ad: 80:ac:d4:cc:7c:a0:69:7f:f3:f1:7f:67:19:d3:1e:5e:40:40: 89:fd:d2:22:99:24:c5:8b:c6:13:0e:50:94:b8:cb:f0:05:74: 2c:70:25:df:2c:2e:d8:56:f2:2f:e3:3e:5e:47:a8:54:8f:fc: ef:86:91:2a:cb:8d:3b:e4:58:54:3a:17:ae:91:84:83:24:02: ca:d0:c7:78:e0:5c:6a:61:d9:75:61:f5:b4:d4:a1:d9:84:d8: 03:7a:d0:19:ea:a7:ab:65:2a:7a:1f:c5:da:63:9d:40:b1:ca: 8f:ed:a7:65:be:ae:f6:5d:92:7a:1e:77:01:cb:7a:81:c8:05: f9:1b:7f:5d:23:e8:69:40:1d:d2:f2:93:ec:bb:db:4f:c4:29: ba:82:84:dc:ec:16:5b:8b:6c:8c:18:ca:c9:c3:b3:5b:47:c8: be:e8:86:24:ff:28:de:e5:c8:6e:fb:a2:b8:1d:bf:13:db:f0: 46:29:61:a8:c8:54:14:f3:83:2d:c9:54:c2:ab:0e:93:95:4e: 1c:b9:d0:8c -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICHK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTcwRkExMTAvBgNVBAUTKDM2Mzk1MkI3RjQxNzgyMDYwOTMwMEFFODkxNDgxMjE4 NEI4RkMzREMwHhcNMjUxMDMxMTYzMzQ2WhcNMjYwMzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTA0ZTRlYS1jMDJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs6c1nTrjKkFp2BeR5vlWWCXYbpedRjjn/XOL16yFlV2y6M0hK+XYvByybgx/ lOdSadsrNyPeyRN+NKgMU4ABAlPqhJGU1/enm+SwzlILaeCLo/Qjq+iOavt7YcqN zNfUM3zIPl38jnr2ht+aLEHKC13vy/yZ47pZQFvN94dZyi5+LNI+YtFmd5pFZj/j jTFFBeeaYBZsUTqS9vbCPbBQFdp6QK/Ra1geYwX9n1zkShW0N5jOliq8PELaROVX SThg6icGNUREtp0Xj1olr4y3jIOWETFWGd2W2ttJ+b8fkA2FCaBZNS2zIfmXJdpK E8ku+cUJXnaG6gEdpBsyTWVBiwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFMK5vukF QAz4xp3je/3geBJmkbvjMB8GA1UdIwQYMBaAFDY5Urf0F4IGCTAK6JFIEhhLj8Pc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzBGQS82NEZCN0UxQ0Uz QTcxMUU2QTVCMjAxNzhDNEY5QUUwMi9OamxTdF9RWGdnWUpNQXJva1VnU0dFdVB3 OXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05qbFN0X1FYZ2dZSk1Bcm9rVWdTR0V1UHc5dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTcwRkEvNjRGQjdFMUNFM0E3MTFFNkE1QjIwMTc4QzRGOUFFMDIvRUMxQjQzRUEz OTMxMTFFQUExODczNzQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAItQBgDBAJnBFwDBARvRGADBAR5NJAwDQQCAAIwBwMFACQA /AAwDQYJKoZIhvcNAQELBQADggEBAD/WT4+r0M5fU0JTuJRFMY4UDvRicbJXWOq/ r5Bl7KC0R8l34LSPiXuYv8857RFDaw/Ec6fFrYCs1Mx8oGl/8/F/ZxnTHl5AQIn9 0iKZJMWLxhMOUJS4y/AFdCxwJd8sLthW8i/jPl5HqFSP/O+GkSrLjTvkWFQ6F66R hIMkAsrQx3jgXGph2XVh9bTUodmE2AN60Bnqp6tlKnofxdpjnUCxyo/tp2W+rvZd knoedwHLeoHIBfkbf10j6GlAHdLyk+y720/EKbqChNzsFluLbIwYysnDs1tHyL7o hiT/KN7lyG77orgdvxPb8EYpYajIVBTzgy3JVMKrDpOVThy50Iw= -----END CERTIFICATE-----Generated at Wed Nov 5 15:05:34 2025 by rpki-client