$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA5C6/D55519B44C3411EEAEEDA22CC4F9AE02/FAA2E3324C3811EEB7116433C4F9AE02.roa File: FAA2E3324C3811EEB7116433C4F9AE02.roa (raw, json) Hash identifier: mLbZptWvG8rYPVjrASGR+2xv7LhlpFkmVBPHSXESb6k= Subject key identifier: A2:98:CD:66:D4:E7:74:8D:D7:23:34:6A:14:E1:81:97:85:3D:A2:80 Certificate issuer: /CN=A91AA5C6/serialNumber=3D47E6687BB4DF40C51B03A4559C10CA22F6772F Certificate serial: 01A8 Authority key identifier: 3D:47:E6:68:7B:B4:DF:40:C5:1B:03:A4:55:9C:10:CA:22:F6:77:2F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PUfmaHu030DFGwOkVZwQyiL2dy8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA5C6/D55519B44C3411EEAEEDA22CC4F9AE02/FAA2E3324C3811EEB7116433C4F9AE02.roa Signing time: Mon 03 Nov 2025 03:47:52 +0000 ROA not before: Mon 03 Nov 2025 03:47:52 +0000 ROA not after: Sun 01 Mar 2026 00:00:00 +0000 asID: 17435 IP address blocks: 58.28.0.0/16 maxlen: 16 118.90.0.0/16 maxlen: 16 182.154.0.0/16 maxlen: 16 2001:e20::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA5C6/D55519B44C3411EEAEEDA22CC4F9AE02/PUfmaHu030DFGwOkVZwQyiL2dy8.crl rsync://rpki.apnic.net/member_repository/A91AA5C6/D55519B44C3411EEAEEDA22CC4F9AE02/PUfmaHu030DFGwOkVZwQyiL2dy8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PUfmaHu030DFGwOkVZwQyiL2dy8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 03:47:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 424 (0x1a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA5C6, serialNumber=3D47E6687BB4DF40C51B03A4559C10CA22F6772F Validity Not Before: Nov 3 03:47:52 2025 GMT Not After : Mar 1 00:00:00 2026 GMT Subject: CN=690825e8-3bb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8d:2b:14:80:28:25:e0:ab:39:61:e7:4d:d1: 20:05:12:a1:55:e7:2c:e1:ad:22:ee:fe:2e:c3:3c: 6b:fa:f6:3c:2e:c0:10:bb:5b:53:ad:0e:fe:74:fa: b1:16:17:91:c5:38:73:8b:45:72:19:e2:d5:e4:6e: cb:c8:9f:91:4c:18:72:b2:4d:c9:87:a1:78:3b:7a: 56:22:58:25:3c:17:7a:c6:6c:07:54:7d:d4:9e:78: 3b:ff:34:1d:3b:df:e4:49:bc:1c:21:9c:eb:7a:1d: 15:56:3c:5b:12:3c:da:fe:cf:9c:51:a9:33:bf:72: 2c:53:a2:86:19:c0:12:1f:a7:b3:28:d1:68:fd:e3: d4:30:ab:f0:1f:50:9d:2c:9d:27:31:f9:4b:70:3f: 9f:2e:4c:87:84:74:df:3c:38:cb:5e:c2:e4:0f:6b: 69:19:dc:e1:f2:0f:8b:1b:43:41:f9:c1:27:cc:42: eb:16:b5:6f:39:63:df:2e:07:ed:53:61:7b:6b:fe: 7d:64:29:f2:d4:2a:03:b7:63:1c:34:79:54:77:b9: 18:55:38:cd:2d:d0:f7:fc:7a:be:ce:c2:e6:8d:f4: 00:2b:85:bc:a2:5f:d6:9c:67:bf:69:30:2e:94:02: 67:d8:be:92:b4:af:dc:46:52:f4:a6:d3:bb:20:2d: cb:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:98:CD:66:D4:E7:74:8D:D7:23:34:6A:14:E1:81:97:85:3D:A2:80 X509v3 Authority Key Identifier: keyid:3D:47:E6:68:7B:B4:DF:40:C5:1B:03:A4:55:9C:10:CA:22:F6:77:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA5C6/D55519B44C3411EEAEEDA22CC4F9AE02/PUfmaHu030DFGwOkVZwQyiL2dy8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PUfmaHu030DFGwOkVZwQyiL2dy8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA5C6/D55519B44C3411EEAEEDA22CC4F9AE02/FAA2E3324C3811EEB7116433C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.28.0.0/16 118.90.0.0/16 182.154.0.0/16 IPv6: 2001:e20::/32 Signature Algorithm: sha256WithRSAEncryption 42:fc:6d:ca:d0:1c:71:d1:73:f0:d5:db:ba:6c:fa:6b:9d:e7: a6:7b:40:45:1a:63:eb:8e:2a:9a:37:14:a1:1b:a6:3e:ad:eb: 16:b0:4b:7a:ec:25:b1:5d:29:eb:b3:33:f3:93:2a:de:dd:d5: 80:5b:83:ed:18:5c:8f:63:55:bb:da:bd:1f:ba:39:5a:1a:1c: 88:0c:eb:a1:c7:a5:87:c8:67:19:48:de:4e:e4:6b:c6:fd:ba: 90:e1:f1:75:23:42:54:e0:9f:c7:50:75:b0:2e:8d:05:49:03: 4c:47:1c:6b:d3:9d:70:a0:12:88:88:b2:c1:01:7c:64:13:9d: ca:6f:65:10:03:c9:68:14:b7:04:45:81:a7:9b:e0:81:10:34: dc:a7:23:a0:2a:b1:79:a9:aa:2e:6e:e8:d3:c7:3a:ee:fd:ab: 4a:31:ea:9a:da:43:5f:c2:0c:e8:05:6a:83:0e:55:dd:fd:7e: 4e:82:5e:a0:c9:73:50:0f:1f:22:eb:f4:87:1d:ac:7e:09:10: 0c:68:d3:f1:81:ee:5e:c6:2c:f5:6d:a9:68:09:51:2f:6a:61: ad:5d:17:b1:55:50:a0:69:92:51:6b:a3:fe:67:c1:f7:9f:22: fb:a9:4e:5f:95:72:f6:b6:c7:5c:56:b7:6e:60:47:35:be:e8: 82:a2:ae:99 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICAagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE1QzYxMTAvBgNVBAUTKDNENDdFNjY4N0JCNERGNDBDNTFCMDNBNDU1OUMxMENB MjJGNjc3MkYwHhcNMjUxMTAzMDM0NzUyWhcNMjYwMzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTA4MjVlOC0zYmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAto0rFIAoJeCrOWHnTdEgBRKhVecs4a0i7v4uwzxr+vY8LsAQu1tTrQ7+dPqx FheRxThzi0VyGeLV5G7LyJ+RTBhysk3Jh6F4O3pWIlglPBd6xmwHVH3Unng7/zQd O9/kSbwcIZzreh0VVjxbEjza/s+cUakzv3IsU6KGGcASH6ezKNFo/ePUMKvwH1Cd LJ0nMflLcD+fLkyHhHTfPDjLXsLkD2tpGdzh8g+LG0NB+cEnzELrFrVvOWPfLgft U2F7a/59ZCny1CoDt2McNHlUd7kYVTjNLdD3/Hq+zsLmjfQAK4W8ol/WnGe/aTAu lAJn2L6StK/cRlL0ptO7IC3LawIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKKYzWbU 53SN1yM0ahThgZeFPaKAMB8GA1UdIwQYMBaAFD1H5mh7tN9AxRsDpFWcEMoi9ncv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTVDNi9ENTU1MTlCNDRD MzQxMUVFQUVFREEyMkNDNEY5QUUwMi9QVWZtYUh1MDMwREZHd09rVlp3UXlpTDJk eTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BVZm1hSHUwMzBERkd3T2tWWndReWlMMmR5OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUE1QzYvRDU1NTE5QjQ0QzM0MTFFRUFFRURBMjJDQzRGOUFFMDIvRkFBMkUzMzI0 QzM4MTFFRUI3MTE2NDMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMBUEAgABMA8DAwA6HAMDAHZaAwMAtpowDQQCAAIwBwMFACABDiAwDQYJKoZI hvcNAQELBQADggEBAEL8bcrQHHHRc/DV27ps+mud56Z7QEUaY+uOKpo3FKEbpj6t 6xawS3rsJbFdKeuzM/OTKt7d1YBbg+0YXI9jVbvavR+6OVoaHIgM66HHpYfIZxlI 3k7ka8b9upDh8XUjQlTgn8dQdbAujQVJA0xHHGvTnXCgEoiIssEBfGQTncpvZRAD yWgUtwRFgaeb4IEQNNynI6AqsXmpqi5u6NPHOu79q0ox6praQ1/CDOgFaoMOVd39 fk6CXqDJc1APHyLr9IcdrH4JEAxo0/GB7l7GLPVtqWgJUS9qYa1dF7FVUKBpklFr o/5nwfefIvupTl+Vcva2x1xWt25gRzW+6IKirpk= -----END CERTIFICATE-----Generated at Tue Nov 4 22:27:52 2025 by rpki-client