$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/46D6261876A511EB82E04A2FC4F9AE02.roa File: 46D6261876A511EB82E04A2FC4F9AE02.roa (raw, json) Hash identifier: WVXeC6AWS7dfqRcacJcoXn1KRTzKsuhGFEjOvtdw4gQ= Subject key identifier: 7D:1D:5D:42:F2:6C:E6:9D:B0:3E:7A:25:65:F4:3F:6F:88:8C:D7:2E Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 081C Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/46D6261876A511EB82E04A2FC4F9AE02.roa Signing time: Tue 02 Sep 2025 21:42:12 +0000 ROA not before: Tue 02 Sep 2025 21:42:12 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 45843 IP address blocks: 103.86.38.0/24 maxlen: 24 117.20.16.0/24 maxlen: 24 117.20.19.0/24 maxlen: 24 119.63.132.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 21:18:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2076 (0x81c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Sep 2 21:42:12 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b764b4-332b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b0:dd:a6:51:11:57:41:7e:ff:f1:6b:22:0b: 9a:6f:95:90:18:dd:db:44:dc:03:15:c5:77:70:97: da:22:e0:26:a9:ba:16:7c:e3:09:1b:c5:c7:e2:be: 21:bb:41:25:69:59:56:fa:23:32:d6:a2:2f:61:b5: a7:9e:70:4e:9d:a0:33:70:3e:dc:76:2a:34:a7:3d: 9c:84:ba:34:38:d5:2d:4c:eb:41:97:46:65:4e:a5: 5e:5e:3f:5d:66:7c:08:4b:0a:ee:ae:55:79:06:80: 73:83:f6:d2:7d:b8:f8:28:c9:67:f9:02:c9:8a:20: f0:b9:54:3c:bf:a9:b0:89:94:24:7c:dd:23:cb:f3: af:d4:12:a6:3d:86:9a:4d:9c:ff:c3:11:6a:d2:8c: 1f:ef:f4:de:87:f7:0b:2f:df:5a:9c:9b:00:b4:f9: c8:cb:91:65:be:3f:ad:94:7c:70:69:5f:63:c8:c1: 21:b8:59:ae:81:b8:c3:17:6a:d1:07:78:66:a3:79: ab:64:3b:92:92:64:0b:74:0e:ed:cd:40:a1:82:0a: e8:8a:ee:f5:b2:21:20:3f:ce:ff:39:00:7c:61:c8: 36:54:9b:9b:fd:23:9e:fd:39:03:6e:ac:0f:b6:49: ca:d6:6e:3b:7a:8b:21:b1:b9:39:59:75:a3:8f:aa: d9:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:1D:5D:42:F2:6C:E6:9D:B0:3E:7A:25:65:F4:3F:6F:88:8C:D7:2E X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/46D6261876A511EB82E04A2FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.86.38.0/24 117.20.16.0/24 117.20.19.0/24 119.63.132.0/24 Signature Algorithm: sha256WithRSAEncryption 50:93:c3:89:2d:41:8a:73:0d:70:82:67:19:c0:2d:99:c5:89: 54:3e:e4:0e:83:63:c3:11:b4:67:88:c4:af:4d:35:54:b7:74: 43:9f:e6:cc:8f:04:e6:d5:ca:b7:5a:1b:8d:bf:e7:f0:90:25: 7a:29:ba:ef:cc:f4:e9:01:66:9e:75:e8:63:37:2c:fe:16:7b: b5:15:9f:12:cc:a7:34:06:c6:77:84:6e:ee:60:8b:e6:71:37: 40:13:70:a9:a1:03:cf:06:fa:3d:92:06:e9:88:71:97:48:15: 10:81:bb:a4:d9:bb:8f:f6:bb:eb:e1:fc:d2:22:70:32:44:bc: b4:ea:19:df:81:60:ab:fd:44:51:96:2c:26:a8:c7:58:11:65: 20:3e:4c:d9:aa:36:dd:5e:e2:39:79:87:6f:14:25:e0:72:a2: bb:08:86:a7:97:ba:bd:42:ed:d8:2e:9a:85:85:eb:27:6b:ff: 69:c0:a0:6a:56:7d:7d:5a:b1:e1:fa:54:0b:32:3f:e3:bb:ed: d0:87:83:51:d6:d3:ab:02:f6:65:a6:f1:23:9c:8f:ea:c2:39: 66:23:46:e9:46:bd:90:7f:2f:16:62:fe:1b:93:0c:a3:f9:a5: 59:6a:b0:14:db:14:e2:a0:d2:71:c2:d6:ec:42:ab:2c:c7:b6: 0c:c5:6f:d6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICCBwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUwOTAyMjE0MjEyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3NjRiNC0zMzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwrDdplERV0F+//FrIguab5WQGN3bRNwDFcV3cJfaIuAmqboWfOMJG8XH4r4h u0ElaVlW+iMy1qIvYbWnnnBOnaAzcD7cdio0pz2chLo0ONUtTOtBl0ZlTqVeXj9d ZnwISwrurlV5BoBzg/bSfbj4KMln+QLJiiDwuVQ8v6mwiZQkfN0jy/Ov1BKmPYaa TZz/wxFq0owf7/Teh/cLL99anJsAtPnIy5Flvj+tlHxwaV9jyMEhuFmugbjDF2rR B3hmo3mrZDuSkmQLdA7tzUChggroiu71siEgP87/OQB8Ycg2VJub/SOe/TkDbqwP tknK1m47eoshsbk5WXWjj6rZgwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFH0dXULy bOadsD56JWX0P2+IjNcuMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUIyMEIvQkE3MUI2NDgxMjAzMTFFQkJBQTE5NDE0QzRGOUFFMDIvNDZENjI2MTg3 NkE1MTFFQjgyRTA0QTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBABnViYDBAB1FBADBAB1FBMDBAB3P4QwDQYJKoZIhvcNAQEL BQADggEBAFCTw4ktQYpzDXCCZxnALZnFiVQ+5A6DY8MRtGeIxK9NNVS3dEOf5syP BObVyrdaG42/5/CQJXopuu/M9OkBZp516GM3LP4We7UVnxLMpzQGxneEbu5gi+Zx N0ATcKmhA88G+j2SBumIcZdIFRCBu6TZu4/2u+vh/NIicDJEvLTqGd+BYKv9RFGW LCaox1gRZSA+TNmqNt1e4jl5h28UJeByorsIhqeXur1C7dgumoWF6ydr/2nAoGpW fX1aseH6VAsyP+O77dCHg1HW06sC9mWm8SOcj+rCOWYjRulGvZB/LxZi/huTDKP5 pVlqsBTbFOKg0nHC1uxCqyzHtgzFb9Y= -----END CERTIFICATE-----Generated at Wed Nov 5 21:41:43 2025 by rpki-client