$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/D0886954188811EC8E86754FC4F9AE02.roa File: D0886954188811EC8E86754FC4F9AE02.roa (raw, json) Hash identifier: 6VbOvgdK5CTvuRLAoKi7F+0CDGeRIa2tmkBoLvAgouA= Subject key identifier: 8D:5A:8E:9B:10:40:AC:8E:83:50:90:20:83:F3:53:97:A3:D5:9F:DA Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Certificate serial: 35C0 Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/D0886954188811EC8E86754FC4F9AE02.roa Signing time: Tue 04 Nov 2025 14:30:23 +0000 ROA not before: Tue 04 Nov 2025 14:30:23 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 7532 IP address blocks: 219.69.251.0/24 maxlen: 24 219.69.252.0/22 maxlen: 22 219.69.252.0/23 maxlen: 23 219.69.252.0/24 maxlen: 24 219.69.253.0/24 maxlen: 24 219.69.254.0/23 maxlen: 23 219.69.254.0/24 maxlen: 24 219.69.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:30:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13760 (0x35c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F47, serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Validity Not Before: Nov 4 14:30:23 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=690a0dfe-4358 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:10:9d:47:39:d8:19:9a:fa:49:e7:0e:3d:70: de:c8:a3:1e:81:8e:2e:e5:2b:84:e9:6b:53:44:57: ce:f6:7c:7e:62:0a:64:96:cb:83:a2:19:ff:00:c4: ba:9e:08:21:9d:90:9b:24:16:92:3e:10:a7:f5:9e: 79:4c:e0:86:45:1b:a1:a6:2d:b8:f9:a3:b2:d3:f5: 3c:47:8a:43:1a:a4:2d:aa:93:af:e0:ad:52:58:4b: 86:57:0e:fb:28:f4:f0:c5:4d:9c:8f:85:17:2a:f3: ff:e7:92:df:de:10:8a:b6:a4:a3:5e:33:32:59:1b: 0b:3e:15:8b:9f:ef:8c:da:63:a5:1c:f0:0c:e6:66: f7:07:e3:5e:13:88:a5:fb:ca:ea:3e:b5:6a:27:60: db:46:10:ba:ee:e5:0d:dd:8c:48:05:4d:25:5f:fe: e6:1e:f4:56:4e:f2:f1:3e:e5:aa:49:c8:6a:0b:c7: 24:dc:86:27:11:06:aa:f6:8f:72:08:f8:05:5d:15: 09:a7:d1:a4:18:1b:cd:ec:64:2b:0d:0a:82:65:99: 49:87:cb:6a:ee:f7:b1:ed:08:74:92:01:0c:6b:55: c3:83:dd:b8:33:69:22:c0:e1:9e:30:6b:bc:a7:9b: b7:1f:7d:40:0d:4e:b1:4c:f2:46:9b:21:c8:22:1e: 72:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:5A:8E:9B:10:40:AC:8E:83:50:90:20:83:F3:53:97:A3:D5:9F:DA X509v3 Authority Key Identifier: keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/D0886954188811EC8E86754FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 219.69.251.0-219.69.255.255 Signature Algorithm: sha256WithRSAEncryption 47:3a:d6:1f:72:32:91:3d:93:d2:5d:47:8b:72:97:62:b0:f8: 5e:b8:0a:a6:cc:69:df:2c:81:af:13:2a:6f:46:9f:7f:05:0d: 89:61:02:e4:ac:e3:cd:ef:97:c3:35:f9:b3:10:a1:48:6b:96: 9d:32:2d:6e:6e:99:b7:e2:f9:b2:bb:4d:7c:d1:dc:54:e3:78: 87:00:fc:3c:1b:b7:d5:15:cd:5b:a5:b7:ba:37:83:8a:52:ee: 6f:0c:1a:14:40:55:94:c4:79:af:a1:6f:85:af:8b:e9:2e:33: 95:57:a3:56:80:ca:77:6d:30:39:e4:73:ff:8d:62:fc:bb:c1: 0c:74:db:a0:7a:0e:be:b4:c7:c9:10:a1:61:07:a8:fe:3c:68: 61:11:7d:5b:40:ef:08:51:8f:8c:3a:95:92:88:16:90:08:15: 6e:16:9e:89:66:14:dd:3d:11:fa:71:06:00:f6:74:cc:d2:6a: 7f:03:7f:b1:e7:70:9e:62:43:8c:8c:f6:22:90:dc:5d:0e:00: da:20:79:03:00:78:6a:38:fe:38:7a:0e:42:3e:57:c4:c2:4b: e4:2a:bc:80:74:ad:c0:80:6e:eb:33:a8:56:56:f4:dd:08:af: 8b:ea:5c:20:81:65:53:da:90:a7:c3:d2:01:c6:81:b5:e5:12: a7:73:33:cf -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgICNcAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5 MEZFNzM3NTIwHhcNMjUxMTA0MTQzMDIzWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTBhMGRmZS00MzU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxhCdRznYGZr6SecOPXDeyKMegY4u5SuE6WtTRFfO9nx+YgpklsuDohn/AMS6 ngghnZCbJBaSPhCn9Z55TOCGRRuhpi24+aOy0/U8R4pDGqQtqpOv4K1SWEuGVw77 KPTwxU2cj4UXKvP/55Lf3hCKtqSjXjMyWRsLPhWLn++M2mOlHPAM5mb3B+NeE4il +8rqPrVqJ2DbRhC67uUN3YxIBU0lX/7mHvRWTvLxPuWqSchqC8ck3IYnEQaq9o9y CPgFXRUJp9GkGBvN7GQrDQqCZZlJh8tq7vex7Qh0kgEMa1XDg924M2kiwOGeMGu8 p5u3H31ADU6xTPJGmyHIIh5y6wIDAQABo4ICnDCCApgwHQYDVR0OBBYEFI1ajpsQ QKyOg1CQIIPzU5ej1Z/aMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGNDcvQjRBODZDMzgxRDg0MTFFMjk2OUZDNURBMDhCMDJDRDIvRDA4ODY5NTQx ODg4MTFFQzhFODY3NTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQcBAf8E FzAVMBMEAgABMA0wCwMEANtF+wMDAdtEMA0GCSqGSIb3DQEBCwUAA4IBAQBHOtYf cjKRPZPSXUeLcpdisPheuAqmzGnfLIGvEypvRp9/BQ2JYQLkrOPN75fDNfmzEKFI a5adMi1ubpm34vmyu0180dxU43iHAPw8G7fVFc1bpbe6N4OKUu5vDBoUQFWUxHmv oW+Fr4vpLjOVV6NWgMp3bTA55HP/jWL8u8EMdNugeg6+tMfJEKFhB6j+PGhhEX1b QO8IUY+MOpWSiBaQCBVuFp6JZhTdPRH6cQYA9nTM0mp/A3+x53CeYkOMjPYikNxd DgDaIHkDAHhqOP44eg5CPlfEwkvkKryAdK3AgG7rM6hWVvTdCK+L6lwggWVT2pCn w9IBxoG15RKnczPP -----END CERTIFICATE-----Generated at Wed Nov 5 13:46:11 2025 by rpki-client