$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/DF8602D05E5B11ED994E491CC4F9AE02.roa File: DF8602D05E5B11ED994E491CC4F9AE02.roa (raw, json) Hash identifier: 6nK3GoLVaSP0VSJQQ8fMNbxkXH0UKpIkFpkEB95EEy0= Subject key identifier: 12:42:B2:51:B5:14:61:92:C1:96:9D:FE:75:0D:B3:E8:1E:20:B3:0D Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Certificate serial: 35BF Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/DF8602D05E5B11ED994E491CC4F9AE02.roa Signing time: Tue 04 Nov 2025 14:30:22 +0000 ROA not before: Tue 04 Nov 2025 14:30:22 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 38851 IP address blocks: 58.115.0.0/18 maxlen: 18 58.115.8.0/21 maxlen: 21 58.115.16.0/20 maxlen: 20 58.115.32.0/19 maxlen: 19 58.115.48.0/21 maxlen: 24 58.115.192.0/20 maxlen: 20 203.133.56.0/24 maxlen: 24 203.203.220.0/22 maxlen: 22 203.203.224.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:30:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13759 (0x35bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F47, serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Validity Not Before: Nov 4 14:30:22 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=690a0dfe-e6fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:d0:9f:e1:be:36:4e:51:c5:ad:59:09:c8:8e: 20:cf:78:53:38:a6:f4:2c:aa:7d:3e:36:4b:f3:e2: ca:aa:3e:af:10:64:86:8d:57:97:73:d9:24:02:25: 61:dd:e9:82:5d:35:93:fe:c6:ec:00:61:41:8a:ec: 78:97:71:aa:76:67:4e:77:c1:15:b7:7a:47:b4:a8: 14:1d:2b:29:1a:86:2f:20:d3:89:d8:47:69:bb:99: ff:5c:18:e2:8c:18:f8:55:d6:d4:67:70:e1:0f:e2: ff:36:97:89:a1:ae:11:06:50:a9:ec:30:92:4b:3e: b4:ef:07:13:7c:5f:cd:bf:43:4a:18:39:eb:66:20: fb:37:ef:09:9a:77:b7:9d:05:69:29:f0:b6:11:d0: 46:1a:b4:6f:fb:59:db:77:fd:0c:04:8e:47:72:50: d3:b5:49:5d:a9:00:d8:f7:04:71:fa:b0:46:5b:f0: 26:6b:47:5a:d2:f7:26:e9:4c:ce:52:ac:c3:11:bd: 4b:8e:98:f4:c7:34:38:c0:43:7f:6f:49:89:70:4b: b5:99:ad:b7:58:cb:5a:ac:be:ec:ee:82:ee:43:81: c2:2e:92:83:5d:93:43:1d:df:56:48:a5:0a:0a:de: 49:1d:a0:25:08:41:e8:7f:86:d0:b4:b9:f4:1f:44: 05:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:42:B2:51:B5:14:61:92:C1:96:9D:FE:75:0D:B3:E8:1E:20:B3:0D X509v3 Authority Key Identifier: keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/DF8602D05E5B11ED994E491CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.115.0.0/18 58.115.192.0/20 203.133.56.0/24 203.203.220.0-203.203.255.255 Signature Algorithm: sha256WithRSAEncryption bb:8b:4b:00:3e:67:34:c0:08:33:e8:ac:60:02:ac:1d:8e:45: 00:ff:d6:15:f2:45:03:dc:4d:34:50:ce:ac:b2:3c:98:3b:46: 71:ae:62:2f:c0:34:87:55:d6:6d:c0:c0:be:e8:de:b0:93:3c: e9:10:61:06:f7:ff:15:2b:42:bc:93:63:d9:65:25:a8:88:bc: 72:25:d6:b2:2c:97:02:14:b5:80:69:e3:11:e8:e8:92:33:66: 0d:41:1a:9d:67:1b:81:65:27:5b:95:7a:12:c2:d0:d8:66:3c: ed:f4:5b:27:99:7c:5f:6e:9e:85:18:c0:50:ec:61:75:e8:a6: bf:54:57:c9:b9:75:39:1c:d9:b3:23:2b:ab:5e:45:68:fd:39: b9:d2:9f:8e:a4:f4:92:7e:f0:82:67:2e:a1:fb:20:99:45:19: 9e:76:ce:e1:2e:28:5e:e7:42:31:87:14:7e:c4:99:f5:4b:2e: 95:eb:4b:3f:4c:9b:ef:cc:50:18:30:9c:68:47:3d:9b:0d:d5: 5c:4d:08:ae:76:1f:98:af:80:69:65:fc:d9:f2:3f:42:aa:ef: d4:44:2a:f0:39:f9:02:42:91:5d:ca:ed:4d:0a:1b:21:a4:2d: 7a:66:09:f4:f1:10:2b:35:29:2f:71:9c:a8:22:e8:2f:1d:58: a1:a1:a5:69 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgICNb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5 MEZFNzM3NTIwHhcNMjUxMTA0MTQzMDIyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTBhMGRmZS1lNmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtdCf4b42TlHFrVkJyI4gz3hTOKb0LKp9PjZL8+LKqj6vEGSGjVeXc9kkAiVh 3emCXTWT/sbsAGFBiux4l3GqdmdOd8EVt3pHtKgUHSspGoYvINOJ2Edpu5n/XBji jBj4VdbUZ3DhD+L/NpeJoa4RBlCp7DCSSz607wcTfF/Nv0NKGDnrZiD7N+8Jmne3 nQVpKfC2EdBGGrRv+1nbd/0MBI5HclDTtUldqQDY9wRx+rBGW/Ama0da0vcm6UzO UqzDEb1Ljpj0xzQ4wEN/b0mJcEu1ma23WMtarL7s7oLuQ4HCLpKDXZNDHd9WSKUK Ct5JHaAlCEHof4bQtLn0H0QF/QIDAQABo4ICrjCCAqowHQYDVR0OBBYEFBJCslG1 FGGSwZad/nUNs+geILMNMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGNDcvQjRBODZDMzgxRDg0MTFFMjk2OUZDNURBMDhCMDJDRDIvREY4NjAyRDA1 RTVCMTFFRDk5NEU0OTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E KTAnMCUEAgABMB8DBAY6cwADBAQ6c8ADBADLhTgwCwMEAsvL3AMDAsvIMA0GCSqG SIb3DQEBCwUAA4IBAQC7i0sAPmc0wAgz6KxgAqwdjkUA/9YV8kUD3E00UM6ssjyY O0ZxrmIvwDSHVdZtwMC+6N6wkzzpEGEG9/8VK0K8k2PZZSWoiLxyJdayLJcCFLWA aeMR6OiSM2YNQRqdZxuBZSdblXoSwtDYZjzt9FsnmXxfbp6FGMBQ7GF16Ka/VFfJ uXU5HNmzIyurXkVo/Tm50p+OpPSSfvCCZy6h+yCZRRmeds7hLihe50IxhxR+xJn1 Sy6V60s/TJvvzFAYMJxoRz2bDdVcTQiudh+Yr4BpZfzZ8j9Cqu/URCrwOfkCQpFd yu1NChshpC16Zgn08RArNSkvcZyoIugvHVihoaVp -----END CERTIFICATE-----Generated at Wed Nov 5 13:47:55 2025 by rpki-client