$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/BB8F87B4D4B011ECAA427351C4F9AE02.roa File: BB8F87B4D4B011ECAA427351C4F9AE02.roa (raw, json) Hash identifier: eRpbjrs7GTwfzhpVzYBrg6AgI/qzL8mQbPqmgl8ihsU= Subject key identifier: F4:18:5A:38:AB:21:8C:3A:E3:AC:88:A6:B4:4A:B3:16:D1:8A:25:76 Certificate issuer: /CN=A91C1621/serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Certificate serial: 3509 Authority key identifier: FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/BB8F87B4D4B011ECAA427351C4F9AE02.roa Signing time: Tue 28 Oct 2025 14:30:05 +0000 ROA not before: Tue 28 Oct 2025 14:30:05 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 1299 IP address blocks: 27.123.212.0/24 maxlen: 24 27.123.213.0/24 maxlen: 24 27.123.214.0/24 maxlen: 24 27.123.215.0/24 maxlen: 24 103.29.144.0/24 maxlen: 24 103.29.145.0/24 maxlen: 24 103.29.146.0/24 maxlen: 24 103.29.147.0/24 maxlen: 24 202.126.88.0/24 maxlen: 24 202.126.89.0/24 maxlen: 24 202.126.90.0/24 maxlen: 24 202.126.91.0/24 maxlen: 24 2405:600::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13577 (0x3509) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1621, serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Validity Not Before: Oct 28 14:30:05 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=6900d36d-b9fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:35:84:23:b9:97:b3:88:27:55:ea:20:2d:cb: ea:2f:4d:c7:a2:6b:d7:2c:9f:8d:87:82:41:1a:28: 47:86:f5:ba:4b:2e:0d:09:dd:ae:92:df:03:14:6e: 56:a9:51:25:74:2e:79:aa:22:e0:e7:bc:4e:65:c0: dc:0f:7d:63:70:1e:6a:e5:3b:6d:ce:62:9d:c3:b5: 00:4a:96:4d:15:04:bb:9b:fa:bf:cd:a7:b5:ee:77: 50:89:43:49:12:30:16:1f:53:60:78:43:17:77:89: 0b:ed:9f:f2:c3:01:a2:6d:d4:9d:3b:a0:dc:18:b1: 49:85:02:df:9f:33:3f:84:5c:27:4f:df:e7:66:ec: f1:d6:0c:3c:18:5c:b0:69:58:fb:65:9a:6c:44:85: af:d1:44:74:33:05:ac:5d:ff:0e:0a:1c:a9:3f:25: 53:26:ed:2e:51:94:38:c8:d6:96:97:d4:09:97:d3: c6:18:c7:ce:4d:a8:4f:eb:ae:15:66:35:15:41:1f: 5a:b9:27:69:09:99:ed:bf:7c:60:80:60:69:0b:0d: 74:77:bc:75:96:1a:a4:92:f3:f6:b9:32:7c:66:d8: 60:35:89:fe:54:98:20:a3:9f:db:09:9a:4d:05:a7: 7e:03:8f:3c:f1:20:3d:9a:e8:5e:45:cf:04:9c:34: fe:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:18:5A:38:AB:21:8C:3A:E3:AC:88:A6:B4:4A:B3:16:D1:8A:25:76 X509v3 Authority Key Identifier: keyid:FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/BB8F87B4D4B011ECAA427351C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.123.212.0/22 103.29.144.0/22 202.126.88.0/22 IPv6: 2405:600::/32 Signature Algorithm: sha256WithRSAEncryption 8c:4d:d6:82:74:6d:a2:d9:3e:b3:98:e4:39:46:6c:12:72:69: 05:f2:23:be:f9:c6:ca:d7:41:f5:1a:65:42:74:1b:64:16:61: d2:66:d4:a3:8a:d6:ef:fd:bd:1c:03:ff:28:44:19:07:0d:5b: 05:ee:65:f3:73:ab:36:3a:07:95:6a:1c:d2:14:bf:15:7e:25: a8:f7:2e:eb:32:69:06:c2:9b:a9:9f:bc:3c:8c:df:bf:fc:0e: 23:9d:51:ad:eb:b6:e9:14:3e:56:78:41:8e:51:e2:18:bb:9f: 45:e5:da:f5:0d:70:26:ce:e0:4f:00:63:fa:15:70:ba:de:71: e4:30:ba:49:7c:b1:d4:3d:30:63:bd:65:57:0d:c1:9d:79:7e: 2c:95:d8:ba:bd:b3:a4:aa:8c:5f:83:e0:f3:d0:93:15:46:09: 10:c9:fd:a3:7a:c9:3b:81:f6:8a:af:8f:23:e9:42:93:df:b7: 0e:98:de:fd:06:66:8d:56:55:09:54:2d:3e:23:8e:1d:4c:cc: 19:4e:59:cb:89:73:57:c9:80:10:c2:9d:c4:35:f9:94:bb:f4: 0a:06:ab:f8:eb:69:96:0b:12:73:13:b1:26:93:5a:94:d1:58: aa:ef:ea:e6:54:b9:4f:84:32:05:5c:67:fc:88:51:03:a1:3f: c5:9d:eb:8d -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICNQkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzE2MjExMTAvBgNVBAUTKEZBNDE3OTYyN0Y1QjI2NTk0RTU2MzAzNTNBMEI3Nzg1 RTBENjkyQzUwHhcNMjUxMDI4MTQzMDA1WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTAwZDM2ZC1iOWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwjWEI7mXs4gnVeogLcvqL03HomvXLJ+Nh4JBGihHhvW6Sy4NCd2ukt8DFG5W qVEldC55qiLg57xOZcDcD31jcB5q5TttzmKdw7UASpZNFQS7m/q/zae17ndQiUNJ EjAWH1NgeEMXd4kL7Z/ywwGibdSdO6DcGLFJhQLfnzM/hFwnT9/nZuzx1gw8GFyw aVj7ZZpsRIWv0UR0MwWsXf8OChypPyVTJu0uUZQ4yNaWl9QJl9PGGMfOTahP664V ZjUVQR9auSdpCZntv3xggGBpCw10d7x1lhqkkvP2uTJ8ZthgNYn+VJggo5/bCZpN Bad+A4888SA9muheRc8EnDT+vQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFPQYWjir IYw646yIprRKsxbRiiV2MB8GA1UdIwQYMBaAFPpBeWJ/WyZZTlYwNToLd4Xg1pLF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTYyMS85OUQ2OERDRTFE NjkxMUUyQTQ2NDBEQTcwOEIwMkNEMi8ta0Y1WW45YkpsbE9WakExT2d0M2hlRFdr c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1rRjVZbjliSmxsT1ZqQTFPZ3QzaGVEV2tzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzE2MjEvOTlENjhEQ0UxRDY5MTFFMkE0NjQwREE3MDhCMDJDRDIvQkI4Rjg3QjRE NEIwMTFFQ0FBNDI3MzUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAIbe9QDBAJnHZADBALKflgwDQQCAAIwBwMFACQFBgAwDQYJ KoZIhvcNAQELBQADggEBAIxN1oJ0baLZPrOY5DlGbBJyaQXyI775xsrXQfUaZUJ0 G2QWYdJm1KOK1u/9vRwD/yhEGQcNWwXuZfNzqzY6B5VqHNIUvxV+Jaj3LusyaQbC m6mfvDyM37/8DiOdUa3rtukUPlZ4QY5R4hi7n0Xl2vUNcCbO4E8AY/oVcLreceQw ukl8sdQ9MGO9ZVcNwZ15fiyV2Lq9s6SqjF+D4PPQkxVGCRDJ/aN6yTuB9oqvjyPp QpPftw6Y3v0GZo1WVQlULT4jjh1MzBlOWcuJc1fJgBDCncQ1+ZS79AoGq/jraZYL EnMTsSaTWpTRWKrv6uZUuU+EMgVcZ/yIUQOhP8Wd640= -----END CERTIFICATE-----Generated at Tue Nov 4 16:38:35 2025 by rpki-client