$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa File: CDE36D52DB9511E99F3F673EC4F9AE02.roa (raw, json) Hash identifier: jPHSUiUkbozR5N6j9xgdL/cbld0Q8j3JedxabqO04KM= Subject key identifier: 0C:58:B6:8E:11:42:35:0E:32:E2:5C:F3:EC:77:A3:C1:78:BB:62:C4 Certificate issuer: /CN=A91C1621/serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Certificate serial: 350A Authority key identifier: FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa Signing time: Tue 28 Oct 2025 14:30:06 +0000 ROA not before: Tue 28 Oct 2025 14:30:06 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 55805 IP address blocks: 27.123.212.0/22 maxlen: 22 27.123.212.0/24 maxlen: 24 27.123.213.0/24 maxlen: 24 27.123.214.0/24 maxlen: 24 27.123.215.0/24 maxlen: 24 103.29.144.0/22 maxlen: 22 103.29.144.0/24 maxlen: 24 103.29.145.0/24 maxlen: 24 103.29.146.0/24 maxlen: 24 103.29.147.0/24 maxlen: 24 103.98.68.0/22 maxlen: 22 103.98.68.0/24 maxlen: 24 103.98.69.0/24 maxlen: 24 103.98.70.0/24 maxlen: 24 103.98.71.0/24 maxlen: 24 202.126.88.0/22 maxlen: 22 202.126.88.0/24 maxlen: 24 202.126.89.0/24 maxlen: 24 202.126.90.0/24 maxlen: 24 202.126.91.0/24 maxlen: 24 2401:90c0::/32 maxlen: 48 2405:600::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13578 (0x350a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1621, serialNumber=FA4179627F5B26594E5630353A0B7785E0D692C5 Validity Not Before: Oct 28 14:30:06 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=6900d36d-f2a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:2d:19:09:c1:6f:1c:e2:c1:47:27:e4:84:b9: fa:ae:3b:69:2c:a5:b4:04:62:13:fd:f6:f2:58:74: 77:82:30:06:62:d3:1f:0b:b8:03:0a:f6:21:51:76: 8d:a5:d3:ea:db:55:a4:6b:37:dd:17:8f:c3:a9:28: 4f:a5:03:e7:ba:be:ca:1e:2c:79:04:5f:cd:7d:1a: 09:3f:8a:1e:a4:32:8a:33:a4:cf:89:6c:8c:65:51: 5a:63:e4:65:03:0f:2d:a2:cb:63:75:e8:79:07:3e: f0:49:26:93:fd:89:c3:f9:4e:0b:74:ea:0e:6a:a8: 34:d6:2b:29:3b:7d:7a:96:c4:09:d4:79:f9:01:2c: 39:96:31:9d:eb:9d:99:cc:44:52:6d:e7:b0:34:7a: f3:79:3d:e2:ca:d4:d2:46:63:f3:27:2e:1b:ec:b7: 24:c3:5e:90:1d:ea:8f:18:50:71:3d:ef:2e:97:31: ed:0d:c0:eb:ab:8e:d1:c4:28:61:4e:1b:22:fe:ed: df:80:41:ea:6e:b4:08:da:51:e0:b6:48:32:fb:5f: dc:e9:c2:77:d3:8a:45:0c:d6:a7:b8:ad:69:36:0a: af:a7:75:63:07:19:8b:cd:61:b0:de:e0:21:d1:bb: 07:56:78:29:05:ef:18:f8:32:c9:cd:45:0e:53:87: 52:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:58:B6:8E:11:42:35:0E:32:E2:5C:F3:EC:77:A3:C1:78:BB:62:C4 X509v3 Authority Key Identifier: keyid:FA:41:79:62:7F:5B:26:59:4E:56:30:35:3A:0B:77:85:E0:D6:92:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/-kF5Yn9bJllOVjA1Ogt3heDWksU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-kF5Yn9bJllOVjA1Ogt3heDWksU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1621/99D68DCE1D6911E2A4640DA708B02CD2/CDE36D52DB9511E99F3F673EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.123.212.0/22 103.29.144.0/22 103.98.68.0/22 202.126.88.0/22 IPv6: 2401:90c0::/32 2405:600::/32 Signature Algorithm: sha256WithRSAEncryption 50:95:f2:d9:d6:0a:1f:09:a9:b1:73:2c:de:46:67:18:e7:38: 83:b4:30:3f:d5:4a:7c:fd:1f:bc:f5:62:74:f2:5b:05:2a:c3: ae:de:d8:d6:24:e9:dd:3d:57:6b:30:b8:75:9b:20:c3:af:d4: a6:08:6a:44:7f:08:4c:99:9a:a4:f4:82:e7:d0:3e:93:00:65: ce:74:ad:a3:6e:ab:ea:ca:40:9e:3e:d5:ff:e5:f8:8b:e0:07: 49:be:38:8f:d4:7e:fa:fc:11:6d:aa:39:9f:e7:78:bd:9f:8a: 15:ea:b6:dd:74:a9:cf:74:d4:d8:29:37:c2:ba:11:8f:33:e4: b5:8a:6d:28:22:64:e0:5d:9d:30:b4:b3:0a:f8:04:e9:ea:df: 86:b3:fd:52:cb:f3:cb:cf:ee:ea:ff:34:4b:24:78:e9:6e:c3: 1d:c3:c7:99:b8:75:f7:31:01:a3:fa:e9:94:3c:a7:fb:58:f0: 95:3b:1f:b7:08:e2:8d:3f:16:de:29:91:81:9c:a9:d1:e8:a6: 06:75:55:10:f9:0e:c3:75:ff:6c:84:ba:24:aa:e8:05:46:a4: ac:da:f1:21:7b:6d:6a:de:b5:31:c1:d5:d0:9f:0a:f3:6e:73: 8b:d8:bd:51:44:01:11:5d:55:9d:bc:e0:b9:36:37:43:8a:a8: 47:8b:11:52 -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICNQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzE2MjExMTAvBgNVBAUTKEZBNDE3OTYyN0Y1QjI2NTk0RTU2MzAzNTNBMEI3Nzg1 RTBENjkyQzUwHhcNMjUxMDI4MTQzMDA2WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTAwZDM2ZC1mMmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0y0ZCcFvHOLBRyfkhLn6rjtpLKW0BGIT/fbyWHR3gjAGYtMfC7gDCvYhUXaN pdPq21WkazfdF4/DqShPpQPnur7KHix5BF/NfRoJP4oepDKKM6TPiWyMZVFaY+Rl Aw8tostjdeh5Bz7wSSaT/YnD+U4LdOoOaqg01ispO316lsQJ1Hn5ASw5ljGd652Z zERSbeewNHrzeT3iytTSRmPzJy4b7Lckw16QHeqPGFBxPe8ulzHtDcDrq47RxChh Thsi/u3fgEHqbrQI2lHgtkgy+1/c6cJ304pFDNanuK1pNgqvp3VjBxmLzWGw3uAh 0bsHVngpBe8Y+DLJzUUOU4dS/QIDAQABo4ICvTCCArkwHQYDVR0OBBYEFAxYto4R QjUOMuJc8+x3o8F4u2LEMB8GA1UdIwQYMBaAFPpBeWJ/WyZZTlYwNToLd4Xg1pLF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTYyMS85OUQ2OERDRTFE NjkxMUUyQTQ2NDBEQTcwOEIwMkNEMi8ta0Y1WW45YkpsbE9WakExT2d0M2hlRFdr c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1rRjVZbjliSmxsT1ZqQTFPZ3QzaGVEV2tzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzE2MjEvOTlENjhEQ0UxRDY5MTFFMkE0NjQwREE3MDhCMDJDRDIvQ0RFMzZENTJE Qjk1MTFFOTlGM0Y2NzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MB4EAgABMBgDBAIbe9QDBAJnHZADBAJnYkQDBALKflgwFAQCAAIwDgMFACQB kMADBQAkBQYAMA0GCSqGSIb3DQEBCwUAA4IBAQBQlfLZ1gofCamxcyzeRmcY5ziD tDA/1Up8/R+89WJ08lsFKsOu3tjWJOndPVdrMLh1myDDr9SmCGpEfwhMmZqk9ILn 0D6TAGXOdK2jbqvqykCePtX/5fiL4AdJvjiP1H76/BFtqjmf53i9n4oV6rbddKnP dNTYKTfCuhGPM+S1im0oImTgXZ0wtLMK+ATp6t+Gs/1Sy/PLz+7q/zRLJHjpbsMd w8eZuHX3MQGj+umUPKf7WPCVOx+3COKNPxbeKZGBnKnR6KYGdVUQ+Q7Ddf9shLok qugFRqSs2vEhe21q3rUxwdXQnwrzbnOL2L1RRAERXVWdvOC5NjdDiqhHixFS -----END CERTIFICATE-----Generated at Tue Nov 4 16:38:32 2025 by rpki-client