$ rpki-client -vvf rpki.apnic.net/member_repository/A91C575E/E2ACB43A896A11F081E44D57C4F9AE02/3FD60CEC896B11F0A99C2258C4F9AE02.roa File: 3FD60CEC896B11F0A99C2258C4F9AE02.roa (raw, json) Hash identifier: L2I2C5AaIi5CRCmOivb7F6/dBQAFh3PeT7bznCfpjdI= Subject key identifier: 59:25:B0:61:A9:F1:4C:BA:30:12:3E:DF:4A:D8:76:1A:50:1E:50:20 Certificate issuer: /CN=A91C575E/serialNumber=513ECE73EE9EA325EA442931B0062BD8BF304A76 Certificate serial: 07 Authority key identifier: 51:3E:CE:73:EE:9E:A3:25:EA:44:29:31:B0:06:2B:D8:BF:30:4A:76 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UT7Oc-6eoyXqRCkxsAYr2L8wSnY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C575E/E2ACB43A896A11F081E44D57C4F9AE02/3FD60CEC896B11F0A99C2258C4F9AE02.roa Signing time: Thu 04 Sep 2025 10:27:47 +0000 ROA not before: Thu 04 Sep 2025 10:27:47 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 154198 IP address blocks: 43.228.104.0/23 maxlen: 23 43.228.104.0/24 maxlen: 24 43.228.105.0/24 maxlen: 24 2402:27e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C575E/E2ACB43A896A11F081E44D57C4F9AE02/UT7Oc-6eoyXqRCkxsAYr2L8wSnY.crl rsync://rpki.apnic.net/member_repository/A91C575E/E2ACB43A896A11F081E44D57C4F9AE02/UT7Oc-6eoyXqRCkxsAYr2L8wSnY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UT7Oc-6eoyXqRCkxsAYr2L8wSnY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:46:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C575E, serialNumber=513ECE73EE9EA325EA442931B0062BD8BF304A76 Validity Not Before: Sep 4 10:27:47 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68b969a3-16f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:7d:98:3f:10:e4:85:82:d6:cf:a7:d9:17:f1: 76:d6:f0:a7:d2:64:68:3e:ea:6d:71:05:ab:4e:5d: 1e:15:61:45:74:80:26:e2:2b:c3:92:c3:4c:04:a5: 6c:18:a2:a8:42:cb:42:9b:2c:74:a3:21:10:d5:a1: 92:87:35:58:c8:fd:75:83:96:4d:f4:c1:00:93:5a: f4:e3:0b:98:af:98:fe:67:b6:02:2f:96:fa:d6:22: d5:0f:1e:f3:7d:f7:34:ca:f0:a7:6b:05:3c:88:51: 33:a6:2f:f6:41:b9:7f:59:dd:08:08:0c:8c:86:c4: 1a:a8:57:8b:4d:ef:dd:f1:d6:c3:7a:e5:8c:fa:6e: 5f:bb:8a:4e:d5:6a:14:59:b2:6b:59:c8:43:08:d4: 9e:c9:b9:de:ac:79:78:2e:9f:de:7d:5c:9b:59:00: 0f:f3:fd:32:63:e7:d6:8f:3e:54:c6:d1:97:0e:20: c4:93:1d:bd:42:05:49:6c:bc:1a:94:d5:b2:01:23: 2f:67:8d:37:95:c0:ca:d8:7c:56:2b:41:87:2b:36: 24:9b:0a:46:73:2b:7c:fb:9c:5b:74:87:02:81:bb: f3:af:ce:32:41:77:22:87:b2:06:19:3d:16:4d:69: 73:14:47:1c:65:50:5a:03:a5:72:59:28:b6:97:12: 05:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:25:B0:61:A9:F1:4C:BA:30:12:3E:DF:4A:D8:76:1A:50:1E:50:20 X509v3 Authority Key Identifier: keyid:51:3E:CE:73:EE:9E:A3:25:EA:44:29:31:B0:06:2B:D8:BF:30:4A:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C575E/E2ACB43A896A11F081E44D57C4F9AE02/UT7Oc-6eoyXqRCkxsAYr2L8wSnY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UT7Oc-6eoyXqRCkxsAYr2L8wSnY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C575E/E2ACB43A896A11F081E44D57C4F9AE02/3FD60CEC896B11F0A99C2258C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.104.0/23 IPv6: 2402:27e0::/32 Signature Algorithm: sha256WithRSAEncryption 31:f7:24:15:98:35:54:a9:c7:ca:66:6c:7b:d7:8f:f3:b3:47: ef:e1:68:43:a5:a7:34:23:5d:2a:c8:58:c5:22:95:de:23:17: 8a:a2:98:3d:12:4b:81:0b:34:1e:16:28:53:31:79:12:fe:50: 0c:e6:43:3f:60:a0:95:21:be:8a:0f:85:eb:92:64:f7:6a:a9: ee:ed:9f:1d:8b:38:96:c4:ec:bf:9b:82:5d:76:bd:3f:21:8c: a7:53:64:25:7c:cb:39:9c:36:43:41:ae:f9:35:e9:31:e3:97: bc:e7:96:a2:c7:d2:a4:7f:b6:dc:9a:d7:38:4d:7a:39:04:13: 35:e5:ab:10:2f:ab:1b:12:72:03:df:1c:bf:d9:67:79:80:3c: ed:7c:85:22:d5:fe:0d:91:96:f0:ef:f5:09:1a:a2:a2:25:c0: af:a1:b7:59:c0:b9:58:35:b9:e5:55:39:c3:14:ff:bd:50:e0: b8:e0:9f:3c:2f:12:e2:f1:9a:b5:de:78:b0:f8:67:b0:e5:a1: 42:18:71:bf:38:f5:8b:e5:2a:4d:ae:3d:13:89:6e:74:9e:02: ff:07:c3:eb:8a:b6:d0:2e:9c:09:36:93:3d:10:01:5a:3f:55: ba:1d:5e:22:ae:17:17:fa:4d:a1:6b:63:75:5f:04:3b:78:e9: a6:51:62:ca -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NTc1RTExMC8GA1UEBRMoNTEzRUNFNzNFRTlFQTMyNUVBNDQyOTMxQjAwNjJCRDhC RjMwNEE3NjAeFw0yNTA5MDQxMDI3NDdaFw0yNjEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4Yjk2OWEzLTE2ZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC1fZg/EOSFgtbPp9kX8XbW8KfSZGg+6m1xBatOXR4VYUV0gCbiK8OSw0wEpWwY oqhCy0KbLHSjIRDVoZKHNVjI/XWDlk30wQCTWvTjC5ivmP5ntgIvlvrWItUPHvN9 9zTK8KdrBTyIUTOmL/ZBuX9Z3QgIDIyGxBqoV4tN793x1sN65Yz6bl+7ik7VahRZ smtZyEMI1J7Jud6seXgun959XJtZAA/z/TJj59aPPlTG0ZcOIMSTHb1CBUlsvBqU 1bIBIy9njTeVwMrYfFYrQYcrNiSbCkZzK3z7nFt0hwKBu/OvzjJBdyKHsgYZPRZN aXMURxxlUFoDpXJZKLaXEgV5AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUWSWwYanx TLowEj7fSth2GlAeUCAwHwYDVR0jBBgwFoAUUT7Oc+6eoyXqRCkxsAYr2L8wSnYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM1NzVFL0UyQUNCNDNBODk2 QTExRjA4MUU0NEQ1N0M0RjlBRTAyL1VUN09jLTZlb3lYcVJDa3hzQVlyMkw4d1Nu WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvVVQ3T2MtNmVveVhxUkNreHNBWXIyTDh3U25ZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTc1RS9FMkFDQjQzQTg5NkExMUYwODFFNDRENTdDNEY5QUUwMi8zRkQ2MENFQzg5 NkIxMUYwQTk5QzIyNThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf MB0wDAQCAAEwBgMEASvkaDANBAIAAjAHAwUAJAIn4DANBgkqhkiG9w0BAQsFAAOC AQEAMfckFZg1VKnHymZse9eP87NH7+FoQ6WnNCNdKshYxSKV3iMXiqKYPRJLgQs0 HhYoUzF5Ev5QDOZDP2CglSG+ig+F65Jk92qp7u2fHYs4lsTsv5uCXXa9PyGMp1Nk JXzLOZw2Q0Gu+TXpMeOXvOeWosfSpH+23JrXOE16OQQTNeWrEC+rGxJyA98cv9ln eYA87XyFItX+DZGW8O/1CRqioiXAr6G3WcC5WDW55VU5wxT/vVDguOCfPC8S4vGa td54sPhnsOWhQhhxvzj1i+UqTa49E4ludJ4C/wfD64q20C6cCTaTPRABWj9Vuh1e Iq4XF/pNoWtjdV8EO3jpplFiyg== -----END CERTIFICATE-----Generated at Wed Nov 5 07:40:36 2025 by rpki-client