$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/5440C4C8848111EF9F3ECE34C4F9AE02.roa File: 5440C4C8848111EF9F3ECE34C4F9AE02.roa (raw, json) Hash identifier: ngjUXbyjPJ6iVQy9pM5d20oIctL+wtrqPm7BvcCMjJY= Subject key identifier: 18:B1:9A:27:92:C5:12:BF:D0:C4:A7:D8:31:4C:77:8C:67:53:E0:ED Certificate issuer: /CN=A91C9E72/serialNumber=73D900924E701548E6E3203880F6C0972A4C291A Certificate serial: CB Authority key identifier: 73:D9:00:92:4E:70:15:48:E6:E3:20:38:80:F6:C0:97:2A:4C:29:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c9kAkk5wFUjm4yA4gPbAlypMKRo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/5440C4C8848111EF9F3ECE34C4F9AE02.roa Signing time: Wed 29 Oct 2025 05:50:52 +0000 ROA not before: Wed 29 Oct 2025 05:50:52 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 58411 IP address blocks: 43.252.148.0/24 maxlen: 24 43.252.149.0/24 maxlen: 24 43.252.150.0/24 maxlen: 24 43.252.151.0/24 maxlen: 24 103.242.140.0/24 maxlen: 24 103.242.141.0/24 maxlen: 24 103.242.142.0/24 maxlen: 24 103.242.143.0/24 maxlen: 24 2401:1380::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.crl rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c9kAkk5wFUjm4yA4gPbAlypMKRo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:44:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 203 (0xcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9E72, serialNumber=73D900924E701548E6E3203880F6C0972A4C291A Validity Not Before: Oct 29 05:50:52 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=6901ab3b-39ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:03:c5:7d:5b:87:f8:3b:ca:73:95:9b:24:4b: b2:08:dd:24:97:6b:6b:f3:80:e8:ba:30:c6:61:1a: 17:fc:b1:5d:24:f8:4a:5d:d3:a3:6c:78:e7:af:37: d2:cc:ff:82:32:da:69:2a:e1:c8:65:03:10:8a:40: 0e:3b:45:8f:ea:16:fa:81:f1:91:e3:8e:bd:ff:04: 21:37:aa:b3:19:8b:f7:c4:09:19:dc:5f:08:32:ad: d1:17:da:ab:97:aa:87:b7:c9:1a:f0:b8:10:e1:9b: b8:cf:98:f1:0d:7e:80:f9:36:12:06:92:ce:c6:0d: 93:bc:33:bc:31:59:dd:b6:b6:ad:67:39:05:5a:2c: b1:24:c9:a8:f5:0b:30:01:71:2f:a3:85:9d:d7:aa: c4:65:7b:1f:88:79:35:b7:94:d2:e3:90:50:00:60: 8c:ca:68:8a:25:f2:79:31:ac:a2:89:73:71:97:8c: db:a9:83:ef:59:c3:1a:a1:4a:67:7c:15:eb:81:47: bb:7f:8e:79:36:5e:2b:c0:81:3c:ff:60:ad:31:2c: 9f:ff:4f:c8:9f:a0:12:67:88:93:cd:c4:c2:4e:07: 39:41:97:fe:9a:82:b4:38:29:72:2a:16:6c:51:fb: 9b:08:f9:eb:2d:7b:33:75:9c:fd:b5:0d:3c:58:b9: ed:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:B1:9A:27:92:C5:12:BF:D0:C4:A7:D8:31:4C:77:8C:67:53:E0:ED X509v3 Authority Key Identifier: keyid:73:D9:00:92:4E:70:15:48:E6:E3:20:38:80:F6:C0:97:2A:4C:29:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c9kAkk5wFUjm4yA4gPbAlypMKRo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/5440C4C8848111EF9F3ECE34C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.148.0/22 103.242.140.0/22 IPv6: 2401:1380::/32 Signature Algorithm: sha256WithRSAEncryption 31:80:bd:de:4d:9f:41:13:1e:77:3e:ba:b8:1a:75:66:52:fc: b0:d8:f3:0e:0f:2b:fd:21:19:2b:dc:28:34:1d:b6:88:c1:72: 27:b3:4d:2d:68:84:ae:3e:08:96:86:c0:81:ab:ad:70:1b:9c: b1:37:eb:c4:36:22:ea:df:45:49:71:dd:51:ba:5d:bb:1d:bc: a0:ec:6a:d9:cb:4b:c9:19:d1:ae:0a:db:a6:c5:e5:0e:2b:02: 65:1f:5e:34:bd:71:f9:0c:ab:37:74:fd:ed:b7:83:ca:dc:98: 8f:e6:15:25:a2:7f:c1:fb:9a:ae:37:88:d8:f2:05:e2:fd:fc: 65:a1:0b:82:5f:63:6b:5d:15:8b:8f:94:c1:82:11:f7:b7:83: f7:3e:53:a8:0c:ac:54:c8:60:49:86:1b:26:ad:16:31:43:a4: 0a:c7:77:91:6c:18:0e:84:9b:b8:f3:15:b3:5d:86:68:09:e0: 21:04:c6:42:91:75:0f:40:74:4e:b7:03:f3:2a:61:9c:a1:3b: 14:5e:be:58:3b:f2:87:15:bf:8a:64:8e:50:4e:e4:32:7e:3a: 45:aa:07:3f:17:c6:3a:72:82:38:9a:8c:fe:46:3e:74:15:d4: a5:d2:de:ce:fa:09:fe:fb:de:5d:94:7b:61:72:08:ce:6f:60: dc:c7:e0:59 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzlFNzIxMTAvBgNVBAUTKDczRDkwMDkyNEU3MDE1NDhFNkUzMjAzODgwRjZDMDk3 MkE0QzI5MUEwHhcNMjUxMDI5MDU1MDUyWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTAxYWIzYi0zOWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3gPFfVuH+DvKc5WbJEuyCN0kl2tr84DoujDGYRoX/LFdJPhKXdOjbHjnrzfS zP+CMtppKuHIZQMQikAOO0WP6hb6gfGR4469/wQhN6qzGYv3xAkZ3F8IMq3RF9qr l6qHt8ka8LgQ4Zu4z5jxDX6A+TYSBpLOxg2TvDO8MVndtratZzkFWiyxJMmo9Qsw AXEvo4Wd16rEZXsfiHk1t5TS45BQAGCMymiKJfJ5MayiiXNxl4zbqYPvWcMaoUpn fBXrgUe7f455Nl4rwIE8/2CtMSyf/0/In6ASZ4iTzcTCTgc5QZf+moK0OClyKhZs UfubCPnrLXszdZz9tQ08WLnt6QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBixmieS xRK/0MSn2DFMd4xnU+DtMB8GA1UdIwQYMBaAFHPZAJJOcBVI5uMgOID2wJcqTCka MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUU3Mi9FNkI0NDkwMjg0 ODAxMUVGQUFEOEUyMzNDNEY5QUUwMi9jOWtBa2s1d0ZVam00eUE0Z1BiQWx5cE1L Um8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2M5a0FrazV3RlVqbTR5QTRnUGJBbHlwTUtSby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzlFNzIvRTZCNDQ5MDI4NDgwMTFFRkFBRDhFMjMzQzRGOUFFMDIvNTQ0MEM0Qzg4 NDgxMTFFRjlGM0VDRTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIr/JQDBAJn8owwDQQCAAIwBwMFACQBE4AwDQYJKoZIhvcN AQELBQADggEBADGAvd5Nn0ETHnc+urgadWZS/LDY8w4PK/0hGSvcKDQdtojBciez TS1ohK4+CJaGwIGrrXAbnLE368Q2IurfRUlx3VG6XbsdvKDsatnLS8kZ0a4K26bF 5Q4rAmUfXjS9cfkMqzd0/e23g8rcmI/mFSWif8H7mq43iNjyBeL9/GWhC4JfY2td FYuPlMGCEfe3g/c+U6gMrFTIYEmGGyatFjFDpArHd5FsGA6Em7jzFbNdhmgJ4CEE xkKRdQ9AdE63A/MqYZyhOxRevlg78ocVv4pkjlBO5DJ+OkWqBz8XxjpygjiajP5G PnQV1KXS3s76Cf773l2Ue2FyCM5vYNzH4Fk= -----END CERTIFICATE-----Generated at Tue Nov 4 19:11:04 2025 by rpki-client