$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/BAEA3A3C497B11F096DCA14EC4F9AE02.roa File: BAEA3A3C497B11F096DCA14EC4F9AE02.roa (raw, json) Hash identifier: NGudT5ffYxQaLDuPITb3DSyOtSWSbubIZoe2i4vUMeU= Subject key identifier: F8:17:F1:93:DF:64:9B:39:A7:31:6C:30:92:8A:E0:CF:EE:20:71:77 Certificate issuer: /CN=A91CFFCB/serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Certificate serial: 07 Authority key identifier: 22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/BAEA3A3C497B11F096DCA14EC4F9AE02.roa Signing time: Sun 15 Jun 2025 00:00:22 +0000 ROA not before: Sun 15 Jun 2025 00:00:22 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 45773 IP address blocks: 165.99.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:28:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFCB, serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Validity Not Before: Jun 15 00:00:22 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=684e0d15-98f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:3e:d6:5d:ca:42:5c:11:aa:a1:66:4f:23:c5: 73:e9:02:0a:3a:b1:f8:73:26:bf:f4:ec:a5:b1:bf: 5e:f5:c8:84:7c:a8:51:ca:0f:9a:c9:89:0a:fa:49: 82:10:55:c1:9b:36:c0:b8:0f:86:ec:44:49:5f:44: ad:96:0e:a9:d6:d3:a8:63:84:5a:81:b2:94:9f:0c: f6:bd:5c:4c:4a:f3:4d:9e:4c:38:bc:5c:f9:54:4c: 83:f0:6c:2e:0b:c8:85:0a:b0:d8:63:a1:3f:fb:f5: a7:45:fb:9c:94:9a:44:17:36:f1:aa:54:e4:62:0a: 35:21:5c:fe:ad:18:e2:80:ac:57:fc:da:5b:e2:5e: 61:31:16:8c:49:6e:08:ba:e2:38:9e:20:ab:22:18: 59:6e:23:8e:f1:a7:1f:2b:aa:b5:d3:9b:28:95:7f: b1:6d:72:69:70:44:e6:b0:c8:75:bf:42:36:9a:70: ea:89:98:dd:31:8e:91:28:31:46:dd:db:68:b5:03: 21:5a:e0:5b:a0:1c:e5:41:af:2f:22:24:28:f7:65: 58:38:a7:92:10:b4:54:7d:1f:43:e4:8d:2a:ec:a7: d8:be:0b:a0:a2:66:13:1e:13:ed:5f:dd:69:5d:0d: 56:81:71:91:cf:8e:61:39:44:37:70:c1:b1:fb:42: e2:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:17:F1:93:DF:64:9B:39:A7:31:6C:30:92:8A:E0:CF:EE:20:71:77 X509v3 Authority Key Identifier: keyid:22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/BAEA3A3C497B11F096DCA14EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 165.99.206.0/23 Signature Algorithm: sha256WithRSAEncryption 8d:0e:d7:1c:75:f2:cc:4a:b7:99:d0:7d:df:e3:bd:be:19:b3: 55:b8:28:3a:7d:38:3f:88:a4:4a:c5:54:23:8a:62:e9:03:eb: cf:e3:74:31:c0:9c:b5:cf:86:47:5f:db:41:90:a2:81:67:93: f7:c4:43:ea:bd:74:5b:b4:0b:8b:af:f2:2f:f3:04:27:50:dc: 58:5e:82:e8:70:ed:79:1f:c3:67:ae:96:19:be:24:a6:76:16: f9:89:ee:58:71:3a:01:ed:3e:47:ca:a5:2c:3d:c2:ec:88:13: 4c:7a:44:63:6a:17:ff:78:56:64:89:d7:61:71:ef:97:05:cd: 4b:94:e0:9f:11:39:10:25:04:b5:cf:b0:f0:fe:e2:55:20:bf: 17:f1:9c:c3:c4:e9:b5:3b:9f:b4:3b:83:5b:3f:f4:6f:08:69: 60:83:5e:12:c7:cf:20:50:f1:1c:1a:30:32:6d:62:5f:fb:82: 8e:c5:4f:e2:2b:b8:aa:3f:0b:67:85:7e:e7:4d:d6:a2:01:4a: aa:ba:8e:4a:dd:76:c5:10:fc:a8:ea:9a:77:54:2e:26:a4:f5: f2:63:b6:cf:fd:5d:08:e0:65:21:37:bc:64:4c:62:a0:d1:d0: 9a:1d:84:fc:04:9b:9d:d3:f7:f0:05:c2:36:64:52:1f:d4:fe: cb:14:50:3b -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkZDQjExMC8GA1UEBRMoMjIyNDI5NDQxNkI4NDY1NzA2NTU0QjUyQ0JDNTZGNDQ5 QkM0NkM4OTAeFw0yNTA2MTUwMDAwMjJaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NGUwZDE1LTk4ZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDFPtZdykJcEaqhZk8jxXPpAgo6sfhzJr/07KWxv171yIR8qFHKD5rJiQr6SYIQ VcGbNsC4D4bsRElfRK2WDqnW06hjhFqBspSfDPa9XExK802eTDi8XPlUTIPwbC4L yIUKsNhjoT/79adF+5yUmkQXNvGqVORiCjUhXP6tGOKArFf82lviXmExFoxJbgi6 4jieIKsiGFluI47xpx8rqrXTmyiVf7FtcmlwROawyHW/QjaacOqJmN0xjpEoMUbd 22i1AyFa4FugHOVBry8iJCj3ZVg4p5IQtFR9H0PkjSrsp9i+C6CiZhMeE+1f3Wld DVaBcZHPjmE5RDdwwbH7QuLbAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+Bfxk99k mzmnMWwwkorgz+4gcXcwHwYDVR0jBBgwFoAUIiQpRBa4RlcGVUtSy8VvRJvEbIkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGRkNCL0VEMEYxMUY0NDIw NTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0UmxjR1ZVdFN5OFZ2Ukp2RWJJ ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSWlRcFJCYTRSbGNHVlV0U3k4VnZSSnZFYklrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkZDQi9FRDBGMTFGNDQyMDUxMUYwQkY3QTg3MTFDNEY5QUUwMi9CQUVBM0EzQzQ5 N0IxMUYwOTZEQ0ExNEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaVjzjANBgkqhkiG9w0BAQsFAAOCAQEAjQ7XHHXyzEq3mdB9 3+O9vhmzVbgoOn04P4ikSsVUI4pi6QPrz+N0McCctc+GR1/bQZCigWeT98RD6r10 W7QLi6/yL/MEJ1DcWF6C6HDteR/DZ66WGb4kpnYW+YnuWHE6Ae0+R8qlLD3C7IgT THpEY2oX/3hWZInXYXHvlwXNS5TgnxE5ECUEtc+w8P7iVSC/F/Gcw8TptTuftDuD Wz/0bwhpYINeEsfPIFDxHBowMm1iX/uCjsVP4iu4qj8LZ4V+503WogFKqrqOSt12 xRD8qOqad1QuJqT18mO2z/1dCOBlITe8ZExioNHQmh2E/ASbndP38AXCNmRSH9T+ yxRQOw== -----END CERTIFICATE-----Generated at Wed Nov 5 16:30:54 2025 by rpki-client