$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/36023BC6D29D11EAA11F7F51C4F9AE02.roa File: 36023BC6D29D11EAA11F7F51C4F9AE02.roa (raw, json) Hash identifier: Kko5Py9oYVoGdTuR3TmCVY6w0QuvDF7yamqA7Lq7XfE= Subject key identifier: D0:21:8C:2F:9B:E8:83:DB:A9:F9:64:DC:C1:72:0B:D0:C4:AF:D6:8F Certificate issuer: /CN=A91DDCB6/serialNumber=65DFF2EE3F9BB2EB24551E1D18F1D63DEC0A6E17 Certificate serial: 08A6 Authority key identifier: 65:DF:F2:EE:3F:9B:B2:EB:24:55:1E:1D:18:F1:D6:3D:EC:0A:6E:17 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zd_y7j-bsuskVR4dGPHWPewKbhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/36023BC6D29D11EAA11F7F51C4F9AE02.roa Signing time: Wed 08 Oct 2025 20:51:35 +0000 ROA not before: Wed 08 Oct 2025 20:51:35 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 17439 IP address blocks: 146.88.24.0/22 maxlen: 24 164.52.192.0/19 maxlen: 24 205.147.96.0/21 maxlen: 24 205.147.108.0/22 maxlen: 24 216.48.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/Zd_y7j-bsuskVR4dGPHWPewKbhc.crl rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/Zd_y7j-bsuskVR4dGPHWPewKbhc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zd_y7j-bsuskVR4dGPHWPewKbhc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:37:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2214 (0x8a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDCB6, serialNumber=65DFF2EE3F9BB2EB24551E1D18F1D63DEC0A6E17 Validity Not Before: Oct 8 20:51:35 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68e6ced7-6eb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:bf:ec:e9:9e:8a:4f:eb:6b:fa:05:bb:30:2f: a4:c7:2f:16:26:58:92:4f:b3:78:15:50:04:0f:20: 76:19:2d:d0:70:88:fc:b8:ef:64:3d:27:87:b6:15: 47:4f:60:3d:2c:ae:9b:dd:83:e2:4b:ec:0f:a5:98: 90:68:be:25:4b:27:0e:1c:9a:e7:a7:e4:5a:b9:e0: 0b:d6:40:90:57:e5:bd:d6:bf:7a:8b:84:e6:18:86: c9:e6:99:ca:5b:72:a7:bc:eb:60:dd:a0:18:e6:79: d0:40:64:5d:a6:1d:b2:08:43:0a:20:a0:68:d9:18: 46:d0:a3:07:ad:08:a2:2a:43:2d:56:b4:0b:73:a8: 9f:ad:35:c1:ea:a9:4e:aa:a3:23:0e:0d:59:07:ef: 7d:97:14:f4:5c:e0:dc:b2:51:7e:0a:e0:09:d1:2b: 13:6f:36:37:e2:a4:e2:51:b8:38:d4:85:d6:63:9e: 14:61:f4:d0:5e:7a:62:70:d8:37:be:00:da:85:67: 4f:8c:3c:97:2e:f3:6f:c0:fa:e9:26:f5:48:54:f0: 77:57:55:81:ae:0b:29:16:7b:4d:45:79:63:a9:ff: b3:2f:fa:89:6f:e2:e3:39:98:6b:9f:be:23:c1:79: d7:32:c6:fe:41:3a:20:77:d9:64:41:33:af:1d:d7: 3b:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:21:8C:2F:9B:E8:83:DB:A9:F9:64:DC:C1:72:0B:D0:C4:AF:D6:8F X509v3 Authority Key Identifier: keyid:65:DF:F2:EE:3F:9B:B2:EB:24:55:1E:1D:18:F1:D6:3D:EC:0A:6E:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/Zd_y7j-bsuskVR4dGPHWPewKbhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zd_y7j-bsuskVR4dGPHWPewKbhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/36023BC6D29D11EAA11F7F51C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 146.88.24.0/22 164.52.192.0/19 205.147.96.0/21 205.147.108.0/22 216.48.176.0/20 Signature Algorithm: sha256WithRSAEncryption 8d:2b:47:b9:d4:dd:22:0c:f6:34:7c:2f:c9:d4:62:3e:21:73: df:97:58:37:2b:e6:8d:ae:d7:39:44:75:10:5a:56:40:53:f7: 32:a8:af:ba:0a:9d:0a:98:d2:89:b7:6c:82:c5:55:01:e4:ff: 1c:01:c6:fa:8b:a1:50:17:01:17:0f:b1:2b:ba:54:4e:6d:4c: 69:71:18:0e:04:57:40:e0:e0:76:36:31:82:14:74:10:6d:8e: cd:e2:15:75:3e:18:16:61:1e:76:f5:e1:19:b0:78:20:2e:d2: ed:df:ec:5b:0d:05:eb:8f:cc:9b:87:0d:ae:29:48:cb:e9:fa: 61:d8:9c:f0:14:7e:f5:f0:27:92:76:a1:15:ef:41:4a:3b:95: 99:30:eb:08:ae:0c:ae:f3:6f:06:7f:a8:06:25:61:a0:70:6c: 4b:4b:86:38:b5:46:33:80:7a:2f:6b:2a:31:11:40:ed:75:18: 00:9d:a1:a4:7b:c9:f2:23:ca:bc:10:3e:e7:21:66:89:1e:23: f6:0b:21:19:62:c2:7a:2e:c9:1c:00:91:ca:cd:f8:db:5b:e9: ef:48:87:c9:5f:77:13:7e:d3:9a:cc:48:b4:69:95:65:c9:6b: 99:6a:4b:26:58:24:3a:a6:d8:0d:f7:e0:51:04:11:f9:3e:9e: a8:15:a7:52 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICCKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RERDQjYxMTAvBgNVBAUTKDY1REZGMkVFM0Y5QkIyRUIyNDU1MUUxRDE4RjFENjNE RUMwQTZFMTcwHhcNMjUxMDA4MjA1MTM1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2Y2VkNy02ZWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtr/s6Z6KT+tr+gW7MC+kxy8WJliST7N4FVAEDyB2GS3QcIj8uO9kPSeHthVH T2A9LK6b3YPiS+wPpZiQaL4lSycOHJrnp+RaueAL1kCQV+W91r96i4TmGIbJ5pnK W3KnvOtg3aAY5nnQQGRdph2yCEMKIKBo2RhG0KMHrQiiKkMtVrQLc6ifrTXB6qlO qqMjDg1ZB+99lxT0XODcslF+CuAJ0SsTbzY34qTiUbg41IXWY54UYfTQXnpicNg3 vgDahWdPjDyXLvNvwPrpJvVIVPB3V1WBrgspFntNRXljqf+zL/qJb+LjOZhrn74j wXnXMsb+QTogd9lkQTOvHdc7HwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFNAhjC+b 6IPbqflk3MFyC9DEr9aPMB8GA1UdIwQYMBaAFGXf8u4/m7LrJFUeHRjx1j3sCm4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERENCNi9FODgzREZENkND M0QxMUVBOEJDNDVDMjlDNEY5QUUwMi9aZF95N2otYnN1c2tWUjRkR1BIV1Bld0ti aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1pkX3k3ai1ic3Vza1ZSNGRHUEhXUGV3S2JoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RERDQjYvRTg4M0RGRDZDQzNEMTFFQThCQzQ1QzI5QzRGOUFFMDIvMzYwMjNCQzZE MjlEMTFFQUExMUY3RjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAKSWBgDBAWkNMADBAPNk2ADBALNk2wDBATYMLAwDQYJKoZI hvcNAQELBQADggEBAI0rR7nU3SIM9jR8L8nUYj4hc9+XWDcr5o2u1zlEdRBaVkBT 9zKor7oKnQqY0om3bILFVQHk/xwBxvqLoVAXARcPsSu6VE5tTGlxGA4EV0Dg4HY2 MYIUdBBtjs3iFXU+GBZhHnb14RmweCAu0u3f7FsNBeuPzJuHDa4pSMvp+mHYnPAU fvXwJ5J2oRXvQUo7lZkw6wiuDK7zbwZ/qAYlYaBwbEtLhji1RjOAei9rKjERQO11 GACdoaR7yfIjyrwQPuchZokeI/YLIRliwnouyRwAkcrN+Ntb6e9Ih8lfdxN+05rM SLRplWXJa5lqSyZYJDqm2A334FEEEfk+nqgVp1I= -----END CERTIFICATE-----Generated at Wed Nov 5 10:04:37 2025 by rpki-client