$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB01/32EE0A6E99E911F0978D4072C4F9AE02/8EA99A70B53311F09D886D26C4F9AE02.roa File: 8EA99A70B53311F09D886D26C4F9AE02.roa (raw, json) Hash identifier: HRGw0aoS2i5W3DQjF1IbbrWcc3d6PqDgNovqHtZ6TAQ= Subject key identifier: 08:35:ED:94:8B:AC:73:5E:7C:E8:5C:75:86:D8:27:4E:0B:EA:C0:27 Certificate issuer: /CN=A91DEB01/serialNumber=447D5983BF0DB911AD8FDCB674145F6C58F83CD5 Certificate serial: 17 Authority key identifier: 44:7D:59:83:BF:0D:B9:11:AD:8F:DC:B6:74:14:5F:6C:58:F8:3C:D5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RH1Zg78NuRGtj9y2dBRfbFj4PNU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB01/32EE0A6E99E911F0978D4072C4F9AE02/8EA99A70B53311F09D886D26C4F9AE02.roa Signing time: Thu 30 Oct 2025 02:01:47 +0000 ROA not before: Thu 30 Oct 2025 02:01:47 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 136167 IP address blocks: 74.119.64.0/21 maxlen: 21 74.119.64.0/22 maxlen: 22 74.119.64.0/24 maxlen: 24 74.119.65.0/24 maxlen: 24 74.119.66.0/24 maxlen: 24 74.119.67.0/24 maxlen: 24 74.119.68.0/22 maxlen: 22 74.119.68.0/24 maxlen: 24 74.119.69.0/24 maxlen: 24 74.119.70.0/24 maxlen: 24 74.119.71.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEB01/32EE0A6E99E911F0978D4072C4F9AE02/RH1Zg78NuRGtj9y2dBRfbFj4PNU.crl rsync://rpki.apnic.net/member_repository/A91DEB01/32EE0A6E99E911F0978D4072C4F9AE02/RH1Zg78NuRGtj9y2dBRfbFj4PNU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RH1Zg78NuRGtj9y2dBRfbFj4PNU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:34:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23 (0x17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEB01, serialNumber=447D5983BF0DB911AD8FDCB674145F6C58F83CD5 Validity Not Before: Oct 30 02:01:47 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=6902c70b-77bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:28:e4:ac:46:74:ea:05:26:58:f0:cd:bf:40: 4d:96:1b:f5:df:de:02:96:56:fb:bb:d8:b0:af:53: c6:21:c8:4d:8e:df:e9:eb:fc:b9:b0:2b:63:c5:59: 6f:10:7a:36:58:7f:d1:e2:41:56:1a:a1:71:fb:84: 79:50:b8:f7:e8:28:37:75:cf:cc:c4:0b:5c:38:cf: dc:a0:96:d5:b2:4b:23:e6:4c:45:ca:93:ba:9e:26: b4:8b:33:2b:44:95:9e:cd:98:eb:37:fb:f5:1d:72: 54:c6:ac:27:91:77:c4:d3:70:e7:f8:58:33:7f:40: ac:98:86:a4:04:7b:e1:00:ed:b2:1a:3c:8e:85:86: e6:3e:9d:ba:7f:17:8a:e2:2f:9a:88:99:93:4d:d0: 2f:3e:19:24:86:cf:7a:41:db:e7:6e:da:cb:1a:55: 87:52:12:70:55:f7:8e:51:c4:34:63:e0:d9:29:fb: c6:00:eb:11:42:c2:73:50:e2:9f:d9:51:ce:ac:79: 65:ab:40:2f:09:79:e6:84:66:f7:5f:7c:ad:2e:00: 27:b0:3a:ff:8a:22:fc:04:fd:42:39:8f:8d:67:2d: b7:71:a5:0f:a3:17:14:d6:f1:39:e0:c1:d7:3f:2b: 44:ab:b1:78:29:4f:31:2c:bd:2d:1f:83:b5:ce:92: bf:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:35:ED:94:8B:AC:73:5E:7C:E8:5C:75:86:D8:27:4E:0B:EA:C0:27 X509v3 Authority Key Identifier: keyid:44:7D:59:83:BF:0D:B9:11:AD:8F:DC:B6:74:14:5F:6C:58:F8:3C:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEB01/32EE0A6E99E911F0978D4072C4F9AE02/RH1Zg78NuRGtj9y2dBRfbFj4PNU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RH1Zg78NuRGtj9y2dBRfbFj4PNU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB01/32EE0A6E99E911F0978D4072C4F9AE02/8EA99A70B53311F09D886D26C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 74.119.64.0/21 Signature Algorithm: sha256WithRSAEncryption 07:65:d4:5f:42:60:08:3a:fd:11:ed:2c:b4:45:3a:77:ee:60: b0:28:20:65:42:c8:2f:91:40:d6:53:d5:04:eb:27:01:60:d3: 06:7f:05:6c:00:51:9e:a5:98:27:9b:52:33:b2:07:0e:56:bc: 0a:55:f5:b6:69:0b:5d:0e:74:56:c8:3d:5a:8b:fc:1f:1b:76: a8:0b:cb:f4:c3:85:90:26:19:9f:74:13:5a:a0:65:34:a5:14: bc:22:a0:0c:0c:5f:a1:f8:f3:55:99:d6:8f:ce:cd:f9:93:9b: d8:53:64:66:c9:8f:48:d4:05:0e:3d:a2:17:86:de:a1:02:6f: 06:2f:86:8f:b7:a2:7a:80:d4:ae:00:93:2b:c5:3f:bf:cc:de: ab:04:2d:ec:36:71:6c:29:84:81:79:60:c4:0d:b3:11:2f:9a: a4:61:d2:8d:61:52:1b:ed:31:c0:96:5e:f7:4b:a4:31:94:e5: 3d:a8:29:03:8f:2e:70:4e:db:fa:4c:02:c7:c6:99:fb:dd:a9: 4f:7b:b3:e2:d6:96:82:f5:84:21:80:70:34:3b:4d:7c:19:a4: 06:f1:0c:29:a5:66:26:74:82:ef:22:ee:4d:42:6b:36:5e:7e: 63:27:9d:2f:c5:db:f2:31:93:2a:bf:ae:6e:be:e7:1b:d8:fb: d1:3b:5e:57 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE RUIwMTExMC8GA1UEBRMoNDQ3RDU5ODNCRjBEQjkxMUFEOEZEQ0I2NzQxNDVGNkM1 OEY4M0NENTAeFw0yNTEwMzAwMjAxNDdaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5MDJjNzBiLTc3YmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHKOSsRnTqBSZY8M2/QE2WG/Xf3gKWVvu72LCvU8YhyE2O3+nr/LmwK2PFWW8Q ejZYf9HiQVYaoXH7hHlQuPfoKDd1z8zEC1w4z9ygltWySyPmTEXKk7qeJrSLMytE lZ7NmOs3+/UdclTGrCeRd8TTcOf4WDN/QKyYhqQEe+EA7bIaPI6FhuY+nbp/F4ri L5qImZNN0C8+GSSGz3pB2+du2ssaVYdSEnBV945RxDRj4Nkp+8YA6xFCwnNQ4p/Z Uc6seWWrQC8JeeaEZvdffK0uACewOv+KIvwE/UI5j41nLbdxpQ+jFxTW8Tngwdc/ K0SrsXgpTzEsvS0fg7XOkr/PAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUCDXtlIus c1586Fx1htgnTgvqwCcwHwYDVR0jBBgwFoAURH1Zg78NuRGtj9y2dBRfbFj4PNUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURFQjAxLzMyRUUwQTZFOTlF OTExRjA5NzhENDA3MkM0RjlBRTAyL1JIMVpnNzhOdVJHdGo5eTJkQlJmYkZqNFBO VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUkgxWmc3OE51Ukd0ajl5MmRCUmZiRmo0UE5VLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RUIwMS8zMkVFMEE2RTk5RTkxMUYwOTc4RDQwNzJDNEY5QUUwMi84RUE5OUE3MEI1 MzMxMUYwOUQ4ODZEMjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEA0p3QDANBgkqhkiG9w0BAQsFAAOCAQEAB2XUX0JgCDr9Ee0s tEU6d+5gsCggZULIL5FA1lPVBOsnAWDTBn8FbABRnqWYJ5tSM7IHDla8ClX1tmkL XQ50Vsg9Wov8Hxt2qAvL9MOFkCYZn3QTWqBlNKUUvCKgDAxfofjzVZnWj87N+ZOb 2FNkZsmPSNQFDj2iF4beoQJvBi+Gj7eieoDUrgCTK8U/v8zeqwQt7DZxbCmEgXlg xA2zES+apGHSjWFSG+0xwJZe90ukMZTlPagpA48ucE7b+kwCx8aZ+92pT3uz4taW gvWEIYBwNDtNfBmkBvEMKaVmJnSC7yLuTUJrNl5+YyedL8Xb8jGTKr+ubr7nG9j7 0TteVw== -----END CERTIFICATE-----Generated at Wed Nov 5 08:55:27 2025 by rpki-client