$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8903/D898265A8C1F11EDAE441D87C4F9AE02/5AFFB9E48C2211EDAE44DD87C4F9AE02.roa File: 5AFFB9E48C2211EDAE44DD87C4F9AE02.roa (raw, json) Hash identifier: O02+8DoVYrqp82jrhg6ArYQ301VXPfCVYWMKw9CBkgc= Subject key identifier: 69:2E:AE:FB:6D:7C:33:72:CB:31:CB:CE:8C:AA:1C:75:0D:18:E8:0F Certificate issuer: /CN=A91E8903/serialNumber=456AF5E5667DE248A9CF0CEB90C6D1B3D3ED6FA8 Certificate serial: 022D Authority key identifier: 45:6A:F5:E5:66:7D:E2:48:A9:CF:0C:EB:90:C6:D1:B3:D3:ED:6F:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RWr15WZ94kipzwzrkMbRs9Ptb6g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8903/D898265A8C1F11EDAE441D87C4F9AE02/5AFFB9E48C2211EDAE44DD87C4F9AE02.roa Signing time: Fri 31 Oct 2025 02:16:55 +0000 ROA not before: Fri 31 Oct 2025 02:16:55 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 131471 IP address blocks: 103.221.246.0/24 maxlen: 24 103.221.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8903/D898265A8C1F11EDAE441D87C4F9AE02/RWr15WZ94kipzwzrkMbRs9Ptb6g.crl rsync://rpki.apnic.net/member_repository/A91E8903/D898265A8C1F11EDAE441D87C4F9AE02/RWr15WZ94kipzwzrkMbRs9Ptb6g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RWr15WZ94kipzwzrkMbRs9Ptb6g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:20:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 557 (0x22d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8903, serialNumber=456AF5E5667DE248A9CF0CEB90C6D1B3D3ED6FA8 Validity Not Before: Oct 31 02:16:55 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=69041c16-46a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:6b:60:5f:06:a0:d0:86:f7:a3:36:a6:8a:c2: 4c:b8:0c:e9:82:e5:dc:a8:4c:6c:54:55:97:52:54: ec:70:5b:ad:18:ff:39:c9:6a:9f:ec:4e:7b:fc:d8: b7:25:c0:32:f4:98:15:08:ba:4c:d5:f3:ae:0e:0e: f3:a3:64:fb:87:d6:02:22:19:45:b3:ce:e1:9f:b3: ec:1d:61:b2:82:1e:b7:b0:7e:87:59:5e:95:f4:06: e1:10:2b:6a:6a:f0:41:c8:07:77:3f:d3:4e:dc:45: d6:22:b8:c0:9a:4b:76:11:9b:7a:e7:12:55:76:b3: 04:10:f0:27:4d:ac:01:fa:fc:fa:fc:0f:a2:76:90: 39:0d:91:40:99:58:8d:99:b1:e5:fa:a6:79:ef:68: 48:39:1a:68:f5:7e:46:51:63:78:9f:2e:42:a4:e9: ab:91:26:e7:7f:39:0c:98:13:04:65:4a:64:af:72: 30:5a:0b:ee:20:56:ee:b1:5e:91:40:ec:4f:54:c4: 40:68:2a:70:66:dc:9f:85:89:5c:4d:6e:b8:12:4f: 76:14:f5:5f:16:53:2e:dc:09:fa:db:03:05:e0:2c: dc:55:f1:14:62:74:37:e9:94:71:5c:62:96:e6:b9: d9:36:e4:5c:fd:2a:41:fe:f7:16:59:3f:1d:6d:a1: 0e:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:2E:AE:FB:6D:7C:33:72:CB:31:CB:CE:8C:AA:1C:75:0D:18:E8:0F X509v3 Authority Key Identifier: keyid:45:6A:F5:E5:66:7D:E2:48:A9:CF:0C:EB:90:C6:D1:B3:D3:ED:6F:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8903/D898265A8C1F11EDAE441D87C4F9AE02/RWr15WZ94kipzwzrkMbRs9Ptb6g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RWr15WZ94kipzwzrkMbRs9Ptb6g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8903/D898265A8C1F11EDAE441D87C4F9AE02/5AFFB9E48C2211EDAE44DD87C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.221.246.0/23 Signature Algorithm: sha256WithRSAEncryption 21:8c:4b:a6:bd:3b:45:39:43:cb:2e:32:7a:7c:d0:eb:5f:55: 73:f8:b6:26:c3:19:a9:6f:6d:6d:bd:ab:4d:d5:ae:3c:b5:4b: 5c:f1:b4:f0:94:59:84:db:dc:2c:13:b7:40:ec:35:5d:77:bf: 71:31:a0:36:fc:d1:13:14:1d:7d:d9:41:4b:55:5b:c0:e6:3f: 92:f9:fc:08:1b:1a:6a:5a:0b:69:bc:c4:a0:af:e3:ea:24:81: 69:14:9e:96:e6:37:37:28:a3:09:07:3b:c9:f4:e0:a7:e8:19: a7:c1:4d:c9:0f:26:9a:40:82:e7:a4:9f:e4:83:67:c0:63:6e: ad:29:dc:cd:3b:d0:dc:af:e9:f6:2f:7b:6c:ef:b7:09:d6:86: a9:e8:27:e0:87:bb:5e:18:e4:21:8c:d8:b3:8c:1c:22:c5:9f: 95:eb:2e:f6:55:e9:18:79:e2:9d:e7:21:17:8e:a6:16:22:c4: 54:9d:52:2a:3d:aa:7d:9e:f2:3c:db:af:9a:6b:26:dc:cc:7b: e7:41:76:21:5d:b9:a3:8b:0e:e8:1f:d7:79:44:bc:db:28:26: 50:11:69:0e:49:cb:7e:49:4e:d1:72:7f:4c:ef:92:4c:b9:88: 60:e3:c9:50:25:b3:90:2f:9e:53:cb:d1:fe:96:12:09:7c:82: c3:ab:10:35 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg5MDMxMTAvBgNVBAUTKDQ1NkFGNUU1NjY3REUyNDhBOUNGMENFQjkwQzZEMUIz RDNFRDZGQTgwHhcNMjUxMDMxMDIxNjU1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTA0MWMxNi00NmE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtWtgXwag0Ib3ozamisJMuAzpguXcqExsVFWXUlTscFutGP85yWqf7E57/Ni3 JcAy9JgVCLpM1fOuDg7zo2T7h9YCIhlFs87hn7PsHWGygh63sH6HWV6V9AbhECtq avBByAd3P9NO3EXWIrjAmkt2EZt65xJVdrMEEPAnTawB+vz6/A+idpA5DZFAmViN mbHl+qZ572hIORpo9X5GUWN4ny5CpOmrkSbnfzkMmBMEZUpkr3IwWgvuIFbusV6R QOxPVMRAaCpwZtyfhYlcTW64Ek92FPVfFlMu3An62wMF4CzcVfEUYnQ36ZRxXGKW 5rnZNuRc/SpB/vcWWT8dbaEO+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFGkurvtt fDNyyzHLzoyqHHUNGOgPMB8GA1UdIwQYMBaAFEVq9eVmfeJIqc8M65DG0bPT7W+o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODkwMy9EODk4MjY1QThD MUYxMUVEQUU0NDFEODdDNEY5QUUwMi9SV3IxNVdaOTRraXB6d3pya01iUnM5UHRi NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1JXcjE1V1o5NGtpcHp3enJrTWJSczlQdGI2Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTg5MDMvRDg5ODI2NUE4QzFGMTFFREFFNDQxRDg3QzRGOUFFMDIvNUFGRkI5RTQ4 QzIyMTFFREFFNDRERDg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFn3fYwDQYJKoZIhvcNAQELBQADggEBACGMS6a9O0U5Q8su Mnp80OtfVXP4tibDGalvbW29q03Vrjy1S1zxtPCUWYTb3CwTt0DsNV13v3ExoDb8 0RMUHX3ZQUtVW8DmP5L5/AgbGmpaC2m8xKCv4+okgWkUnpbmNzcoowkHO8n04Kfo GafBTckPJppAguekn+SDZ8Bjbq0p3M070Nyv6fYve2zvtwnWhqnoJ+CHu14Y5CGM 2LOMHCLFn5XrLvZV6Rh54p3nIReOphYixFSdUio9qn2e8jzbr5prJtzMe+dBdiFd uaOLDugf13lEvNsoJlARaQ5Jy35JTtFyf0zvkky5iGDjyVAls5AvnlPL0f6WEgl8 gsOrEDU= -----END CERTIFICATE-----Generated at Wed Nov 5 05:12:17 2025 by rpki-client