$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA623/D3167F0A060C11ECAF675043C4F9AE02/C6212596B5FF11F0A3F6A41AC4F9AE02.roa File: C6212596B5FF11F0A3F6A41AC4F9AE02.roa (raw, json) Hash identifier: dLroQstuUWWHmwVK5ZuVa5vVeBr08ixLMCdD4jTJFpA= Subject key identifier: 4A:71:7A:72:5A:08:93:E9:AB:90:BB:C2:FE:BE:FC:7D:C1:89:25:79 Certificate issuer: /CN=A91EA623/serialNumber=D12FF5BDE5D4D2EA7188CB002C7FF016DC994D72 Certificate serial: 0560 Authority key identifier: D1:2F:F5:BD:E5:D4:D2:EA:71:88:CB:00:2C:7F:F0:16:DC:99:4D:72 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0S_1veXU0upxiMsALH_wFtyZTXI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA623/D3167F0A060C11ECAF675043C4F9AE02/C6212596B5FF11F0A3F6A41AC4F9AE02.roa Signing time: Fri 31 Oct 2025 02:17:39 +0000 ROA not before: Fri 31 Oct 2025 02:17:39 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 4058 IP address blocks: 152.101.5.0/24 maxlen: 24 152.101.25.0/24 maxlen: 24 152.101.26.0/24 maxlen: 24 152.101.27.0/24 maxlen: 24 152.101.32.0/24 maxlen: 24 152.101.50.0/24 maxlen: 24 152.101.174.0/24 maxlen: 24 152.101.185.0/24 maxlen: 24 152.101.186.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA623/D3167F0A060C11ECAF675043C4F9AE02/0S_1veXU0upxiMsALH_wFtyZTXI.crl rsync://rpki.apnic.net/member_repository/A91EA623/D3167F0A060C11ECAF675043C4F9AE02/0S_1veXU0upxiMsALH_wFtyZTXI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0S_1veXU0upxiMsALH_wFtyZTXI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:26:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1376 (0x560) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA623, serialNumber=D12FF5BDE5D4D2EA7188CB002C7FF016DC994D72 Validity Not Before: Oct 31 02:17:39 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=69041c43-9c64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f2:d3:5f:49:11:71:6b:11:cc:bf:77:35:e2: bb:3d:32:a5:c3:36:59:d8:dd:d7:56:5c:4e:70:5e: 43:f6:2a:74:db:08:3e:36:b8:bb:c1:df:04:f7:ed: ea:a9:92:64:5b:79:f9:25:aa:8b:33:41:a1:37:bc: 45:5a:ad:07:3d:63:dc:9a:46:56:9f:bd:13:b8:1a: fc:89:c6:c4:60:38:4b:37:24:31:98:1a:0c:51:bb: 7d:53:b8:19:a3:95:ba:48:64:6b:a6:97:3f:67:4f: d3:1f:3c:78:6e:f6:d1:24:7e:55:fb:d6:57:db:11: ac:46:59:a6:95:e9:fa:66:55:46:2f:09:d7:ff:74: 29:79:a9:76:75:f5:fa:ba:72:58:cd:1f:87:bc:70: b8:22:6d:46:39:93:8f:08:ce:d1:48:b6:aa:ab:06: 95:b6:85:42:57:80:f9:e9:aa:77:18:66:5f:c1:32: 13:53:cb:ed:87:89:67:10:42:1d:e7:50:47:07:ac: 9b:ad:a3:78:e5:62:82:7d:0e:2a:f1:16:ef:e6:7c: 47:a2:7d:fb:31:dc:59:bf:18:f3:2b:9c:07:60:53: 90:d7:4b:37:33:6a:e3:61:98:01:61:e9:8a:e2:6e: aa:fa:7b:48:a5:a0:5d:e4:e6:9e:d7:b9:7a:28:12: b6:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:71:7A:72:5A:08:93:E9:AB:90:BB:C2:FE:BE:FC:7D:C1:89:25:79 X509v3 Authority Key Identifier: keyid:D1:2F:F5:BD:E5:D4:D2:EA:71:88:CB:00:2C:7F:F0:16:DC:99:4D:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA623/D3167F0A060C11ECAF675043C4F9AE02/0S_1veXU0upxiMsALH_wFtyZTXI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0S_1veXU0upxiMsALH_wFtyZTXI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA623/D3167F0A060C11ECAF675043C4F9AE02/C6212596B5FF11F0A3F6A41AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 152.101.5.0/24 152.101.25.0-152.101.27.255 152.101.32.0/24 152.101.50.0/24 152.101.174.0/24 152.101.185.0-152.101.186.255 Signature Algorithm: sha256WithRSAEncryption 66:2b:19:07:a6:00:63:3a:0a:6f:fd:be:ce:19:3b:2f:db:8c: 29:c6:5a:a8:b8:de:a4:ef:43:35:21:bd:ab:67:e6:61:79:1d: c2:f2:40:53:63:61:4f:d7:c4:ea:c5:59:31:cc:df:58:4e:1c: 91:5c:a4:42:e9:ce:2b:f9:28:cd:18:f6:ce:d5:87:90:18:a1: 97:d4:71:1e:b5:46:8f:91:59:b8:9d:db:17:e0:b3:85:ee:24: 90:be:85:e4:17:d6:e5:27:82:70:1f:15:2f:cf:aa:f8:18:04: 6f:d9:53:0c:31:37:d6:0b:81:8b:df:8d:94:e1:6d:17:91:73: 60:c6:90:40:92:31:28:35:d6:65:c7:38:fa:1c:19:96:3b:05: f3:8f:f0:8f:60:f7:ec:78:f5:6d:8d:7b:c9:a5:57:e5:25:bc: 17:67:90:6b:89:a2:7a:32:ab:73:06:7e:51:a8:ab:aa:d1:50: 64:28:67:26:d3:ca:a6:b8:45:97:4a:a2:dc:04:38:ca:11:2b: 9f:1c:1e:08:21:26:b4:df:25:a5:13:db:a7:da:f2:f1:65:f6: ad:3a:10:7c:14:67:82:cc:32:ba:55:ef:32:49:5e:e8:53:ea: cd:02:98:24:93:67:6b:1c:02:8a:42:0a:6b:38:42:43:e2:ca: fa:7c:bc:58 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICBWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE2MjMxMTAvBgNVBAUTKEQxMkZGNUJERTVENEQyRUE3MTg4Q0IwMDJDN0ZGMDE2 REM5OTRENzIwHhcNMjUxMDMxMDIxNzM5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTA0MWM0My05YzY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtvLTX0kRcWsRzL93NeK7PTKlwzZZ2N3XVlxOcF5D9ip02wg+Nri7wd8E9+3q qZJkW3n5JaqLM0GhN7xFWq0HPWPcmkZWn70TuBr8icbEYDhLNyQxmBoMUbt9U7gZ o5W6SGRrppc/Z0/THzx4bvbRJH5V+9ZX2xGsRlmmlen6ZlVGLwnX/3Qpeal2dfX6 unJYzR+HvHC4Im1GOZOPCM7RSLaqqwaVtoVCV4D56ap3GGZfwTITU8vth4lnEEId 51BHB6ybraN45WKCfQ4q8Rbv5nxHon37MdxZvxjzK5wHYFOQ10s3M2rjYZgBYemK 4m6q+ntIpaBd5Oae17l6KBK2dQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFEpxenJa CJPpq5C7wv6+/H3BiSV5MB8GA1UdIwQYMBaAFNEv9b3l1NLqcYjLACx/8BbcmU1y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTYyMy9EMzE2N0YwQTA2 MEMxMUVDQUY2NzUwNDNDNEY5QUUwMi8wU18xdmVYVTB1cHhpTXNBTEhfd0Z0eVpU WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzBTXzF2ZVhVMHVweGlNc0FMSF93RnR5WlRYSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUE2MjMvRDMxNjdGMEEwNjBDMTFFQ0FGNjc1MDQzQzRGOUFFMDIvQzYyMTI1OTZC NUZGMTFGMEEzRjZBNDFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MDoEAgABMDQDBACYZQUwDAMEAJhlGQMEAphlGAMEAJhlIAMEAJhlMgMEAJhl rjAMAwQAmGW5AwQAmGW6MA0GCSqGSIb3DQEBCwUAA4IBAQBmKxkHpgBjOgpv/b7O GTsv24wpxlqouN6k70M1Ib2rZ+ZheR3C8kBTY2FP18TqxVkxzN9YThyRXKRC6c4r +SjNGPbO1YeQGKGX1HEetUaPkVm4ndsX4LOF7iSQvoXkF9blJ4JwHxUvz6r4GARv 2VMMMTfWC4GL342U4W0XkXNgxpBAkjEoNdZlxzj6HBmWOwXzj/CPYPfsePVtjXvJ pVflJbwXZ5BriaJ6MqtzBn5RqKuq0VBkKGcm08qmuEWXSqLcBDjKESufHB4IISa0 3yWlE9un2vLxZfatOhB8FGeCzDK6Ve8ySV7oU+rNApgkk2drHAKKQgprOEJD4sr6 fLxY -----END CERTIFICATE-----Generated at Wed Nov 5 02:36:33 2025 by rpki-client