$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/4E9A620EAEBB11EA8A15501DC4F9AE02.roa File: 4E9A620EAEBB11EA8A15501DC4F9AE02.roa (raw, json) Hash identifier: 2DolnXJBa1dVi3xWVBBmVSYEKfwjeICKQKWX/IMK8Po= Subject key identifier: A0:9A:F6:B5:88:C7:67:97:2B:12:FB:D1:0C:EA:7A:FD:C4:85:4B:1A Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C Certificate serial: 39D7 Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/4E9A620EAEBB11EA8A15501DC4F9AE02.roa Signing time: Mon 14 Jul 2025 14:50:43 +0000 ROA not before: Mon 14 Jul 2025 14:50:43 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 15133 IP address blocks: 119.46.85.0/24 maxlen: 24 2001:fb0:109f:8005::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 14:20:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14807 (0x39d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9137ABC, serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C Validity Not Before: Jul 14 14:50:43 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68751943-3b2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:60:77:78:1d:3d:0f:f7:c1:89:c1:bc:3d:b0: 13:3e:16:00:10:ec:19:31:ec:01:e0:58:a4:b1:0e: fb:4b:61:a8:35:16:23:92:ad:ac:ed:10:11:d0:55: 7b:d0:b8:e0:59:70:37:62:45:29:5b:97:47:3b:a1: 0a:96:4b:43:1b:9c:d0:21:f9:44:84:37:38:02:24: a9:4f:4b:2a:3e:d9:a0:00:0d:43:3d:f1:8e:f4:5b: 3d:e5:8a:6d:da:89:61:a8:85:78:d7:69:46:be:c7: ac:e0:78:1c:f6:39:3c:4a:db:89:3e:e2:db:dd:e4: 27:86:43:ba:8c:d2:4f:d6:2d:ef:09:45:08:b2:1f: ea:3e:45:98:b9:e9:f4:2e:5d:ac:54:e6:e5:52:4d: 93:0d:92:33:51:d0:41:a3:9c:60:46:76:f2:70:9c: a5:ab:d9:e1:86:0a:a2:cb:89:e2:cf:b5:28:3d:52: 15:a0:a4:29:7c:31:2e:78:7b:e9:ab:32:14:da:34: 5a:27:54:4a:61:e7:23:6a:e7:98:72:3c:08:d7:07: c5:02:ab:95:09:87:00:b0:0d:88:68:3d:cb:7e:62: be:57:2d:2d:35:7c:86:ba:01:8d:da:a4:aa:dd:bb: 89:83:6c:60:73:68:dd:e8:8e:ca:33:f0:3c:26:36: 1b:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:9A:F6:B5:88:C7:67:97:2B:12:FB:D1:0C:EA:7A:FD:C4:85:4B:1A X509v3 Authority Key Identifier: keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/4E9A620EAEBB11EA8A15501DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 119.46.85.0/24 IPv6: 2001:fb0:109f:8005::/64 Signature Algorithm: sha256WithRSAEncryption aa:a8:ce:6b:32:59:d8:cc:39:ad:d2:7e:eb:ad:e5:97:a9:93: 49:36:9e:4f:9e:1e:60:88:2e:2a:1e:64:f9:86:76:f5:16:c5: 32:99:ff:e2:6b:c1:1f:80:3f:fa:32:8e:8c:ec:b2:7e:f3:fb: 9d:50:e0:aa:e9:c0:53:de:fc:c6:a0:b6:b1:df:14:4a:6f:63: cb:3c:13:4a:b0:63:86:3e:5c:60:c5:a1:46:05:79:77:64:fc: fa:ee:67:88:c1:56:d7:af:fe:ee:cf:1b:0c:96:10:75:52:72: bb:a1:82:e6:59:38:09:98:7a:7b:95:74:46:84:ae:2f:30:5d: 46:d4:09:f2:70:85:c2:7b:ce:50:1e:98:5f:20:1f:25:26:72: d9:f8:51:83:44:6b:49:f1:7e:e7:23:bc:ae:fd:b4:2f:e5:03: 6c:87:a5:3e:39:31:fd:47:47:73:aa:8d:0d:d7:56:7a:20:14: ff:6a:68:69:9c:42:6e:16:7b:ec:0a:5c:7e:dc:78:c0:65:79: 89:4b:ea:d4:5e:c8:f1:f5:fd:59:0a:fa:1e:88:0f:3d:c5:e8: b5:54:ab:51:75:21:40:4b:c9:27:4e:fc:ff:3a:6e:7a:76:0e: 86:bb:b1:55:18:b0:c6:fc:d8:82:5c:55:57:ac:9d:f7:a4:7d: 2e:89:ca:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICOdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB NDM3QUYwMkMwHhcNMjUwNzE0MTQ1MDQzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODc1MTk0My0zYjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuWB3eB09D/fBicG8PbATPhYAEOwZMewB4FiksQ77S2GoNRYjkq2s7RAR0FV7 0LjgWXA3YkUpW5dHO6EKlktDG5zQIflEhDc4AiSpT0sqPtmgAA1DPfGO9Fs95Ypt 2olhqIV412lGvses4Hgc9jk8StuJPuLb3eQnhkO6jNJP1i3vCUUIsh/qPkWYuen0 Ll2sVOblUk2TDZIzUdBBo5xgRnbycJylq9nhhgqiy4niz7UoPVIVoKQpfDEueHvp qzIU2jRaJ1RKYecjaueYcjwI1wfFAquVCYcAsA2IaD3LfmK+Vy0tNXyGugGN2qSq 3buJg2xgc2jd6I7KM/A8JjYbDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKCa9rWI x2eXKxL70Qzqev3EhUsaMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4 Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNEU5QTYyMEVB RUJCMTFFQThBMTU1MDFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQcBAf8E IzAhMAwEAgABMAYDBAB3LlUwEQQCAAIwCwMJACABD7AQn4AFMA0GCSqGSIb3DQEB CwUAA4IBAQCqqM5rMlnYzDmt0n7rreWXqZNJNp5Pnh5giC4qHmT5hnb1FsUymf/i a8EfgD/6Mo6M7LJ+8/udUOCq6cBT3vzGoLax3xRKb2PLPBNKsGOGPlxgxaFGBXl3 ZPz67meIwVbXr/7uzxsMlhB1UnK7oYLmWTgJmHp7lXRGhK4vMF1G1AnycIXCe85Q HphfIB8lJnLZ+FGDRGtJ8X7nI7yu/bQv5QNsh6U+OTH9R0dzqo0N11Z6IBT/amhp nEJuFnvsClx+3HjAZXmJS+rUXsjx9f1ZCvoeiA89xei1VKtRdSFAS8knTvz/Om56 dg6Gu7FVGLDG/NiCXFVXrJ33pH0uicpW -----END CERTIFICATE-----Generated at Mon Jul 21 12:44:22 2025 by rpki-client