$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/0BD5724C3A3211EDA1B7D863C4F9AE02.roa File: 0BD5724C3A3211EDA1B7D863C4F9AE02.roa (raw, json) Hash identifier: GvJakzzk6/d7G+Vxt5rr4xnMS4OHrqYd4CORSpkPBhM= Subject key identifier: 0C:B7:0A:69:21:6B:EB:58:58:6F:C9:E1:D1:97:C7:83:AC:67:74:86 Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Certificate serial: 3911 Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/0BD5724C3A3211EDA1B7D863C4F9AE02.roa Signing time: Fri 04 Jul 2025 14:50:29 +0000 ROA not before: Fri 04 Jul 2025 14:50:29 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 139648 IP address blocks: 61.107.200.0/22 maxlen: 24 119.59.0.0/20 maxlen: 20 119.59.0.0/24 maxlen: 24 119.59.1.0/24 maxlen: 24 119.59.2.0/24 maxlen: 24 119.59.3.0/24 maxlen: 24 119.59.4.0/24 maxlen: 24 119.59.5.0/24 maxlen: 24 119.59.6.0/24 maxlen: 24 119.59.7.0/24 maxlen: 24 119.59.8.0/24 maxlen: 24 119.59.9.0/24 maxlen: 24 119.59.10.0/24 maxlen: 24 119.59.11.0/24 maxlen: 24 119.59.12.0/24 maxlen: 24 119.59.13.0/24 maxlen: 24 119.59.14.0/24 maxlen: 24 119.59.15.0/24 maxlen: 24 119.59.16.0/24 maxlen: 24 119.59.17.0/24 maxlen: 24 119.59.18.0/24 maxlen: 24 119.59.19.0/24 maxlen: 24 119.59.20.0/24 maxlen: 24 119.59.21.0/24 maxlen: 24 119.59.22.0/24 maxlen: 24 119.59.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 14:22:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14609 (0x3911) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149F3E, serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Validity Not Before: Jul 4 14:50:29 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6867ea34-10d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:2f:1a:12:fb:9a:23:86:24:ec:f2:d1:b4:8d: b2:b0:a4:b8:af:cd:96:ab:01:40:29:dd:53:14:bc: ad:c5:d1:0f:c9:0e:8a:b1:a7:ad:21:b1:93:42:ca: 54:28:af:7d:c5:de:d5:0d:6e:1e:cf:ab:d9:b5:83: 82:72:25:31:60:cb:9d:e9:77:f4:93:38:4d:53:35: 25:3f:49:27:f6:44:2f:4d:f6:20:1a:d7:68:7c:7d: 43:b5:eb:b9:26:a2:68:fe:55:d3:89:3d:7f:16:7e: 7c:4a:aa:06:91:80:16:7f:06:de:5c:ee:8e:4d:55: 27:3b:86:e0:49:61:b1:ad:18:62:5e:01:5f:49:17: 63:4e:d1:79:51:c9:c3:5e:e4:36:da:97:9b:28:98: d5:99:70:9f:93:15:77:74:e6:04:60:21:07:2c:e3: e0:c2:e2:0d:09:7e:04:36:ab:0d:c7:78:e7:d4:6e: 16:a2:ef:51:3d:be:a6:00:47:f1:5d:fa:5e:26:46: 15:cd:b7:47:ac:1a:1f:dc:d4:3e:3d:d5:0b:66:26: a8:87:b2:c2:8b:f2:34:a5:b7:79:20:cf:8b:0d:75: dc:64:1c:5a:de:6a:c2:57:63:39:f2:45:18:4a:56: 29:1f:96:6c:27:42:72:bb:22:49:72:15:0c:e8:4a: 2a:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:B7:0A:69:21:6B:EB:58:58:6F:C9:E1:D1:97:C7:83:AC:67:74:86 X509v3 Authority Key Identifier: keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/0BD5724C3A3211EDA1B7D863C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 61.107.200.0/22 119.59.0.0-119.59.23.255 Signature Algorithm: sha256WithRSAEncryption 6b:a7:ce:87:bf:44:4d:44:e4:82:9a:3d:bd:d7:c2:8e:28:bb: 64:ef:35:f2:fa:85:46:59:1f:49:b3:e4:60:16:34:b3:7b:e1: c2:d0:76:11:12:a4:0b:c9:8d:bf:7a:0b:44:96:8a:24:8d:89: de:9c:f4:fa:32:77:4d:ea:91:8b:ce:25:d1:ae:5b:8a:8a:a8: fe:4d:93:7a:ac:df:05:b2:87:c8:7d:66:54:93:08:17:e5:8e: 0f:ca:73:9f:ec:a6:8e:33:e0:51:42:b4:ed:15:76:4b:e3:b3: 45:34:d3:36:9c:c3:5e:74:bf:49:c4:61:4f:21:cf:f2:ad:25: 4b:16:ca:6a:ea:dc:76:2f:d2:dd:9c:d7:3b:dc:63:13:ec:27: 05:20:68:1d:bb:41:f2:89:d4:c2:8c:02:1b:1e:f3:ba:b1:60: 54:07:03:cc:f5:3b:08:e3:0d:93:83:da:c9:c3:6a:f9:6f:aa: 14:61:17:bc:a5:86:ae:07:93:21:e9:c0:e7:3e:65:3c:33:87: 3b:e5:b3:ab:23:9b:cc:9c:fa:23:5c:f3:54:40:e0:bd:c9:b7: c3:36:3f:97:be:16:ba:ad:2b:5d:fb:8a:41:a9:97:8a:27:89: 8d:a3:51:ea:a8:97:aa:54:bb:cc:3a:7f:96:8b:ef:d4:a5:e6: 97:ae:be:01 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgICOREwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG OURGN0M1NEIwHhcNMjUwNzA0MTQ1MDI5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY3ZWEzNC0xMGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0C8aEvuaI4Yk7PLRtI2ysKS4r82WqwFAKd1TFLytxdEPyQ6KsaetIbGTQspU KK99xd7VDW4ez6vZtYOCciUxYMud6Xf0kzhNUzUlP0kn9kQvTfYgGtdofH1Dteu5 JqJo/lXTiT1/Fn58SqoGkYAWfwbeXO6OTVUnO4bgSWGxrRhiXgFfSRdjTtF5UcnD XuQ22pebKJjVmXCfkxV3dOYEYCEHLOPgwuINCX4ENqsNx3jn1G4Wou9RPb6mAEfx XfpeJkYVzbdHrBof3NQ+PdULZiaoh7LCi/I0pbd5IM+LDXXcZBxa3mrCV2M58kUY SlYpH5ZsJ0JyuyJJchUM6EoqqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAy3Cmkh a+tYWG/J4dGXx4OsZ3SGMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4 VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvMEJENTcyNEMz QTMyMTFFREExQjdEODYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E HTAbMBkEAgABMBMDBAI9a8gwCwMDAHc7AwQDdzsQMA0GCSqGSIb3DQEBCwUAA4IB AQBrp86Hv0RNROSCmj2918KOKLtk7zXy+oVGWR9Js+RgFjSze+HC0HYREqQLyY2/ egtElookjYnenPT6MndN6pGLziXRrluKiqj+TZN6rN8FsofIfWZUkwgX5Y4PynOf 7KaOM+BRQrTtFXZL47NFNNM2nMNedL9JxGFPIc/yrSVLFspq6tx2L9LdnNc73GMT 7CcFIGgdu0HyidTCjAIbHvO6sWBUBwPM9TsI4w2Tg9rJw2r5b6oUYRe8pYauB5Mh 6cDnPmU8M4c75bOrI5vMnPojXPNUQOC9ybfDNj+Xvha6rStd+4pBqZeKJ4mNo1Hq qJeqVLvMOn+Wi+/UpeaXrr4B -----END CERTIFICATE-----Generated at Mon Jul 21 18:11:38 2025 by rpki-client