$ rpki-client -vvf rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/7E847B60998D11EEB9881356C4F9AE02.roa File: 7E847B60998D11EEB9881356C4F9AE02.roa (raw, json) Hash identifier: m7qVjApLjSS3xFS82auNn6PoE/p21+0h7EKugXT/tVU= Subject key identifier: 32:56:13:EC:94:B6:D4:20:18:1A:25:6B:A8:FF:E2:83:78:28:AB:FE Certificate issuer: /CN=A914B5BD/serialNumber=22E81B327CB1FB3501E05AFAB94121918FDB5B5E Certificate serial: 1870 Authority key identifier: 22:E8:1B:32:7C:B1:FB:35:01:E0:5A:FA:B9:41:21:91:8F:DB:5B:5E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/7E847B60998D11EEB9881356C4F9AE02.roa Signing time: Tue 22 Jul 2025 13:44:09 +0000 ROA not before: Tue 22 Jul 2025 13:44:09 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 134512 IP address blocks: 43.239.140.0/22 maxlen: 22 43.239.140.0/24 maxlen: 24 43.239.141.0/24 maxlen: 24 43.239.142.0/24 maxlen: 24 43.239.143.0/24 maxlen: 24 103.71.172.0/22 maxlen: 22 103.71.172.0/24 maxlen: 24 103.71.173.0/24 maxlen: 24 103.71.174.0/24 maxlen: 24 103.71.175.0/24 maxlen: 24 103.194.168.0/24 maxlen: 24 103.194.169.0/24 maxlen: 24 103.194.170.0/24 maxlen: 24 103.194.171.0/24 maxlen: 24 103.248.52.0/24 maxlen: 24 103.248.53.0/24 maxlen: 24 103.248.54.0/24 maxlen: 24 103.248.55.0/24 maxlen: 24 103.252.220.0/22 maxlen: 22 103.252.220.0/24 maxlen: 24 103.252.221.0/24 maxlen: 24 103.252.222.0/24 maxlen: 24 103.252.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.crl rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 16:39:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6256 (0x1870) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914B5BD, serialNumber=22E81B327CB1FB3501E05AFAB94121918FDB5B5E Validity Not Before: Jul 22 13:44:09 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=687f95a9-e576 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:e2:07:90:47:25:c5:bc:10:43:9b:32:11:dc: 5e:54:21:02:42:e1:dd:3e:a3:3e:17:9a:d9:22:78: 9b:fe:22:b2:23:de:c0:36:fb:50:4c:51:53:92:46: 18:8d:5c:dd:58:03:b2:c3:2f:8d:93:20:95:0d:53: 76:fe:95:e6:44:37:d2:ce:58:71:ce:a5:6b:f6:54: 23:9b:96:42:3e:ac:2e:8d:29:61:4d:15:71:5a:b0: 83:f0:e8:15:45:d8:c7:a4:fb:98:41:13:a6:fe:3b: 62:88:4a:f5:b3:d4:c3:06:b1:63:74:2e:bd:66:27: 13:c7:55:f1:5e:2c:92:47:d4:b6:9c:34:13:57:28: d5:e7:16:20:92:1c:a8:bb:08:15:0f:9d:69:4a:a9: 54:96:25:bc:37:36:f8:05:9f:b8:29:e4:4c:57:b4: 66:09:f4:76:ac:4f:2b:17:af:11:21:bb:7d:17:67: 0e:ab:7c:29:59:2c:de:56:e6:03:10:79:0a:fd:1c: 0c:46:2b:c8:f8:a4:0f:60:8d:e0:29:14:4f:ce:67: 64:99:5d:40:a6:3a:f0:0b:28:dc:e0:06:b1:29:3c: a1:13:fb:96:86:e1:d2:8b:34:3b:1e:24:f1:1e:26: 43:f8:1e:93:e8:1f:53:c5:64:6d:ef:d7:e3:87:a1: fc:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:56:13:EC:94:B6:D4:20:18:1A:25:6B:A8:FF:E2:83:78:28:AB:FE X509v3 Authority Key Identifier: keyid:22:E8:1B:32:7C:B1:FB:35:01:E0:5A:FA:B9:41:21:91:8F:DB:5B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/7E847B60998D11EEB9881356C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.140.0/22 103.71.172.0/22 103.194.168.0/22 103.248.52.0/22 103.252.220.0/22 Signature Algorithm: sha256WithRSAEncryption 36:3a:26:8e:d4:27:d8:46:3a:c5:3e:f8:6d:aa:1b:65:3a:58: 24:97:4a:47:0f:ad:81:41:f2:fb:9c:59:a3:02:34:21:50:fd: c1:fd:1d:1a:63:75:48:f4:f8:6b:de:e7:c8:cd:c5:0b:51:8e: 2c:85:37:3f:8c:19:9c:2c:df:84:52:7f:0c:da:83:c0:0e:c2: 76:dd:e3:0d:9d:6c:d9:ee:38:62:8c:9a:66:bd:b8:5e:80:0b: 8c:b0:61:33:d8:fa:74:05:b7:f1:4a:ee:47:c3:fc:fe:79:38: 00:ac:36:67:9d:53:67:ce:b6:a9:f8:e4:26:a2:af:3d:61:c5: 15:c8:68:2b:6a:ba:28:dc:57:7e:84:fe:2c:e3:a6:86:1f:3e: 62:b2:d2:7d:6b:0e:8b:22:3f:9b:9b:b2:9a:8f:b5:4d:c5:24: 88:07:2a:84:80:53:39:e3:77:f6:f0:6c:9b:2a:f4:3e:a4:21: 46:bf:20:08:5b:68:37:7a:46:17:26:d0:37:af:de:38:88:f5: f3:d2:8d:ca:3b:53:4b:af:fb:31:89:fe:7b:83:0b:5c:fd:e0: 53:b1:ed:d1:e6:18:b4:fd:de:05:81:1c:71:06:08:cc:4a:c4: 58:c6:c5:f6:50:b1:79:f1:57:8f:b6:fd:cb:b6:8e:db:90:85: 32:46:19:6e -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICGHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEI1QkQxMTAvBgNVBAUTKDIyRTgxQjMyN0NCMUZCMzUwMUUwNUFGQUI5NDEyMTkx OEZEQjVCNUUwHhcNMjUwNzIyMTM0NDA5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODdmOTVhOS1lNTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3+IHkEclxbwQQ5syEdxeVCECQuHdPqM+F5rZInib/iKyI97ANvtQTFFTkkYY jVzdWAOywy+NkyCVDVN2/pXmRDfSzlhxzqVr9lQjm5ZCPqwujSlhTRVxWrCD8OgV RdjHpPuYQROm/jtiiEr1s9TDBrFjdC69ZicTx1XxXiySR9S2nDQTVyjV5xYgkhyo uwgVD51pSqlUliW8Nzb4BZ+4KeRMV7RmCfR2rE8rF68RIbt9F2cOq3wpWSzeVuYD EHkK/RwMRivI+KQPYI3gKRRPzmdkmV1ApjrwCyjc4AaxKTyhE/uWhuHSizQ7HiTx HiZD+B6T6B9TxWRt79fjh6H8awIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFDJWE+yU ttQgGBola6j/4oN4KKv+MB8GA1UdIwQYMBaAFCLoGzJ8sfs1AeBa+rlBIZGP21te MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QjVCRC8zM0NCMTE3QUI1 QTkxMUU3OUM3NENCNzJDNEY5QUUwMi9JdWdiTW55eC16VUI0RnI2dVVFaGtZX2JX MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0l1Z2JNbnl4LXpVQjRGcjZ1VUVoa1lfYlcxNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEI1QkQvMzNDQjExN0FCNUE5MTFFNzlDNzRDQjcyQzRGOUFFMDIvN0U4NDdCNjA5 OThEMTFFRUI5ODgxMzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAIr74wDBAJnR6wDBAJnwqgDBAJn+DQDBAJn/NwwDQYJKoZI hvcNAQELBQADggEBADY6Jo7UJ9hGOsU++G2qG2U6WCSXSkcPrYFB8vucWaMCNCFQ /cH9HRpjdUj0+Gve58jNxQtRjiyFNz+MGZws34RSfwzag8AOwnbd4w2dbNnuOGKM mma9uF6AC4ywYTPY+nQFt/FK7kfD/P55OACsNmedU2fOtqn45Cairz1hxRXIaCtq uijcV36E/izjpoYfPmKy0n1rDosiP5ubspqPtU3FJIgHKoSAUznjd/bwbJsq9D6k IUa/IAhbaDd6Rhcm0Dev3jiI9fPSjco7U0uv+zGJ/nuDC1z94FOx7dHmGLT93gWB HHEGCMxKxFjGxfZQsXnxV4+2/cu2jtuQhTJGGW4= -----END CERTIFICATE-----Generated at Wed Jul 23 02:30:12 2025 by rpki-client