$ rpki-client -vvf rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/7AA2F5228F4411F0830D0B1EC4F9AE02.roa File: 7AA2F5228F4411F0830D0B1EC4F9AE02.roa (raw, json) Hash identifier: vQDu9wcINkcPzWdSO/DWuCCS5k2RLBjzO/0TA4C/YFM= Subject key identifier: 2D:F9:B2:44:B8:16:F1:D6:C1:CD:34:C1:B9:5F:7D:B5:F3:CD:D7:3D Certificate issuer: /CN=A916CDAC/serialNumber=DDFCA9D034945A5924116137D62877F0CE52BF1B Certificate serial: 14 Authority key identifier: DD:FC:A9:D0:34:94:5A:59:24:11:61:37:D6:28:77:F0:CE:52:BF:1B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3fyp0DSUWlkkEWE31ih38M5Svxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/7AA2F5228F4411F0830D0B1EC4F9AE02.roa Signing time: Fri 26 Sep 2025 06:22:41 +0000 ROA not before: Fri 26 Sep 2025 06:22:41 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 31898 IP address blocks: 140.83.32.0/21 maxlen: 21 140.83.40.0/22 maxlen: 22 140.83.44.0/22 maxlen: 22 140.83.48.0/20 maxlen: 20 140.83.80.0/21 maxlen: 21 140.83.94.0/24 maxlen: 24 140.83.95.0/24 maxlen: 24 146.56.32.0/20 maxlen: 20 146.56.48.0/21 maxlen: 21 146.56.61.0/24 maxlen: 24 146.56.96.0/20 maxlen: 20 146.56.112.0/21 maxlen: 21 146.56.120.0/22 maxlen: 22 146.56.124.0/22 maxlen: 22 146.56.128.0/18 maxlen: 18 146.56.178.0/24 maxlen: 24 161.118.128.0/19 maxlen: 19 161.118.160.0/19 maxlen: 19 161.118.192.0/18 maxlen: 18 192.188.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/3fyp0DSUWlkkEWE31ih38M5Svxs.crl rsync://rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/3fyp0DSUWlkkEWE31ih38M5Svxs.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3fyp0DSUWlkkEWE31ih38M5Svxs.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 14 Oct 2025 08:17:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916CDAC, serialNumber=DDFCA9D034945A5924116137D62877F0CE52BF1B Validity Not Before: Sep 26 06:22:41 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=68d63130-ffa9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:f5:f9:65:be:fd:15:fd:fd:68:f9:e5:72:99: c0:f9:fa:9c:79:e8:81:3c:f0:e7:7c:88:a7:b1:b9: 0f:ae:95:c4:74:fe:1e:e9:d8:71:61:1f:42:93:36: 3f:f6:06:e0:7c:0e:65:77:7b:92:83:ef:ff:14:9b: f9:ba:04:53:7c:db:94:06:06:ab:b4:d3:9e:c1:93: d4:f6:20:0d:79:29:af:fa:a1:34:4b:9d:e6:f0:8a: e5:65:67:b3:30:da:1c:6d:62:3e:82:83:a0:58:64: 0e:fc:e9:8a:60:ee:94:9c:bb:0b:30:58:50:38:6d: f9:0e:fb:b7:80:44:a5:98:aa:af:59:e2:f7:75:dd: 34:63:69:e2:e5:35:01:f9:30:b7:0f:a7:ea:5d:f3: 59:a0:04:30:17:76:99:82:8c:38:8c:56:cf:b6:35: af:48:86:fa:50:44:c7:31:9b:36:07:d6:90:31:75: 17:c4:5a:b6:58:7b:6a:72:99:20:a2:79:97:58:2d: 8f:d4:03:5c:2d:75:2b:f1:34:73:9d:2c:7c:d5:61: b4:74:73:44:15:7a:21:a8:62:bc:75:ca:44:b5:4e: a0:cc:0e:b0:87:6e:27:74:fa:ca:b2:9e:83:e6:ff: 19:7d:91:ea:a6:85:e3:75:bf:27:3b:79:8b:e5:de: 45:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:F9:B2:44:B8:16:F1:D6:C1:CD:34:C1:B9:5F:7D:B5:F3:CD:D7:3D X509v3 Authority Key Identifier: keyid:DD:FC:A9:D0:34:94:5A:59:24:11:61:37:D6:28:77:F0:CE:52:BF:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/3fyp0DSUWlkkEWE31ih38M5Svxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3fyp0DSUWlkkEWE31ih38M5Svxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916CDAC/78D593188F3911F08632A039C4F9AE02/7AA2F5228F4411F0830D0B1EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 140.83.32.0/19 140.83.80.0/21 140.83.94.0/23 146.56.32.0-146.56.55.255 146.56.61.0/24 146.56.96.0-146.56.191.255 161.118.128.0/17 192.188.171.0/24 Signature Algorithm: sha256WithRSAEncryption 5e:4b:58:7b:64:f3:aa:5d:d0:0b:0d:f1:73:fa:13:6c:3f:85: 6e:bf:e5:41:36:77:2c:c5:88:6f:54:4a:50:01:83:1f:50:9f: f3:4a:61:9e:47:42:38:62:2a:c9:38:bf:49:ac:2a:9e:17:66: d0:0e:9c:7f:db:3a:e3:2a:ec:8a:ea:17:a2:8f:43:d0:91:84: e3:9c:e3:81:6d:c9:d2:75:f0:1b:3f:c0:52:f1:66:26:ad:82: 05:e3:f8:ea:2b:81:3b:71:fd:47:48:fb:f2:cd:c1:2c:d3:5e: 89:5f:07:34:82:60:62:d1:5b:57:3c:5c:b7:59:e4:0f:43:dd: f3:92:f9:10:79:c7:94:19:84:e5:b7:7f:92:cd:7d:25:bb:0e: e8:13:28:8e:6d:65:47:9d:82:d3:79:bb:8b:3b:f8:8a:02:81: c0:d8:21:fd:4e:1d:b7:73:69:d4:b7:24:c7:4f:21:16:12:f7: c5:5a:10:a6:98:c2:fe:45:f6:15:9e:3b:52:d4:04:45:24:f3: 36:d0:67:41:01:1e:0d:31:f0:02:65:1f:f1:4c:65:4f:07:2b: bd:7c:b0:27:15:de:b7:f5:d7:0e:86:40:44:8d:ab:29:f4:eb: c6:c0:e6:91:9d:33:8a:49:c7:ee:48:e8:fc:cd:12:86:ac:cc: 3f:86:d8:4b -----BEGIN CERTIFICATE----- MIIFqjCCBJKgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 Q0RBQzExMC8GA1UEBRMoRERGQ0E5RDAzNDk0NUE1OTI0MTE2MTM3RDYyODc3RjBD RTUyQkYxQjAeFw0yNTA5MjYwNjIyNDFaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZDYzMTMwLWZmYTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDg9fllvv0V/f1o+eVymcD5+px56IE88Od8iKexuQ+ulcR0/h7p2HFhH0KTNj/2 BuB8DmV3e5KD7/8Um/m6BFN825QGBqu0057Bk9T2IA15Ka/6oTRLnebwiuVlZ7Mw 2hxtYj6Cg6BYZA786Ypg7pScuwswWFA4bfkO+7eARKWYqq9Z4vd13TRjaeLlNQH5 MLcPp+pd81mgBDAXdpmCjDiMVs+2Na9IhvpQRMcxmzYH1pAxdRfEWrZYe2pymSCi eZdYLY/UA1wtdSvxNHOdLHzVYbR0c0QVeiGoYrx1ykS1TqDMDrCHbid0+sqynoPm /xl9keqmheN1vyc7eYvl3kXvAgMBAAGjggLPMIICyzAdBgNVHQ4EFgQULfmyRLgW 8dbBzTTBuV99tfPN1z0wHwYDVR0jBBgwFoAU3fyp0DSUWlkkEWE31ih38M5Svxsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZDREFDLzc4RDU5MzE4OEYz OTExRjA4NjMyQTAzOUM0RjlBRTAyLzNmeXAwRFNVV2xra0VXRTMxaWgzOE01U3Z4 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvM2Z5cDBEU1VXbGtrRVdFMzFpaDM4TTVTdnhzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 Q0RBQy83OEQ1OTMxODhGMzkxMUYwODYzMkEwMzlDNEY5QUUwMi83QUEyRjUyMjhG NDQxMUYwODMwRDBCMUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBZBggrBgEFBQcBBwEB/wRK MEgwRgQCAAEwQAMEBYxTIAMEA4xTUAMEAYxTXjAMAwQFkjggAwQDkjgwAwQAkjg9 MAwDBAWSOGADBAaSOIADBAehdoADBADAvKswDQYJKoZIhvcNAQELBQADggEBAF5L WHtk86pd0AsN8XP6E2w/hW6/5UE2dyzFiG9USlABgx9Qn/NKYZ5HQjhiKsk4v0ms Kp4XZtAOnH/bOuMq7IrqF6KPQ9CRhOOc44FtydJ18Bs/wFLxZiatggXj+OorgTtx /UdI+/LNwSzTXolfBzSCYGLRW1c8XLdZ5A9D3fOS+RB5x5QZhOW3f5LNfSW7DugT KI5tZUedgtN5u4s7+IoCgcDYIf1OHbdzadS3JMdPIRYS98VaEKaYwv5F9hWeO1LU BEUk8zbQZ0EBHg0x8AJlH/FMZU8HK718sCcV3rf11w6GQESNqyn068bA5pGdM4pJ x+5I6PzNEoaszD+G2Es= -----END CERTIFICATE-----Generated at Thu Oct 9 01:02:12 2025 by rpki-client