$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/0D08636C75D611EB920B5162C4F9AE02.roa File: 0D08636C75D611EB920B5162C4F9AE02.roa (raw, json) Hash identifier: lNqOJJYDQvLu7DRWfBEiDCTTNbz1juAgLIKu2ZnWJwo= Subject key identifier: 17:A8:FE:E3:BF:60:46:73:ED:A0:3C:C0:47:2A:52:B4:55:91:44:80 Certificate issuer: /CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Certificate serial: 18BB Authority key identifier: 4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/0D08636C75D611EB920B5162C4F9AE02.roa Signing time: Tue 08 Jul 2025 17:25:54 +0000 ROA not before: Tue 08 Jul 2025 17:25:53 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 135026 IP address blocks: 119.8.16.0/24 maxlen: 24 119.8.17.0/24 maxlen: 24 119.8.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 09:15:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6331 (0x18bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678, serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Validity Not Before: Jul 8 17:25:53 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=686d54a1-9662 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:75:4f:06:83:54:e7:8c:0c:00:38:4f:95:38: c0:bc:d1:ab:b1:0f:07:a6:ee:1d:d7:aa:14:3b:a5: 93:ed:08:ab:24:25:e5:69:65:8d:79:a6:9b:3a:3c: ad:82:0d:5b:76:85:21:13:4b:c9:d5:49:51:d9:e6: 72:24:d4:d2:6c:47:15:4c:3e:4f:2f:55:17:36:75: 20:01:50:b2:d3:5e:48:75:e6:83:af:d0:5b:d6:1e: 3c:e4:cf:e4:62:3e:65:24:b7:6c:95:d9:b7:c9:47: ce:94:0a:e7:5e:4c:5e:d2:4a:f7:19:0b:5e:7f:e4: 4c:44:ca:99:2f:88:84:9a:8e:6d:39:4c:42:84:34: 2a:a6:bd:d7:96:3c:5b:45:fd:cf:f4:2d:9f:9f:e6: 43:77:36:49:ec:10:72:43:bc:69:c5:78:08:f7:1d: f1:a9:af:0e:5c:07:e8:c6:79:23:f8:29:9f:65:4d: 32:ad:c8:6c:f3:4b:c2:92:d5:c3:27:75:e4:4d:e5: 09:3c:a5:e1:8c:29:eb:8a:75:17:98:c8:31:2d:1e: be:ff:73:47:98:63:5c:1a:98:01:16:03:dc:5d:dd: f0:17:3d:ae:d0:0d:49:c2:b1:d7:30:78:d8:1e:f2: 45:8e:40:2f:dd:24:32:db:52:62:97:3b:7c:9b:da: 90:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:A8:FE:E3:BF:60:46:73:ED:A0:3C:C0:47:2A:52:B4:55:91:44:80 X509v3 Authority Key Identifier: keyid:4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/0D08636C75D611EB920B5162C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 119.8.16.0/23 119.8.20.0/24 Signature Algorithm: sha256WithRSAEncryption b7:86:43:11:e8:48:54:6c:9c:33:69:f4:b4:0a:69:98:8e:ea: b2:19:c5:dd:02:97:16:54:75:13:8d:4b:e1:73:b7:5d:99:4c: 1a:44:e6:91:05:6d:b2:5e:c3:f6:c0:c1:65:75:2d:94:32:2d: 6b:46:f3:4f:a5:8a:52:8b:b1:ba:5d:43:48:e7:2a:b3:12:5d: 75:c2:ad:31:34:25:4c:5f:d5:7c:a7:fd:7c:73:ac:67:59:08: f1:30:e6:d1:73:79:68:5e:76:09:ad:38:2c:5d:10:d1:08:ca: 2f:66:40:93:35:39:ec:dc:21:06:2c:ce:58:a6:51:ee:cc:a7: a0:b2:d2:c5:19:2e:61:65:a3:3f:60:d3:a8:0a:58:ee:08:31: 52:fb:b0:7e:c4:b9:31:6e:4f:2a:96:44:f8:78:8e:27:b3:fe: c2:6f:eb:2b:9d:c0:04:94:89:d9:1f:73:62:79:df:95:91:9e: da:35:0f:6a:70:48:ae:b8:4d:f0:00:fa:34:ed:cc:e4:13:5a: 06:23:4c:e0:be:31:1c:21:87:79:a4:fa:fa:8e:6b:2d:56:09: a9:5c:cc:c0:4c:62:3f:f1:85:5c:8c:d4:cb:97:38:c6:a5:66: 80:78:78:ba:38:b0:ac:c9:46:c8:ab:91:27:0f:1f:b6:97:85: 27:59:88:e2 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICGLswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlEQTBBREJFQzA2 NDI5RDg4QjgwHhcNMjUwNzA4MTcyNTUzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODZkNTRhMS05NjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu3VPBoNU54wMADhPlTjAvNGrsQ8Hpu4d16oUO6WT7QirJCXlaWWNeaabOjyt gg1bdoUhE0vJ1UlR2eZyJNTSbEcVTD5PL1UXNnUgAVCy015IdeaDr9Bb1h485M/k Yj5lJLdsldm3yUfOlArnXkxe0kr3GQtef+RMRMqZL4iEmo5tOUxChDQqpr3Xljxb Rf3P9C2fn+ZDdzZJ7BByQ7xpxXgI9x3xqa8OXAfoxnkj+CmfZU0yrchs80vCktXD J3XkTeUJPKXhjCnrinUXmMgxLR6+/3NHmGNcGpgBFgPcXd3wFz2u0A1JwrHXMHjY HvJFjkAv3SQy21Jilzt8m9qQMwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBeo/uO/ YEZz7aA8wEcqUrRVkUSAMB8GA1UdIwQYMBaAFE2wNdN0yEEs5oDZ2grb7AZCnYi4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC83MjU4M0FGQTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFTem1nTm5hQ3R2c0JrS2Rp TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RiQTEwM1RJUVN6bWdObmFDdHZzQmtLZGlMZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U2NzgvNzI1ODNBRkE2OTU3MTFFOEE0MkJFNjgwQzRGOUFFMDIvMEQwODYzNkM3 NUQ2MTFFQjkyMEI1MTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAF3CBADBAB3CBQwDQYJKoZIhvcNAQELBQADggEBALeGQxHo SFRsnDNp9LQKaZiO6rIZxd0ClxZUdRONS+Fzt12ZTBpE5pEFbbJew/bAwWV1LZQy LWtG80+lilKLsbpdQ0jnKrMSXXXCrTE0JUxf1Xyn/XxzrGdZCPEw5tFzeWhedgmt OCxdENEIyi9mQJM1OezcIQYszlimUe7Mp6Cy0sUZLmFloz9g06gKWO4IMVL7sH7E uTFuTyqWRPh4jiez/sJv6yudwASUidkfc2J535WRnto1D2pwSK64TfAA+jTtzOQT WgYjTOC+MRwhh3mk+vqOay1WCalczMBMYj/xhVyM1MuXOMalZoB4eLo4sKzJRsir kScPH7aXhSdZiOI= -----END CERTIFICATE-----Generated at Tue Jul 22 05:11:49 2025 by rpki-client