$ rpki-client -vvf rpki.apnic.net/member_repository/A919318C/CE9B09EE615411F0BB50FA37C4F9AE02/99DC33DA621D11F0B3B28C17C4F9AE02.roa File: 99DC33DA621D11F0B3B28C17C4F9AE02.roa (raw, json) Hash identifier: 9kelna+bn4AOokX7+VNhCMprSYcOppK0alNOtL2P1j4= Subject key identifier: A6:02:43:3F:C4:77:73:A6:58:2D:98:5A:B5:B2:51:99:7F:AA:7D:5D Certificate issuer: /CN=A919318C/serialNumber=BE4301E2A40B4F6A47E185A6757D9A6E8D7C7442 Certificate serial: 0A Authority key identifier: BE:43:01:E2:A4:0B:4F:6A:47:E1:85:A6:75:7D:9A:6E:8D:7C:74:42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkMB4qQLT2pH4YWmdX2abo18dEI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919318C/CE9B09EE615411F0BB50FA37C4F9AE02/99DC33DA621D11F0B3B28C17C4F9AE02.roa Signing time: Thu 17 Jul 2025 06:57:29 +0000 ROA not before: Thu 17 Jul 2025 06:57:29 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 24315 IP address blocks: 203.18.248.0/24 maxlen: 24 203.18.249.0/24 maxlen: 24 203.18.250.0/24 maxlen: 24 203.18.251.0/24 maxlen: 24 203.18.252.0/24 maxlen: 24 203.18.253.0/24 maxlen: 24 203.18.254.0/24 maxlen: 24 203.18.255.0/24 maxlen: 24 2001:df5:df40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919318C/CE9B09EE615411F0BB50FA37C4F9AE02/vkMB4qQLT2pH4YWmdX2abo18dEI.crl rsync://rpki.apnic.net/member_repository/A919318C/CE9B09EE615411F0BB50FA37C4F9AE02/vkMB4qQLT2pH4YWmdX2abo18dEI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkMB4qQLT2pH4YWmdX2abo18dEI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 08:29:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10 (0xa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919318C, serialNumber=BE4301E2A40B4F6A47E185A6757D9A6E8D7C7442 Validity Not Before: Jul 17 06:57:29 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68789ed8-727b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:82:7c:78:ba:fc:29:29:59:71:46:a6:47:f1: 27:52:bc:96:aa:1d:19:66:d7:0e:29:0d:f3:bf:1d: ce:84:cd:a4:e5:39:27:3e:f8:43:e3:23:08:a3:4a: 2d:bb:1b:e4:32:9e:8f:bb:ad:e4:2c:9f:06:e5:9e: 9a:12:14:ed:82:74:94:53:f5:27:e3:67:ec:57:02: f7:9c:8c:4f:93:70:dd:e5:3e:90:1b:38:d9:b3:1a: de:c6:c2:25:86:3a:80:33:06:2c:e4:2f:29:08:a0: 75:5a:c3:71:2b:2b:e1:e6:84:1a:49:c6:c9:32:fe: 47:d0:6e:6d:74:71:91:0b:4b:4c:3a:f2:73:5f:1b: 1c:77:0e:78:ca:c2:4a:02:4c:60:13:52:a0:38:8e: 46:10:91:15:24:98:bd:26:a9:80:45:8e:cc:f8:03: 53:1c:e8:ea:bf:01:c0:44:2b:17:d8:57:9a:d3:85: dc:0d:45:76:b6:97:54:e7:0c:8b:f9:94:13:94:59: 9c:f4:bb:1f:b1:1c:f8:22:88:90:40:5b:f2:67:20: af:4f:58:29:21:f0:ef:9f:96:4f:05:ca:bd:23:58: 59:ff:d7:1a:c5:46:a4:93:d5:34:97:ed:c9:73:76: 66:07:a2:b1:60:16:08:d6:52:b6:de:04:e5:d4:8e: 50:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:02:43:3F:C4:77:73:A6:58:2D:98:5A:B5:B2:51:99:7F:AA:7D:5D X509v3 Authority Key Identifier: keyid:BE:43:01:E2:A4:0B:4F:6A:47:E1:85:A6:75:7D:9A:6E:8D:7C:74:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919318C/CE9B09EE615411F0BB50FA37C4F9AE02/vkMB4qQLT2pH4YWmdX2abo18dEI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkMB4qQLT2pH4YWmdX2abo18dEI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919318C/CE9B09EE615411F0BB50FA37C4F9AE02/99DC33DA621D11F0B3B28C17C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.18.248.0/21 IPv6: 2001:df5:df40::/48 Signature Algorithm: sha256WithRSAEncryption 51:c0:ec:e4:cf:a3:63:54:1e:d6:3c:8b:4b:2e:61:c2:b1:56: 53:94:40:91:10:32:d2:32:52:a9:2a:c2:24:fd:df:e0:a0:d8: c2:9e:f9:ad:23:eb:4f:91:36:03:d6:5b:9c:3c:b7:9d:e4:a8: a1:b0:f0:c7:4d:c5:2f:c3:e6:64:56:de:f1:27:e6:f2:7d:d9: 38:a7:13:42:c0:74:0f:5f:76:83:7c:e7:5b:d7:fa:34:a8:73: 2d:07:86:c2:9c:24:b6:28:a9:1a:63:97:c4:07:ad:af:e7:7d: 59:d7:f0:c6:a6:11:21:a6:f1:cf:9c:7f:81:02:dc:05:5a:4b: 94:26:12:a9:f6:18:ea:f9:fe:ff:1c:2b:a5:3d:c6:c2:d1:6d: 55:ab:38:b7:a4:01:8e:cc:8e:ab:fd:92:3d:ec:02:df:a8:bb: 11:9d:f0:4d:f4:d2:fb:45:50:2b:5c:31:f8:4b:7b:2f:d4:36: 5f:71:47:46:80:2f:32:88:7d:48:4a:1c:1a:b1:f4:4d:85:ac: b3:c3:4f:8c:76:cb:c6:36:45:9a:0a:52:d0:50:1d:8a:7a:fa: 5b:e5:f1:3f:ff:f2:99:44:7e:c0:f1:25:67:31:02:20:7e:f9: d0:8c:27:f7:07:af:0b:f6:25:cd:64:45:3c:e0:99:d4:38:8b: 30:d3:fe:2a -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 MzE4QzExMC8GA1UEBRMoQkU0MzAxRTJBNDBCNEY2QTQ3RTE4NUE2NzU3RDlBNkU4 RDdDNzQ0MjAeFw0yNTA3MTcwNjU3MjlaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4Nzg5ZWQ4LTcyN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGgnx4uvwpKVlxRqZH8SdSvJaqHRlm1w4pDfO/Hc6EzaTlOSc++EPjIwijSi27 G+Qyno+7reQsnwblnpoSFO2CdJRT9SfjZ+xXAvecjE+TcN3lPpAbONmzGt7GwiWG OoAzBizkLykIoHVaw3ErK+HmhBpJxsky/kfQbm10cZELS0w68nNfGxx3DnjKwkoC TGATUqA4jkYQkRUkmL0mqYBFjsz4A1Mc6Oq/AcBEKxfYV5rThdwNRXa2l1TnDIv5 lBOUWZz0ux+xHPgiiJBAW/JnIK9PWCkh8O+flk8Fyr0jWFn/1xrFRqST1TSX7clz dmYHorFgFgjWUrbeBOXUjlCbAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUpgJDP8R3 c6ZYLZhatbJRmX+qfV0wHwYDVR0jBBgwFoAUvkMB4qQLT2pH4YWmdX2abo18dEIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkzMThDL0NFOUIwOUVFNjE1 NDExRjBCQjUwRkEzN0M0RjlBRTAyL3ZrTUI0cVFMVDJwSDRZV21kWDJhYm8xOGRF SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdmtNQjRxUUxUMnBINFlXbWRYMmFibzE4ZEVJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MzE4Qy9DRTlCMDlFRTYxNTQxMUYwQkI1MEZBMzdDNEY5QUUwMi85OURDMzNEQTYy MUQxMUYwQjNCMjhDMTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEA8sS+DAPBAIAAjAJAwcAIAEN9d9AMA0GCSqGSIb3DQEBCwUA A4IBAQBRwOzkz6NjVB7WPItLLmHCsVZTlECREDLSMlKpKsIk/d/goNjCnvmtI+tP kTYD1lucPLed5KihsPDHTcUvw+ZkVt7xJ+byfdk4pxNCwHQPX3aDfOdb1/o0qHMt B4bCnCS2KKkaY5fEB62v531Z1/DGphEhpvHPnH+BAtwFWkuUJhKp9hjq+f7/HCul PcbC0W1Vqzi3pAGOzI6r/ZI97ALfqLsRnfBN9NL7RVArXDH4S3sv1DZfcUdGgC8y iH1IShwasfRNhayzw0+MdsvGNkWaClLQUB2Kevpb5fE///KZRH7A8SVnMQIgfvnQ jCf3B68L9iXNZEU84JnUOIsw0/4q -----END CERTIFICATE-----Generated at Mon Jul 21 08:06:44 2025 by rpki-client