$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa File: 9F8B79C2C78E11EBB4983F5BC4F9AE02.roa (raw, json) Hash identifier: 3DrTSsxaKfHNG5QI6Tt7BoAnrvxk6SFVvs/husXrnBI= Subject key identifier: BF:23:FC:5D:65:D5:58:34:71:13:C1:86:F2:83:E5:9B:46:71:36:F6 Certificate issuer: /CN=A911B5B4/serialNumber=9DF94C33D3F647AE3D91361E1F172C20686F5989 Certificate serial: 0E25 Authority key identifier: 9D:F9:4C:33:D3:F6:47:AE:3D:91:36:1E:1F:17:2C:20:68:6F:59:89 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa Signing time: Thu 28 Aug 2025 18:08:38 +0000 ROA not before: Thu 28 Aug 2025 18:08:38 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 23855 IP address blocks: 203.30.38.0/23 maxlen: 24 2001:df0:21a::/48 maxlen: 48 2401:c7c0:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.crl rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 18:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3621 (0xe25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B5B4, serialNumber=9DF94C33D3F647AE3D91361E1F172C20686F5989 Validity Not Before: Aug 28 18:08:38 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b09b26-1667 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:c3:9b:99:d5:24:49:96:52:71:ac:9c:49:77: c4:9d:0c:45:1f:25:54:68:87:06:82:c7:f9:4b:b2: 6d:30:31:3c:24:98:7d:16:5f:b4:f3:4c:85:93:21: 20:7d:3c:84:9c:bb:6c:30:3c:c6:24:dc:cc:73:21: 93:0e:44:7b:f6:9e:c4:ad:e5:b3:7e:e1:3b:91:fe: d2:9d:56:68:34:cb:38:06:35:cb:7c:bd:21:50:97: 86:08:ab:57:28:dc:ef:c5:73:ee:13:2a:7b:a8:1f: cf:96:ee:79:c4:7c:19:2b:19:ed:03:05:be:42:c2: 14:03:c7:46:19:15:ab:7d:0e:34:c5:2e:e6:69:df: 5f:12:97:0e:ce:5c:35:8b:3a:bd:72:ba:eb:06:31: 0b:02:f9:04:de:78:a3:3c:bb:8a:7a:5c:bf:e9:c7: 16:f2:38:32:34:0e:33:0a:ab:1e:f8:24:fa:c6:9a: 03:0f:2e:ea:a7:e7:9d:6e:ad:08:a5:98:4a:36:bb: e7:f5:92:85:4d:72:3f:c7:e0:88:ae:15:a1:28:2f: 7a:84:8b:0f:1b:1e:1e:35:cd:ac:6d:54:9f:15:84: b8:c9:3c:d9:3e:36:b6:e6:fa:86:0f:e5:96:92:7e: 44:88:c2:4f:3f:b8:43:bb:e6:25:51:61:09:68:56: 10:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:23:FC:5D:65:D5:58:34:71:13:C1:86:F2:83:E5:9B:46:71:36:F6 X509v3 Authority Key Identifier: keyid:9D:F9:4C:33:D3:F6:47:AE:3D:91:36:1E:1F:17:2C:20:68:6F:59:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.30.38.0/23 IPv6: 2001:df0:21a::/48 2401:c7c0:3::/48 Signature Algorithm: sha256WithRSAEncryption 84:cf:bb:ed:b6:82:a7:d4:de:a1:a9:32:73:39:05:a4:fe:c5: d6:1a:de:86:dc:ed:6c:7f:82:25:63:c2:07:ac:a1:f5:df:98: 50:94:e5:a0:aa:d2:88:ca:86:d1:20:a7:f4:fe:3e:fa:cb:93: bc:02:f7:fe:e6:fa:4a:63:9b:4d:c7:01:87:12:7f:88:21:bd: be:7e:f1:71:0e:bf:5f:cf:5c:bf:52:6a:01:18:59:cb:4f:c8: 3a:3e:80:2e:97:9a:5b:2e:09:68:dd:bc:a9:17:88:55:3c:17: 51:bc:f0:e9:21:05:76:14:03:df:f9:ff:61:44:4e:2a:f9:71: 6f:71:c6:f5:0e:aa:d6:1d:17:65:cf:19:f3:51:9a:37:08:38: 35:55:a4:fd:a8:74:b6:e2:78:95:f2:c9:2a:03:15:90:63:7a: 01:3c:45:72:db:ba:a2:a4:e6:c5:d8:de:42:6d:00:8f:91:a1: 8a:e1:15:be:25:a5:b4:07:bf:40:a5:52:4d:e9:bb:b1:a5:b3: cc:83:d1:94:a4:50:6f:b9:04:f6:6f:c8:1b:ed:b9:92:21:06: fc:48:d8:c6:11:18:ee:92:fb:77:ff:f5:ca:d2:b8:4b:f6:81: ea:c5:ce:cb:06:58:07:7e:64:18:ae:de:b2:9c:77:2d:60:d4: 85:98:21:78 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICDiUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI1QjQxMTAvBgNVBAUTKDlERjk0QzMzRDNGNjQ3QUUzRDkxMzYxRTFGMTcyQzIw Njg2RjU5ODkwHhcNMjUwODI4MTgwODM4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIwOWIyNi0xNjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtMObmdUkSZZScaycSXfEnQxFHyVUaIcGgsf5S7JtMDE8JJh9Fl+080yFkyEg fTyEnLtsMDzGJNzMcyGTDkR79p7EreWzfuE7kf7SnVZoNMs4BjXLfL0hUJeGCKtX KNzvxXPuEyp7qB/Plu55xHwZKxntAwW+QsIUA8dGGRWrfQ40xS7mad9fEpcOzlw1 izq9crrrBjELAvkE3nijPLuKely/6ccW8jgyNA4zCqse+CT6xpoDDy7qp+edbq0I pZhKNrvn9ZKFTXI/x+CIrhWhKC96hIsPGx4eNc2sbVSfFYS4yTzZPja25vqGD+WW kn5EiMJPP7hDu+YlUWEJaFYQtQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFL8j/F1l 1Vg0cRPBhvKD5ZtGcTb2MB8GA1UdIwQYMBaAFJ35TDPT9keuPZE2Hh8XLCBob1mJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCNC83MDlGN0EyNkI4 MjkxMUU5OTM3MzhBMDlDNEY5QUUwMi9uZmxNTTlQMlI2NDlrVFllSHhjc0lHaHZX WWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25mbE1NOVAyUjY0OWtUWWVIeGNzSUdodldZay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI1QjQvNzA5RjdBMjZCODI5MTFFOTkzNzM4QTA5QzRGOUFFMDIvOUY4Qjc5QzJD NzhFMTFFQkI0OTgzRjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMAwEAgABMAYDBAHLHiYwGAQCAAIwEgMHACABDfACGgMHACQBx8AAAzANBgkq hkiG9w0BAQsFAAOCAQEAhM+77baCp9TeoakyczkFpP7F1hrehtztbH+CJWPCB6yh 9d+YUJTloKrSiMqG0SCn9P4++suTvAL3/ub6SmObTccBhxJ/iCG9vn7xcQ6/X89c v1JqARhZy0/IOj6ALpeaWy4JaN28qReIVTwXUbzw6SEFdhQD3/n/YUROKvlxb3HG 9Q6q1h0XZc8Z81GaNwg4NVWk/ah0tuJ4lfLJKgMVkGN6ATxFctu6oqTmxdjeQm0A j5GhiuEVviWltAe/QKVSTem7saWzzIPRlKRQb7kE9m/IG+25kiEG/EjYxhEY7pL7 d//1ytK4S/aB6sXOywZYB35kGK7espx3LWDUhZgheA== -----END CERTIFICATE-----Generated at Fri Sep 19 15:19:08 2025 by rpki-client