$ rpki-client -vvf rpki.apnic.net/member_repository/A9129C87/FD083F585EED11EC9A496D59C4F9AE02/80A9DE56614C11EC9175DE54C4F9AE02.roa File: 80A9DE56614C11EC9175DE54C4F9AE02.roa (raw, json) Hash identifier: Che2Xh8HWptWRumVbwwzTZfqZqThy/R9Uspty/4PSaA= Subject key identifier: 22:33:23:44:26:B1:E5:69:D4:0D:C3:B3:7E:D1:CB:8A:BC:40:0A:72 Certificate issuer: /CN=A9129C87/serialNumber=E8F92D6B2A2930F0A5BEAF53044C85D8EADE1EBA Certificate serial: 0487 Authority key identifier: E8:F9:2D:6B:2A:29:30:F0:A5:BE:AF:53:04:4C:85:D8:EA:DE:1E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6PktayopMPClvq9TBEyF2OreHro.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9129C87/FD083F585EED11EC9A496D59C4F9AE02/80A9DE56614C11EC9175DE54C4F9AE02.roa Signing time: Sat 01 Nov 2025 00:45:43 +0000 ROA not before: Sat 01 Nov 2025 00:45:43 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 56120 IP address blocks: 1.20.0.0/24 maxlen: 24 1.20.1.0/24 maxlen: 24 1.20.2.0/24 maxlen: 24 1.20.3.0/24 maxlen: 24 1.20.4.0/22 maxlen: 22 1.20.8.0/21 maxlen: 21 1.20.16.0/20 maxlen: 20 1.20.32.0/20 maxlen: 20 1.20.48.0/21 maxlen: 21 1.20.56.0/22 maxlen: 22 1.20.60.0/24 maxlen: 24 1.20.61.0/24 maxlen: 24 1.20.62.0/24 maxlen: 24 1.20.63.0/24 maxlen: 24 1.20.64.0/24 maxlen: 24 1.20.65.0/24 maxlen: 24 1.20.66.0/24 maxlen: 24 1.20.117.0/24 maxlen: 24 1.20.119.0/24 maxlen: 24 1.20.120.0/24 maxlen: 24 1.20.121.0/24 maxlen: 24 1.20.122.0/24 maxlen: 24 1.20.123.0/24 maxlen: 24 1.20.125.0/24 maxlen: 24 1.20.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9129C87/FD083F585EED11EC9A496D59C4F9AE02/6PktayopMPClvq9TBEyF2OreHro.crl rsync://rpki.apnic.net/member_repository/A9129C87/FD083F585EED11EC9A496D59C4F9AE02/6PktayopMPClvq9TBEyF2OreHro.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6PktayopMPClvq9TBEyF2OreHro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 00:03:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1159 (0x487) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9129C87, serialNumber=E8F92D6B2A2930F0A5BEAF53044C85D8EADE1EBA Validity Not Before: Nov 1 00:45:43 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69055837-d2ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:19:af:e3:a4:de:c7:78:ee:49:57:b4:a9:13: e0:f9:04:a1:9a:d4:0c:be:37:da:a8:8b:9c:00:72: 80:4a:fe:5f:cd:0c:ea:5f:f0:51:80:dc:86:f5:82: ed:46:40:92:4f:6f:b8:d1:ea:d4:4f:98:9f:74:e3: 2f:a0:22:d4:df:88:e7:e8:b4:3b:17:bb:91:b6:03: 73:24:80:01:03:ce:49:c8:70:a4:66:b9:2c:95:ac: 14:eb:f9:38:48:d3:bd:07:9c:e2:44:2a:c8:d1:8b: f3:2c:2c:42:17:4f:39:7b:6e:9b:35:a8:48:73:67: e3:e4:92:55:81:b1:6d:25:b3:f6:f2:26:0a:a8:1e: 63:43:5f:7f:4c:79:d1:ee:62:dc:cc:39:55:d5:b9: 6a:13:3a:f5:1e:1b:8d:e1:2b:ed:29:11:63:db:8d: d4:43:97:fe:be:ca:9e:1d:1b:cb:64:f2:73:32:8e: 94:11:24:25:7e:49:18:4e:8e:8d:cf:0b:d2:0a:14: e6:59:cb:27:83:67:80:1c:c9:02:ab:a2:4b:4b:e1: 64:39:7d:ca:d8:3b:58:47:6d:79:9f:0a:0a:1d:14: 5b:f1:e9:01:76:4d:24:f5:94:bd:7a:92:1e:ba:21: c8:8e:35:37:76:f4:37:75:94:a6:4f:59:77:39:9d: 1a:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:33:23:44:26:B1:E5:69:D4:0D:C3:B3:7E:D1:CB:8A:BC:40:0A:72 X509v3 Authority Key Identifier: keyid:E8:F9:2D:6B:2A:29:30:F0:A5:BE:AF:53:04:4C:85:D8:EA:DE:1E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9129C87/FD083F585EED11EC9A496D59C4F9AE02/6PktayopMPClvq9TBEyF2OreHro.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6PktayopMPClvq9TBEyF2OreHro.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129C87/FD083F585EED11EC9A496D59C4F9AE02/80A9DE56614C11EC9175DE54C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 1.20.0.0-1.20.66.255 1.20.117.0/24 1.20.119.0-1.20.123.255 1.20.125.0-1.20.126.255 Signature Algorithm: sha256WithRSAEncryption 14:50:70:f0:0e:8c:40:b5:3f:2d:67:0f:64:fb:ee:25:dc:77: 70:76:f7:c4:68:a6:de:3f:36:a2:6f:79:ca:e9:bf:53:97:a9: 3c:ac:56:88:9c:28:81:0c:6e:a9:46:ba:87:48:52:b7:b2:29: ae:24:45:f3:52:1a:02:d3:08:cb:2f:63:b3:31:f7:6e:6d:6e: 1e:b7:f0:c3:78:8c:b3:cc:38:fb:48:89:b9:1d:e6:1c:a5:7f: 4e:c7:cd:52:a3:21:14:06:1f:e5:a2:09:f2:f9:98:da:f6:2a: 8d:e7:ef:1c:01:20:e4:99:12:65:b7:ee:36:4c:d2:de:dd:da: 3e:2b:f0:f9:9b:69:da:4d:58:23:e4:33:7b:be:d3:7d:e6:47: 73:30:ce:74:47:20:2b:0d:07:a4:c9:e3:6a:ab:cb:c9:90:95: a5:f2:ae:18:62:21:d0:a2:15:e1:12:4e:8b:5c:3d:4e:45:c7: 07:38:ab:0e:c3:b6:a3:b9:58:86:14:08:f2:02:a2:d3:dc:5a: bd:9b:ae:90:3d:e5:2a:cb:a9:61:4e:12:51:54:6d:3b:a6:00: 89:fc:74:bf:89:3f:26:1c:44:45:5b:19:13:65:91:1b:40:1f: c2:f3:45:9e:2b:36:1c:d1:67:1f:68:56:ce:fa:86:eb:5c:7c: 3e:77:3f:23 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgICBIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjlDODcxMTAvBgNVBAUTKEU4RjkyRDZCMkEyOTMwRjBBNUJFQUY1MzA0NEM4NUQ4 RUFERTFFQkEwHhcNMjUxMTAxMDA0NTQzWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTA1NTgzNy1kMmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsxmv46Tex3juSVe0qRPg+QShmtQMvjfaqIucAHKASv5fzQzqX/BRgNyG9YLt RkCST2+40erUT5ifdOMvoCLU34jn6LQ7F7uRtgNzJIABA85JyHCkZrkslawU6/k4 SNO9B5ziRCrI0YvzLCxCF085e26bNahIc2fj5JJVgbFtJbP28iYKqB5jQ19/THnR 7mLczDlV1blqEzr1HhuN4SvtKRFj243UQ5f+vsqeHRvLZPJzMo6UESQlfkkYTo6N zwvSChTmWcsng2eAHMkCq6JLS+FkOX3K2DtYR215nwoKHRRb8ekBdk0k9ZS9epIe uiHIjjU3dvQ3dZSmT1l3OZ0ahQIDAQABo4ICvjCCArowHQYDVR0OBBYEFCIzI0Qm seVp1A3Ds37Ry4q8QApyMB8GA1UdIwQYMBaAFOj5LWsqKTDwpb6vUwRMhdjq3h66 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUM4Ny9GRDA4M0Y1ODVF RUQxMUVDOUE0OTZENTlDNEY5QUUwMi82UGt0YXlvcE1QQ2x2cTlUQkV5RjJPcmVI cm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZQa3RheW9wTVBDbHZxOVRCRXlGMk9yZUhyby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjlDODcvRkQwODNGNTg1RUVEMTFFQzlBNDk2RDU5QzRGOUFFMDIvODBBOURFNTY2 MTRDMTFFQzkxNzVERTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E OTA3MDUEAgABMC8wCwMDAgEUAwQAARRCAwQAARR1MAwDBAABFHcDBAIBFHgwDAME AAEUfQMEAAEUfjANBgkqhkiG9w0BAQsFAAOCAQEAFFBw8A6MQLU/LWcPZPvuJdx3 cHb3xGim3j82om95yum/U5epPKxWiJwogQxuqUa6h0hSt7IpriRF81IaAtMIyy9j szH3bm1uHrfww3iMs8w4+0iJuR3mHKV/TsfNUqMhFAYf5aIJ8vmY2vYqjefvHAEg 5JkSZbfuNkzS3t3aPivw+Ztp2k1YI+Qze77TfeZHczDOdEcgKw0HpMnjaqvLyZCV pfKuGGIh0KIV4RJOi1w9TkXHBzirDsO2o7lYhhQI8gKi09xavZuukD3lKsupYU4S UVRtO6YAifx0v4k/JhxERVsZE2WRG0AfwvNFnis2HNFnH2hWzvqG61x8Pnc/Iw== -----END CERTIFICATE-----Generated at Tue Nov 4 07:23:42 2025 by rpki-client