$ rpki-client -vvf rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/D4FD4D5237DE11EEA2885B71C4F9AE02.roa File: D4FD4D5237DE11EEA2885B71C4F9AE02.roa (raw, json) Hash identifier: jm6qF0iG7lzG09wOX/EbjjAF73STR64Y7EPlh/2TSZY= Subject key identifier: 54:02:AC:0C:5B:9A:C6:13:F5:38:9D:54:AA:06:8D:5B:C4:FE:53:24 Certificate issuer: /CN=A912CB2A/serialNumber=147E9756439D9DB7156134AC78F91C233B9392A7 Certificate serial: 06BC Authority key identifier: 14:7E:97:56:43:9D:9D:B7:15:61:34:AC:78:F9:1C:23:3B:93:92:A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/D4FD4D5237DE11EEA2885B71C4F9AE02.roa Signing time: Sat 06 Sep 2025 23:03:22 +0000 ROA not before: Sat 06 Sep 2025 23:03:22 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 9723 IP address blocks: 121.52.192.0/22 maxlen: 22 121.52.196.0/23 maxlen: 23 121.52.198.0/24 maxlen: 24 121.52.199.0/24 maxlen: 24 202.74.64.0/21 maxlen: 21 203.31.82.0/24 maxlen: 24 210.56.152.0/24 maxlen: 24 210.56.153.0/24 maxlen: 24 210.56.154.0/24 maxlen: 24 210.56.155.0/24 maxlen: 24 210.56.156.0/24 maxlen: 24 210.56.157.0/24 maxlen: 24 210.56.158.0/24 maxlen: 24 210.56.159.0/24 maxlen: 24 2403:6900:c000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.crl rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 23:03:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1724 (0x6bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CB2A, serialNumber=147E9756439D9DB7156134AC78F91C233B9392A7 Validity Not Before: Sep 6 23:03:22 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=68bcbdba-56ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:a3:46:8c:15:ad:0d:fc:6b:13:7f:5f:4b:f9: 11:01:2b:fa:24:ce:d1:42:c2:15:0f:c4:98:56:7c: 18:f8:f1:55:2d:9f:86:4c:b9:1a:b2:2a:f0:2e:27: ae:da:f9:a6:73:50:15:ef:b4:c6:6c:4d:12:20:4d: 62:d0:67:4e:32:7a:19:50:73:c2:78:7b:21:c6:28: 5f:62:62:b5:c5:a5:9b:2e:39:d6:74:1c:c5:73:da: 8f:bb:ab:22:d4:4a:2d:ab:a2:3c:e2:a6:62:fd:c6: 37:a7:c1:f8:0c:2f:55:85:3e:2a:61:7c:da:93:fb: 23:77:e6:2f:4c:9d:ca:c2:41:9f:51:49:ef:ea:6a: d2:b8:51:44:0a:26:7c:8a:f0:87:fd:54:e7:54:a7: f1:ba:d2:9a:d6:9b:97:37:66:a6:e0:54:df:2a:94: 9b:9b:5e:0e:8f:53:2f:51:f1:9d:fc:3d:e3:ef:e9: a4:0a:6e:72:a1:10:90:2b:4b:62:a7:93:41:14:81: 49:77:4b:f9:52:d1:75:25:ea:d3:28:70:25:92:20: 17:b4:f3:05:fd:b6:94:4d:5b:2d:12:d4:8b:92:28: 08:e0:e0:59:c0:89:78:5d:e6:c8:fa:c9:c5:50:39: f6:57:83:42:e0:35:2b:1e:94:30:5e:1e:08:c2:df: d0:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:02:AC:0C:5B:9A:C6:13:F5:38:9D:54:AA:06:8D:5B:C4:FE:53:24 X509v3 Authority Key Identifier: keyid:14:7E:97:56:43:9D:9D:B7:15:61:34:AC:78:F9:1C:23:3B:93:92:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/D4FD4D5237DE11EEA2885B71C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 121.52.192.0/21 202.74.64.0/21 203.31.82.0/24 210.56.152.0/21 IPv6: 2403:6900:c000::/36 Signature Algorithm: sha256WithRSAEncryption 88:09:42:0f:0c:a2:8d:55:ce:e0:53:86:1c:16:7d:ef:61:d7: 50:ff:fb:29:0a:35:71:de:24:2e:2e:a0:d7:9b:24:65:51:39: 40:f2:30:42:20:b2:5e:2f:67:bd:ff:89:2d:bc:ee:a9:88:72: ad:e8:94:46:42:e3:08:74:be:75:52:de:48:b3:d7:8d:d8:c4: 6a:96:6b:91:cd:f4:0e:64:a9:7f:60:0f:f2:89:34:a5:76:62: 5c:ab:22:ce:cc:8d:e9:f3:48:20:ba:94:08:1b:64:32:9a:5e: 13:19:84:3b:9c:bf:a7:2c:fe:8f:5e:aa:6d:51:97:57:3c:13: 2a:ae:16:a1:e6:96:9f:ba:47:44:a3:e9:a7:10:1c:6a:0a:8b: d3:fb:77:f3:af:81:0f:84:7f:09:80:46:27:c9:3b:88:39:02: 86:35:e9:6e:a1:56:6a:94:a0:14:cc:80:ac:a5:33:4a:92:81: f5:a7:c9:1e:aa:3b:18:ac:6b:12:92:db:3e:ed:6e:48:ae:8e: 13:0a:57:31:71:9c:10:5d:ce:62:5a:4a:1c:bd:ce:37:0c:01: 22:a6:fa:7b:13:42:27:7b:16:82:cd:1c:3d:b7:cd:4a:16:51: dc:e3:97:9b:b5:18:41:11:73:32:34:54:f6:91:e8:f7:ce:39: d0:e2:b7:05 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICBrwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNCMkExMTAvBgNVBAUTKDE0N0U5NzU2NDM5RDlEQjcxNTYxMzRBQzc4RjkxQzIz M0I5MzkyQTcwHhcNMjUwOTA2MjMwMzIyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJjYmRiYS01NmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA26NGjBWtDfxrE39fS/kRASv6JM7RQsIVD8SYVnwY+PFVLZ+GTLkasirwLieu 2vmmc1AV77TGbE0SIE1i0GdOMnoZUHPCeHshxihfYmK1xaWbLjnWdBzFc9qPu6si 1Eotq6I84qZi/cY3p8H4DC9VhT4qYXzak/sjd+YvTJ3KwkGfUUnv6mrSuFFECiZ8 ivCH/VTnVKfxutKa1puXN2am4FTfKpSbm14Oj1MvUfGd/D3j7+mkCm5yoRCQK0ti p5NBFIFJd0v5UtF1JerTKHAlkiAXtPMF/baUTVstEtSLkigI4OBZwIl4XebI+snF UDn2V4NC4DUrHpQwXh4Iwt/QeQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFFQCrAxb msYT9TidVKoGjVvE/lMkMB8GA1UdIwQYMBaAFBR+l1ZDnZ23FWE0rHj5HCM7k5Kn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0IyQS9FMDFDN0E4NDkw RTAxMUVCQTEwNTg3MUZDNEY5QUUwMi9GSDZYVmtPZG5iY1ZZVFNzZVBrY0l6dVRr cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZINlhWa09kbmJjVllUU3NlUGtjSXp1VGtxYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkNCMkEvRTAxQzdBODQ5MEUwMTFFQkExMDU4NzFGQzRGOUFFMDIvRDRGRDRENTIz N0RFMTFFRUEyODg1QjcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMB4EAgABMBgDBAN5NMADBAPKSkADBADLH1IDBAPSOJgwDgQCAAIwCAMGBCQD aQDAMA0GCSqGSIb3DQEBCwUAA4IBAQCICUIPDKKNVc7gU4YcFn3vYddQ//spCjVx 3iQuLqDXmyRlUTlA8jBCILJeL2e9/4ktvO6piHKt6JRGQuMIdL51Ut5Is9eN2MRq lmuRzfQOZKl/YA/yiTSldmJcqyLOzI3p80ggupQIG2Qyml4TGYQ7nL+nLP6PXqpt UZdXPBMqrhah5pafukdEo+mnEBxqCovT+3fzr4EPhH8JgEYnyTuIOQKGNeluoVZq lKAUzICspTNKkoH1p8keqjsYrGsSkts+7W5Iro4TClcxcZwQXc5iWkocvc43DAEi pvp7E0InexaCzRw9t81KFlHc45ebtRhBEXMyNFT2kej3zjnQ4rcF -----END CERTIFICATE-----Generated at Sun Sep 7 09:07:42 2025 by rpki-client