$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B4B1A742BE4C11EEB1327A54C4F9AE02.roa File: B4B1A742BE4C11EEB1327A54C4F9AE02.roa (raw, json) Hash identifier: LSrolBGN7UPabxJ890l4XmiAUR5PqpPbsorrwuIp+6A= Subject key identifier: E0:31:6B:57:E0:74:FA:B9:36:14:18:B7:82:23:55:49:1D:9B:A0:67 Certificate issuer: /CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF Certificate serial: 06BA Authority key identifier: 23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B4B1A742BE4C11EEB1327A54C4F9AE02.roa Signing time: Fri 31 Oct 2025 06:26:41 +0000 ROA not before: Fri 31 Oct 2025 06:26:41 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 9231 IP address blocks: 58.82.192.0/19 maxlen: 24 58.82.224.0/19 maxlen: 24 103.15.84.0/22 maxlen: 24 123.136.0.0/20 maxlen: 24 161.81.0.0/16 maxlen: 24 182.239.72.0/21 maxlen: 24 182.239.80.0/20 maxlen: 24 182.239.104.0/21 maxlen: 24 182.239.112.0/20 maxlen: 24 203.142.97.0/24 maxlen: 24 203.142.98.0/24 maxlen: 24 203.142.99.0/24 maxlen: 24 203.142.127.0/24 maxlen: 24 223.122.0.0/18 maxlen: 24 223.122.64.0/18 maxlen: 24 223.122.128.0/17 maxlen: 24 2401:3000::/36 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 22:47:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1722 (0x6ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B4D, serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF Validity Not Before: Oct 31 06:26:41 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=690456a1-6cec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d7:15:ed:a4:e7:56:1f:f9:1f:3d:d4:78:08: fc:c5:b4:12:9c:36:76:cc:4a:ce:2c:fa:c4:eb:ac: 72:98:e5:2c:68:53:b5:47:34:92:00:ba:10:0c:e1: 39:57:13:dc:dc:4e:a8:de:41:e7:f9:42:c8:f8:13: 9f:49:b2:f9:78:7a:d2:ff:a8:db:1f:a8:19:41:0a: b9:80:26:91:dd:38:1b:9e:fd:e1:2a:c9:2f:04:a7: 33:21:5c:9b:2b:0b:89:43:e4:3e:a8:5d:82:c0:f4: 78:f1:f2:04:52:13:b8:b8:a6:3a:67:4b:6f:b4:8b: d3:93:40:c7:c5:25:ac:21:28:de:58:32:e0:9b:79: 83:a7:48:43:49:df:ae:75:c6:a3:76:b6:43:09:e1: 10:0d:ec:4d:24:28:a8:84:95:27:52:b2:cd:25:ba: c1:94:1a:f4:f8:f5:aa:8f:ed:83:33:b9:c1:40:d0: b5:49:54:3a:a6:14:b2:64:9d:40:7a:da:d1:f1:4c: 3d:b7:b7:0a:82:37:39:ce:0b:bd:3f:80:d1:34:5f: 1e:c0:e4:d7:9e:cc:fe:be:d7:23:1a:04:9a:cf:8a: 87:55:26:10:d3:27:71:94:c9:ec:f9:79:dd:d8:98: 04:ca:91:bf:43:41:a2:f9:4c:e0:a7:03:a4:6b:36: 25:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:31:6B:57:E0:74:FA:B9:36:14:18:B7:82:23:55:49:1D:9B:A0:67 X509v3 Authority Key Identifier: keyid:23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/B4B1A742BE4C11EEB1327A54C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.82.192.0/18 103.15.84.0/22 123.136.0.0/20 161.81.0.0/16 182.239.72.0-182.239.95.255 182.239.104.0-182.239.127.255 203.142.97.0-203.142.99.255 203.142.127.0/24 223.122.0.0/16 IPv6: 2401:3000::/36 Signature Algorithm: sha256WithRSAEncryption 84:fd:bc:e3:02:c0:c9:dc:bf:72:6a:a5:ff:08:82:0e:e8:4f: 55:c0:b1:12:01:fe:f5:0a:94:59:fe:94:52:d2:71:56:5b:7c: 8f:88:4d:66:f2:df:a1:79:ff:84:24:98:8d:eb:5a:4f:db:4f: a1:ba:42:f6:5b:b4:91:de:f3:dd:66:f9:3b:10:7b:fd:9e:bd: b4:2d:94:49:9d:62:1e:1c:ef:7a:7e:96:e9:75:4c:4c:fd:bc: 69:27:60:f8:df:ef:02:89:18:14:37:09:f2:77:94:2e:c8:44: bd:98:6d:06:ea:8b:51:3a:16:74:32:8e:62:ed:86:8e:b4:24: 49:de:07:eb:3d:41:cc:4f:f3:5a:9e:9f:ca:1d:bb:db:81:7c: 0d:83:e6:96:0c:84:3b:a5:88:e4:68:c6:fc:bd:65:21:43:d2: 0c:1e:32:ab:5a:3f:c5:bc:1b:a9:61:6d:74:75:ae:f3:18:88: 97:d8:e5:c0:b2:ea:8e:d6:26:87:a3:e9:79:79:55:05:75:3e: ae:73:cb:ac:5c:4b:94:79:ea:e0:60:0a:60:f9:42:33:2d:45: 4b:a4:aa:51:a9:78:54:80:a0:00:30:bf:d8:55:47:2f:7d:34: b9:ce:b2:b1:63:18:d2:bc:7b:cb:ad:99:45:44:4f:6d:bb:5f: f7:71:a8:b9 -----BEGIN CERTIFICATE----- MIIFxzCCBK+gAwIBAgICBrowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCNEQxMTAvBgNVBAUTKDIzRjVEOTNBODJFN0Q3ODQwNjc5QjFDNjREQTM3QzM3 Q0ZGRTc3RUYwHhcNMjUxMDMxMDYyNjQxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTA0NTZhMS02Y2VjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtcV7aTnVh/5Hz3UeAj8xbQSnDZ2zErOLPrE66xymOUsaFO1RzSSALoQDOE5 VxPc3E6o3kHn+ULI+BOfSbL5eHrS/6jbH6gZQQq5gCaR3Tgbnv3hKskvBKczIVyb KwuJQ+Q+qF2CwPR48fIEUhO4uKY6Z0tvtIvTk0DHxSWsISjeWDLgm3mDp0hDSd+u dcajdrZDCeEQDexNJCiohJUnUrLNJbrBlBr0+PWqj+2DM7nBQNC1SVQ6phSyZJ1A etrR8Uw9t7cKgjc5zgu9P4DRNF8ewOTXnsz+vtcjGgSaz4qHVSYQ0ydxlMns+Xnd 2JgEypG/Q0Gi+UzgpwOkazYlYQIDAQABo4IC6zCCAucwHQYDVR0OBBYEFOAxa1fg dPq5NhQYt4IjVUkdm6BnMB8GA1UdIwQYMBaAFCP12TqC59eEBnmxxk2jfDfP/nfv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkI0RC9DMTk5RTAwNkIy MDUxMUVCQUVBRTlGMTBDNEY5QUUwMi9JX1haT29MbjE0UUdlYkhHVGFOOE44Xy1k LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lfWFpPb0xuMTRRR2ViSEdUYU44TjhfLWQtOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzJCNEQvQzE5OUUwMDZCMjA1MTFFQkFFQUU5RjEwQzRGOUFFMDIvQjRCMUE3NDJC RTRDMTFFRUIxMzI3QTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdQYIKwYBBQUHAQcBAf8E ZjBkMFIEAgABMEwDBAY6UsADBAJnD1QDBAR7iAADAwChUTAMAwQDtu9IAwQFtu9A MAwDBAO272gDBAe27wAwDAMEAMuOYQMEAsuOYAMEAMuOfwMDAN96MA4EAgACMAgD BgQkATAAADANBgkqhkiG9w0BAQsFAAOCAQEAhP284wLAydy/cmql/wiCDuhPVcCx EgH+9QqUWf6UUtJxVlt8j4hNZvLfoXn/hCSYjetaT9tPobpC9lu0kd7z3Wb5OxB7 /Z69tC2USZ1iHhzven6W6XVMTP28aSdg+N/vAokYFDcJ8neULshEvZhtBuqLUToW dDKOYu2GjrQkSd4H6z1BzE/zWp6fyh2724F8DYPmlgyEO6WI5GjG/L1lIUPSDB4y q1o/xbwbqWFtdHWu8xiIl9jlwLLqjtYmh6PpeXlVBXU+rnPLrFxLlHnq4GAKYPlC My1FS6SqUal4VICgADC/2FVHL300uc6ysWMY0rx7y62ZRURPbbtf93GouQ== -----END CERTIFICATE-----Generated at Wed Nov 5 16:43:19 2025 by rpki-client