$ rpki-client -vvf rpki.apnic.net/member_repository/A9139220/15CD1C2228B011EBB4469E1EC4F9AE02/7EBB570A296C11EBB7D88147C4F9AE02.roa File: 7EBB570A296C11EBB7D88147C4F9AE02.roa (raw, json) Hash identifier: fXQXf8N5tytPfV8xyqN1Zu7dGcPNJVrKRy7cMq29VZM= Subject key identifier: 01:12:0A:5C:CB:30:F2:3C:4F:EB:EC:61:39:41:E4:52:E4:6B:36:1C Certificate issuer: /CN=A9139220/serialNumber=E2CFC42B6A08150AEFEFE7189BE5AF2BE568F8C1 Certificate serial: 0786 Authority key identifier: E2:CF:C4:2B:6A:08:15:0A:EF:EF:E7:18:9B:E5:AF:2B:E5:68:F8:C1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4s_EK2oIFQrv7-cYm-WvK-Vo-ME.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9139220/15CD1C2228B011EBB4469E1EC4F9AE02/7EBB570A296C11EBB7D88147C4F9AE02.roa Signing time: Sat 06 Sep 2025 22:03:27 +0000 ROA not before: Sat 06 Sep 2025 22:03:27 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 17707 IP address blocks: 125.6.0.0/19 maxlen: 24 125.6.112.0/20 maxlen: 24 125.6.128.0/17 maxlen: 24 203.104.96.0/20 maxlen: 24 203.104.208.0/22 maxlen: 24 203.131.192.0/20 maxlen: 24 203.174.64.0/20 maxlen: 24 2407:3000::/32 maxlen: 32 2407:3000:6::/48 maxlen: 48 2407:3000:6a::/48 maxlen: 48 2407:3000:6d::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9139220/15CD1C2228B011EBB4469E1EC4F9AE02/4s_EK2oIFQrv7-cYm-WvK-Vo-ME.crl rsync://rpki.apnic.net/member_repository/A9139220/15CD1C2228B011EBB4469E1EC4F9AE02/4s_EK2oIFQrv7-cYm-WvK-Vo-ME.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4s_EK2oIFQrv7-cYm-WvK-Vo-ME.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 21:32:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1926 (0x786) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9139220, serialNumber=E2CFC42B6A08150AEFEFE7189BE5AF2BE568F8C1 Validity Not Before: Sep 6 22:03:27 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68bcafae-73c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e5:83:b1:c5:a3:a4:ff:e5:7c:da:ba:a1:36: a3:e2:23:b9:6f:38:95:6a:bd:f3:63:53:04:a1:05: 45:56:09:d8:07:7b:5b:3b:7c:51:fe:33:58:6f:85: 50:3a:4e:fd:3c:bd:fb:11:48:85:8e:6f:a5:9f:87: 00:71:d8:ce:f8:7d:d9:a0:26:52:eb:c3:b5:09:8e: e4:28:7b:0b:4c:d3:56:67:bf:f2:21:73:96:cc:a8: fa:54:45:ab:76:c7:76:0a:bd:b2:15:78:22:5d:26: 8e:cb:42:66:63:10:44:a3:f8:54:08:fb:ae:c3:00: 4a:c2:5e:38:e0:ee:43:43:06:f6:6e:09:c2:01:ee: 57:bb:2c:47:81:1d:55:5b:0f:0a:57:3b:01:d7:f7: 40:36:98:65:91:6c:0a:92:60:c3:01:cd:8a:4d:e9: 5b:f5:3a:ea:cb:42:0c:4e:e1:51:cb:f6:40:e6:3a: 37:66:43:76:f9:d2:a2:f2:1f:6c:01:dc:3e:d7:f4: 65:2b:5f:6c:96:6d:b8:ab:48:19:cf:8d:5b:22:19: 08:45:a1:65:e3:ec:80:da:1f:93:1e:84:e8:6c:53: 28:86:4d:62:ba:85:80:6e:0e:ab:78:ac:e0:69:64: 16:3c:dc:14:3f:d9:f8:ca:22:e6:75:c7:0b:53:30: 8a:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:12:0A:5C:CB:30:F2:3C:4F:EB:EC:61:39:41:E4:52:E4:6B:36:1C X509v3 Authority Key Identifier: keyid:E2:CF:C4:2B:6A:08:15:0A:EF:EF:E7:18:9B:E5:AF:2B:E5:68:F8:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9139220/15CD1C2228B011EBB4469E1EC4F9AE02/4s_EK2oIFQrv7-cYm-WvK-Vo-ME.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4s_EK2oIFQrv7-cYm-WvK-Vo-ME.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139220/15CD1C2228B011EBB4469E1EC4F9AE02/7EBB570A296C11EBB7D88147C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 125.6.0.0/19 125.6.112.0-125.6.255.255 203.104.96.0/20 203.104.208.0/22 203.131.192.0/20 203.174.64.0/20 IPv6: 2407:3000::/32 Signature Algorithm: sha256WithRSAEncryption 2a:d7:ee:41:0f:de:e7:89:7b:d5:27:fb:45:41:a2:2c:73:51: bb:38:9e:32:6b:65:ff:18:4a:2d:43:e7:d2:7d:6e:2e:c1:4c: af:7d:db:71:3a:2f:a0:fb:a9:a9:e7:47:03:e7:c9:01:8d:de: 5c:5b:48:67:a6:f2:fc:04:da:ae:11:ed:8c:67:de:8e:d7:cc: 1e:e2:81:7f:d7:29:fa:6d:76:c4:45:5e:72:8c:6f:20:a4:26: d5:bd:0a:6a:02:44:c9:57:cb:8b:48:95:15:6f:68:a8:3a:0a: 9b:e4:44:56:2d:1a:e4:4d:b6:20:a2:92:db:51:98:da:14:c9: 3d:12:fe:a4:d4:b8:0d:23:9c:62:c1:8a:99:69:7b:b3:c3:0b: c3:2f:0c:0a:79:f2:a5:be:3d:1d:08:98:c9:61:06:4e:10:22: b5:4c:02:f8:b4:5b:80:78:fe:6e:d0:4d:25:8a:ba:e0:c7:34: 87:1e:89:8a:c1:a0:59:d0:ed:a4:79:13:ac:e2:8e:81:33:ea: 9a:2f:11:23:15:16:c7:0f:61:f6:8f:84:8b:8c:b6:11:31:20: 06:59:96:58:8c:1c:d8:36:fd:53:24:1e:0c:78:09:49:b5:6b: 84:e2:95:b4:f3:6f:e1:70:18:0f:25:b5:50:ea:06:65:ba:92: 2b:c5:72:d4 -----BEGIN CERTIFICATE----- MIIFpTCCBI2gAwIBAgICB4YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzkyMjAxMTAvBgNVBAUTKEUyQ0ZDNDJCNkEwODE1MEFFRkVGRTcxODlCRTVBRjJC RTU2OEY4QzEwHhcNMjUwOTA2MjIwMzI3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJjYWZhZS03M2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv+WDscWjpP/lfNq6oTaj4iO5bziVar3zY1MEoQVFVgnYB3tbO3xR/jNYb4VQ Ok79PL37EUiFjm+ln4cAcdjO+H3ZoCZS68O1CY7kKHsLTNNWZ7/yIXOWzKj6VEWr dsd2Cr2yFXgiXSaOy0JmYxBEo/hUCPuuwwBKwl444O5DQwb2bgnCAe5XuyxHgR1V Ww8KVzsB1/dANphlkWwKkmDDAc2KTelb9Trqy0IMTuFRy/ZA5jo3ZkN2+dKi8h9s Adw+1/RlK19slm24q0gZz41bIhkIRaFl4+yA2h+THoTobFMohk1iuoWAbg6reKzg aWQWPNwUP9n4yiLmdccLUzCKuwIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFAESClzL MPI8T+vsYTlB5FLkazYcMB8GA1UdIwQYMBaAFOLPxCtqCBUK7+/nGJvlryvlaPjB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTIyMC8xNUNEMUMyMjI4 QjAxMUVCQjQ0NjlFMUVDNEY5QUUwMi80c19FSzJvSUZRcnY3LWNZbS1XdkstVm8t TUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRzX0VLMm9JRlFydjctY1ltLVd2Sy1Wby1NRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzkyMjAvMTVDRDFDMjIyOEIwMTFFQkI0NDY5RTFFQzRGOUFFMDIvN0VCQjU3MEEy OTZDMTFFQkI3RDg4MTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E RDBCMDEEAgABMCsDBAV9BgAwCwMEBH0GcAMDAH0GAwQEy2hgAwQCy2jQAwQEy4PA AwQEy65AMA0EAgACMAcDBQAkBzAAMA0GCSqGSIb3DQEBCwUAA4IBAQAq1+5BD97n iXvVJ/tFQaIsc1G7OJ4ya2X/GEotQ+fSfW4uwUyvfdtxOi+g+6mp50cD58kBjd5c W0hnpvL8BNquEe2MZ96O18we4oF/1yn6bXbERV5yjG8gpCbVvQpqAkTJV8uLSJUV b2ioOgqb5ERWLRrkTbYgopLbUZjaFMk9Ev6k1LgNI5xiwYqZaXuzwwvDLwwKefKl vj0dCJjJYQZOECK1TAL4tFuAeP5u0E0lirrgxzSHHomKwaBZ0O2keROs4o6BM+qa LxEjFRbHD2H2j4SLjLYRMSAGWZZYjBzYNv1TJB4MeAlJtWuE4pW082/hcBgPJbVQ 6gZlupIrxXLU -----END CERTIFICATE-----Generated at Wed Nov 5 15:45:14 2025 by rpki-client