$ rpki-client -vvf rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/3522CF4E168811EF8040817EC4F9AE02.roa File: 3522CF4E168811EF8040817EC4F9AE02.roa (raw, json) Hash identifier: J7TkACUcj3Ly24E9h88Gvem/P3zdNyyRlK+jzIfKCJU= Subject key identifier: 46:4D:8E:D6:E2:DC:42:C9:FD:34:3B:47:E6:5A:D0:4B:97:1C:CD:22 Certificate issuer: /CN=A9139555/serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9 Certificate serial: 02A2 Authority key identifier: 43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/3522CF4E168811EF8040817EC4F9AE02.roa Signing time: Sat 31 May 2025 01:48:11 +0000 ROA not before: Sat 31 May 2025 01:48:11 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 45269 IP address blocks: 43.225.144.0/22 maxlen: 23 103.31.112.0/22 maxlen: 23 180.148.176.0/22 maxlen: 23 202.14.147.0/24 maxlen: 24 203.176.184.0/22 maxlen: 23 2406:c200::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 01:47:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 674 (0x2a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9139555, serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9 Validity Not Before: May 31 01:48:11 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=683a5fdb-fdac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:0e:35:45:79:4b:32:8a:8f:b1:73:22:ec:12: 21:62:65:56:02:29:84:e1:18:fd:1f:68:34:f6:9b: 99:ee:74:72:d9:27:04:43:65:ec:98:43:b4:b8:a1: f7:c3:d5:ab:2f:48:eb:53:0d:f8:e1:ea:30:f9:75: 11:06:c4:aa:f5:4c:4d:2c:19:23:7c:dc:2b:4a:b9: fc:54:77:1e:10:0b:ca:a6:c5:af:40:b7:c3:97:ad: a6:1f:7b:f9:ad:ff:1c:e7:d4:9b:4f:1f:c4:2b:42: e0:43:e2:d1:3b:f8:38:17:c8:9b:99:7b:f3:07:fa: 74:ab:8c:c9:3c:42:d8:97:16:0d:63:bc:90:3c:fe: 4f:49:7e:16:77:fb:fb:16:5c:e1:c0:ce:71:71:76: 49:39:6b:5a:ce:5e:4e:ad:ab:3a:f9:ee:06:c2:fd: 4d:dc:02:42:43:5b:e6:90:10:81:a6:c1:2f:91:e4: 9a:21:7d:ac:eb:fb:2f:00:f7:e4:bc:d7:c6:6c:ad: 9b:de:82:99:b6:9f:32:1f:3d:0c:e4:59:94:7a:9e: cb:64:84:f8:dc:f8:29:e2:90:97:5c:a7:70:5c:f0: d8:c9:71:9d:16:98:b1:42:f7:06:a6:55:fc:d2:da: 92:67:7b:b5:8e:8e:23:76:77:62:5d:02:15:a0:53: 43:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:4D:8E:D6:E2:DC:42:C9:FD:34:3B:47:E6:5A:D0:4B:97:1C:CD:22 X509v3 Authority Key Identifier: keyid:43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/3522CF4E168811EF8040817EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.144.0/22 103.31.112.0/22 180.148.176.0/22 202.14.147.0/24 203.176.184.0/22 IPv6: 2406:c200::/32 Signature Algorithm: sha256WithRSAEncryption 07:cb:d5:d4:19:39:a2:4f:6b:ea:f5:03:ab:8e:f4:b0:7c:e6: 36:0a:7a:0c:c3:90:83:6a:7f:4b:82:bc:1e:9e:9d:f9:bf:e5: 68:57:97:62:6e:4b:99:6e:e8:f9:1e:41:47:fa:b7:f7:22:fd: 78:5c:17:41:5b:d7:08:89:41:86:ac:16:64:cc:a1:79:36:2d: a4:8a:23:5c:cf:d8:07:23:eb:d8:d7:89:b5:9b:7e:2f:4e:f8: d2:7e:47:3b:6e:b1:67:a1:f4:24:e6:d9:00:0d:19:7c:80:4c: da:ea:72:b6:c9:ed:78:3a:69:9a:95:6f:4c:60:0e:35:d0:ca: a0:82:c0:f5:26:c5:7b:b4:c5:a5:48:25:a8:68:e8:22:50:05: a9:37:15:a0:4f:e3:da:98:f7:05:f8:1e:3e:95:20:5a:0c:00: 12:e3:56:c6:a5:e3:0b:0b:83:3d:43:4e:0b:b2:bc:46:f1:a6: a7:d4:4f:1a:92:b5:32:dd:bf:a2:0e:7b:5a:41:af:f7:02:39: d3:f2:92:0a:79:44:16:3a:3f:84:8b:11:20:8c:d4:6e:5a:2a: d5:62:23:b8:a2:a6:27:87:67:6e:02:1b:04:49:55:72:02:95: a8:ff:bb:ce:00:ed:ac:62:25:88:5b:a0:10:46:69:50:86:90: 41:52:fd:e9 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICAqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk1NTUxMTAvBgNVBAUTKDQzNjVEMTc5RDVCNzNFOEE5N0VERTA1MDVGMjlFRjAw QzJENjNFRjkwHhcNMjUwNTMxMDE0ODExWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNhNWZkYi1mZGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyQ41RXlLMoqPsXMi7BIhYmVWAimE4Rj9H2g09puZ7nRy2ScEQ2XsmEO0uKH3 w9WrL0jrUw344eow+XURBsSq9UxNLBkjfNwrSrn8VHceEAvKpsWvQLfDl62mH3v5 rf8c59SbTx/EK0LgQ+LRO/g4F8ibmXvzB/p0q4zJPELYlxYNY7yQPP5PSX4Wd/v7 FlzhwM5xcXZJOWtazl5Oras6+e4Gwv1N3AJCQ1vmkBCBpsEvkeSaIX2s6/svAPfk vNfGbK2b3oKZtp8yHz0M5FmUep7LZIT43Pgp4pCXXKdwXPDYyXGdFpixQvcGplX8 0tqSZ3u1jo4jdndiXQIVoFNDywIDAQABo4ICvDCCArgwHQYDVR0OBBYEFEZNjtbi 3ELJ/TQ7R+Za0EuXHM0iMB8GA1UdIwQYMBaAFENl0XnVtz6Kl+3gUF8p7wDC1j75 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTU1NS9EQzdEMTQ1QTAy MkQxMUVEOUQ2NDZCNTdDNEY5QUUwMi9RMlhSZWRXM1BvcVg3ZUJRWHludkFNTFdQ dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1EyWFJlZFczUG9xWDdlQlFYeW52QU1MV1B2ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mzk1NTUvREM3RDE0NUEwMjJEMTFFRDlENjQ2QjU3QzRGOUFFMDIvMzUyMkNGNEUx Njg4MTFFRjgwNDA4MTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr4ZADBAJnH3ADBAK0lLADBADKDpMDBALLsLgwDQQCAAIw BwMFACQGwgAwDQYJKoZIhvcNAQELBQADggEBAAfL1dQZOaJPa+r1A6uO9LB85jYK egzDkINqf0uCvB6enfm/5WhXl2JuS5lu6PkeQUf6t/ci/XhcF0Fb1wiJQYasFmTM oXk2LaSKI1zP2Acj69jXibWbfi9O+NJ+RztusWeh9CTm2QANGXyATNrqcrbJ7Xg6 aZqVb0xgDjXQyqCCwPUmxXu0xaVIJaho6CJQBak3FaBP49qY9wX4Hj6VIFoMABLj Vsal4wsLgz1DTguyvEbxpqfUTxqStTLdv6IOe1pBr/cCOdPykgp5RBY6P4SLESCM 1G5aKtViI7iipieHZ24CGwRJVXIClaj/u84A7axiJYhboBBGaVCGkEFS/ek= -----END CERTIFICATE-----Generated at Mon Jun 2 07:16:47 2025 by rpki-client