$ rpki-client -vvf rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/20B02A7A2C6D11EF9E3D5230C4F9AE02.roa File: 20B02A7A2C6D11EF9E3D5230C4F9AE02.roa (raw, json) Hash identifier: QH07aDb+fmKlDQWdj0T2NqSMHqeuEIv/QY/EnszX8xc= Subject key identifier: 1F:8C:E8:4B:B0:D7:D7:C1:65:14:33:B1:02:23:10:0B:41:B0:B2:17 Certificate issuer: /CN=A913AE23/serialNumber=E8876B51AB2B177440CD4C4CD2E4F0A598E0381C Certificate serial: FC Authority key identifier: E8:87:6B:51:AB:2B:17:74:40:CD:4C:4C:D2:E4:F0:A5:98:E0:38:1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6IdrUasrF3RAzUxM0uTwpZjgOBw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/20B02A7A2C6D11EF9E3D5230C4F9AE02.roa Signing time: Tue 09 Sep 2025 05:42:20 +0000 ROA not before: Tue 09 Sep 2025 05:42:20 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 138933 IP address blocks: 2401:a820::/32 maxlen: 32 2401:a820:22::/48 maxlen: 48 2401:a820:100::/48 maxlen: 48 2401:a820:200::/48 maxlen: 48 2401:a820:300::/48 maxlen: 48 2401:a820:400::/48 maxlen: 48 2401:a820:500::/48 maxlen: 48 2401:a820:600::/48 maxlen: 48 2401:a820:700::/48 maxlen: 48 2401:a820:800::/48 maxlen: 48 2401:a820:900::/48 maxlen: 48 2401:a820:fce::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/6IdrUasrF3RAzUxM0uTwpZjgOBw.crl rsync://rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/6IdrUasrF3RAzUxM0uTwpZjgOBw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6IdrUasrF3RAzUxM0uTwpZjgOBw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 05:56:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 252 (0xfc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913AE23, serialNumber=E8876B51AB2B177440CD4C4CD2E4F0A598E0381C Validity Not Before: Sep 9 05:42:20 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68bfbe3c-fabf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:57:b6:9e:c8:32:54:aa:15:63:18:b7:4c:c8: bb:07:e7:e9:d7:29:eb:26:fb:3c:8f:26:1e:41:43: d3:4b:4e:9b:6e:a0:20:8a:bd:35:ec:07:d2:03:e9: 02:bd:6a:cb:82:77:44:22:bb:0b:f2:46:a0:8e:fe: 5e:77:20:6f:21:bb:75:94:e5:61:c0:6a:ea:0a:ab: fd:aa:ca:9d:67:a8:c8:cb:9c:34:83:74:bc:6b:f8: 62:d9:8f:0f:fe:d9:bd:c8:29:37:24:99:71:45:ee: 04:d9:11:ad:11:a6:7f:e1:55:af:9c:f1:3a:55:3c: 24:e0:97:7d:c2:57:7c:e0:0f:93:e3:c2:5c:25:bc: 37:7e:2c:47:77:98:0a:25:f4:70:b2:fb:81:ab:3a: 80:bb:9e:73:40:de:77:ce:72:e5:c7:73:8a:5c:08: de:26:0c:8e:d1:3b:48:9f:42:9f:ce:15:d8:33:77: 2c:4c:3b:c8:a3:20:b1:45:00:29:a4:85:c5:e5:3c: cc:e7:45:c0:4f:dd:6c:f6:1a:5c:70:e3:b2:c9:89: 10:8c:ee:22:e6:b7:10:db:d3:39:a5:3c:75:3a:30: a6:ad:67:63:e3:a6:09:77:97:75:3c:50:1a:06:6b: 9b:ce:05:20:02:e7:22:6f:e5:c0:3d:48:34:db:7a: 79:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:8C:E8:4B:B0:D7:D7:C1:65:14:33:B1:02:23:10:0B:41:B0:B2:17 X509v3 Authority Key Identifier: keyid:E8:87:6B:51:AB:2B:17:74:40:CD:4C:4C:D2:E4:F0:A5:98:E0:38:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/6IdrUasrF3RAzUxM0uTwpZjgOBw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6IdrUasrF3RAzUxM0uTwpZjgOBw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/20B02A7A2C6D11EF9E3D5230C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:a820::/32 Signature Algorithm: sha256WithRSAEncryption b0:9c:9e:f8:40:7e:14:a4:bd:d9:53:42:ee:bf:3a:98:ec:15: 67:36:25:02:e7:c4:a3:82:1a:a9:a1:74:37:f5:d7:b1:e9:a0: ea:b2:ca:61:ee:64:af:6c:4c:6e:78:be:4c:d3:de:9d:54:e6: 5e:25:08:5f:c0:51:1b:25:e5:e5:32:14:31:9b:52:30:da:4b: b7:86:4f:fe:36:46:4a:b7:d7:c9:dc:2a:cf:56:64:ce:60:93: 9c:bb:98:61:af:c9:36:8b:d6:a4:2c:d2:85:af:1f:f0:02:54: cc:25:32:67:bc:42:c3:16:03:c9:ae:15:df:fc:0e:17:bd:5a: f7:64:8b:4b:50:8e:2b:9e:4d:4d:41:e5:9c:c6:18:29:aa:0e: 73:14:c0:18:1b:72:45:06:10:e4:52:fb:62:17:dc:2d:6e:3d: 43:83:1d:5d:eb:8c:12:22:70:43:f7:99:3e:d7:ac:68:cb:1e: 8d:06:a4:1c:d1:8c:66:28:87:14:77:2e:1b:c3:4d:45:a1:f4: 6c:67:9d:a2:51:f9:a3:27:21:be:44:62:55:b7:4c:2d:83:a5: 9b:62:e1:43:27:74:19:2e:bd:4a:b4:dd:b9:4e:fd:e7:66:d8: 9f:5a:71:61:1d:6e:29:75:65:c0:63:cb:2b:c0:94:54:4a:2a: 9b:55:fb:fb -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICAPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0FFMjMxMTAvBgNVBAUTKEU4ODc2QjUxQUIyQjE3NzQ0MENENEM0Q0QyRTRGMEE1 OThFMDM4MUMwHhcNMjUwOTA5MDU0MjIwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJmYmUzYy1mYWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwVe2nsgyVKoVYxi3TMi7B+fp1ynrJvs8jyYeQUPTS06bbqAgir017AfSA+kC vWrLgndEIrsL8kagjv5edyBvIbt1lOVhwGrqCqv9qsqdZ6jIy5w0g3S8a/hi2Y8P /tm9yCk3JJlxRe4E2RGtEaZ/4VWvnPE6VTwk4Jd9wld84A+T48JcJbw3fixHd5gK JfRwsvuBqzqAu55zQN53znLlx3OKXAjeJgyO0TtIn0KfzhXYM3csTDvIoyCxRQAp pIXF5TzM50XAT91s9hpccOOyyYkQjO4i5rcQ29M5pTx1OjCmrWdj46YJd5d1PFAa BmubzgUgAucib+XAPUg023p5awIDAQABo4ICljCCApIwHQYDVR0OBBYEFB+M6Euw 19fBZRQzsQIjEAtBsLIXMB8GA1UdIwQYMBaAFOiHa1GrKxd0QM1MTNLk8KWY4Dgc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUUyMy8zQTcyQUJGQTJD NkMxMUVGQTM0Njk0MkRDNEY5QUUwMi82SWRyVWFzckYzUkF6VXhNMHVUd3BaamdP QncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZJZHJVYXNyRjNSQXpVeE0wdVR3cFpqZ09Cdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0FFMjMvM0E3MkFCRkEyQzZDMTFFRkEzNDY5NDJEQzRGOUFFMDIvMjBCMDJBN0Ey QzZEMTFFRjlFM0Q1MjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkAaggMA0GCSqGSIb3DQEBCwUAA4IBAQCwnJ74QH4UpL3Z U0LuvzqY7BVnNiUC58SjghqpoXQ39dex6aDqssph7mSvbExueL5M096dVOZeJQhf wFEbJeXlMhQxm1Iw2ku3hk/+NkZKt9fJ3CrPVmTOYJOcu5hhr8k2i9akLNKFrx/w AlTMJTJnvELDFgPJrhXf/A4XvVr3ZItLUI4rnk1NQeWcxhgpqg5zFMAYG3JFBhDk UvtiF9wtbj1Dgx1d64wSInBD95k+16xoyx6NBqQc0YxmKIcUdy4bw01FofRsZ52i UfmjJyG+RGJVt0wtg6WbYuFDJ3QZLr1KtN25Tv3nZtifWnFhHW4pdWXAY8srwJRU SiqbVfv7 -----END CERTIFICATE-----Generated at Thu Sep 18 23:30:18 2025 by rpki-client