$ rpki-client -vvf rpki.apnic.net/member_repository/A9142769/46BD55C24B8D11F0A3F4FF3FC4F9AE02/C8B7607C4B8D11F0B198C040C4F9AE02.roa File: C8B7607C4B8D11F0B198C040C4F9AE02.roa (raw, json) Hash identifier: i2BhMqJuRPJPw6EpQmAJmu0/MkHReXEBSLa+rZeCZ6I= Subject key identifier: DB:98:CB:AA:57:F5:9D:23:67:26:88:F8:45:99:1D:8C:28:A1:F1:92 Certificate issuer: /CN=A9142769/serialNumber=9ED56429D1AE9F6004FB6FB6788E93FAF6225759 Certificate serial: 02 Authority key identifier: 9E:D5:64:29:D1:AE:9F:60:04:FB:6F:B6:78:8E:93:FA:F6:22:57:59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntVkKdGun2AE-2-2eI6T-vYiV1k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142769/46BD55C24B8D11F0A3F4FF3FC4F9AE02/C8B7607C4B8D11F0B198C040C4F9AE02.roa Signing time: Tue 17 Jun 2025 15:14:38 +0000 ROA not before: Tue 17 Jun 2025 15:14:38 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 133069 IP address blocks: 203.13.166.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142769/46BD55C24B8D11F0A3F4FF3FC4F9AE02/ntVkKdGun2AE-2-2eI6T-vYiV1k.crl rsync://rpki.apnic.net/member_repository/A9142769/46BD55C24B8D11F0A3F4FF3FC4F9AE02/ntVkKdGun2AE-2-2eI6T-vYiV1k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntVkKdGun2AE-2-2eI6T-vYiV1k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 08:57:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142769, serialNumber=9ED56429D1AE9F6004FB6FB6788E93FAF6225759 Validity Not Before: Jun 17 15:14:38 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6851865e-7301 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:80:dc:e4:db:fa:1c:6e:74:64:ae:74:28:de: 67:07:be:f2:69:6d:fd:57:41:50:a8:30:4f:a8:a7: 42:27:2c:b4:b7:6c:e7:16:cd:f9:79:35:76:98:8a: 45:40:01:ec:51:ad:47:fe:21:a8:09:60:0d:46:74: cf:06:43:c6:a3:9b:85:23:0e:a0:d2:bf:b3:42:2a: db:84:9c:79:47:7f:a5:93:2c:f6:96:6c:a2:24:34: 86:be:9d:45:37:29:3c:aa:2d:30:23:54:bb:6a:db: fd:e7:0a:31:db:a4:dd:6c:07:07:69:07:a4:09:33: c9:3b:d3:f3:f0:59:92:a2:b1:22:b4:93:a1:6b:ed: 1f:e9:f9:cc:03:63:16:ff:13:0b:23:db:ad:72:87: 2b:bf:47:70:e6:2a:5b:49:9c:af:c1:fc:6b:3d:b3: f5:d4:8d:14:d1:88:7d:ec:b1:f6:d2:a2:b1:63:8f: af:5a:8f:18:d2:1a:c0:63:45:52:09:d2:6c:ad:68: 8f:d1:95:86:63:67:e8:e4:cb:45:60:12:4b:61:5a: 60:8f:0e:e3:9e:18:7f:6a:4e:ea:7a:c1:97:fc:0b: c7:b5:7c:3e:c7:3a:76:7d:5d:2b:44:03:5a:fb:a6: e7:5e:54:63:f4:2e:8f:67:22:b9:30:3f:26:d9:c7: 6b:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:98:CB:AA:57:F5:9D:23:67:26:88:F8:45:99:1D:8C:28:A1:F1:92 X509v3 Authority Key Identifier: keyid:9E:D5:64:29:D1:AE:9F:60:04:FB:6F:B6:78:8E:93:FA:F6:22:57:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142769/46BD55C24B8D11F0A3F4FF3FC4F9AE02/ntVkKdGun2AE-2-2eI6T-vYiV1k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntVkKdGun2AE-2-2eI6T-vYiV1k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142769/46BD55C24B8D11F0A3F4FF3FC4F9AE02/C8B7607C4B8D11F0B198C040C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.13.166.0/24 Signature Algorithm: sha256WithRSAEncryption 00:11:f7:03:47:cd:12:a6:06:5a:7d:59:3e:25:06:0a:6a:4a: 7c:ac:41:d7:fb:b0:09:22:1a:74:20:59:65:57:0d:5e:f8:fa: a3:63:89:9b:ba:f6:cc:83:2a:ad:5f:08:68:b6:32:d6:d5:bf: 24:5c:e7:ed:3a:d0:11:54:83:5d:75:a3:f8:70:5e:48:a9:57: 9d:4f:3c:d6:74:88:03:da:52:26:54:e8:35:f3:7c:ca:46:19: 54:b8:b5:8b:40:0b:b8:65:e3:00:53:93:3e:22:f5:82:6f:c6: b8:32:c1:14:12:20:a7:ba:b7:9c:ef:fd:20:df:ee:df:54:7e: 02:13:c4:95:73:17:8e:9f:5f:c0:ba:41:8b:14:e0:c3:78:08: 73:70:04:3e:59:dd:3c:1c:50:70:bd:2d:e5:73:63:a4:9a:26: 4e:c3:7e:bd:79:99:70:11:ce:d9:02:49:3d:fb:43:28:5a:29: 6b:fe:ef:90:cf:08:00:ff:92:45:17:f2:88:90:65:9b:6d:c5: a6:7f:86:1b:f1:55:f0:0f:6f:6a:ce:61:e4:47:92:7c:af:06: 78:b8:5a:f3:61:ac:24:7f:1f:c8:c1:a8:8b:80:cc:22:f5:63: f6:9d:d3:15:26:eb:8e:54:28:af:d2:fb:46:4b:37:b9:e3:cd: e6:33:f4:e9 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 Mjc2OTExMC8GA1UEBRMoOUVENTY0MjlEMUFFOUY2MDA0RkI2RkI2Nzg4RTkzRkFG NjIyNTc1OTAeFw0yNTA2MTcxNTE0MzhaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NTE4NjVlLTczMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC7gNzk2/ocbnRkrnQo3mcHvvJpbf1XQVCoME+op0InLLS3bOcWzfl5NXaYikVA AexRrUf+IagJYA1GdM8GQ8ajm4UjDqDSv7NCKtuEnHlHf6WTLPaWbKIkNIa+nUU3 KTyqLTAjVLtq2/3nCjHbpN1sBwdpB6QJM8k70/PwWZKisSK0k6Fr7R/p+cwDYxb/ Ewsj261yhyu/R3DmKltJnK/B/Gs9s/XUjRTRiH3ssfbSorFjj69ajxjSGsBjRVIJ 0mytaI/RlYZjZ+jky0VgEkthWmCPDuOeGH9qTup6wZf8C8e1fD7HOnZ9XStEA1r7 pudeVGP0Lo9nIrkwPybZx2v5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU25jLqlf1 nSNnJoj4RZkdjCih8ZIwHwYDVR0jBBgwFoAUntVkKdGun2AE+2+2eI6T+vYiV1kw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyNzY5LzQ2QkQ1NUMyNEI4 RDExRjBBM0Y0RkYzRkM0RjlBRTAyL250VmtLZEd1bjJBRS0yLTJlSTZULXZZaVYx ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbnRWa0tkR3VuMkFFLTItMmVJNlQtdllpVjFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 Mjc2OS80NkJENTVDMjRCOEQxMUYwQTNGNEZGM0ZDNEY5QUUwMi9DOEI3NjA3QzRC OEQxMUYwQjE5OEMwNDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAMsNpjANBgkqhkiG9w0BAQsFAAOCAQEAABH3A0fNEqYGWn1Z PiUGCmpKfKxB1/uwCSIadCBZZVcNXvj6o2OJm7r2zIMqrV8IaLYy1tW/JFzn7TrQ EVSDXXWj+HBeSKlXnU881nSIA9pSJlToNfN8ykYZVLi1i0ALuGXjAFOTPiL1gm/G uDLBFBIgp7q3nO/9IN/u31R+AhPElXMXjp9fwLpBixTgw3gIc3AEPlndPBxQcL0t 5XNjpJomTsN+vXmZcBHO2QJJPftDKFopa/7vkM8IAP+SRRfyiJBlm23Fpn+GG/FV 8A9vas5h5EeSfK8GeLha82GsJH8fyMGoi4DMIvVj9p3TFSbrjlQor9L7Rks3uePN 5jP06Q== -----END CERTIFICATE-----Generated at Wed Jul 2 05:32:45 2025 by rpki-client