$ rpki-client -vvf rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/3D7A10E8D94411E98E28CD85C4F9AE02.roa File: 3D7A10E8D94411E98E28CD85C4F9AE02.roa (raw, json) Hash identifier: YnnRd8dXClUSq2ox+Sn+OmT1h0ooTE5RjNlpDC8bvCw= Subject key identifier: 62:5A:4D:CD:0C:F7:22:86:A9:A4:D5:3F:8D:71:73:45:38:92:49:88 Certificate issuer: /CN=A9145446/serialNumber=7D65EBE14C3046E73E3986957302A26E081F1AF8 Certificate serial: 284F Authority key identifier: 7D:65:EB:E1:4C:30:46:E7:3E:39:86:95:73:02:A2:6E:08:1F:1A:F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/3D7A10E8D94411E98E28CD85C4F9AE02.roa Signing time: Tue 02 Sep 2025 16:03:46 +0000 ROA not before: Tue 02 Sep 2025 16:03:46 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 24131 IP address blocks: 125.5.109.0/24 maxlen: 24 125.5.123.0/24 maxlen: 24 125.5.124.0/24 maxlen: 24 125.5.127.0/24 maxlen: 24 202.163.204.64/26 maxlen: 26 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.crl rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 15:46:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10319 (0x284f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145446, serialNumber=7D65EBE14C3046E73E3986957302A26E081F1AF8 Validity Not Before: Sep 2 16:03:46 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b71562-12da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c6:06:a1:37:18:7b:f1:db:a3:9b:34:23:20: d4:ca:3f:b0:e7:99:27:49:e0:1a:b2:af:5f:22:4c: 4c:82:1e:95:ec:2a:21:43:ee:c3:af:77:b8:71:98: 4c:08:ba:6d:95:57:43:39:64:42:98:61:02:22:23: 32:62:2d:04:a0:ef:e1:fd:09:5b:5d:2d:92:b0:f7: 11:a5:1c:47:c2:62:fd:dd:52:fb:b0:1c:e5:90:0b: a8:85:4d:95:fc:54:69:8e:c3:8b:eb:6e:01:21:a5: 1f:7f:75:dd:6b:f3:9f:04:9e:c2:8f:7a:fa:f5:a0: 2c:63:65:e2:bb:4e:5b:0e:5f:8f:f0:58:42:0b:07: c4:68:1e:01:c5:a4:a8:cd:40:23:32:1a:93:28:cc: ea:eb:17:36:2d:39:f9:7b:72:77:30:31:b3:32:b0: 99:fa:82:85:5f:1d:0d:d9:9d:c4:6a:ec:fb:a5:30: 87:aa:34:f7:90:65:b7:73:de:d7:f4:e2:03:e2:9c: bd:9a:6b:9b:b6:14:b6:87:02:e2:55:ef:8d:da:e5: 32:6f:79:a9:f4:6e:3e:8d:25:54:e6:1e:a5:7f:3d: e9:86:50:d4:f5:98:7d:58:60:02:c3:2e:2b:17:7d: 5b:c3:ce:71:1d:46:5e:39:b9:f4:6a:4d:6e:1b:3d: e2:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:5A:4D:CD:0C:F7:22:86:A9:A4:D5:3F:8D:71:73:45:38:92:49:88 X509v3 Authority Key Identifier: keyid:7D:65:EB:E1:4C:30:46:E7:3E:39:86:95:73:02:A2:6E:08:1F:1A:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/3D7A10E8D94411E98E28CD85C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 125.5.109.0/24 125.5.123.0-125.5.124.255 125.5.127.0/24 202.163.204.64/26 Signature Algorithm: sha256WithRSAEncryption 04:5a:d1:b7:35:c2:d1:6c:a7:e9:2f:cb:b9:4a:13:be:11:9b: b1:a7:26:18:66:bf:db:75:8f:51:be:07:42:5c:f3:6c:98:0d: 9a:ca:28:b9:08:72:c8:c7:a3:63:99:4e:e0:ea:a9:cc:a8:c4: 88:87:92:28:df:43:9f:4c:65:13:2a:a3:3f:45:b3:d4:26:ca: be:43:08:55:cb:ec:03:43:78:77:45:78:08:19:4e:0e:d7:c9: 11:06:99:8f:39:80:c0:45:72:f7:2f:5f:bb:75:1d:07:c0:1b: 9b:27:c2:a1:68:d8:36:cf:1f:f8:0b:a3:eb:3e:5a:e9:74:8e: f6:2a:0c:d4:c1:df:00:ca:01:fb:dc:2c:1f:a2:8f:20:7e:0a: 3a:fc:8a:cb:0f:38:cd:41:6a:61:5d:f7:04:5c:7a:cd:02:52: b7:32:6f:84:89:94:17:a7:21:fd:50:38:c7:25:50:db:c0:e0: c3:2f:12:ce:9f:76:92:5e:f1:c5:4b:7c:f0:0a:fb:b1:ae:d4: b6:4d:4a:da:dd:b4:21:95:3c:b9:0b:86:5a:15:b7:48:8e:0f: 11:b5:10:10:9c:2a:85:58:53:80:ab:a4:5c:9f:9c:a1:c1:a4: 7f:32:5d:39:98:90:cc:8d:b7:76:e6:e7:23:73:12:16:ee:25: 70:f8:db:fb -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICKE8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0NDYxMTAvBgNVBAUTKDdENjVFQkUxNEMzMDQ2RTczRTM5ODY5NTczMDJBMjZF MDgxRjFBRjgwHhcNMjUwOTAyMTYwMzQ2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3MTU2Mi0xMmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxMYGoTcYe/Hbo5s0IyDUyj+w55knSeAasq9fIkxMgh6V7CohQ+7Dr3e4cZhM CLptlVdDOWRCmGECIiMyYi0EoO/h/QlbXS2SsPcRpRxHwmL93VL7sBzlkAuohU2V /FRpjsOL624BIaUff3Xda/OfBJ7Cj3r69aAsY2Xiu05bDl+P8FhCCwfEaB4BxaSo zUAjMhqTKMzq6xc2LTn5e3J3MDGzMrCZ+oKFXx0N2Z3Eauz7pTCHqjT3kGW3c97X 9OID4py9mmubthS2hwLiVe+N2uUyb3mp9G4+jSVU5h6lfz3phlDU9Zh9WGACwy4r F31bw85xHUZeObn0ak1uGz3iCQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFGJaTc0M 9yKGqaTVP41xc0U4kkmIMB8GA1UdIwQYMBaAFH1l6+FMMEbnPjmGlXMCom4IHxr4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ0Ni9BQ0EyRTc1QzFG QzUxMUU1QjQ1MERENjJDNEY5QUUwMi9mV1hyNFV3d1J1Yy1PWWFWY3dLaWJnZ2ZH dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZXWHI0VXd3UnVjLU9ZYVZjd0tpYmdnZkd2Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDU0NDYvQUNBMkU3NUMxRkM1MTFFNUI0NTBERDYyQzRGOUFFMDIvM0Q3QTEwRThE OTQ0MTFFOThFMjhDRDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMCcEAgABMCEDBAB9BW0wDAMEAH0FewMEAH0FfAMEAH0FfwMFBsqjzEAwDQYJ KoZIhvcNAQELBQADggEBAARa0bc1wtFsp+kvy7lKE74Rm7GnJhhmv9t1j1G+B0Jc 82yYDZrKKLkIcsjHo2OZTuDqqcyoxIiHkijfQ59MZRMqoz9Fs9Qmyr5DCFXL7AND eHdFeAgZTg7XyREGmY85gMBFcvcvX7t1HQfAG5snwqFo2DbPH/gLo+s+Wul0jvYq DNTB3wDKAfvcLB+ijyB+Cjr8issPOM1BamFd9wRces0CUrcyb4SJlBenIf1QOMcl UNvA4MMvEs6fdpJe8cVLfPAK+7Gu1LZNStrdtCGVPLkLhloVt0iODxG1EBCcKoVY U4CrpFyfnKHBpH8yXTmYkMyNt3bm5yNzEhbuJXD42/s= -----END CERTIFICATE-----Generated at Sat Sep 6 23:40:11 2025 by rpki-client