$ rpki-client -vvf rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/4F8D63203EBF11EBA940A946C4F9AE02.roa File: 4F8D63203EBF11EBA940A946C4F9AE02.roa (raw, json) Hash identifier: buzUvsC9YQBDNkx4fnJbNl9kiM+U4xX7qiwW7jQGn9U= Subject key identifier: CA:9C:00:CB:0E:63:CA:B1:CC:E6:73:BC:A0:AA:3C:77:8A:CD:99:56 Certificate issuer: /CN=A9145446/serialNumber=7D65EBE14C3046E73E3986957302A26E081F1AF8 Certificate serial: 284E Authority key identifier: 7D:65:EB:E1:4C:30:46:E7:3E:39:86:95:73:02:A2:6E:08:1F:1A:F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/4F8D63203EBF11EBA940A946C4F9AE02.roa Signing time: Tue 02 Sep 2025 16:03:45 +0000 ROA not before: Tue 02 Sep 2025 16:03:45 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 24071 IP address blocks: 125.5.6.0/24 maxlen: 24 125.5.17.0/24 maxlen: 24 125.5.25.0/24 maxlen: 24 125.5.26.0/24 maxlen: 24 125.5.254.0/27 maxlen: 27 202.57.108.0/24 maxlen: 24 202.163.206.0/24 maxlen: 24 203.131.76.0/27 maxlen: 27 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.crl rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 15:46:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10318 (0x284e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145446, serialNumber=7D65EBE14C3046E73E3986957302A26E081F1AF8 Validity Not Before: Sep 2 16:03:45 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b71561-835e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e7:68:5e:a7:f9:ff:43:46:23:e8:c3:16:93: 35:e9:09:7a:db:4c:85:d7:a1:32:ee:f7:f5:c3:e2: 09:d5:32:46:77:3a:5b:a9:6a:d4:92:82:62:59:64: f6:30:b1:70:81:7e:7d:c9:b8:aa:5c:23:f3:3a:ad: 32:a4:4e:3e:59:40:26:42:0c:65:a3:e5:a3:21:f1: b7:57:f0:c4:63:ca:34:5d:c6:07:8b:2a:1b:dd:dd: f5:c7:8c:4f:90:a9:73:40:7c:6f:4a:39:52:d3:f8: 79:13:00:7c:98:5d:f1:bf:2b:b3:e2:91:07:44:d9: 6c:4a:de:d0:e8:64:77:6a:96:b5:4d:f8:62:b4:99: eb:d6:35:4a:a4:5e:4b:4f:a0:00:20:55:be:21:0d: b8:62:0f:57:b4:68:0a:c5:e2:66:0f:da:e7:2e:dc: a6:f8:e7:4b:ad:fa:79:23:f9:d1:b5:31:b3:d7:44: f0:c1:65:d0:86:73:22:96:68:ab:8c:de:1f:34:69: 59:c1:d9:12:93:66:74:87:f9:7f:79:c3:f6:4a:95: cb:cc:d7:31:5f:65:19:37:cb:bb:80:7f:13:40:6c: e7:42:83:c7:c9:c5:fe:cb:88:1c:3b:f7:9b:8f:60: e5:0e:ae:fc:7c:56:f4:93:0d:c2:d9:d4:c9:93:ae: 44:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:9C:00:CB:0E:63:CA:B1:CC:E6:73:BC:A0:AA:3C:77:8A:CD:99:56 X509v3 Authority Key Identifier: keyid:7D:65:EB:E1:4C:30:46:E7:3E:39:86:95:73:02:A2:6E:08:1F:1A:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/4F8D63203EBF11EBA940A946C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 125.5.6.0/24 125.5.17.0/24 125.5.25.0-125.5.26.255 125.5.254.0/27 202.57.108.0/24 202.163.206.0/24 203.131.76.0/27 Signature Algorithm: sha256WithRSAEncryption 7d:3c:3b:d7:07:40:0c:72:0e:4d:93:32:9a:ae:6b:11:f5:82: 7b:9b:3b:50:c6:13:5c:30:a2:3a:52:03:e1:80:b3:e8:79:3b: 90:0d:e8:03:58:c3:b1:c4:ef:ca:0d:0c:be:9d:c3:36:ea:e9: a6:54:c7:b1:9a:0f:db:d1:cf:b3:05:dc:e1:4f:04:e3:01:4a: b6:f6:a2:94:fc:9e:a4:48:b4:94:16:e6:3b:17:b9:a5:42:97: d4:97:0b:4b:a0:31:ff:5e:54:ab:c4:6f:99:33:cc:87:b8:45: 56:c4:a0:3b:df:35:f1:2f:23:99:0c:39:ba:50:b3:2d:63:48: 02:c6:d9:23:4f:0f:40:9e:ba:ae:65:90:b4:b8:7c:11:35:e9: 8c:55:06:8c:eb:cb:1b:04:5c:b9:a9:eb:f3:b6:17:25:24:2a: 4d:c2:36:7e:0e:0d:5c:25:09:41:d6:46:cb:ff:63:af:07:53: 9a:63:ef:5f:ef:0d:60:c3:5d:1e:4c:d4:33:50:7a:b0:ec:d1: 96:b6:16:d8:7f:1c:f6:8e:00:71:a6:2f:c5:19:0a:22:30:c3: d6:2c:2a:c1:2e:e1:c3:22:51:67:25:8e:8a:39:38:9a:f5:5a: 19:e8:41:30:1b:84:88:05:36:72:13:9f:6a:ab:02:e4:d4:92: 19:dc:38:69 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICKE4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0NDYxMTAvBgNVBAUTKDdENjVFQkUxNEMzMDQ2RTczRTM5ODY5NTczMDJBMjZF MDgxRjFBRjgwHhcNMjUwOTAyMTYwMzQ1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3MTU2MS04MzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyudoXqf5/0NGI+jDFpM16Ql620yF16Ey7vf1w+IJ1TJGdzpbqWrUkoJiWWT2 MLFwgX59ybiqXCPzOq0ypE4+WUAmQgxlo+WjIfG3V/DEY8o0XcYHiyob3d31x4xP kKlzQHxvSjlS0/h5EwB8mF3xvyuz4pEHRNlsSt7Q6GR3apa1TfhitJnr1jVKpF5L T6AAIFW+IQ24Yg9XtGgKxeJmD9rnLtym+OdLrfp5I/nRtTGz10TwwWXQhnMilmir jN4fNGlZwdkSk2Z0h/l/ecP2SpXLzNcxX2UZN8u7gH8TQGznQoPHycX+y4gcO/eb j2DlDq78fFb0kw3C2dTJk65EFwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFMqcAMsO Y8qxzOZzvKCqPHeKzZlWMB8GA1UdIwQYMBaAFH1l6+FMMEbnPjmGlXMCom4IHxr4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ0Ni9BQ0EyRTc1QzFG QzUxMUU1QjQ1MERENjJDNEY5QUUwMi9mV1hyNFV3d1J1Yy1PWWFWY3dLaWJnZ2ZH dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZXWHI0VXd3UnVjLU9ZYVZjd0tpYmdnZkd2Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDU0NDYvQUNBMkU3NUMxRkM1MTFFNUI0NTBERDYyQzRGOUFFMDIvNEY4RDYzMjAz RUJGMTFFQkE5NDBBOTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MDoEAgABMDQDBAB9BQYDBAB9BREwDAMEAH0FGQMEAH0FGgMFBX0F/gADBADK OWwDBADKo84DBQXLg0wAMA0GCSqGSIb3DQEBCwUAA4IBAQB9PDvXB0AMcg5NkzKa rmsR9YJ7mztQxhNcMKI6UgPhgLPoeTuQDegDWMOxxO/KDQy+ncM26ummVMexmg/b 0c+zBdzhTwTjAUq29qKU/J6kSLSUFuY7F7mlQpfUlwtLoDH/XlSrxG+ZM8yHuEVW xKA73zXxLyOZDDm6ULMtY0gCxtkjTw9AnrquZZC0uHwRNemMVQaM68sbBFy5qevz thclJCpNwjZ+Dg1cJQlB1kbL/2OvB1OaY+9f7w1gw10eTNQzUHqw7NGWthbYfxz2 jgBxpi/FGQoiMMPWLCrBLuHDIlFnJY6KOTia9VoZ6EEwG4SIBTZyE59qqwLk1JIZ 3Dhp -----END CERTIFICATE-----Generated at Sat Sep 6 23:41:43 2025 by rpki-client