$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CBE/83BA87AED7C211EF8190DA5CC4F9AE02/6D66CE8017BA11F094861F7DC4F9AE02.roa File: 6D66CE8017BA11F094861F7DC4F9AE02.roa (raw, json) Hash identifier: +D4BVGFKWyg9Pr75Q40/ty5hMk4DuavCG4i3TGDDyg0= Subject key identifier: 15:0B:EF:87:38:FC:8D:32:B2:FA:5F:0B:AC:7D:5D:72:6A:E3:52:BC Certificate issuer: /CN=A9147CBE/serialNumber=9A1624F46082F54AC5778859E226BD3BA69023F4 Certificate serial: 2C Authority key identifier: 9A:16:24:F4:60:82:F5:4A:C5:77:88:59:E2:26:BD:3B:A6:90:23:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mhYk9GCC9UrFd4hZ4ia9O6aQI_Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147CBE/83BA87AED7C211EF8190DA5CC4F9AE02/6D66CE8017BA11F094861F7DC4F9AE02.roa Signing time: Sat 12 Apr 2025 16:23:12 +0000 ROA not before: Sat 12 Apr 2025 16:23:12 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 131274 IP address blocks: 43.249.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147CBE/83BA87AED7C211EF8190DA5CC4F9AE02/mhYk9GCC9UrFd4hZ4ia9O6aQI_Q.crl rsync://rpki.apnic.net/member_repository/A9147CBE/83BA87AED7C211EF8190DA5CC4F9AE02/mhYk9GCC9UrFd4hZ4ia9O6aQI_Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mhYk9GCC9UrFd4hZ4ia9O6aQI_Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:40:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147CBE, serialNumber=9A1624F46082F54AC5778859E226BD3BA69023F4 Validity Not Before: Apr 12 16:23:12 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67fa936f-a42d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d0:ce:e5:62:26:e0:ea:dc:af:ec:48:08:2d: 36:09:3e:cb:f2:2b:20:b1:e5:8a:b4:56:a1:50:8e: 51:b2:70:d6:f9:39:aa:f7:ff:a6:13:70:26:3e:e5: 92:b7:98:dc:94:ca:33:1c:c2:0d:ab:7e:5d:0d:93: 2d:f5:46:0f:7c:35:13:6e:78:89:1f:1c:be:8d:65: 94:3c:5f:4b:42:8b:ed:45:1c:c3:9a:cb:30:30:6d: 56:3c:66:a3:f0:19:e1:3f:47:e2:56:e3:de:5a:82: 9f:88:d9:8d:50:c2:e0:a5:ee:c8:25:9e:e1:52:f0: 48:0a:f6:1d:ad:be:8c:37:2d:03:cb:bd:c5:51:54: 2f:7a:fa:f3:bf:cc:5a:e3:4c:7a:eb:f0:79:f4:46: f7:2e:1e:ab:78:51:7c:0e:12:51:fd:8b:f2:21:b5: 60:27:63:87:73:34:37:c4:07:e3:a4:c7:06:62:c2: 17:79:3a:27:c2:3e:ca:69:af:c8:7b:7e:4f:5b:a2: 19:48:9c:75:40:d8:37:f1:11:60:fd:8b:eb:4a:2a: 0e:25:3f:4f:eb:32:4a:76:f5:3f:80:d7:5e:20:8b: 4b:85:d7:d0:23:92:9b:d2:db:2f:38:de:32:71:37: 30:7d:4b:5f:06:fe:a6:a5:de:f4:86:c2:b7:a8:6c: 86:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:0B:EF:87:38:FC:8D:32:B2:FA:5F:0B:AC:7D:5D:72:6A:E3:52:BC X509v3 Authority Key Identifier: keyid:9A:16:24:F4:60:82:F5:4A:C5:77:88:59:E2:26:BD:3B:A6:90:23:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147CBE/83BA87AED7C211EF8190DA5CC4F9AE02/mhYk9GCC9UrFd4hZ4ia9O6aQI_Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mhYk9GCC9UrFd4hZ4ia9O6aQI_Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CBE/83BA87AED7C211EF8190DA5CC4F9AE02/6D66CE8017BA11F094861F7DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.99.0/24 Signature Algorithm: sha256WithRSAEncryption 50:b0:9a:d0:3c:5b:30:f9:be:a4:69:3f:cd:f6:78:35:aa:4e: ff:27:7b:36:01:23:e7:1b:23:59:59:9a:9a:56:a7:23:6c:7e: b9:db:a6:4d:e0:13:6c:82:62:18:41:36:57:2c:6e:68:44:66: a6:e3:5f:11:c0:72:f9:5f:f8:c0:03:e6:5c:ca:be:e6:6c:c3: 44:11:66:96:02:4d:97:aa:17:75:df:84:d2:c3:ec:de:81:46: 14:cf:e1:f5:08:8c:0f:7f:a8:e1:f9:d1:ca:77:a2:e8:24:e5: 0f:67:97:42:2a:a4:e3:8e:af:fa:16:81:8a:d7:28:be:7e:fd: f3:e3:e9:9f:b5:fb:29:be:f3:33:ba:10:51:a2:01:b4:b7:fc: f2:5f:9f:47:bc:93:a6:21:72:72:4d:63:f1:1c:c2:85:88:d7: cf:6b:89:72:61:7a:1f:a1:d7:38:92:3f:d1:01:d5:02:87:f8: 1d:54:17:4f:66:8e:15:45:6f:af:ac:62:5e:ae:5e:e6:44:37: 2a:51:95:9f:eb:d6:2e:10:21:c0:6f:ae:2f:fd:91:6b:3e:24: db:37:05:d0:6a:27:7e:1d:06:47:28:4a:97:30:83:69:ec:71: 3e:2b:79:70:0e:57:c9:b7:82:d6:9b:59:b4:3c:46:a2:da:59: 9b:80:21:54 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 N0NCRTExMC8GA1UEBRMoOUExNjI0RjQ2MDgyRjU0QUM1Nzc4ODU5RTIyNkJEM0JB NjkwMjNGNDAeFw0yNTA0MTIxNjIzMTJaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ZmE5MzZmLWE0MmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC20M7lYibg6tyv7EgILTYJPsvyKyCx5Yq0VqFQjlGycNb5Oar3/6YTcCY+5ZK3 mNyUyjMcwg2rfl0Nky31Rg98NRNueIkfHL6NZZQ8X0tCi+1FHMOayzAwbVY8ZqPw GeE/R+JW495agp+I2Y1QwuCl7sglnuFS8EgK9h2tvow3LQPLvcVRVC96+vO/zFrj THrr8Hn0RvcuHqt4UXwOElH9i/IhtWAnY4dzNDfEB+OkxwZiwhd5OifCPsppr8h7 fk9bohlInHVA2DfxEWD9i+tKKg4lP0/rMkp29T+A114gi0uF19AjkpvS2y843jJx NzB9S18G/qal3vSGwreobIa3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUFQvvhzj8 jTKy+l8LrH1dcmrjUrwwHwYDVR0jBBgwFoAUmhYk9GCC9UrFd4hZ4ia9O6aQI/Qw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3Q0JFLzgzQkE4N0FFRDdD MjExRUY4MTkwREE1Q0M0RjlBRTAyL21oWWs5R0NDOVVyRmQ0aFo0aWE5TzZhUUlf US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbWhZazlHQ0M5VXJGZDRoWjRpYTlPNmFRSV9RLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 N0NCRS84M0JBODdBRUQ3QzIxMUVGODE5MERBNUNDNEY5QUUwMi82RDY2Q0U4MDE3 QkExMUYwOTQ4NjFGN0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEACv5YzANBgkqhkiG9w0BAQsFAAOCAQEAULCa0DxbMPm+pGk/ zfZ4NapO/yd7NgEj5xsjWVmamlanI2x+udumTeATbIJiGEE2VyxuaERmpuNfEcBy +V/4wAPmXMq+5mzDRBFmlgJNl6oXdd+E0sPs3oFGFM/h9QiMD3+o4fnRynei6CTl D2eXQiqk446v+haBitcovn798+Ppn7X7Kb7zM7oQUaIBtLf88l+fR7yTpiFyck1j 8RzChYjXz2uJcmF6H6HXOJI/0QHVAof4HVQXT2aOFUVvr6xiXq5e5kQ3KlGVn+vW LhAhwG+uL/2Raz4k2zcF0Gonfh0GRyhKlzCDaexxPit5cA5XybeC1ptZtDxGotpZ m4AhVA== -----END CERTIFICATE-----Generated at Wed Nov 5 22:44:46 2025 by rpki-client