$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/862D18003A1011EDB5225E73C4F9AE02.roa File: 862D18003A1011EDB5225E73C4F9AE02.roa (raw, json) Hash identifier: DcHlNA8XpoMoa8j+kjrzppHmEvQSR+3K0O1rUE7HneA= Subject key identifier: 48:55:6B:78:07:46:F6:3F:67:36:C0:BC:FA:B6:17:4D:86:FF:FF:80 Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Certificate serial: 391B Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/862D18003A1011EDB5225E73C4F9AE02.roa Signing time: Fri 04 Jul 2025 14:50:37 +0000 ROA not before: Fri 04 Jul 2025 14:50:37 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 209242 IP address blocks: 119.59.0.0/20 maxlen: 20 119.59.0.0/24 maxlen: 24 119.59.1.0/24 maxlen: 24 119.59.2.0/24 maxlen: 24 119.59.3.0/24 maxlen: 24 119.59.4.0/24 maxlen: 24 119.59.5.0/24 maxlen: 24 119.59.6.0/24 maxlen: 24 119.59.7.0/24 maxlen: 24 119.59.8.0/24 maxlen: 24 119.59.9.0/24 maxlen: 24 119.59.10.0/24 maxlen: 24 119.59.11.0/24 maxlen: 24 119.59.12.0/24 maxlen: 24 119.59.13.0/24 maxlen: 24 119.59.14.0/24 maxlen: 24 119.59.15.0/24 maxlen: 24 119.59.16.0/24 maxlen: 24 119.59.17.0/24 maxlen: 24 119.59.18.0/24 maxlen: 24 119.59.19.0/24 maxlen: 24 119.59.20.0/24 maxlen: 24 119.59.21.0/24 maxlen: 24 119.59.22.0/24 maxlen: 24 119.59.23.0/24 maxlen: 24 210.126.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 14:22:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14619 (0x391b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149F3E, serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Validity Not Before: Jul 4 14:50:37 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6867ea3d-0009 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ac:2d:a1:11:53:82:72:a3:9d:4a:11:f2:8c: 9f:90:51:b9:16:2d:ee:0e:8b:82:7b:1f:d5:10:c7: fc:e8:b0:97:ec:c7:d3:b4:7f:12:8b:75:e7:ec:c1: f1:40:db:84:54:db:73:4f:ce:f3:82:a9:22:49:9a: 5b:17:97:46:57:cb:96:e6:c9:9d:25:31:6f:0f:28: dd:9d:5e:63:e3:07:48:36:48:02:3f:d7:42:36:cf: bc:69:b0:37:38:24:0a:8f:7e:e7:72:f6:e7:05:82: 2c:a7:4d:b5:55:18:fa:b9:55:bd:35:13:0d:88:b1: aa:2d:0b:27:f5:ca:11:2f:f8:ac:98:87:76:e3:06: 2e:12:b5:83:b7:13:f9:b5:87:ce:bc:e8:31:02:20: 41:b1:82:5d:aa:20:28:97:fe:69:a7:c6:49:ee:f0: 0a:d6:a5:e9:cc:b2:5c:22:ea:e3:ef:95:85:ef:6e: 3e:92:55:e9:d3:24:9e:92:f8:47:1c:57:56:4e:d0: 27:56:da:58:83:b9:19:4e:52:56:20:c9:2f:81:52: 57:cf:51:f2:fb:4b:46:e7:d5:59:b3:5d:26:48:95: cf:f0:d5:0e:cd:9a:24:e7:de:3b:21:25:b3:e3:94: 0e:4d:e8:64:12:9f:78:a5:96:5c:14:c5:25:5f:9a: bd:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:55:6B:78:07:46:F6:3F:67:36:C0:BC:FA:B6:17:4D:86:FF:FF:80 X509v3 Authority Key Identifier: keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/862D18003A1011EDB5225E73C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 119.59.0.0-119.59.23.255 210.126.126.0/24 Signature Algorithm: sha256WithRSAEncryption 63:46:38:c9:a2:88:29:ba:35:89:90:1d:7d:e0:53:22:ab:bb: f0:9a:f2:6d:15:16:b3:5b:ad:31:8a:bb:4b:af:c3:99:f0:21: 3a:d2:24:7a:dc:ef:8b:03:7e:6e:4d:a8:d9:c0:79:3d:ae:5b: 53:96:c1:69:25:de:02:8a:ad:16:fa:38:86:66:6c:4f:03:42: 1c:3a:9b:36:9c:bc:95:c4:40:58:d2:19:a0:38:5d:1d:eb:88: 8e:aa:59:2e:29:7c:69:ff:65:57:55:69:0f:55:fe:09:99:f3: d2:1f:bc:0b:62:e3:1d:29:fe:41:9c:3c:5a:62:38:74:63:5d: 3a:24:2a:c6:e9:ae:11:76:c0:48:1d:90:6e:13:88:43:a4:6c: ab:4c:1d:3b:7a:e7:ea:52:32:2e:17:87:79:28:0f:e0:4a:b7: d8:b7:5e:1a:54:0d:46:ca:73:39:14:cb:0b:79:64:7e:7a:da: 12:18:7b:40:ed:67:78:29:be:a4:e6:50:85:a8:a8:7f:83:c7: 17:76:5b:0e:ef:a6:98:7a:4f:f9:0d:9c:fd:e4:27:a5:4e:87: 57:3f:df:43:9b:15:fa:5e:79:fc:45:8d:af:6e:d9:81:48:33: c8:da:86:e0:e5:e3:7d:c5:eb:2c:db:b1:01:28:11:1b:64:bd: 71:fe:ac:85 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgICORswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG OURGN0M1NEIwHhcNMjUwNzA0MTQ1MDM3WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY3ZWEzZC0wMDA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0awtoRFTgnKjnUoR8oyfkFG5Fi3uDouCex/VEMf86LCX7MfTtH8Si3Xn7MHx QNuEVNtzT87zgqkiSZpbF5dGV8uW5smdJTFvDyjdnV5j4wdINkgCP9dCNs+8abA3 OCQKj37ncvbnBYIsp021VRj6uVW9NRMNiLGqLQsn9coRL/ismId24wYuErWDtxP5 tYfOvOgxAiBBsYJdqiAol/5pp8ZJ7vAK1qXpzLJcIurj75WF724+klXp0ySekvhH HFdWTtAnVtpYg7kZTlJWIMkvgVJXz1Hy+0tG59VZs10mSJXP8NUOzZok5947ISWz 45QOTehkEp94pZZcFMUlX5q9OwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEhVa3gH RvY/ZzbAvPq2F02G//+AMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4 VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvODYyRDE4MDAz QTEwMTFFREI1MjI1RTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E HTAbMBkEAgABMBMwCwMDAHc7AwQDdzsQAwQA0n5+MA0GCSqGSIb3DQEBCwUAA4IB AQBjRjjJoogpujWJkB194FMiq7vwmvJtFRazW60xirtLr8OZ8CE60iR63O+LA35u TajZwHk9rltTlsFpJd4Ciq0W+jiGZmxPA0IcOps2nLyVxEBY0hmgOF0d64iOqlku KXxp/2VXVWkPVf4JmfPSH7wLYuMdKf5BnDxaYjh0Y106JCrG6a4RdsBIHZBuE4hD pGyrTB07eufqUjIuF4d5KA/gSrfYt14aVA1GynM5FMsLeWR+etoSGHtA7Wd4Kb6k 5lCFqKh/g8cXdlsO76aYek/5DZz95CelTodXP99DmxX6Xnn8RY2vbtmBSDPI2obg 5eN9xess27EBKBEbZL1x/qyF -----END CERTIFICATE-----Generated at Sun Oct 26 03:39:08 2025 by rpki-client