$ rpki-client -vvf rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/609B8BC27D7B11EDB6B77173C4F9AE02.roa File: 609B8BC27D7B11EDB6B77173C4F9AE02.roa (raw, json) Hash identifier: ChzJx/vxRw8dTJyPXVe4gP/nW85ewthlM49PP4m2Fc0= Subject key identifier: 32:51:50:82:68:25:09:28:95:29:8E:EB:CD:51:CE:40:DD:92:41:DA Certificate issuer: /CN=A914B5BD/serialNumber=22E81B327CB1FB3501E05AFAB94121918FDB5B5E Certificate serial: 1892 Authority key identifier: 22:E8:1B:32:7C:B1:FB:35:01:E0:5A:FA:B9:41:21:91:8F:DB:5B:5E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/609B8BC27D7B11EDB6B77173C4F9AE02.roa Signing time: Fri 05 Sep 2025 16:58:09 +0000 ROA not before: Fri 05 Sep 2025 16:58:09 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 60064 IP address blocks: 43.239.140.0/24 maxlen: 24 43.239.141.0/24 maxlen: 24 43.239.142.0/24 maxlen: 24 43.239.143.0/24 maxlen: 24 103.71.175.0/24 maxlen: 24 103.194.170.0/24 maxlen: 24 103.252.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.crl rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 17:25:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6290 (0x1892) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914B5BD, serialNumber=22E81B327CB1FB3501E05AFAB94121918FDB5B5E Validity Not Before: Sep 5 16:58:09 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=68bb16a1-66d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f0:53:09:d2:4b:41:1f:c1:b8:42:45:d4:8f: d8:50:dd:db:cb:24:60:6a:d1:48:f5:c9:d5:8c:29: 08:a5:02:87:b9:26:a6:1b:c3:bd:0b:36:6c:f5:41: 9d:73:6a:2a:1e:27:18:9c:a5:ce:9a:68:79:48:62: a0:2b:ef:73:0d:42:62:48:36:c5:43:b5:d0:4a:ed: a2:7e:37:f6:e1:f5:d4:01:44:cb:97:1a:f1:9a:94: 24:98:a3:cb:da:2c:92:1a:39:7c:52:88:99:05:41: 8b:74:36:c9:f4:e6:c0:db:e0:68:cf:e6:6e:c3:0d: da:e9:1f:bf:60:9b:75:99:24:e9:96:7f:81:cd:4a: 33:35:d2:83:47:3a:be:e2:61:98:3d:dd:73:5a:7d: 91:ae:64:2f:40:1b:04:ac:01:25:de:21:d6:b6:3f: d2:af:34:55:e8:08:10:46:d7:29:d9:0b:05:c5:94: 85:d3:35:b3:3e:a5:3f:ca:7a:dc:8d:94:a0:a7:da: 4b:45:02:ba:14:86:6f:a6:bd:a2:df:41:96:5e:0c: 5a:c2:19:c4:89:94:68:de:f2:41:9f:f3:5f:f9:b1: 80:1c:80:f0:ef:03:3d:9e:dc:dd:f6:6c:01:4b:c6: 2b:41:80:a5:35:1d:4c:ef:e3:22:75:b2:4e:65:77: da:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:51:50:82:68:25:09:28:95:29:8E:EB:CD:51:CE:40:DD:92:41:DA X509v3 Authority Key Identifier: keyid:22:E8:1B:32:7C:B1:FB:35:01:E0:5A:FA:B9:41:21:91:8F:DB:5B:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/IugbMnyx-zUB4Fr6uUEhkY_bW14.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IugbMnyx-zUB4Fr6uUEhkY_bW14.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B5BD/33CB117AB5A911E79C74CB72C4F9AE02/609B8BC27D7B11EDB6B77173C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.140.0/22 103.71.175.0/24 103.194.170.0/24 103.252.222.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:3d:96:4b:00:49:ef:c4:32:e6:da:2b:fb:8f:9b:3a:75:e5: 22:6c:74:2d:39:8e:1a:53:82:79:02:56:e6:f7:8d:3f:43:86: fa:75:de:ee:99:c9:16:8f:47:d2:fc:e2:40:6c:c1:a0:38:f0: cc:e7:4e:1f:35:55:bf:f0:20:49:34:84:84:59:24:70:04:7f: 64:fa:63:34:90:bc:80:46:ae:25:65:94:e0:d6:d2:76:93:02: 0e:89:e9:e8:49:fb:20:85:c3:36:5a:d1:ff:3a:75:75:ff:71: 4b:11:bc:bf:09:65:84:9d:66:c0:95:e6:c6:8e:a8:c1:fc:02: b1:ba:f8:32:ac:59:69:99:4d:bd:84:aa:d2:f6:31:a6:85:be: f9:37:42:b1:34:e0:1a:45:e1:1d:a4:82:26:c1:48:21:55:78: e8:53:9d:15:a9:42:1b:5d:87:39:4e:24:4f:66:8e:c4:83:0a: 63:3e:54:c3:1c:95:74:fe:44:4e:01:4e:a5:61:61:5e:80:3a: 8f:d8:bf:e5:fa:50:e5:82:8c:c5:ec:2e:49:8d:ca:af:2b:08: 2b:66:ca:8a:11:f9:06:5d:18:fa:62:03:cf:57:44:69:00:ca: f6:97:ae:22:3a:89:d1:6f:de:49:ff:76:82:50:de:c7:e7:ab: 0a:49:d9:81 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICGJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEI1QkQxMTAvBgNVBAUTKDIyRTgxQjMyN0NCMUZCMzUwMUUwNUFGQUI5NDEyMTkx OEZEQjVCNUUwHhcNMjUwOTA1MTY1ODA5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJiMTZhMS02NmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3PBTCdJLQR/BuEJF1I/YUN3byyRgatFI9cnVjCkIpQKHuSamG8O9CzZs9UGd c2oqHicYnKXOmmh5SGKgK+9zDUJiSDbFQ7XQSu2ifjf24fXUAUTLlxrxmpQkmKPL 2iySGjl8UoiZBUGLdDbJ9ObA2+Boz+Zuww3a6R+/YJt1mSTpln+BzUozNdKDRzq+ 4mGYPd1zWn2RrmQvQBsErAEl3iHWtj/SrzRV6AgQRtcp2QsFxZSF0zWzPqU/ynrc jZSgp9pLRQK6FIZvpr2i30GWXgxawhnEiZRo3vJBn/Nf+bGAHIDw7wM9ntzd9mwB S8YrQYClNR1M7+MidbJOZXfaPQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFDJRUIJo JQkolSmO681RzkDdkkHaMB8GA1UdIwQYMBaAFCLoGzJ8sfs1AeBa+rlBIZGP21te MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QjVCRC8zM0NCMTE3QUI1 QTkxMUU3OUM3NENCNzJDNEY5QUUwMi9JdWdiTW55eC16VUI0RnI2dVVFaGtZX2JX MTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0l1Z2JNbnl4LXpVQjRGcjZ1VUVoa1lfYlcxNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEI1QkQvMzNDQjExN0FCNUE5MTFFNzlDNzRDQjcyQzRGOUFFMDIvNjA5QjhCQzI3 RDdCMTFFREI2Qjc3MTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAIr74wDBABnR68DBABnwqoDBABn/N4wDQYJKoZIhvcNAQEL BQADggEBAC49lksASe/EMubaK/uPmzp15SJsdC05jhpTgnkCVub3jT9Dhvp13u6Z yRaPR9L84kBswaA48MznTh81Vb/wIEk0hIRZJHAEf2T6YzSQvIBGriVllODW0naT Ag6J6ehJ+yCFwzZa0f86dXX/cUsRvL8JZYSdZsCV5saOqMH8ArG6+DKsWWmZTb2E qtL2MaaFvvk3QrE04BpF4R2kgibBSCFVeOhTnRWpQhtdhzlOJE9mjsSDCmM+VMMc lXT+RE4BTqVhYV6AOo/Yv+X6UOWCjMXsLkmNyq8rCCtmyooR+QZdGPpiA89XRGkA yvaXriI6idFv3kn/doJQ3sfnqwpJ2YE= -----END CERTIFICATE-----Generated at Sat Sep 6 10:05:39 2025 by rpki-client