$ rpki-client -vvf rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/EA5A9A32BDAA11ED92995562C4F9AE02.roa File: EA5A9A32BDAA11ED92995562C4F9AE02.roa (raw, json) Hash identifier: /EEXvT665opKL7OI/mui0sN2NqpuGn4U8tvIvrJ8aw8= Subject key identifier: 2E:44:98:06:59:4C:A2:76:79:8E:78:DB:C7:2B:ED:86:21:2D:33:31 Certificate issuer: /CN=A9158650/serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Certificate serial: 01DB Authority key identifier: 28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/EA5A9A32BDAA11ED92995562C4F9AE02.roa Signing time: Fri 05 Sep 2025 03:09:17 +0000 ROA not before: Fri 05 Sep 2025 03:09:17 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 45748 IP address blocks: 202.14.70.0/23 maxlen: 24 202.43.118.0/24 maxlen: 24 202.43.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Sep 2025 03:09:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 475 (0x1db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158650, serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Validity Not Before: Sep 5 03:09:17 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68ba545d-bbb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a4:d1:fc:e9:c7:e9:28:c2:3b:c8:d5:6b:5d: 80:a8:82:b5:b2:f2:5a:c0:d4:b6:7e:04:01:c6:3f: 9e:fa:08:c9:9f:be:c0:dd:34:f4:d0:19:b3:40:c1: c9:e5:fa:93:37:f0:2f:6b:dc:df:ad:75:75:b5:f0: aa:15:6a:24:3f:80:0a:7e:e9:f0:91:a3:98:f6:6b: b8:c1:3e:3f:77:0a:da:8a:0c:ad:00:3c:a2:b3:04: 06:b8:f7:be:a7:03:49:68:c2:61:d7:87:8d:13:04: ec:cc:d5:0e:f4:55:b5:85:41:3c:03:b2:da:66:1d: 8f:07:15:88:98:db:08:32:bd:51:af:71:91:47:92: 97:1c:c1:15:d2:24:83:23:99:87:9c:90:5a:7a:f6: e7:61:5a:15:29:97:6c:53:07:14:00:e8:09:35:d4: 84:2b:f4:27:f1:b6:67:d5:6c:d1:7c:07:82:4d:66: c8:77:76:f9:b4:71:e8:7a:92:45:1f:96:88:95:3d: cc:fc:8b:eb:81:df:7b:ad:c9:d3:70:06:d2:10:01: e9:03:55:7c:2f:60:6d:7b:b2:11:4f:8d:37:f1:6b: 74:f8:29:d8:dc:d3:68:c4:69:39:d6:47:94:1f:35: 90:05:3c:6e:f0:83:6e:20:87:bb:a6:2c:c7:e4:eb: b6:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:44:98:06:59:4C:A2:76:79:8E:78:DB:C7:2B:ED:86:21:2D:33:31 X509v3 Authority Key Identifier: keyid:28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/EA5A9A32BDAA11ED92995562C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.14.70.0/23 202.43.118.0/23 Signature Algorithm: sha256WithRSAEncryption 2c:b6:d8:3b:f4:3d:fd:ec:84:44:70:6f:46:18:9b:9b:0d:53: ca:b1:d9:0c:d6:9a:30:f5:5b:ff:4c:84:45:74:56:21:25:24: 68:01:45:50:a2:a2:b6:19:ea:c8:2f:12:5f:c0:23:f6:d0:5d: 8b:be:2c:db:d2:bd:14:10:a1:63:ca:5f:a7:fc:c0:f1:18:cd: 6a:b9:f2:26:bc:95:4a:88:65:24:28:8a:56:61:f4:78:18:b4: 17:46:0d:74:85:cf:a0:eb:a6:12:ae:3f:f6:6c:4d:56:10:63: a8:d7:d2:5b:cf:f8:05:d7:f0:1d:43:22:66:19:1a:15:14:ee: 66:c5:6e:e9:0e:18:5c:91:1e:ba:d3:8f:2c:fc:e7:4f:68:06: dd:ad:75:25:a3:09:11:2e:c9:37:f6:4f:97:e4:ab:1b:a6:ad: 76:56:26:63:73:c3:f7:4e:f3:d0:5a:15:0d:3f:50:bf:bf:a2: 3e:3e:97:64:de:2a:31:f7:ff:b0:c4:8e:d4:74:bf:58:ff:3b: 37:86:1e:06:67:36:91:de:d5:ba:79:35:0a:53:49:14:0e:c9: 96:1a:b0:cd:dc:0c:e4:5c:27:08:09:5a:a2:14:9d:21:b4:9e: 8d:d5:19:90:01:49:d1:52:b6:76:93:4a:6f:b6:ad:98:de:b1: a5:9d:8f:73 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAdswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg2NTAxMTAvBgNVBAUTKDI4MTdENEE4NjQ0QUVDNDE5QURDQ0VFMzBDNEU4N0Ey NEQyRkY1N0IwHhcNMjUwOTA1MDMwOTE3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJhNTQ1ZC1iYmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1qTR/OnH6SjCO8jVa12AqIK1svJawNS2fgQBxj+e+gjJn77A3TT00BmzQMHJ 5fqTN/Ava9zfrXV1tfCqFWokP4AKfunwkaOY9mu4wT4/dwraigytADyiswQGuPe+ pwNJaMJh14eNEwTszNUO9FW1hUE8A7LaZh2PBxWImNsIMr1Rr3GRR5KXHMEV0iSD I5mHnJBaevbnYVoVKZdsUwcUAOgJNdSEK/Qn8bZn1WzRfAeCTWbId3b5tHHoepJF H5aIlT3M/Ivrgd97rcnTcAbSEAHpA1V8L2Bte7IRT4038Wt0+CnY3NNoxGk51keU HzWQBTxu8INuIIe7pizH5Ou22QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC5EmAZZ TKJ2eY5428cr7YYhLTMxMB8GA1UdIwQYMBaAFCgX1KhkSuxBmtzO4wxOh6JNL/V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODY1MC83NzU4RDJDMkJE QTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdSSzdFR2EzTTdqREU2SG9rMHY5 WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tCZlVxR1JLN0VHYTNNN2pERTZIb2swdjlYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTg2NTAvNzc1OEQyQzJCREE3MTFFREFFQ0Q0QTVEQzRGOUFFMDIvRUE1QTlBMzJC REFBMTFFRDkyOTk1NTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAHKDkYDBAHKK3YwDQYJKoZIhvcNAQELBQADggEBACy22Dv0 Pf3shERwb0YYm5sNU8qx2QzWmjD1W/9MhEV0ViElJGgBRVCiorYZ6sgvEl/AI/bQ XYu+LNvSvRQQoWPKX6f8wPEYzWq58ia8lUqIZSQoilZh9HgYtBdGDXSFz6DrphKu P/ZsTVYQY6jX0lvP+AXX8B1DImYZGhUU7mbFbukOGFyRHrrTjyz8509oBt2tdSWj CREuyTf2T5fkqxumrXZWJmNzw/dO89BaFQ0/UL+/oj4+l2TeKjH3/7DEjtR0v1j/ OzeGHgZnNpHe1bp5NQpTSRQOyZYasM3cDORcJwgJWqIUnSG0no3VGZABSdFStnaT Sm+2rZjesaWdj3M= -----END CERTIFICATE-----Generated at Fri Sep 19 08:51:45 2025 by rpki-client