$ rpki-client -vvf rpki.apnic.net/member_repository/A917148B/049410AE091311EABA41C735C4F9AE02/D725AC5C091411EABBFC8739C4F9AE02.roa File: D725AC5C091411EABBFC8739C4F9AE02.roa (raw, json) Hash identifier: jTKb6UqoxVKwoNueFvf3BZWhxggm3hq3OfDJsuiV3HM= Subject key identifier: F8:EC:B4:FE:5B:11:42:17:4E:DC:34:CD:A1:15:1E:B5:F8:63:56:26 Certificate issuer: /CN=A917148B/serialNumber=22DF3175B1DD323117E0C19F3F6D6A1E771F9C1F Certificate serial: 0C07 Authority key identifier: 22:DF:31:75:B1:DD:32:31:17:E0:C1:9F:3F:6D:6A:1E:77:1F:9C:1F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/It8xdbHdMjEX4MGfP21qHncfnB8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917148B/049410AE091311EABA41C735C4F9AE02/D725AC5C091411EABBFC8739C4F9AE02.roa Signing time: Fri 28 Feb 2025 19:30:49 +0000 ROA not before: Fri 28 Feb 2025 19:30:49 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 135071 IP address blocks: 103.208.132.0/22 maxlen: 24 137.59.152.0/22 maxlen: 24 2402:c0c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917148B/049410AE091311EABA41C735C4F9AE02/It8xdbHdMjEX4MGfP21qHncfnB8.crl rsync://rpki.apnic.net/member_repository/A917148B/049410AE091311EABA41C735C4F9AE02/It8xdbHdMjEX4MGfP21qHncfnB8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/It8xdbHdMjEX4MGfP21qHncfnB8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:31:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3079 (0xc07) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917148B, serialNumber=22DF3175B1DD323117E0C19F3F6D6A1E771F9C1F Validity Not Before: Feb 28 19:30:49 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c20ee9-6eb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:8d:17:9d:46:6a:dd:15:23:c8:de:3a:83:87: 29:af:3b:c1:22:e6:e7:88:9c:84:db:70:79:80:40: a0:fc:22:db:72:22:21:28:c7:81:88:46:73:5e:65: 1a:31:fd:7b:fe:59:9a:5f:60:81:87:9f:bf:2d:5b: 22:64:0c:01:c1:d8:06:99:a9:db:de:81:7a:ab:83: 19:08:4f:40:0f:5b:94:1e:bc:35:34:37:5e:ab:72: 8d:83:44:cf:0c:1b:89:71:9c:46:00:c4:41:bd:aa: 29:c5:c0:9c:34:82:c5:e9:85:9c:64:73:e0:7a:e8: 28:37:ef:6d:36:42:a6:f5:ac:82:9d:fe:dd:4b:bd: 32:22:27:02:0c:7b:64:bc:94:99:5c:36:70:fe:88: bb:54:5a:e9:55:c8:8c:f8:2c:8a:e0:5f:91:b0:a9: 58:82:40:c1:9f:2d:13:25:f6:ae:a9:47:1a:f6:0a: 3e:5d:a7:73:91:28:dd:9f:3d:9a:71:12:0d:5b:21: 61:9a:55:0f:0d:69:1f:09:21:01:50:f2:03:76:2d: a7:a9:bb:be:15:c0:ad:18:59:9b:b1:d4:8a:eb:04: 79:27:66:e7:a9:a4:3c:58:ee:63:3b:26:64:24:55: cc:22:54:dc:52:73:7c:78:85:ea:fb:cb:5b:30:b7: 9e:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:EC:B4:FE:5B:11:42:17:4E:DC:34:CD:A1:15:1E:B5:F8:63:56:26 X509v3 Authority Key Identifier: keyid:22:DF:31:75:B1:DD:32:31:17:E0:C1:9F:3F:6D:6A:1E:77:1F:9C:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917148B/049410AE091311EABA41C735C4F9AE02/It8xdbHdMjEX4MGfP21qHncfnB8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/It8xdbHdMjEX4MGfP21qHncfnB8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917148B/049410AE091311EABA41C735C4F9AE02/D725AC5C091411EABBFC8739C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.208.132.0/22 137.59.152.0/22 IPv6: 2402:c0c0::/32 Signature Algorithm: sha256WithRSAEncryption 23:1a:08:75:4a:c5:6a:61:63:76:f8:5d:a1:b9:41:83:1b:1b: 70:42:69:0d:35:f2:a0:64:10:5f:08:d7:cd:eb:3d:20:56:2e: 38:57:a8:f4:d2:28:cd:f7:4f:eb:ee:5f:3d:0b:9b:79:5b:18: 8e:17:41:7e:31:e5:6d:ce:23:eb:15:80:1d:de:75:56:43:20: 31:0f:d8:82:b9:1a:a2:42:80:88:25:65:94:d8:af:64:b6:90: f1:73:ee:6f:a0:a9:09:de:3d:d9:df:6f:85:79:b7:9d:32:f2: 5f:aa:d8:d5:8a:c8:fe:ff:c8:c9:af:07:1a:90:58:ff:9c:91: bd:74:8c:4a:16:da:4a:03:69:fe:d4:b3:f9:c6:38:41:72:3d: 6a:37:40:df:30:69:69:0a:d0:eb:11:bb:fe:50:47:00:d8:4a: 8d:32:43:6c:f7:9f:6f:7d:84:96:f2:fa:37:50:22:e3:0a:ea: c3:54:82:ec:a4:04:07:20:41:a1:60:88:25:2a:24:74:e4:8e: 2c:a8:25:fc:38:5b:9c:69:96:28:94:88:4b:e2:c2:ca:63:1b: 6d:b9:5b:62:f8:6f:94:25:8f:56:02:d8:8e:74:07:f6:b4:7f: 21:8d:3f:32:16:5f:64:13:77:cd:9d:48:8b:b1:63:6e:48:b8: 53:d8:3a:a5 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzE0OEIxMTAvBgNVBAUTKDIyREYzMTc1QjFERDMyMzExN0UwQzE5RjNGNkQ2QTFF NzcxRjlDMUYwHhcNMjUwMjI4MTkzMDQ5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyMGVlOS02ZWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8o0XnUZq3RUjyN46g4cprzvBIubniJyE23B5gECg/CLbciIhKMeBiEZzXmUa Mf17/lmaX2CBh5+/LVsiZAwBwdgGmanb3oF6q4MZCE9AD1uUHrw1NDdeq3KNg0TP DBuJcZxGAMRBvaopxcCcNILF6YWcZHPgeugoN+9tNkKm9ayCnf7dS70yIicCDHtk vJSZXDZw/oi7VFrpVciM+CyK4F+RsKlYgkDBny0TJfauqUca9go+XadzkSjdnz2a cRINWyFhmlUPDWkfCSEBUPIDdi2nqbu+FcCtGFmbsdSK6wR5J2bnqaQ8WO5jOyZk JFXMIlTcUnN8eIXq+8tbMLeelQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFPjstP5b EUIXTtw0zaEVHrX4Y1YmMB8GA1UdIwQYMBaAFCLfMXWx3TIxF+DBnz9tah53H5wf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTQ4Qi8wNDk0MTBBRTA5 MTMxMUVBQkE0MUM3MzVDNEY5QUUwMi9JdDh4ZGJIZE1qRVg0TUdmUDIxcUhuY2Zu QjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0l0OHhkYkhkTWpFWDRNR2ZQMjFxSG5jZm5COC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzE0OEIvMDQ5NDEwQUUwOTEzMTFFQUJBNDFDNzM1QzRGOUFFMDIvRDcyNUFDNUMw OTE0MTFFQUJCRkM4NzM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJn0IQDBAKJO5gwDQQCAAIwBwMFACQCwMAwDQYJKoZIhvcN AQELBQADggEBACMaCHVKxWphY3b4XaG5QYMbG3BCaQ018qBkEF8I183rPSBWLjhX qPTSKM33T+vuXz0Lm3lbGI4XQX4x5W3OI+sVgB3edVZDIDEP2IK5GqJCgIglZZTY r2S2kPFz7m+gqQnePdnfb4V5t50y8l+q2NWKyP7/yMmvBxqQWP+ckb10jEoW2koD af7Us/nGOEFyPWo3QN8waWkK0OsRu/5QRwDYSo0yQ2z3n299hJby+jdQIuMK6sNU guykBAcgQaFgiCUqJHTkjiyoJfw4W5xpliiUiEviwspjG225W2L4b5Qlj1YC2I50 B/a0fyGNPzIWX2QTd82dSIuxY25IuFPYOqU= -----END CERTIFICATE-----Generated at Wed Nov 5 05:27:20 2025 by rpki-client