$ rpki-client -vvf rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CAB0B6B2F7C311EA8A722484C4F9AE02.roa File: CAB0B6B2F7C311EA8A722484C4F9AE02.roa (raw, json) Hash identifier: rWjXWilCzwscxUrzYHy2y+RbO91zzbJS7wnbS9Z8TVM= Subject key identifier: 40:49:B5:D3:90:6E:BB:07:1E:27:A3:5F:78:21:AE:38:3E:0E:1D:DC Certificate issuer: /CN=A917AAAD/serialNumber=D617D4710482C7F775752057DC8682259B319C78 Certificate serial: 0820 Authority key identifier: D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CAB0B6B2F7C311EA8A722484C4F9AE02.roa Signing time: Wed 22 Oct 2025 22:10:08 +0000 ROA not before: Wed 22 Oct 2025 22:10:08 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 17977 IP address blocks: 120.72.64.0/20 maxlen: 20 203.173.64.0/20 maxlen: 20 2404:1000::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 21:47:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2080 (0x820) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AAAD, serialNumber=D617D4710482C7F775752057DC8682259B319C78 Validity Not Before: Oct 22 22:10:08 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68f9563f-4ea4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:6d:d2:9b:85:89:f4:63:0a:d3:2f:aa:4d:9d: a2:9d:e3:8a:24:77:0a:3a:45:28:b5:e0:4f:08:35: 2e:28:10:88:25:a1:65:4c:d7:59:89:5d:3d:49:42: 89:b0:0f:83:92:34:bf:f8:04:a9:ec:48:06:cd:a9: e7:1f:de:0f:4b:45:0a:24:b4:79:d9:56:a6:67:4f: 92:d9:b8:f7:8d:b4:f5:00:6a:4c:09:6b:88:a6:82: 6d:a0:d5:45:5f:cf:ee:fc:8f:4d:ac:8a:bd:44:4a: f7:67:5a:98:5a:86:95:20:aa:85:89:81:cc:47:be: 20:c9:9b:02:93:e9:74:18:ad:b5:2a:c0:77:bc:15: cf:d2:a9:eb:05:e7:ff:7f:99:e7:4d:02:02:78:af: 0c:69:fd:8a:c4:fa:df:04:e2:3d:fc:50:95:1a:ed: 59:dc:06:42:d0:55:50:51:3e:a8:a7:06:c5:6c:01: 07:5b:5e:05:b5:13:f9:c1:10:5d:c2:a4:5a:be:37: 65:28:9d:56:07:b9:0e:25:c4:5e:43:bf:92:6a:79: d8:aa:67:e3:66:d4:9e:d7:f4:f9:c2:04:46:b1:aa: 98:da:8f:ba:0a:55:ec:b3:d0:3a:40:1e:91:d9:73: 03:8d:12:3e:2d:72:cb:0f:52:1c:49:6f:73:cb:0b: 72:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:49:B5:D3:90:6E:BB:07:1E:27:A3:5F:78:21:AE:38:3E:0E:1D:DC X509v3 Authority Key Identifier: keyid:D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CAB0B6B2F7C311EA8A722484C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.72.64.0/20 203.173.64.0/20 IPv6: 2404:1000::/32 Signature Algorithm: sha256WithRSAEncryption 9e:0f:03:c9:bf:27:a8:cb:48:b5:6b:71:3d:32:87:96:93:fb: 3a:58:ce:67:cc:90:c6:72:d6:08:5d:39:17:4a:30:d0:18:91: b7:aa:8d:5a:83:70:ae:99:e7:2c:cb:93:37:78:02:8b:8a:96: 61:46:20:db:a4:85:10:fb:70:43:03:83:d5:5b:be:0f:04:87: c9:08:dd:b8:b4:eb:a4:7f:37:db:18:01:35:8b:ec:f7:24:b6: 18:ee:51:d6:fe:67:02:8a:34:75:12:15:85:0b:27:56:5d:f5: 09:ab:7b:3d:61:a8:4f:75:67:c7:62:66:8c:ab:34:3e:89:63: be:5f:5e:9c:b7:dc:e1:7a:61:5e:62:e9:94:ec:53:36:c7:24: d8:1e:27:99:e2:63:23:79:98:25:18:9c:d6:9a:36:41:80:a3: c3:d3:d2:ae:6f:7a:e5:0b:d2:d7:d6:af:99:2e:15:b3:61:70: 50:27:74:c1:ab:2f:cb:80:db:69:e8:9d:a7:93:02:27:eb:09: eb:f0:d9:90:68:5f:36:45:da:32:cd:81:03:40:66:69:40:f6: 48:b8:8c:a9:aa:be:38:5c:3d:cb:7e:57:1a:c3:1a:92:ea:c5: 8f:62:90:79:98:7d:c6:3c:cd:e2:a4:32:a4:cd:8f:88:e0:7c: f0:31:e5:0b -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICCCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FBQUQxMTAvBgNVBAUTKEQ2MTdENDcxMDQ4MkM3Rjc3NTc1MjA1N0RDODY4MjI1 OUIzMTlDNzgwHhcNMjUxMDIyMjIxMDA4WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY5NTYzZi00ZWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2G3Sm4WJ9GMK0y+qTZ2ineOKJHcKOkUoteBPCDUuKBCIJaFlTNdZiV09SUKJ sA+DkjS/+ASp7EgGzannH94PS0UKJLR52VamZ0+S2bj3jbT1AGpMCWuIpoJtoNVF X8/u/I9NrIq9REr3Z1qYWoaVIKqFiYHMR74gyZsCk+l0GK21KsB3vBXP0qnrBef/ f5nnTQICeK8Maf2KxPrfBOI9/FCVGu1Z3AZC0FVQUT6opwbFbAEHW14FtRP5wRBd wqRavjdlKJ1WB7kOJcReQ7+SannYqmfjZtSe1/T5wgRGsaqY2o+6ClXss9A6QB6R 2XMDjRI+LXLLD1IcSW9zywtyWwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEBJtdOQ brsHHiejX3ghrjg+Dh3cMB8GA1UdIwQYMBaAFNYX1HEEgsf3dXUgV9yGgiWbMZx4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUFBRC9FM0IyQjY0NEY3 QzExMUVBODI3NUNCNjZDNEY5QUUwMi8xaGZVY1FTQ3hfZDFkU0JYM0lhQ0pac3hu SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFoZlVjUVNDeF9kMWRTQlgzSWFDSlpzeG5IZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0FBQUQvRTNCMkI2NDRGN0MxMTFFQTgyNzVDQjY2QzRGOUFFMDIvQ0FCMEI2QjJG N0MzMTFFQThBNzIyNDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAR4SEADBATLrUAwDQQCAAIwBwMFACQEEAAwDQYJKoZIhvcN AQELBQADggEBAJ4PA8m/J6jLSLVrcT0yh5aT+zpYzmfMkMZy1ghdORdKMNAYkbeq jVqDcK6Z5yzLkzd4AouKlmFGINukhRD7cEMDg9Vbvg8Eh8kI3bi066R/N9sYATWL 7PckthjuUdb+ZwKKNHUSFYULJ1Zd9Qmrez1hqE91Z8diZoyrND6JY75fXpy33OF6 YV5i6ZTsUzbHJNgeJ5niYyN5mCUYnNaaNkGAo8PT0q5veuUL0tfWr5kuFbNhcFAn dMGrL8uA22nonaeTAifrCevw2ZBoXzZF2jLNgQNAZmlA9ki4jKmqvjhcPct+VxrD GpLqxY9ikHmYfcY8zeKkMqTNj4jgfPAx5Qs= -----END CERTIFICATE-----Generated at Sat Oct 25 18:36:11 2025 by rpki-client