$ rpki-client -vvf rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/0964A56EF35511E8AC1ECA17C4F9AE02.roa File: 0964A56EF35511E8AC1ECA17C4F9AE02.roa (raw, json) Hash identifier: 73TnPaYse5Jq88UH3d/+sChGvcrApkf6vCKZhwuKess= Subject key identifier: FE:57:6C:1C:C5:E9:35:CC:6A:79:CE:2E:C8:21:80:1A:01:80:DF:72 Certificate issuer: /CN=A917B83F/serialNumber=1980355299B6C2237B4235000F723597BFEB33DA Certificate serial: 1508 Authority key identifier: 19:80:35:52:99:B6:C2:23:7B:42:35:00:0F:72:35:97:BF:EB:33:DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GYA1Upm2wiN7QjUAD3I1l7_rM9o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/0964A56EF35511E8AC1ECA17C4F9AE02.roa Signing time: Sat 02 Aug 2025 17:26:10 +0000 ROA not before: Sat 02 Aug 2025 17:26:10 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 2635 IP address blocks: 45.121.180.0/24 maxlen: 24 45.121.181.0/24 maxlen: 24 45.121.182.0/24 maxlen: 24 45.121.183.0/24 maxlen: 24 103.62.32.0/24 maxlen: 24 103.62.33.0/24 maxlen: 24 103.62.34.0/24 maxlen: 24 103.62.35.0/24 maxlen: 24 2403:6b80::/40 maxlen: 48 2403:6b80:ff00::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/GYA1Upm2wiN7QjUAD3I1l7_rM9o.crl rsync://rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/GYA1Upm2wiN7QjUAD3I1l7_rM9o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GYA1Upm2wiN7QjUAD3I1l7_rM9o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Nov 2025 16:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5384 (0x1508) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B83F, serialNumber=1980355299B6C2237B4235000F723597BFEB33DA Validity Not Before: Aug 2 17:26:10 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=688e4a32-0d1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c6:62:2e:02:a9:96:e1:46:f0:ef:6b:07:c0: 6b:ce:77:38:39:94:f8:91:47:c2:4d:7c:c9:2d:86: c2:8f:81:21:47:84:73:bf:a2:f6:95:dc:84:97:80: 4a:bb:61:2d:34:8b:8c:58:70:56:49:0d:41:f5:7a: 9a:ab:d9:13:ae:11:08:48:bd:9a:b0:97:87:ae:9e: b1:da:64:92:58:b0:82:09:1e:fc:c1:38:50:6c:fa: bd:bb:44:11:0f:ae:a0:f8:d5:c8:ca:5a:9a:43:97: 21:e8:0a:c7:86:15:67:65:b4:a3:b2:4f:9e:5a:26: 80:18:aa:ce:95:a1:73:04:15:d4:71:0e:e6:98:62: 76:0e:bc:9f:ef:c3:06:7c:e8:90:08:51:e1:f8:82: 23:01:de:c2:fb:49:c3:70:35:61:89:32:50:a6:7a: cf:69:ab:34:6e:93:29:2b:6d:19:c3:ef:94:bd:87: a9:01:c7:2d:79:b7:05:97:7d:7d:31:17:63:e5:f8: 6b:b7:9f:61:4c:f3:77:c2:4a:38:d5:83:13:d2:26: 85:92:84:0c:61:a1:60:ea:0e:fb:2b:83:09:6e:40: 7c:d1:7d:52:9c:66:ab:78:6a:ee:8e:eb:af:32:3c: 95:3d:46:a1:8d:37:58:c8:48:4f:6b:ff:56:84:36: d8:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:57:6C:1C:C5:E9:35:CC:6A:79:CE:2E:C8:21:80:1A:01:80:DF:72 X509v3 Authority Key Identifier: keyid:19:80:35:52:99:B6:C2:23:7B:42:35:00:0F:72:35:97:BF:EB:33:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/GYA1Upm2wiN7QjUAD3I1l7_rM9o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GYA1Upm2wiN7QjUAD3I1l7_rM9o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B83F/3DB3DBEA554F11E89BC2E857C4F9AE02/0964A56EF35511E8AC1ECA17C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.121.180.0/22 103.62.32.0/22 IPv6: 2403:6b80::/40 2403:6b80:ff00::/40 Signature Algorithm: sha256WithRSAEncryption 98:e1:57:9c:08:56:03:a8:3b:2c:6b:52:f8:ca:82:86:e2:27: 3c:e6:46:9b:9a:58:d6:da:fe:0c:35:d1:02:b0:69:56:79:74: 64:c3:63:cb:cf:98:78:a7:9f:ac:f6:3b:60:85:22:b2:a1:5d: 8d:aa:86:2c:16:c4:ed:cc:79:6e:67:66:dc:27:1b:45:0f:fe: fc:a0:b7:34:60:0f:2b:ab:d1:84:6d:e1:ee:e0:a8:83:b0:fb: 68:9c:a8:25:79:df:db:b8:02:2e:10:9d:f8:86:a8:dc:8a:cc: e6:dc:a1:e8:3f:93:d1:76:ec:6e:e3:69:0a:5f:00:2c:e8:75: fa:cb:9e:bb:76:00:08:0c:6a:ea:8d:61:87:24:e6:ee:43:c5: a6:60:8d:f9:86:fa:59:35:03:1c:e8:06:85:f6:95:5b:87:19: 2a:9f:d6:67:55:30:4e:ed:7e:35:2c:54:ad:16:de:81:84:22: e7:92:aa:fb:7e:e5:e7:11:8b:f5:a9:28:93:31:68:f1:34:17: 30:a2:16:12:3e:51:24:cc:ee:1a:c1:5e:31:c1:6e:f2:ef:37: 98:86:07:6b:32:f4:e4:74:1f:24:12:bd:8c:ff:01:67:bd:47: 3e:ae:4c:41:c4:90:65:8e:93:ae:6d:79:d7:93:60:24:ab:a4: f9:ac:a9:38 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICFQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I4M0YxMTAvBgNVBAUTKDE5ODAzNTUyOTlCNkMyMjM3QjQyMzUwMDBGNzIzNTk3 QkZFQjMzREEwHhcNMjUwODAyMTcyNjEwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhlNGEzMi0wZDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsMZiLgKpluFG8O9rB8Brznc4OZT4kUfCTXzJLYbCj4EhR4Rzv6L2ldyEl4BK u2EtNIuMWHBWSQ1B9Xqaq9kTrhEISL2asJeHrp6x2mSSWLCCCR78wThQbPq9u0QR D66g+NXIylqaQ5ch6ArHhhVnZbSjsk+eWiaAGKrOlaFzBBXUcQ7mmGJ2Dryf78MG fOiQCFHh+IIjAd7C+0nDcDVhiTJQpnrPaas0bpMpK20Zw++UvYepAcctebcFl319 MRdj5fhrt59hTPN3wko41YMT0iaFkoQMYaFg6g77K4MJbkB80X1SnGareGrujuuv MjyVPUahjTdYyEhPa/9WhDbY3QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFP5XbBzF 6TXMannOLsghgBoBgN9yMB8GA1UdIwQYMBaAFBmANVKZtsIje0I1AA9yNZe/6zPa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjgzRi8zREIzREJFQTU1 NEYxMUU4OUJDMkU4NTdDNEY5QUUwMi9HWUExVXBtMndpTjdRalVBRDNJMWw3X3JN OW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dZQTFVcG0yd2lON1FqVUFEM0kxbDdfck05by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0I4M0YvM0RCM0RCRUE1NTRGMTFFODlCQzJFODU3QzRGOUFFMDIvMDk2NEE1NkVG MzU1MTFFOEFDMUVDQTE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMBIEAgABMAwDBAItebQDBAJnPiAwFgQCAAIwEAMGACQDa4AAAwYAJANrgP8w DQYJKoZIhvcNAQELBQADggEBAJjhV5wIVgOoOyxrUvjKgobiJzzmRpuaWNba/gw1 0QKwaVZ5dGTDY8vPmHinn6z2O2CFIrKhXY2qhiwWxO3MeW5nZtwnG0UP/vygtzRg Dyur0YRt4e7gqIOw+2icqCV539u4Ai4QnfiGqNyKzObcoeg/k9F27G7jaQpfACzo dfrLnrt2AAgMauqNYYck5u5DxaZgjfmG+lk1AxzoBoX2lVuHGSqf1mdVME7tfjUs VK0W3oGEIueSqvt+5ecRi/WpKJMxaPE0FzCiFhI+USTM7hrBXjHBbvLvN5iGB2sy 9OR0HyQSvYz/AWe9Rz6uTEHEkGWOk65tedeTYCSrpPmsqTg= -----END CERTIFICATE-----Generated at Thu Oct 30 16:34:04 2025 by rpki-client