$ rpki-client -vvf rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/E4205416B2F111EFBB14DE0FC4F9AE02.roa File: E4205416B2F111EFBB14DE0FC4F9AE02.roa (raw, json) Hash identifier: u41x8Ny1raTvp1vwnGwm7MW/cINQCDMdw5LO04vaVeU= Subject key identifier: F0:4A:70:43:7F:D0:D4:F3:FB:F9:82:47:62:38:6C:86:D0:95:96:07 Certificate issuer: /CN=A9183BBC/serialNumber=06181849E2C5F9313EA60A3397DC61472AC11B0D Certificate serial: 0636 Authority key identifier: 06:18:18:49:E2:C5:F9:31:3E:A6:0A:33:97:DC:61:47:2A:C1:1B:0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BhgYSeLF-TE-pgozl9xhRyrBGw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/E4205416B2F111EFBB14DE0FC4F9AE02.roa Signing time: Sun 02 Feb 2025 22:32:12 +0000 ROA not before: Sun 02 Feb 2025 22:32:12 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 4594 IP address blocks: 43.225.100.0/22 maxlen: 22 43.225.100.0/24 maxlen: 24 43.225.101.0/24 maxlen: 24 43.225.102.0/24 maxlen: 24 43.225.103.0/24 maxlen: 24 103.44.61.0/24 maxlen: 24 2407:880::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/BhgYSeLF-TE-pgozl9xhRyrBGw0.crl rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/BhgYSeLF-TE-pgozl9xhRyrBGw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BhgYSeLF-TE-pgozl9xhRyrBGw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 22:22:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1590 (0x636) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9183BBC, serialNumber=06181849E2C5F9313EA60A3397DC61472AC11B0D Validity Not Before: Feb 2 22:32:12 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=679ff26c-7ab0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:33:40:27:ee:0b:0b:bf:ec:27:19:2b:b4:cc: 28:3c:fe:8e:e2:ff:08:a4:b4:7c:37:fe:57:6f:b2: 30:bd:04:c4:a4:43:a2:27:0a:d7:cf:4e:c8:e9:d2: ac:ea:57:11:1e:a9:8d:c2:75:12:09:c8:42:04:d1: f9:41:16:47:e0:02:68:f7:3b:50:2c:06:5c:07:63: 72:fb:13:53:a4:d2:e3:41:a0:97:44:cb:83:6f:80: 4b:64:84:1e:c9:57:54:fd:54:83:45:45:54:b5:06: f9:1a:3b:72:b6:d7:0e:38:05:80:83:5b:bf:77:ef: 8b:03:f9:d4:af:e4:0a:9d:ca:89:ad:6c:f3:6d:50: c8:4f:21:98:47:6a:20:4e:28:1f:7c:39:7c:1c:86: 44:0c:24:0b:c8:1e:41:6e:e8:b5:0e:74:d2:42:f0: 98:01:5a:79:bc:f5:f6:90:23:11:6b:5e:c6:64:e4: 8c:1e:2d:fb:0a:e2:b2:86:12:33:a7:c4:7d:03:18: a7:9d:f7:35:4b:84:23:0a:dd:67:f3:34:67:c7:e9: 15:91:75:5a:b0:81:bc:4a:71:9c:c8:e4:dc:c3:c0: e0:a1:cd:6c:ca:71:30:84:c2:ad:61:6a:b7:b8:8a: 8a:fc:71:18:86:d3:ed:c5:2c:e1:40:bb:f6:31:0b: 37:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:4A:70:43:7F:D0:D4:F3:FB:F9:82:47:62:38:6C:86:D0:95:96:07 X509v3 Authority Key Identifier: keyid:06:18:18:49:E2:C5:F9:31:3E:A6:0A:33:97:DC:61:47:2A:C1:1B:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/BhgYSeLF-TE-pgozl9xhRyrBGw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BhgYSeLF-TE-pgozl9xhRyrBGw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/E4205416B2F111EFBB14DE0FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.100.0/22 103.44.61.0/24 IPv6: 2407:880::/32 Signature Algorithm: sha256WithRSAEncryption c5:cb:97:54:89:68:e5:c5:de:b8:ea:64:05:f5:42:a4:77:c3: 31:ea:7a:a7:86:6f:59:7b:bb:f8:8d:11:b5:26:f8:63:6d:32: 4d:4b:0e:15:98:f1:20:36:13:ab:e6:c5:c7:9f:b4:3f:2b:e5: 68:79:38:0b:67:9c:f7:10:e4:88:e6:32:12:d4:ae:c1:1e:5b: 80:2d:88:f5:14:4c:37:60:bc:b2:9b:34:d7:7e:a6:b6:6f:f8: 67:11:7b:be:12:60:a8:6c:cc:d9:d9:2e:e5:b2:7f:d7:c1:e4: d3:92:88:bc:df:6d:64:d6:7b:7e:20:f4:ac:3b:41:00:bd:f1: 68:5b:74:13:17:7b:37:26:a3:0b:49:64:a1:75:a0:dd:b4:8e: 48:67:5b:cc:65:9c:36:90:16:71:76:f3:cc:aa:37:e0:62:04: 7d:e2:a7:0c:fe:d1:91:30:51:60:85:32:a7:d2:40:6b:a5:7f: 67:c2:de:6f:5b:28:64:1b:4b:27:e9:9b:bb:87:08:6f:7a:38: df:c8:a5:ab:2f:e0:ad:fa:04:6c:27:35:a1:7f:1a:35:2c:ee: a2:e3:70:dc:a6:e3:df:1a:7a:53:29:51:e3:da:75:c1:bd:18: 52:c8:9a:3e:fe:ff:fb:b7:4f:7c:db:81:5e:3f:fe:0d:6e:cf: 20:10:a7:71 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICBjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODNCQkMxMTAvBgNVBAUTKDA2MTgxODQ5RTJDNUY5MzEzRUE2MEEzMzk3REM2MTQ3 MkFDMTFCMEQwHhcNMjUwMjAyMjIzMjEyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzlmZjI2Yy03YWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsTNAJ+4LC7/sJxkrtMwoPP6O4v8IpLR8N/5Xb7IwvQTEpEOiJwrXz07I6dKs 6lcRHqmNwnUSCchCBNH5QRZH4AJo9ztQLAZcB2Ny+xNTpNLjQaCXRMuDb4BLZIQe yVdU/VSDRUVUtQb5GjtyttcOOAWAg1u/d++LA/nUr+QKncqJrWzzbVDITyGYR2og TigffDl8HIZEDCQLyB5Bbui1DnTSQvCYAVp5vPX2kCMRa17GZOSMHi37CuKyhhIz p8R9Axinnfc1S4QjCt1n8zRnx+kVkXVasIG8SnGcyOTcw8Dgoc1synEwhMKtYWq3 uIqK/HEYhtPtxSzhQLv2MQs3cQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFPBKcEN/ 0NTz+/mCR2I4bIbQlZYHMB8GA1UdIwQYMBaAFAYYGEnixfkxPqYKM5fcYUcqwRsN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4M0JCQy8xNDBDMTc1Njg2 RDYxMUVCQjdCMzlDNjJDNEY5QUUwMi9CaGdZU2VMRi1URS1wZ296bDl4aFJ5ckJH dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JoZ1lTZUxGLVRFLXBnb3psOXhoUnlyQkd3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODNCQkMvMTQwQzE3NTY4NkQ2MTFFQkI3QjM5QzYyQzRGOUFFMDIvRTQyMDU0MTZC MkYxMTFFRkJCMTRERTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIr4WQDBABnLD0wDQQCAAIwBwMFACQHCIAwDQYJKoZIhvcN AQELBQADggEBAMXLl1SJaOXF3rjqZAX1QqR3wzHqeqeGb1l7u/iNEbUm+GNtMk1L DhWY8SA2E6vmxceftD8r5Wh5OAtnnPcQ5IjmMhLUrsEeW4AtiPUUTDdgvLKbNNd+ prZv+GcRe74SYKhszNnZLuWyf9fB5NOSiLzfbWTWe34g9Kw7QQC98WhbdBMXezcm owtJZKF1oN20jkhnW8xlnDaQFnF288yqN+BiBH3ipwz+0ZEwUWCFMqfSQGulf2fC 3m9bKGQbSyfpm7uHCG96ON/Ipasv4K36BGwnNaF/GjUs7qLjcNym498aelMpUePa dcG9GFLImj7+//u3T3zbgV4//g1uzyAQp3E= -----END CERTIFICATE-----Generated at Wed Nov 5 13:35:42 2025 by rpki-client