$ rpki-client -vvf rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/DD7CA58EA23F11EDBCDB6D73C4F9AE02.roa File: DD7CA58EA23F11EDBCDB6D73C4F9AE02.roa (raw, json) Hash identifier: 5xwHH4/f23qWAT+TboZC+tRvenA32AbWJXTfPPug25w= Subject key identifier: 48:A6:E0:1E:E3:4D:96:7B:21:27:02:C0:B5:E0:A0:16:A0:6D:3C:54 Certificate issuer: /CN=A91840A8/serialNumber=D1474C1DA439B34E487C28C24729E687E0947D73 Certificate serial: 0664 Authority key identifier: D1:47:4C:1D:A4:39:B3:4E:48:7C:28:C2:47:29:E6:87:E0:94:7D:73 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/DD7CA58EA23F11EDBCDB6D73C4F9AE02.roa Signing time: Wed 30 Jul 2025 23:34:48 +0000 ROA not before: Wed 30 Jul 2025 23:34:48 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 38296 IP address blocks: 203.185.129.0/24 maxlen: 24 203.185.130.0/23 maxlen: 23 203.185.130.0/24 maxlen: 24 203.185.131.0/24 maxlen: 24 203.185.132.0/22 maxlen: 22 203.185.132.0/23 maxlen: 23 203.185.132.0/24 maxlen: 24 203.185.133.0/24 maxlen: 24 203.185.134.0/23 maxlen: 23 203.185.134.0/24 maxlen: 24 203.185.135.0/24 maxlen: 24 203.185.136.0/24 maxlen: 24 203.185.137.0/24 maxlen: 24 203.185.138.0/24 maxlen: 24 203.185.139.0/24 maxlen: 24 203.185.140.0/24 maxlen: 24 203.185.141.0/24 maxlen: 24 203.185.142.0/24 maxlen: 24 203.185.143.0/24 maxlen: 24 203.185.144.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/0UdMHaQ5s05IfCjCRynmh-CUfXM.crl rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/0UdMHaQ5s05IfCjCRynmh-CUfXM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 23:29:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1636 (0x664) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91840A8, serialNumber=D1474C1DA439B34E487C28C24729E687E0947D73 Validity Not Before: Jul 30 23:34:48 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=688aac17-ac49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:04:1e:69:b7:7e:ff:14:14:c5:8c:94:9e:75: 41:38:6d:a8:2a:d6:f4:6e:80:e9:df:8e:ba:c9:48: d6:11:ab:82:a9:2d:2a:c0:98:d5:36:a2:99:3b:75: 0a:50:93:d5:43:f6:3d:28:80:ab:17:40:38:18:da: 29:3b:f6:04:c2:e3:28:06:ca:4b:e4:5c:99:a0:cf: 3f:c2:50:8e:9c:22:e9:b0:59:d4:9b:8b:bb:3e:bc: 9b:a3:0d:82:f1:08:82:1f:2d:6f:b9:d7:c9:27:02: bf:6d:4e:ab:f7:1e:d9:d5:56:57:ee:7c:a3:cb:62: d6:4d:1d:f8:94:ec:bd:1e:8f:48:df:62:ae:87:a6: a9:dd:fa:2e:9b:35:20:b4:da:cb:90:9e:a2:83:4e: e0:9b:d9:1f:c3:22:75:06:0b:00:f4:5f:d5:3a:52: d5:54:a2:53:7e:f6:04:68:33:99:40:ad:8c:b8:51: 59:09:6f:44:51:45:2d:8a:a7:bc:ff:9b:5e:cc:bd: ed:f0:b0:2a:21:89:12:52:eb:ca:7f:19:b2:71:25: cd:a1:ad:98:b5:32:be:b2:7f:1a:be:f4:b4:ae:b6: 49:8b:68:14:2e:45:ea:1d:9d:1f:eb:85:a9:e1:b5: e7:a7:3a:64:47:ff:80:c4:83:a9:c2:33:d1:44:18: 0c:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:A6:E0:1E:E3:4D:96:7B:21:27:02:C0:B5:E0:A0:16:A0:6D:3C:54 X509v3 Authority Key Identifier: keyid:D1:47:4C:1D:A4:39:B3:4E:48:7C:28:C2:47:29:E6:87:E0:94:7D:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/0UdMHaQ5s05IfCjCRynmh-CUfXM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/DD7CA58EA23F11EDBCDB6D73C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.185.129.0-203.185.145.255 Signature Algorithm: sha256WithRSAEncryption 7e:2f:7a:ab:ae:34:24:bf:40:c3:8b:09:99:3e:27:70:14:2c: 9a:ea:dd:a8:3f:e4:c6:a3:3d:c5:59:16:f0:eb:13:8f:f8:11: d6:93:42:1f:b8:fe:6a:d5:50:b8:cc:97:0d:2c:b7:da:31:79: 42:39:22:dd:ef:7f:b3:62:31:4f:f3:41:ed:83:53:56:a2:d9: 0a:0c:e9:74:99:5e:e8:89:ce:ed:cb:1c:f6:6d:5f:2a:3d:e1: 11:eb:71:89:fa:c9:b6:15:6a:ec:21:f5:b7:72:98:ba:39:34: b9:ef:fd:46:17:fe:ed:c3:e5:c6:f9:1a:72:fb:1e:5e:55:66: d6:a3:20:7a:eb:71:fa:2d:5e:b5:86:12:1c:38:ce:fa:9c:a0: da:2f:d7:2c:65:4f:c4:5f:60:a4:01:f2:89:3e:72:ed:22:09: 5b:d0:d6:f5:09:38:21:fa:b7:a0:f7:ed:b4:52:95:2a:73:7f: e4:bf:15:81:31:7b:b0:64:9a:7a:79:42:7c:25:eb:fa:0d:67: af:2f:db:89:bc:d9:65:3a:36:c3:63:34:04:8e:2f:86:3b:69: 8c:bd:68:42:a9:52:c9:b5:12:88:15:78:4c:ef:6e:08:f3:53: 43:58:08:29:3d:e0:7b:45:94:d9:41:45:73:73:3a:12:08:92: 58:e9:b2:d1 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgICBmQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQwQTgxMTAvBgNVBAUTKEQxNDc0QzFEQTQzOUIzNEU0ODdDMjhDMjQ3MjlFNjg3 RTA5NDdENzMwHhcNMjUwNzMwMjMzNDQ4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhhYWMxNy1hYzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwAQeabd+/xQUxYyUnnVBOG2oKtb0boDp3466yUjWEauCqS0qwJjVNqKZO3UK UJPVQ/Y9KICrF0A4GNopO/YEwuMoBspL5FyZoM8/wlCOnCLpsFnUm4u7Prybow2C 8QiCHy1vudfJJwK/bU6r9x7Z1VZX7nyjy2LWTR34lOy9Ho9I32Kuh6ap3foumzUg tNrLkJ6ig07gm9kfwyJ1BgsA9F/VOlLVVKJTfvYEaDOZQK2MuFFZCW9EUUUtiqe8 /5tezL3t8LAqIYkSUuvKfxmycSXNoa2YtTK+sn8avvS0rrZJi2gULkXqHZ0f64Wp 4bXnpzpkR/+AxIOpwjPRRBgMpQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFEim4B7j TZZ7IScCwLXgoBagbTxUMB8GA1UdIwQYMBaAFNFHTB2kObNOSHwowkcp5ofglH1z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDBBOC83MEMyRUI3QUEx OTYxMUVCODIwMENGMDlDNEY5QUUwMi8wVWRNSGFRNXMwNUlmQ2pDUnlubWgtQ1Vm WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBVZE1IYVE1czA1SWZDakNSeW5taC1DVWZYTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODQwQTgvNzBDMkVCN0FBMTk2MTFFQjgyMDBDRjA5QzRGOUFFMDIvREQ3Q0E1OEVB MjNGMTFFREJDREI2RDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E GDAWMBQEAgABMA4wDAMEAMu5gQMEAcu5kDANBgkqhkiG9w0BAQsFAAOCAQEAfi96 q640JL9Aw4sJmT4ncBQsmurdqD/kxqM9xVkW8OsTj/gR1pNCH7j+atVQuMyXDSy3 2jF5Qjki3e9/s2IxT/NB7YNTVqLZCgzpdJle6InO7csc9m1fKj3hEetxifrJthVq 7CH1t3KYujk0ue/9Rhf+7cPlxvkacvseXlVm1qMgeutx+i1etYYSHDjO+pyg2i/X LGVPxF9gpAHyiT5y7SIJW9DW9Qk4Ifq3oPfttFKVKnN/5L8VgTF7sGSaenlCfCXr +g1nry/bibzZZTo2w2M0BI4vhjtpjL1oQqlSybUSiBV4TO9uCPNTQ1gIKT3ge0WU 2UFFc3M6EgiSWOmy0Q== -----END CERTIFICATE-----Generated at Tue Oct 28 04:44:26 2025 by rpki-client