$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/493CABD04FEE11F0B866DF81C4F9AE02.roa File: 493CABD04FEE11F0B866DF81C4F9AE02.roa (raw, json) Hash identifier: CpOxmpHFMzljYWx1tmf9sr/C/j2WdjltGmwOj4BHMOc= Subject key identifier: C6:DE:EC:17:19:6D:7D:F9:A9:7F:D8:2E:AF:52:59:B8:0F:62:11:91 Certificate issuer: /CN=A918C661/serialNumber=8BF7E2930CFC6EEB916E7390F893E0100BA93B32 Certificate serial: 0A39 Authority key identifier: 8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/493CABD04FEE11F0B866DF81C4F9AE02.roa Signing time: Fri 29 Aug 2025 08:30:35 +0000 ROA not before: Fri 29 Aug 2025 08:30:34 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 4907 IP address blocks: 137.220.136.0/24 maxlen: 24 137.220.139.0/24 maxlen: 24 137.220.140.0/24 maxlen: 24 137.220.150.0/24 maxlen: 24 137.220.151.0/24 maxlen: 24 137.220.152.0/24 maxlen: 24 137.220.153.0/24 maxlen: 24 137.220.154.0/24 maxlen: 24 137.220.155.0/24 maxlen: 24 137.220.156.0/24 maxlen: 24 137.220.157.0/24 maxlen: 24 137.220.158.0/24 maxlen: 24 137.220.164.0/24 maxlen: 24 137.220.165.0/24 maxlen: 24 137.220.166.0/24 maxlen: 24 137.220.172.0/24 maxlen: 24 137.220.178.0/24 maxlen: 24 137.220.179.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.crl rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 20:07:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2617 (0xa39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C661, serialNumber=8BF7E2930CFC6EEB916E7390F893E0100BA93B32 Validity Not Before: Aug 29 08:30:34 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68b1652a-35da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:38:96:59:f3:63:ad:f2:47:7a:6e:3c:96:f8: 02:6a:cd:e5:6f:2a:b3:3b:24:d5:37:00:79:ee:c7: a0:44:22:32:23:8e:b5:81:46:08:d1:d1:d3:e0:d5: c3:4f:d7:61:4c:b0:be:16:3c:71:d6:e0:07:2e:52: 7a:6a:49:05:e3:41:79:bf:fb:28:08:64:95:f2:fa: 49:a4:1c:0c:58:fb:49:db:e6:1d:f6:8f:fb:4d:e4: 29:dc:9b:81:e9:d2:3f:cd:04:ea:10:36:cb:cd:a0: 0b:92:c1:fc:b0:a7:c2:51:63:ea:69:fa:f6:33:e4: 09:a6:2f:90:a5:fd:f6:1b:aa:13:63:37:89:99:b5: f0:26:0e:fe:c5:c6:d1:28:eb:c4:02:f9:6b:28:e7: 41:27:8e:57:bd:ce:cb:74:ae:d7:55:40:d7:df:99: 6d:fc:ba:95:0a:b6:16:3a:a8:56:51:95:16:be:74: 47:54:30:a5:ce:2a:fd:4d:d9:a4:9b:ce:67:55:c8: 04:1f:c6:52:1b:d3:46:1a:de:f9:d6:90:09:c1:b6: 5c:eb:84:61:55:fd:3e:d1:74:0b:12:f8:a4:25:1f: 15:93:e6:d8:ac:dc:de:04:f4:0a:7c:05:dc:52:01: 23:29:2a:67:a5:aa:6f:6c:de:47:d8:8c:dc:4d:60: 23:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:DE:EC:17:19:6D:7D:F9:A9:7F:D8:2E:AF:52:59:B8:0F:62:11:91 X509v3 Authority Key Identifier: keyid:8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/493CABD04FEE11F0B866DF81C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 137.220.136.0/24 137.220.139.0-137.220.140.255 137.220.150.0-137.220.158.255 137.220.164.0-137.220.166.255 137.220.172.0/24 137.220.178.0/23 Signature Algorithm: sha256WithRSAEncryption 5d:02:46:a7:e0:ae:6a:f9:41:2d:e7:79:97:e3:61:90:41:8d: 69:00:8a:8c:2a:82:e0:c1:c6:08:ac:f2:31:7c:76:b6:0b:ec: 4a:18:9b:2c:17:7a:18:d4:e8:07:ca:fd:56:1c:76:20:f0:35: 2d:c2:7a:ce:1e:4d:f2:71:3a:de:6a:07:15:2b:58:49:68:ba: 71:4d:11:0f:62:92:b2:a6:3a:ef:1a:a8:79:33:0d:7c:96:4a: 9a:88:c4:b3:7c:95:22:89:3f:ab:b6:78:fc:4f:c0:8b:47:4b: ca:25:01:b6:eb:92:f8:9d:30:ff:d3:e0:9c:9d:d3:47:64:c7: ac:7d:d8:d7:55:36:cb:92:ae:b4:2d:93:10:1e:19:79:11:c7: fa:b5:c5:c3:52:a7:d1:9a:13:95:4a:0d:42:cc:1d:14:20:19: 70:a7:4a:81:60:dc:12:f6:69:5b:07:2f:8a:bf:4a:bc:31:6b: b5:de:cd:01:f1:11:e4:c9:9f:3a:ec:4d:71:d8:1e:67:ee:2d: b5:f4:b9:4b:2d:3d:be:e8:23:c8:50:f2:66:99:53:aa:5f:c0: 00:aa:6e:c5:cb:c2:e9:55:0a:07:28:e0:9c:85:f9:65:16:23: 07:12:f4:b7:44:01:f5:4f:4b:65:91:8e:fc:25:6c:23:49:42: ca:ec:47:1e -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgICCjkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEM2NjExMTAvBgNVBAUTKDhCRjdFMjkzMENGQzZFRUI5MTZFNzM5MEY4OTNFMDEw MEJBOTNCMzIwHhcNMjUwODI5MDgzMDM0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIxNjUyYS0zNWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvjiWWfNjrfJHem48lvgCas3lbyqzOyTVNwB57segRCIyI461gUYI0dHT4NXD T9dhTLC+Fjxx1uAHLlJ6akkF40F5v/soCGSV8vpJpBwMWPtJ2+Yd9o/7TeQp3JuB 6dI/zQTqEDbLzaALksH8sKfCUWPqafr2M+QJpi+Qpf32G6oTYzeJmbXwJg7+xcbR KOvEAvlrKOdBJ45Xvc7LdK7XVUDX35lt/LqVCrYWOqhWUZUWvnRHVDClzir9Tdmk m85nVcgEH8ZSG9NGGt751pAJwbZc64RhVf0+0XQLEvikJR8Vk+bYrNzeBPQKfAXc UgEjKSpnpapvbN5H2IzcTWAjtwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFMbe7BcZ bX35qX/YLq9SWbgPYhGRMB8GA1UdIwQYMBaAFIv34pMM/G7rkW5zkPiT4BALqTsy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wNEFBQjI5RTgz NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9pX2Zpa3d6OGJ1dVJibk9RLUpQZ0VBdXBP ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lfZmlrd3o4YnV1UmJuT1EtSlBnRUF1cE96SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEM2NjEvMDRBQUIyOUU4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvNDkzQ0FCRDA0 RkVFMTFGMEI4NjZERjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E RjBEMEIEAgABMDwDBACJ3IgwDAMEAInciwMEAIncjDAMAwQBidyWAwQAidyeMAwD BAKJ3KQDBACJ3KYDBACJ3KwDBAGJ3LIwDQYJKoZIhvcNAQELBQADggEBAF0CRqfg rmr5QS3neZfjYZBBjWkAiowqguDBxgis8jF8drYL7EoYmywXehjU6AfK/VYcdiDw NS3Ces4eTfJxOt5qBxUrWElounFNEQ9ikrKmOu8aqHkzDXyWSpqIxLN8lSKJP6u2 ePxPwItHS8olAbbrkvidMP/T4Jyd00dkx6x92NdVNsuSrrQtkxAeGXkRx/q1xcNS p9GaE5VKDULMHRQgGXCnSoFg3BL2aVsHL4q/Srwxa7XezQHxEeTJnzrsTXHYHmfu LbX0uUstPb7oI8hQ8maZU6pfwACqbsXLwulVCgco4JyF+WUWIwcS9LdEAfVPS2WR jvwlbCNJQsrsRx4= -----END CERTIFICATE-----Generated at Fri Sep 5 08:28:34 2025 by rpki-client