$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/0CF90768BDE011EAAEA46554C4F9AE02.roa File: 0CF90768BDE011EAAEA46554C4F9AE02.roa (raw, json) Hash identifier: znvGWfW5A76pdK1d1zp0lvUyIBgJV3VXYm27vF5D1Cw= Subject key identifier: 38:8F:D4:0F:0D:C3:1B:57:F7:9C:3F:D7:E7:9D:4E:28:8D:99:D9:26 Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 1F8A Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/0CF90768BDE011EAAEA46554C4F9AE02.roa Signing time: Thu 04 Sep 2025 07:21:12 +0000 ROA not before: Thu 04 Sep 2025 07:21:12 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9430 IP address blocks: 157.15.159.0/24 maxlen: 24 164.164.32.0/24 maxlen: 24 164.164.123.0/24 maxlen: 24 164.164.124.0/24 maxlen: 24 164.164.126.0/24 maxlen: 24 164.164.127.0/24 maxlen: 24 164.164.184.0/24 maxlen: 24 164.164.187.0/24 maxlen: 24 164.164.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 15:21:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8074 (0x1f8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: Sep 4 07:21:12 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68b93de7-aa71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:16:cc:d6:34:c9:bb:0c:e4:17:38:da:f6:4b: 8c:67:57:79:c8:06:9a:93:c3:05:86:b3:bc:92:fc: 02:14:c7:de:e0:78:7e:34:72:14:9f:f6:f5:fb:e9: 6a:2b:2f:d3:47:c8:e3:f3:7c:ea:e2:f9:20:55:70: 55:50:8f:19:47:67:93:53:53:b0:3b:de:5e:74:b4: 36:d8:15:69:9b:ad:d0:f4:64:cf:ad:11:1c:d9:46: 81:bd:c4:58:a4:25:a2:7b:73:35:03:be:16:e3:d6: 0f:74:ab:bb:8c:37:04:4d:eb:9e:a5:2e:14:ca:14: c4:c4:48:e0:d4:4e:06:d4:4c:18:eb:a7:30:b7:13: 95:7a:81:79:aa:24:29:e5:65:f7:d7:ee:de:c9:f7: 90:e8:16:42:ed:bd:83:f6:fa:c6:5c:e3:44:f0:e6: 7b:29:6f:43:e6:ff:1a:3a:09:e4:9c:21:98:44:35: 34:7f:94:98:46:7f:b1:bd:4d:8e:4e:2e:6f:d9:94: 1d:59:c1:31:d9:6d:39:ba:a9:ea:f8:dc:bd:6c:54: 55:d0:b4:b1:74:c6:80:66:c1:8f:49:43:e2:c7:49: 78:d0:8a:95:2e:0d:83:c2:5a:65:4c:4c:18:29:f3: a0:06:fa:cb:3b:8a:0b:c3:95:05:60:f5:a3:79:c8: 5a:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:8F:D4:0F:0D:C3:1B:57:F7:9C:3F:D7:E7:9D:4E:28:8D:99:D9:26 X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/0CF90768BDE011EAAEA46554C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.15.159.0/24 164.164.32.0/24 164.164.123.0-164.164.124.255 164.164.126.0/23 164.164.184.0/24 164.164.187.0/24 164.164.192.0/24 Signature Algorithm: sha256WithRSAEncryption 97:51:e2:74:0c:b4:7d:d6:55:39:de:60:7e:93:4d:a0:76:a4: 09:1d:8c:d4:9f:68:90:4e:e5:ec:28:48:dc:84:17:d8:ab:38: 3d:47:9d:91:e6:50:ea:26:28:ab:34:bd:80:05:3a:39:1a:4a: 02:57:88:c7:30:86:33:8c:8b:9c:37:2f:cf:79:92:8b:c1:f9: e7:58:d4:eb:64:03:cf:8b:bd:a8:89:91:91:64:f8:2e:1d:28: 0d:1c:f8:de:ce:f2:bb:29:12:dc:2c:79:e7:ec:2c:e8:c8:d9: 04:85:19:e8:58:7c:17:ba:14:da:d7:d6:a8:3a:2f:22:9a:d3: 19:33:83:54:a5:6f:f9:92:8b:18:9e:d9:a5:9b:b4:5b:aa:df: ce:66:82:bd:85:38:ee:28:82:04:ac:d7:61:dc:df:d8:d1:23: ce:64:33:11:3b:60:59:91:f9:87:f4:df:14:72:aa:b8:4b:39: 19:64:37:1f:e4:5f:6a:33:f0:d2:87:b6:77:8a:33:45:5d:bd: 1b:92:91:b9:da:51:87:56:fa:fe:48:41:6c:da:7f:45:62:f0: c2:c4:0b:08:e7:98:c8:72:fe:26:44:f6:6e:a1:c7:ae:b1:f9: d5:a1:96:08:66:0f:5d:7d:d5:71:11:d7:29:5e:06:35:78:b6: 4b:54:5c:17 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICH4owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjUwOTA0MDcyMTEyWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI5M2RlNy1hYTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwRbM1jTJuwzkFzja9kuMZ1d5yAaak8MFhrO8kvwCFMfe4Hh+NHIUn/b1++lq Ky/TR8jj83zq4vkgVXBVUI8ZR2eTU1OwO95edLQ22BVpm63Q9GTPrREc2UaBvcRY pCWie3M1A74W49YPdKu7jDcETeuepS4UyhTExEjg1E4G1EwY66cwtxOVeoF5qiQp 5WX31+7eyfeQ6BZC7b2D9vrGXONE8OZ7KW9D5v8aOgnknCGYRDU0f5SYRn+xvU2O Ti5v2ZQdWcEx2W05uqnq+Ny9bFRV0LSxdMaAZsGPSUPix0l40IqVLg2DwlplTEwY KfOgBvrLO4oLw5UFYPWjechaWwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFDiP1A8N wxtX95w/1+edTiiNmdkmMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMENGOTA3NjhC REUwMTFFQUFFQTQ2NTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MDgEAgABMDIDBACdD58DBACkpCAwDAMEAKSkewMEAKSkfAMEAaSkfgMEAKSk uAMEAKSkuwMEAKSkwDANBgkqhkiG9w0BAQsFAAOCAQEAl1HidAy0fdZVOd5gfpNN oHakCR2M1J9okE7l7ChI3IQX2Ks4PUedkeZQ6iYoqzS9gAU6ORpKAleIxzCGM4yL nDcvz3mSi8H551jU62QDz4u9qImRkWT4Lh0oDRz43s7yuykS3Cx55+ws6MjZBIUZ 6Fh8F7oU2tfWqDovIprTGTODVKVv+ZKLGJ7ZpZu0W6rfzmaCvYU47iiCBKzXYdzf 2NEjzmQzETtgWZH5h/TfFHKquEs5GWQ3H+RfajPw0oe2d4ozRV29G5KRudpRh1b6 /khBbNp/RWLwwsQLCOeYyHL+JkT2bqHHrrH51aGWCGYPXX3VcRHXKV4GNXi2S1Rc Fw== -----END CERTIFICATE-----Generated at Tue Sep 9 03:18:53 2025 by rpki-client