$ rpki-client -vvf rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/8B58F72A7BF511F0BEBF8326C4F9AE02.roa File: 8B58F72A7BF511F0BEBF8326C4F9AE02.roa (raw, json) Hash identifier: DPudtrZt3zDLn6cOKt8G2uNXGPQUskKpTDxbAvt9zzA= Subject key identifier: D1:3D:F1:B3:2D:18:F8:47:FF:3A:DC:3C:9C:60:FF:4A:6E:DA:84:5D Certificate issuer: /CN=A919D588/serialNumber=882859D52301F01571D9D4CF953F45E075E09A98 Certificate serial: 0B Authority key identifier: 88:28:59:D5:23:01:F0:15:71:D9:D4:CF:95:3F:45:E0:75:E0:9A:98 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/8B58F72A7BF511F0BEBF8326C4F9AE02.roa Signing time: Fri 22 Aug 2025 02:11:50 +0000 ROA not before: Fri 22 Aug 2025 02:11:50 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 64098 IP address blocks: 59.153.8.0/22 maxlen: 24 103.55.135.0/24 maxlen: 24 103.61.129.0/24 maxlen: 24 103.79.4.0/22 maxlen: 22 103.79.4.0/24 maxlen: 24 103.197.232.0/22 maxlen: 22 103.197.232.0/24 maxlen: 24 103.197.233.0/24 maxlen: 24 160.202.140.0/22 maxlen: 22 203.189.126.0/24 maxlen: 24 221.120.164.0/22 maxlen: 22 221.120.164.0/24 maxlen: 24 221.120.165.0/24 maxlen: 24 221.120.166.0/24 maxlen: 24 221.120.167.0/24 maxlen: 24 2400:1240::/32 maxlen: 32 2403:780::/32 maxlen: 32 2403:780:f::/48 maxlen: 48 2403:780:e300::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.crl rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 02:14:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919D588, serialNumber=882859D52301F01571D9D4CF953F45E075E09A98 Validity Not Before: Aug 22 02:11:50 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68a7d1e6-5b93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:0b:82:4b:09:e1:39:9c:c1:39:1f:66:3e:1f: e4:16:4f:8b:ea:88:6a:a2:97:75:01:37:55:5c:de: dc:1f:49:b6:a5:c6:4c:d7:d4:e6:9c:03:5e:16:f1: 8d:a4:36:e2:0b:78:00:21:a2:85:cb:61:d3:b1:13: 96:c7:a1:76:cf:1c:26:4b:40:af:6e:5e:47:2d:45: 94:d9:0e:db:56:9f:f6:02:7f:b7:68:fc:c4:46:4c: bf:c5:40:f6:0e:d6:cd:74:44:8e:0c:cb:6f:b2:01: 33:88:07:1d:f6:7a:78:e6:f4:c0:87:ad:3d:2e:d1: 63:f5:bf:0e:7b:d1:e6:7a:4e:ae:73:04:b6:dc:38: 86:01:34:94:5a:6e:95:bb:51:93:f3:5f:85:7f:f1: 8b:cd:87:75:15:bf:ee:fc:16:d9:db:7d:5c:45:e8: fb:85:b9:42:6a:7b:1d:7a:09:9c:8d:3f:3f:cb:88: a5:32:b1:d6:f2:d8:e6:e2:ca:62:b4:b7:74:81:2f: e4:12:05:b0:de:94:49:7c:ac:0c:a6:47:6e:81:a2: d9:d4:83:c1:c0:75:6c:c5:8c:cc:38:d6:70:e8:7a: 07:67:30:25:87:32:8d:4d:f8:9a:09:15:9e:be:45: b5:9e:0d:fb:59:25:99:df:28:c6:12:e0:42:9a:5c: 7d:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:3D:F1:B3:2D:18:F8:47:FF:3A:DC:3C:9C:60:FF:4A:6E:DA:84:5D X509v3 Authority Key Identifier: keyid:88:28:59:D5:23:01:F0:15:71:D9:D4:CF:95:3F:45:E0:75:E0:9A:98 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/iChZ1SMB8BVx2dTPlT9F4HXgmpg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iChZ1SMB8BVx2dTPlT9F4HXgmpg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D588/BF7D5E767BF311F0A05FAD82C4F9AE02/8B58F72A7BF511F0BEBF8326C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.153.8.0/22 103.55.135.0/24 103.61.129.0/24 103.79.4.0/22 103.197.232.0/22 160.202.140.0/22 203.189.126.0/24 221.120.164.0/22 IPv6: 2400:1240::/32 2403:780::/32 Signature Algorithm: sha256WithRSAEncryption 59:a3:73:dd:12:91:d0:b8:7b:32:8e:48:6d:74:23:cb:fa:57: 12:42:d9:6c:6d:a0:b9:95:6c:24:ab:d4:20:5a:f9:35:9c:20: 5b:9b:19:59:d9:1e:40:ec:04:c9:2e:08:16:6d:09:be:d6:55: ff:9c:59:91:98:e6:a4:68:cc:a9:6a:70:b7:27:47:90:f4:9e: 0f:10:d8:3b:ad:84:5d:72:61:91:5b:55:28:59:b5:55:8d:1a: b5:32:33:f4:4d:3c:ec:18:af:c9:da:71:7c:cd:6d:20:1f:fe: 95:09:e5:4d:3a:37:e9:ef:b3:93:96:05:68:9b:69:79:7e:48: 3e:d4:d4:4b:18:ac:18:9c:0f:09:2f:6e:f4:93:4d:b6:f3:11: 78:df:47:e3:6a:cc:92:ac:eb:a7:9c:2b:6c:5b:5b:02:8a:ef: cb:da:b4:bd:04:c3:8b:36:cb:00:9a:19:83:a4:7c:1e:7d:76: c5:c3:fa:05:bc:57:e0:db:24:d7:6c:ad:92:89:15:ea:e7:ea: 95:93:a3:b6:06:45:5b:30:0f:11:30:e8:c0:56:94:ac:36:33: 7a:8e:f6:ab:65:42:66:9b:6b:c2:c9:4c:51:89:54:3c:5d:5a: 7e:2e:1b:cf:65:2c:db:8f:f5:4c:d1:4e:f1:d1:57:80:bd:f7: 8d:d8:fb:91 -----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 RDU4ODExMC8GA1UEBRMoODgyODU5RDUyMzAxRjAxNTcxRDlENENGOTUzRjQ1RTA3 NUUwOUE5ODAeFw0yNTA4MjIwMjExNTBaFw0yNjEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YTdkMWU2LTViOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDlC4JLCeE5nME5H2Y+H+QWT4vqiGqil3UBN1Vc3twfSbalxkzX1OacA14W8Y2k NuILeAAhooXLYdOxE5bHoXbPHCZLQK9uXkctRZTZDttWn/YCf7do/MRGTL/FQPYO 1s10RI4My2+yATOIBx32enjm9MCHrT0u0WP1vw570eZ6Tq5zBLbcOIYBNJRabpW7 UZPzX4V/8YvNh3UVv+78FtnbfVxF6PuFuUJqex16CZyNPz/LiKUysdby2ObiymK0 t3SBL+QSBbDelEl8rAymR26BotnUg8HAdWzFjMw41nDoegdnMCWHMo1N+JoJFZ6+ RbWeDftZJZnfKMYS4EKaXH3jAgMBAAGjggLVMIIC0TAdBgNVHQ4EFgQU0T3xsy0Y +Ef/Otw8nGD/Sm7ahF0wHwYDVR0jBBgwFoAUiChZ1SMB8BVx2dTPlT9F4HXgmpgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlENTg4L0JGN0Q1RTc2N0JG MzExRjBBMDVGQUQ4MkM0RjlBRTAyL2lDaFoxU01COEJWeDJkVFBsVDlGNEhYZ21w Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaUNoWjFTTUI4QlZ4MmRUUGxUOUY0SFhnbXBnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RDU4OC9CRjdENUU3NjdCRjMxMUYwQTA1RkFEODJDNEY5QUUwMi84QjU4RjcyQTdC RjUxMUYwQkVCRjgzMjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBfBggrBgEFBQcBBwEB/wRQ ME4wNgQCAAEwMAMEAjuZCAMEAGc3hwMEAGc9gQMEAmdPBAMEAmfF6AMEAqDKjAME AMu9fgMEAt14pDAUBAIAAjAOAwUAJAASQAMFACQDB4AwDQYJKoZIhvcNAQELBQAD ggEBAFmjc90SkdC4ezKOSG10I8v6VxJC2WxtoLmVbCSr1CBa+TWcIFubGVnZHkDs BMkuCBZtCb7WVf+cWZGY5qRozKlqcLcnR5D0ng8Q2DuthF1yYZFbVShZtVWNGrUy M/RNPOwYr8nacXzNbSAf/pUJ5U06N+nvs5OWBWibaXl+SD7U1EsYrBicDwkvbvST TbbzEXjfR+NqzJKs66ecK2xbWwKK78vatL0Ew4s2ywCaGYOkfB59dsXD+gW8V+Db JNdsrZKJFern6pWTo7YGRVswDxEw6MBWlKw2M3qO9qtlQmaba8LJTFGJVDxdWn4u G89lLNuP9UzRTvHRV4C9943Y+5E= -----END CERTIFICATE-----Generated at Fri Aug 22 18:47:26 2025 by rpki-client