$ rpki-client -vvf rpki.apnic.net/member_repository/A9117CE3/A90CAFC4346511EFB9C0764FC4F9AE02/D2F65B3E2D3C11F089979B7CC4F9AE02.roa File: D2F65B3E2D3C11F089979B7CC4F9AE02.roa (raw, json) Hash identifier: 6J9kztjsMZWsG1YwYpd9mAhESyWByZnQbhLzb1Wj+fo= Subject key identifier: 0D:D9:06:B8:DC:A9:E1:FA:65:1E:2B:02:AD:65:24:F6:AB:F9:47:03 Certificate issuer: /CN=A9117CE3/serialNumber=C26F46FD9952B3AF3A7D715DE1BF3A61E25C798A Certificate serial: CB Authority key identifier: C2:6F:46:FD:99:52:B3:AF:3A:7D:71:5D:E1:BF:3A:61:E2:5C:79:8A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/wm9G_ZlSs686fXFd4b86YeJceYo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117CE3/A90CAFC4346511EFB9C0764FC4F9AE02/D2F65B3E2D3C11F089979B7CC4F9AE02.roa Signing time: Wed 25 Jun 2025 05:39:48 +0000 ROA not before: Wed 25 Jun 2025 05:39:48 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 401371 IP address blocks: 160.25.20.0/23 maxlen: 23 160.25.20.0/24 maxlen: 24 160.25.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117CE3/A90CAFC4346511EFB9C0764FC4F9AE02/wm9G_ZlSs686fXFd4b86YeJceYo.crl rsync://rpki.apnic.net/member_repository/A9117CE3/A90CAFC4346511EFB9C0764FC4F9AE02/wm9G_ZlSs686fXFd4b86YeJceYo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/wm9G_ZlSs686fXFd4b86YeJceYo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 06:31:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 203 (0xcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117CE3, serialNumber=C26F46FD9952B3AF3A7D715DE1BF3A61E25C798A Validity Not Before: Jun 25 05:39:48 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=685b8ba4-3e65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:ba:ce:57:57:d6:9e:14:97:18:07:8c:0d:cb: ce:8e:35:fa:85:f5:11:70:bf:23:d7:90:84:1e:cc: 5a:4c:8a:ba:a0:12:b0:19:d8:8e:e3:7f:e6:63:50: cc:a0:6c:77:47:2a:73:34:a6:f7:62:34:bd:51:d4: a4:1f:ee:28:9d:88:45:72:d9:41:82:d7:96:c6:90: 83:b6:6c:d9:b5:77:9b:11:01:e7:ca:74:74:a2:1d: 38:fa:7a:0c:36:0e:db:b1:46:93:9a:c7:ca:e6:e3: 29:3c:34:8f:ea:cb:96:f8:d9:b7:cc:b2:08:0a:0e: 4b:c4:93:6b:b6:b2:fc:93:d8:99:08:c9:03:70:f9: 9c:c7:ad:2d:d2:78:d0:26:f6:ed:48:85:9c:e7:fd: b4:f2:cb:dd:6c:4d:9c:50:ff:47:5c:f8:98:ed:7f: 60:d6:7f:43:d6:a2:01:5d:9c:d1:58:af:fc:9b:79: 3c:eb:d3:40:4c:34:e5:0a:f8:df:dd:68:3a:34:61: 03:4a:1f:2a:5b:01:41:8f:2f:e4:04:85:0e:36:7c: 09:be:64:a9:0a:1b:d7:2c:3f:a8:46:3d:f3:99:0c: f2:5d:19:a6:3b:4a:8c:f5:15:7f:5c:7a:0d:ec:53: 8b:2c:f3:36:cf:a0:65:3f:81:7a:a7:1d:bc:00:e2: 49:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:D9:06:B8:DC:A9:E1:FA:65:1E:2B:02:AD:65:24:F6:AB:F9:47:03 X509v3 Authority Key Identifier: keyid:C2:6F:46:FD:99:52:B3:AF:3A:7D:71:5D:E1:BF:3A:61:E2:5C:79:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117CE3/A90CAFC4346511EFB9C0764FC4F9AE02/wm9G_ZlSs686fXFd4b86YeJceYo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/wm9G_ZlSs686fXFd4b86YeJceYo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117CE3/A90CAFC4346511EFB9C0764FC4F9AE02/D2F65B3E2D3C11F089979B7CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.25.20.0/23 Signature Algorithm: sha256WithRSAEncryption 52:90:a7:95:f3:5e:7b:90:7b:d6:17:17:57:2e:93:25:da:9b: ef:75:8f:71:fd:53:82:85:e5:34:15:c1:1c:56:ea:b7:40:32: 32:25:99:b2:05:ee:f9:d3:32:26:e8:cd:f0:4f:e9:4d:1c:22: 4e:f0:19:6f:b6:d1:14:00:1e:64:50:e2:82:5d:f4:f9:fc:e0: 80:72:12:32:9c:ac:d2:76:54:be:ee:ea:70:b6:f6:81:b8:4e: 23:49:29:fd:91:86:43:80:f3:a8:14:ae:79:51:a1:03:f0:49: a1:04:d8:97:70:87:5c:cd:17:28:65:a9:3b:b8:71:d9:cb:9c: 77:6f:04:80:18:7e:cc:86:a4:db:24:62:44:fa:7f:99:94:eb: 05:13:2c:83:6f:84:6a:8f:e6:44:fb:b1:7a:53:a3:bb:39:dd: 4d:ed:4c:f6:a8:03:cc:51:4b:76:c9:13:bf:41:a5:56:d9:d8: 5a:87:1b:31:fa:ce:49:36:25:52:62:f2:ad:f2:33:5c:66:74: c1:c5:08:31:19:2a:58:23:6e:a2:e4:d8:81:a2:c9:2e:4b:9e: b0:4f:d5:ee:fb:22:5d:5e:da:6d:78:82:91:63:5c:37:ab:93: 48:da:7e:94:3a:da:c3:80:74:86:62:1b:2e:4f:f4:cc:9f:ae: 3f:43:54:b2 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTdDRTMxMTAvBgNVBAUTKEMyNkY0NkZEOTk1MkIzQUYzQTdENzE1REUxQkYzQTYx RTI1Qzc5OEEwHhcNMjUwNjI1MDUzOTQ4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODViOGJhNC0zZTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA67rOV1fWnhSXGAeMDcvOjjX6hfURcL8j15CEHsxaTIq6oBKwGdiO43/mY1DM oGx3RypzNKb3YjS9UdSkH+4onYhFctlBgteWxpCDtmzZtXebEQHnynR0oh04+noM Ng7bsUaTmsfK5uMpPDSP6suW+Nm3zLIICg5LxJNrtrL8k9iZCMkDcPmcx60t0njQ JvbtSIWc5/208svdbE2cUP9HXPiY7X9g1n9D1qIBXZzRWK/8m3k869NATDTlCvjf 3Wg6NGEDSh8qWwFBjy/kBIUONnwJvmSpChvXLD+oRj3zmQzyXRmmO0qM9RV/XHoN 7FOLLPM2z6BlP4F6px28AOJJyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFA3ZBrjc qeH6ZR4rAq1lJPar+UcDMB8GA1UdIwQYMBaAFMJvRv2ZUrOvOn1xXeG/OmHiXHmK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExN0NFMy9BOTBDQUZDNDM0 NjUxMUVGQjlDMDc2NEZDNEY5QUUwMi93bTlHX1psU3M2ODZmWEZkNGI4NlllSmNl WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3dtOUdfWmxTczY4NmZYRmQ0Yjg2WWVKY2VZby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTdDRTMvQTkwQ0FGQzQzNDY1MTFFRkI5QzA3NjRGQzRGOUFFMDIvRDJGNjVCM0Uy RDNDMTFGMDg5OTc5QjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAGgGRQwDQYJKoZIhvcNAQELBQADggEBAFKQp5XzXnuQe9YX F1cukyXam+91j3H9U4KF5TQVwRxW6rdAMjIlmbIF7vnTMibozfBP6U0cIk7wGW+2 0RQAHmRQ4oJd9Pn84IByEjKcrNJ2VL7u6nC29oG4TiNJKf2RhkOA86gUrnlRoQPw SaEE2Jdwh1zNFyhlqTu4cdnLnHdvBIAYfsyGpNskYkT6f5mU6wUTLINvhGqP5kT7 sXpTo7s53U3tTPaoA8xRS3bJE79BpVbZ2FqHGzH6zkk2JVJi8q3yM1xmdMHFCDEZ KlgjbqLk2IGiyS5LnrBP1e77Il1e2m14gpFjXDerk0jafpQ62sOAdIZiGy5P9Myf rj9DVLI= -----END CERTIFICATE-----Generated at Tue Jul 1 15:42:36 2025 by rpki-client