$ rpki-client -vvf rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/DFA876BAA1D011EB909F3352C4F9AE02.roa File: DFA876BAA1D011EB909F3352C4F9AE02.roa (raw, json) Hash identifier: r8ZqDCZQUEDaJuodGigdg5730ebRMN80tyK9bKpWQ8Q= Subject key identifier: 55:42:7E:77:0F:02:5A:0D:44:E4:D5:30:7F:CE:77:E5:7A:1B:20:A9 Certificate issuer: /CN=A9122C94/serialNumber=91772A9A6C39719F8A6E6971636D484EDE43A650 Certificate serial: 0656 Authority key identifier: 91:77:2A:9A:6C:39:71:9F:8A:6E:69:71:63:6D:48:4E:DE:43:A6:50 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kXcqmmw5cZ-KbmlxY21ITt5DplA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/DFA876BAA1D011EB909F3352C4F9AE02.roa Signing time: Wed 10 Sep 2025 22:03:36 +0000 ROA not before: Wed 10 Sep 2025 22:03:36 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 133066 IP address blocks: 64.224.144.0/20 maxlen: 20 64.224.144.0/24 maxlen: 24 64.224.145.0/24 maxlen: 24 64.224.146.0/24 maxlen: 24 64.224.147.0/24 maxlen: 24 64.224.148.0/24 maxlen: 24 64.224.149.0/24 maxlen: 24 64.224.150.0/24 maxlen: 24 64.224.151.0/24 maxlen: 24 64.224.152.0/24 maxlen: 24 64.224.153.0/24 maxlen: 24 64.224.154.0/24 maxlen: 24 64.224.155.0/24 maxlen: 24 64.224.156.0/24 maxlen: 24 64.224.157.0/24 maxlen: 24 64.224.158.0/24 maxlen: 24 64.224.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/kXcqmmw5cZ-KbmlxY21ITt5DplA.crl rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/kXcqmmw5cZ-KbmlxY21ITt5DplA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kXcqmmw5cZ-KbmlxY21ITt5DplA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 22:41:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1622 (0x656) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122C94, serialNumber=91772A9A6C39719F8A6E6971636D484EDE43A650 Validity Not Before: Sep 10 22:03:36 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68c1f5b7-01b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:f7:40:07:c2:53:95:b4:7c:43:8d:cc:08:04: 08:37:49:d2:03:b6:76:e4:08:0b:e3:df:d9:1c:23: 3e:2b:0d:97:c7:9b:97:4f:49:db:28:9b:92:37:c5: 18:b6:a3:bc:77:96:ce:cd:30:8f:56:20:01:f1:59: 69:2a:c4:7f:33:29:53:11:57:e2:24:7a:52:b4:b1: 54:aa:98:2c:ba:2f:93:a9:6c:51:04:fd:7f:90:f7: 2e:43:13:aa:94:35:48:42:f9:5c:d2:1c:e0:d2:3b: 4b:38:b4:97:ca:6d:b4:96:8f:27:8e:da:c7:04:5f: 11:a7:4f:46:6b:4e:f1:51:2a:a6:0c:4f:87:af:fc: 0f:75:20:9a:a6:a9:1e:86:db:56:48:68:f9:f4:b2: 49:f9:e3:7a:3a:9f:7a:24:ab:f7:0e:21:b4:50:c6: 0c:43:30:fc:3e:2d:c5:9b:0d:7a:48:44:7a:71:b1: 02:cc:c5:41:d7:35:c6:5b:47:bd:fb:fd:78:e3:7f: ad:f3:26:01:1e:ba:1b:f6:63:ce:03:f7:ab:ff:54: ac:b8:98:20:8b:cf:b1:cc:d0:87:5b:4d:f0:f1:52: 73:89:14:8d:cc:40:9c:59:bd:e6:3b:27:d6:4c:45: 33:35:e9:15:be:eb:06:1e:18:d5:6a:d4:f2:5a:27: 29:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:42:7E:77:0F:02:5A:0D:44:E4:D5:30:7F:CE:77:E5:7A:1B:20:A9 X509v3 Authority Key Identifier: keyid:91:77:2A:9A:6C:39:71:9F:8A:6E:69:71:63:6D:48:4E:DE:43:A6:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/kXcqmmw5cZ-KbmlxY21ITt5DplA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kXcqmmw5cZ-KbmlxY21ITt5DplA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122C94/6AE202A6A1D011EB92A2DF29C4F9AE02/DFA876BAA1D011EB909F3352C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 64.224.144.0/20 Signature Algorithm: sha256WithRSAEncryption 6e:0b:4f:c0:f3:0c:e9:af:2e:7f:a3:c4:9a:29:a8:4c:f0:7b: 92:34:85:a8:6b:62:06:05:da:61:1a:8c:af:54:f7:79:29:bf: 5a:61:89:e8:c8:64:cd:5d:a5:24:93:22:f2:50:90:9a:7d:f1: ad:26:d6:f6:2e:bb:91:db:1b:77:60:7b:a7:9e:6b:2e:c5:8a: ef:69:c1:30:1f:bd:b9:6e:4a:68:e9:e3:64:19:f9:e4:1e:c7: ea:52:d0:c8:ba:cd:a5:ea:ed:94:06:69:b3:09:d6:49:9f:22: 23:9b:3a:a3:18:2d:87:53:77:a2:c0:9c:04:6c:4a:3f:1b:11: 4d:1a:1c:c4:d9:91:ce:66:e8:6e:1d:85:ab:11:06:49:bc:90: 8f:fa:da:ac:4f:01:3e:7f:e7:5b:e3:6b:5e:48:39:f2:b4:2f: 89:90:bc:ac:f1:38:e8:c0:98:d2:2d:0e:17:a3:01:59:43:7a: 74:23:22:18:a3:04:db:af:11:7e:6d:ea:a9:7b:54:45:b9:09: c3:2f:77:3c:57:99:48:3b:87:08:94:30:7a:25:2e:01:89:49: 9c:39:21:8a:77:c5:da:e7:b4:e6:7b:81:d8:71:7f:f1:18:07: aa:76:44:44:ef:15:c8:a0:5c:d0:91:57:ba:26:6a:9b:0f:1e: b2:98:76:f1 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBlYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjJDOTQxMTAvBgNVBAUTKDkxNzcyQTlBNkMzOTcxOUY4QTZFNjk3MTYzNkQ0ODRF REU0M0E2NTAwHhcNMjUwOTEwMjIwMzM2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGMxZjViNy0wMWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1fdAB8JTlbR8Q43MCAQIN0nSA7Z25AgL49/ZHCM+Kw2Xx5uXT0nbKJuSN8UY tqO8d5bOzTCPViAB8VlpKsR/MylTEVfiJHpStLFUqpgsui+TqWxRBP1/kPcuQxOq lDVIQvlc0hzg0jtLOLSXym20lo8njtrHBF8Rp09Ga07xUSqmDE+Hr/wPdSCapqke httWSGj59LJJ+eN6Op96JKv3DiG0UMYMQzD8Pi3Fmw16SER6cbECzMVB1zXGW0e9 +/1443+t8yYBHrob9mPOA/er/1SsuJggi8+xzNCHW03w8VJziRSNzECcWb3mOyfW TEUzNekVvusGHhjVatTyWicpuwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFVCfncP AloNROTVMH/Od+V6GyCpMB8GA1UdIwQYMBaAFJF3KppsOXGfim5pcWNtSE7eQ6ZQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkM5NC82QUUyMDJBNkEx RDAxMUVCOTJBMkRGMjlDNEY5QUUwMi9rWGNxbW13NWNaLUtibWx4WTIxSVR0NURw bEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tYY3FtbXc1Y1otS2JtbHhZMjFJVHQ1RHBsQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjJDOTQvNkFFMjAyQTZBMUQwMTFFQjkyQTJERjI5QzRGOUFFMDIvREZBODc2QkFB MUQwMTFFQjkwOUYzMzUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBARA4JAwDQYJKoZIhvcNAQELBQADggEBAG4LT8DzDOmvLn+j xJopqEzwe5I0hahrYgYF2mEajK9U93kpv1phiejIZM1dpSSTIvJQkJp98a0m1vYu u5HbG3dge6eeay7Fiu9pwTAfvbluSmjp42QZ+eQex+pS0Mi6zaXq7ZQGabMJ1kmf IiObOqMYLYdTd6LAnARsSj8bEU0aHMTZkc5m6G4dhasRBkm8kI/62qxPAT5/51vj a15IOfK0L4mQvKzxOOjAmNItDhejAVlDenQjIhijBNuvEX5t6ql7VEW5CcMvdzxX mUg7hwiUMHolLgGJSZw5IYp3xdrntOZ7gdhxf/EYB6p2RETvFcigXNCRV7omapsP HrKYdvE= -----END CERTIFICATE-----Generated at Tue Oct 21 01:38:27 2025 by rpki-client