$ rpki-client -vvf rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/A17F07705FA311EAB1BB612CC4F9AE02.roa File: A17F07705FA311EAB1BB612CC4F9AE02.roa (raw, json) Hash identifier: syqFyO0I3Vmcn5bJeGcao6zGLsNLne0ee+UOpu0s0a0= Subject key identifier: D8:18:AB:64:21:E3:3F:30:C7:2E:08:48:40:DC:52:92:2B:1F:1A:59 Certificate issuer: /CN=A9125F95/serialNumber=27FC63D861F4694F7A2F951FB12847E07FAA9072 Certificate serial: 1D93 Authority key identifier: 27:FC:63:D8:61:F4:69:4F:7A:2F:95:1F:B1:28:47:E0:7F:AA:90:72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J_xj2GH0aU96L5UfsShH4H-qkHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/A17F07705FA311EAB1BB612CC4F9AE02.roa Signing time: Tue 24 Jun 2025 16:25:38 +0000 ROA not before: Tue 24 Jun 2025 16:25:38 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 135407 IP address blocks: 45.249.8.0/22 maxlen: 24 103.217.176.0/22 maxlen: 24 2407:aa80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/J_xj2GH0aU96L5UfsShH4H-qkHI.crl rsync://rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/J_xj2GH0aU96L5UfsShH4H-qkHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J_xj2GH0aU96L5UfsShH4H-qkHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 16:14:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7571 (0x1d93) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125F95, serialNumber=27FC63D861F4694F7A2F951FB12847E07FAA9072 Validity Not Before: Jun 24 16:25:38 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=685ad182-9b5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:3b:e6:c6:86:ee:83:a4:5f:ed:a8:a7:c3:ae: 84:6f:e8:3f:77:0e:2f:e6:1c:39:17:74:07:9a:77: f8:f6:b0:2f:1a:cf:58:e4:99:6e:0c:c2:13:69:97: e8:41:65:8d:d8:e6:c2:58:58:fe:1d:45:5c:62:61: 8c:d3:4f:a9:15:b4:a7:73:c3:62:64:25:21:a3:48: b8:fe:b2:38:90:97:27:ea:74:e2:b7:2a:85:d7:ec: 25:cb:18:e8:f7:99:fb:5c:7e:12:56:18:a2:bc:d2: b8:d7:6c:f7:30:c4:bf:60:dd:ba:31:ca:2b:e0:aa: f9:1a:d4:d9:26:42:e8:fd:74:0c:a4:28:c7:a4:27: fe:81:5a:d9:78:f7:04:19:34:10:a8:88:1e:a6:3d: f4:75:fe:22:86:66:f8:d5:75:8c:d2:a4:eb:58:16: a8:b4:3c:b0:6d:66:aa:a3:a9:20:62:31:f1:18:21: 49:ce:1c:6b:8f:65:75:6c:8c:96:4d:fa:9b:b0:95: 8f:82:0e:f0:e7:ff:7e:4a:60:ea:aa:07:dc:b5:54: 1e:e9:81:81:46:30:6d:58:6d:f8:d7:61:6b:15:63: 20:20:b1:ac:36:d9:fe:d3:c9:dd:a8:98:97:62:fc: d8:4e:f5:a1:f1:0c:6e:08:39:7d:81:13:7e:47:c6: 36:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:18:AB:64:21:E3:3F:30:C7:2E:08:48:40:DC:52:92:2B:1F:1A:59 X509v3 Authority Key Identifier: keyid:27:FC:63:D8:61:F4:69:4F:7A:2F:95:1F:B1:28:47:E0:7F:AA:90:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/J_xj2GH0aU96L5UfsShH4H-qkHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J_xj2GH0aU96L5UfsShH4H-qkHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/A17F07705FA311EAB1BB612CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.249.8.0/22 103.217.176.0/22 IPv6: 2407:aa80::/32 Signature Algorithm: sha256WithRSAEncryption 9a:ba:95:46:e6:cc:14:a1:b5:73:b4:ed:e9:56:c3:76:20:99: 20:7f:7b:05:f4:51:39:69:b2:46:45:71:4a:68:ce:fc:5c:2d: 0a:e3:fe:b8:6d:0a:87:0d:3f:e2:aa:a9:7f:c6:b6:a6:eb:5c: a3:ac:67:00:27:ce:99:d5:52:b3:da:62:96:fe:9b:d0:65:cf: 89:14:52:22:6c:0e:8b:e9:49:91:3b:79:95:17:be:f0:fc:00: 54:69:f3:36:1c:b2:16:cf:3c:f4:c7:6b:93:ed:eb:47:32:b4: 13:f4:d3:89:8a:31:3e:fe:79:cf:4d:49:07:30:8e:7a:9d:60: c9:ef:a9:3c:08:98:c9:ae:04:08:14:87:e8:8c:d8:a9:cd:72: 32:ee:64:9f:e0:a4:cd:f3:fa:c4:87:aa:3e:9f:59:70:ca:08: 10:77:21:b9:37:22:a2:0b:82:dc:2d:f9:a1:64:16:5d:b4:da: 78:59:53:2e:d8:90:95:20:4f:68:ae:43:47:d7:4e:a9:5c:8d: 0c:11:89:64:18:c7:94:48:3a:bc:33:28:2f:26:c9:69:2d:95: 5c:27:70:55:59:a6:e5:61:e4:eb:b9:b9:88:d1:cb:0d:ec:0b: 6b:ee:5e:15:02:f8:f4:4b:7c:da:e4:f9:1c:42:aa:5b:aa:97: 8c:3e:1e:02 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICHZMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVGOTUxMTAvBgNVBAUTKDI3RkM2M0Q4NjFGNDY5NEY3QTJGOTUxRkIxMjg0N0Uw N0ZBQTkwNzIwHhcNMjUwNjI0MTYyNTM4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODVhZDE4Mi05YjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwDvmxobug6Rf7ainw66Eb+g/dw4v5hw5F3QHmnf49rAvGs9Y5JluDMITaZfo QWWN2ObCWFj+HUVcYmGM00+pFbSnc8NiZCUho0i4/rI4kJcn6nTityqF1+wlyxjo 95n7XH4SVhiivNK412z3MMS/YN26Mcor4Kr5GtTZJkLo/XQMpCjHpCf+gVrZePcE GTQQqIgepj30df4ihmb41XWM0qTrWBaotDywbWaqo6kgYjHxGCFJzhxrj2V1bIyW TfqbsJWPgg7w5/9+SmDqqgfctVQe6YGBRjBtWG3412FrFWMgILGsNtn+08ndqJiX YvzYTvWh8QxuCDl9gRN+R8Y2EQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNgYq2Qh 4z8wxy4ISEDcUpIrHxpZMB8GA1UdIwQYMBaAFCf8Y9hh9GlPei+VH7EoR+B/qpBy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUY5NS9DRTJBRkM0NkEy NzUxMUU2OUVCMTc3NzRDNEY5QUUwMi9KX3hqMkdIMGFVOTZMNVVmc1NoSDRILXFr SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pfeGoyR0gwYVU5Nkw1VWZzU2hINEgtcWtISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjVGOTUvQ0UyQUZDNDZBMjc1MTFFNjlFQjE3Nzc0QzRGOUFFMDIvQTE3RjA3NzA1 RkEzMTFFQUIxQkI2MTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIt+QgDBAJn2bAwDQQCAAIwBwMFACQHqoAwDQYJKoZIhvcN AQELBQADggEBAJq6lUbmzBShtXO07elWw3YgmSB/ewX0UTlpskZFcUpozvxcLQrj /rhtCocNP+KqqX/GtqbrXKOsZwAnzpnVUrPaYpb+m9Blz4kUUiJsDovpSZE7eZUX vvD8AFRp8zYcshbPPPTHa5Pt60cytBP004mKMT7+ec9NSQcwjnqdYMnvqTwImMmu BAgUh+iM2KnNcjLuZJ/gpM3z+sSHqj6fWXDKCBB3Ibk3IqILgtwt+aFkFl202nhZ Uy7YkJUgT2iuQ0fXTqlcjQwRiWQYx5RIOrwzKC8myWktlVwncFVZpuVh5Ou5uYjR yw3sC2vuXhUC+PRLfNrk+RxCqluql4w+HgI= -----END CERTIFICATE-----Generated at Fri Jul 4 11:24:43 2025 by rpki-client