$ rpki-client -vvf rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/25922C44F3CF11EFBCC75246C4F9AE02.roa File: 25922C44F3CF11EFBCC75246C4F9AE02.roa (raw, json) Hash identifier: tmAxTTNt4cwx64eo7rdMEojpG4GBIbW07PNB4Pwrbc8= Subject key identifier: CE:10:2D:B7:AD:E3:D7:CF:73:88:7F:D6:DF:46:A0:3C:FC:21:7B:C1 Certificate issuer: /CN=A912A5D4/serialNumber=66134DA1BFEDAC0C919D26B1F7F9E168AF9D2B4E Certificate serial: 7E Authority key identifier: 66:13:4D:A1:BF:ED:AC:0C:91:9D:26:B1:F7:F9:E1:68:AF:9D:2B:4E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZhNNob_trAyRnSax9_nhaK-dK04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/25922C44F3CF11EFBCC75246C4F9AE02.roa Signing time: Tue 23 Sep 2025 07:56:14 +0000 ROA not before: Tue 23 Sep 2025 07:56:14 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 140637 IP address blocks: 143.188.148.0/22 maxlen: 23 143.188.152.0/22 maxlen: 23 143.188.156.0/22 maxlen: 23 143.188.160.0/23 maxlen: 26 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/ZhNNob_trAyRnSax9_nhaK-dK04.crl rsync://rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/ZhNNob_trAyRnSax9_nhaK-dK04.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZhNNob_trAyRnSax9_nhaK-dK04.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:03:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 126 (0x7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912A5D4, serialNumber=66134DA1BFEDAC0C919D26B1F7F9E168AF9D2B4E Validity Not Before: Sep 23 07:56:14 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68d2529e-fd98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:78:45:06:02:c3:e9:36:99:3a:f0:76:2e:14: 54:68:78:6f:62:15:40:a3:eb:7f:98:aa:53:04:b4: 97:74:5e:fd:e1:3c:cb:e6:fd:24:d0:54:86:7e:a2: 11:82:cd:15:8f:10:47:6e:5b:65:81:be:8a:fd:ea: c9:95:8c:89:28:83:cc:ef:b2:e3:4f:fe:78:60:a8: 13:23:40:f6:21:2c:fa:68:f5:d6:72:b6:23:94:fc: c6:dc:5b:d0:32:43:c4:8c:b2:59:7a:67:cc:1f:88: b7:17:5e:30:ce:33:db:2b:89:38:70:76:08:45:8c: 92:9c:b7:69:8c:db:45:fb:a6:51:85:6d:d2:c4:25: 8f:67:69:ef:f1:64:21:4e:3b:42:2b:64:d6:99:a0: bc:f7:9a:99:f0:e6:14:c9:b7:87:62:f7:a9:15:a6: 30:cf:fd:2a:b3:cd:0c:02:fb:fe:2d:bd:a9:6e:d2: fa:8e:08:49:2a:16:18:55:7f:8b:3b:b2:f0:8b:20: 3e:a3:65:f2:e2:af:88:5a:ab:44:0e:a0:68:f4:5c: 82:a0:a4:ea:d6:26:ea:38:df:95:17:c3:db:55:74: 2f:07:bf:4e:4d:56:c4:6c:2e:7c:b1:5a:22:8c:18: c7:e5:43:d8:98:e4:19:0f:6c:eb:d9:7e:10:fb:23: 04:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:10:2D:B7:AD:E3:D7:CF:73:88:7F:D6:DF:46:A0:3C:FC:21:7B:C1 X509v3 Authority Key Identifier: keyid:66:13:4D:A1:BF:ED:AC:0C:91:9D:26:B1:F7:F9:E1:68:AF:9D:2B:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/ZhNNob_trAyRnSax9_nhaK-dK04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZhNNob_trAyRnSax9_nhaK-dK04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A5D4/650B4DE8F3CE11EF914EF644C4F9AE02/25922C44F3CF11EFBCC75246C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 143.188.148.0-143.188.161.255 Signature Algorithm: sha256WithRSAEncryption e9:85:0b:4f:9d:8e:42:1c:fa:e3:3f:81:78:0a:60:e8:49:f8: 19:bc:3e:04:9d:82:79:b1:b1:60:c5:53:2e:d9:20:b3:b3:e9: e0:6b:25:81:84:c9:29:45:13:d0:9f:55:71:14:29:86:42:b9: b8:38:2e:74:1f:60:05:18:c2:0b:73:10:a7:d1:d5:1d:a6:1c: 02:9a:7c:93:6c:84:d4:a9:45:9f:44:05:25:c9:26:d6:84:31: 8e:17:92:7c:f3:d8:4a:25:d7:fb:83:59:5f:08:3e:d1:bc:c2: 76:6b:78:aa:5b:93:34:76:bb:fe:e9:1b:ab:12:54:c5:ce:6f: 3b:67:18:35:6b:2d:02:14:55:69:b7:10:ef:a2:0d:20:2c:db: 18:16:69:6c:8b:f4:9d:50:83:87:25:b0:e1:a8:75:5b:bc:76: 55:e3:a8:09:54:0f:c8:08:03:d7:ba:92:a4:a3:93:ae:25:9f: 93:be:8e:f4:b1:f5:49:f7:f8:03:65:ec:13:86:6a:61:e5:30: 0b:54:21:e3:0d:44:4a:5d:3f:12:5b:45:60:3e:10:50:5d:2a: 45:07:80:eb:29:c2:0a:1f:98:26:45:a9:d0:d7:f2:a3:68:7a: 48:45:3c:99:c3:88:f6:8c:ae:1a:38:c7:66:8d:cd:65:e1:a8: e4:bf:9d:05 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIBfjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy QTVENDExMC8GA1UEBRMoNjYxMzREQTFCRkVEQUMwQzkxOUQyNkIxRjdGOUUxNjhB RjlEMkI0RTAeFw0yNTA5MjMwNzU2MTRaFw0yNjEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZDI1MjllLWZkOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCpeEUGAsPpNpk68HYuFFRoeG9iFUCj63+YqlMEtJd0Xv3hPMvm/STQVIZ+ohGC zRWPEEduW2WBvor96smVjIkog8zvsuNP/nhgqBMjQPYhLPpo9dZytiOU/MbcW9Ay Q8SMsll6Z8wfiLcXXjDOM9sriThwdghFjJKct2mM20X7plGFbdLEJY9nae/xZCFO O0IrZNaZoLz3mpnw5hTJt4di96kVpjDP/SqzzQwC+/4tvalu0vqOCEkqFhhVf4s7 svCLID6jZfLir4haq0QOoGj0XIKgpOrWJuo435UXw9tVdC8Hv05NVsRsLnyxWiKM GMflQ9iY5BkPbOvZfhD7IwTHAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUzhAtt63j 189ziH/W30agPPwhe8EwHwYDVR0jBBgwFoAUZhNNob/trAyRnSax9/nhaK+dK04w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJBNUQ0LzY1MEI0REU4RjND RTExRUY5MTRFRjY0NEM0RjlBRTAyL1poTk5vYl90ckF5Um5TYXg5X25oYUstZEsw NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWmhOTm9iX3RyQXlSblNheDlfbmhhSy1kSzA0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QTVENC82NTBCNERFOEYzQ0UxMUVGOTE0RUY2NDRDNEY5QUUwMi8yNTkyMkM0NEYz Q0YxMUVGQkNDNzUyNDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY MBYwFAQCAAEwDjAMAwQCj7yUAwQBj7ygMA0GCSqGSIb3DQEBCwUAA4IBAQDphQtP nY5CHPrjP4F4CmDoSfgZvD4EnYJ5sbFgxVMu2SCzs+ngayWBhMkpRRPQn1VxFCmG Qrm4OC50H2AFGMILcxCn0dUdphwCmnyTbITUqUWfRAUlySbWhDGOF5J889hKJdf7 g1lfCD7RvMJ2a3iqW5M0drv+6RurElTFzm87Zxg1ay0CFFVptxDvog0gLNsYFmls i/SdUIOHJbDhqHVbvHZV46gJVA/ICAPXupKko5OuJZ+Tvo70sfVJ9/gDZewThmph 5TALVCHjDURKXT8SW0VgPhBQXSpFB4DrKcIKH5gmRanQ1/KjaHpIRTyZw4j2jK4a OMdmjc1l4ajkv50F -----END CERTIFICATE-----Generated at Mon Oct 20 16:04:10 2025 by rpki-client