$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/17F4DF6E563A11F092DD586EC4F9AE02.roa File: 17F4DF6E563A11F092DD586EC4F9AE02.roa (raw, json) Hash identifier: aKKPcWxsFmhcohW02ByxbG4rMKcU/VNpAP9UspkmgCc= Subject key identifier: 2C:E7:41:BF:A8:C6:26:59:C3:61:34:77:97:50:24:ED:ED:33:07:6B Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013 Certificate serial: 071B Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/17F4DF6E563A11F092DD586EC4F9AE02.roa Signing time: Tue 01 Jul 2025 05:16:23 +0000 ROA not before: Tue 01 Jul 2025 05:16:23 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 6134 IP address blocks: 43.247.132.0/22 maxlen: 24 43.254.164.0/22 maxlen: 24 43.255.156.0/22 maxlen: 24 103.30.76.0/22 maxlen: 24 103.171.34.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 23:44:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1819 (0x71b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9139322, serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013 Validity Not Before: Jul 1 05:16:23 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=68636f26-87b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:aa:ee:4b:08:37:4f:13:51:19:92:a3:62:dc: 46:a1:ce:32:2f:30:ef:be:77:7f:aa:6f:95:4d:88: 5b:61:b8:49:bc:82:36:e8:2c:35:f4:7f:c0:1b:7a: fb:24:83:12:27:c8:07:c2:df:33:19:9b:2e:c9:c3: 84:13:aa:4b:d8:34:ca:c9:7e:0d:11:bb:ae:a0:53: e9:9a:18:b1:24:af:08:3c:18:8e:46:22:f7:b0:5a: 05:69:28:2a:3d:e7:8a:21:aa:00:66:66:54:de:70: 29:4b:cd:0f:9a:c0:fa:2e:95:c2:e0:90:0f:af:d2: 94:5f:13:d6:68:7d:a0:a7:ea:75:95:fc:39:1c:c7: 59:a5:01:ad:2d:66:a6:22:9d:51:27:7d:00:10:24: 63:2f:2a:3d:c7:78:81:f6:bd:c3:b9:3d:19:c1:42: 8a:54:57:04:0f:84:c5:ed:02:98:af:7c:fa:ed:69: 25:43:9c:de:93:ba:24:1a:f1:cb:69:8d:eb:1a:a9: 6f:bd:03:4e:48:ba:b9:c6:4b:d3:ec:b2:8b:02:06: 72:c8:fb:4d:6d:d3:67:ce:28:da:cc:52:23:98:b0: 04:ba:f5:05:a7:dd:32:07:ec:d0:34:d3:54:86:78: f5:00:f3:7b:01:d3:8b:44:cd:ad:64:d8:c9:e5:60: b4:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:E7:41:BF:A8:C6:26:59:C3:61:34:77:97:50:24:ED:ED:33:07:6B X509v3 Authority Key Identifier: keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/17F4DF6E563A11F092DD586EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.247.132.0/22 43.254.164.0/22 43.255.156.0/22 103.30.76.0/22 103.171.34.0/23 Signature Algorithm: sha256WithRSAEncryption 03:36:42:9a:bf:87:0c:01:c8:f0:2d:5d:cf:a4:4b:61:eb:28: 67:1c:9a:a1:ba:af:1f:66:f2:b2:e0:9d:e7:a2:f1:ad:22:12: 3a:1a:09:de:69:7c:9e:23:be:1f:31:59:85:91:ed:14:1c:87: 2d:a5:4f:08:1a:a6:4d:67:41:51:86:45:f5:64:08:d4:10:36: df:0a:81:e3:e4:8c:3a:dc:6b:6f:a6:5b:c6:c2:0b:55:94:63: 21:7f:0f:5c:c2:e5:69:22:b9:e6:b2:5a:ab:6e:73:61:19:d9: 28:ef:ab:26:3e:46:57:9d:9d:27:9f:7b:57:a9:1c:2e:ab:09: c0:a3:68:41:6e:14:4d:3d:51:39:5d:4c:d1:4b:80:9e:a2:d8: 32:f9:35:e9:b4:46:98:99:c8:63:0b:e2:f8:06:9e:87:bd:2c: 50:87:9c:3f:15:f2:64:ed:9c:5c:d3:cd:75:bb:dd:ca:43:6d: 37:47:0b:c3:7e:57:30:dc:49:2a:57:39:83:6c:60:cb:46:da: 66:5c:75:5e:be:a4:90:81:63:0f:04:37:11:24:97:3f:49:75: 55:2e:86:42:af:25:5b:8c:40:2d:3a:21:51:76:f2:1a:30:a3: 4c:de:fa:c1:aa:f0:cf:3e:35:c3:9f:11:61:2d:c1:17:8e:81: d3:d7:85:2e -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICBxswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF QTNDNzEwMTMwHhcNMjUwNzAxMDUxNjIzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODYzNmYyNi04N2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqaruSwg3TxNRGZKjYtxGoc4yLzDvvnd/qm+VTYhbYbhJvII26Cw19H/AG3r7 JIMSJ8gHwt8zGZsuycOEE6pL2DTKyX4NEbuuoFPpmhixJK8IPBiORiL3sFoFaSgq PeeKIaoAZmZU3nApS80PmsD6LpXC4JAPr9KUXxPWaH2gp+p1lfw5HMdZpQGtLWam Ip1RJ30AECRjLyo9x3iB9r3DuT0ZwUKKVFcED4TF7QKYr3z67WklQ5zek7okGvHL aY3rGqlvvQNOSLq5xkvT7LKLAgZyyPtNbdNnzijazFIjmLAEuvUFp90yB+zQNNNU hnj1APN7AdOLRM2tZNjJ5WC0IwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFCznQb+o xiZZw2E0d5dQJO3tMwdrMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2 NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvMTdGNERGNkU1 NjNBMTFGMDkyREQ1ODZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAIr94QDBAIr/qQDBAIr/5wDBAJnHkwDBAFnqyIwDQYJKoZI hvcNAQELBQADggEBAAM2Qpq/hwwByPAtXc+kS2HrKGccmqG6rx9m8rLgneei8a0i EjoaCd5pfJ4jvh8xWYWR7RQchy2lTwgapk1nQVGGRfVkCNQQNt8KgePkjDrca2+m W8bCC1WUYyF/D1zC5WkiueayWqtuc2EZ2SjvqyY+RlednSefe1epHC6rCcCjaEFu FE09UTldTNFLgJ6i2DL5Nem0RpiZyGML4vgGnoe9LFCHnD8V8mTtnFzTzXW73cpD bTdHC8N+VzDcSSpXOYNsYMtG2mZcdV6+pJCBYw8ENxEklz9JdVUuhkKvJVuMQC06 IVF28howo0ze+sGq8M8+NcOfEWEtwReOgdPXhS4= -----END CERTIFICATE-----Generated at Fri Jul 4 17:57:08 2025 by rpki-client