$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/10BC8836509B11F0A1C78F35C4F9AE02.roa File: 10BC8836509B11F0A1C78F35C4F9AE02.roa (raw, json) Hash identifier: 5P8iz2/f75JawHS84+uOtc39+Wj5fIfZ/CgqWjpJHIs= Subject key identifier: 5B:ED:6C:3D:3E:EA:1C:C4:8C:30:24:E1:DB:B0:C3:40:1A:09:C5:34 Certificate issuer: /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Certificate serial: 34AE Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/10BC8836509B11F0A1C78F35C4F9AE02.roa Signing time: Tue 24 Jun 2025 01:32:18 +0000 ROA not before: Tue 24 Jun 2025 01:32:18 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 58524 IP address blocks: 43.248.158.0/23 maxlen: 24 119.252.126.0/23 maxlen: 23 2407:4800:c000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13486 (0x34ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Validity Not Before: Jun 24 01:32:18 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=685a0022-5bf2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:d0:f3:ea:4d:93:63:79:b1:a0:3b:ec:9b:9f: 88:b6:cb:f3:22:ff:09:0b:5f:64:65:03:29:43:34: 42:58:45:7b:48:be:b4:83:1f:b7:d5:05:02:b1:f0: 36:4d:7e:f0:f6:76:2f:0a:fc:b5:1f:eb:4f:95:6f: 6c:88:19:a4:09:ad:da:94:30:30:0b:06:9c:7b:80: 13:bb:93:12:41:67:3d:84:0a:53:5c:14:3a:ae:5f: b2:0e:62:ee:41:9d:d0:bb:8e:98:1e:b6:12:fe:76: ca:19:bb:16:fb:d3:f0:19:cf:a4:35:cc:3d:37:a9: 94:c3:6e:8a:63:ee:0b:5f:95:62:d2:a7:a1:94:64: e3:b4:6f:36:43:ce:0d:b3:7d:fe:66:81:36:33:a9: 18:81:69:29:4e:7d:b1:0f:f1:71:62:46:45:bc:8c: 0e:f4:ff:c2:20:22:f5:ec:d8:93:85:1c:aa:0b:90: 63:27:3a:5f:a4:df:eb:fd:80:93:73:dc:cc:ff:77: dd:89:f5:da:ad:fd:c7:90:f1:21:7b:fc:dc:80:f7: 9e:25:ff:96:26:8e:82:28:54:75:c2:cb:bb:37:a6: b1:5b:22:71:a4:7b:b9:08:b7:a4:6b:3f:ac:45:60: 42:c0:af:c8:94:0e:d5:2b:43:dd:af:1d:f5:e5:d2: 8d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:ED:6C:3D:3E:EA:1C:C4:8C:30:24:E1:DB:B0:C3:40:1A:09:C5:34 X509v3 Authority Key Identifier: keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/10BC8836509B11F0A1C78F35C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.248.158.0/23 119.252.126.0/23 IPv6: 2407:4800:c000::/36 Signature Algorithm: sha256WithRSAEncryption 91:90:a6:fb:67:cf:75:23:76:20:1f:74:78:f1:3f:67:f8:a0: 0e:d5:bc:d5:88:07:18:5a:29:05:d9:96:6e:10:39:e5:b2:bc: e5:f5:44:63:4d:1f:80:56:11:22:28:c3:af:58:a9:ee:e7:e6: 14:3e:3c:65:9c:ea:63:dc:75:0e:47:03:ca:02:af:6c:81:e8: 78:e5:f1:f9:e3:6d:04:b9:82:2d:23:45:65:04:8e:3e:06:47: 62:87:46:62:11:cb:07:58:eb:31:f4:db:b5:ba:18:40:f6:1f: 1c:84:c7:e2:a3:06:af:0a:55:38:59:5f:67:07:1d:2d:fd:2b: f8:10:1a:33:c3:f2:14:9f:ef:e0:8a:d1:b8:c8:97:86:e1:c6: 83:36:96:48:ab:0b:4f:31:58:c1:aa:3c:cf:be:4e:2b:fc:c0: 86:33:32:a7:3c:2b:ed:f2:a9:25:63:f2:25:07:c1:21:20:58: 27:38:2a:45:93:a1:67:f2:fb:30:d5:50:83:54:2c:d9:a8:b2: 18:28:44:6e:f1:ee:24:97:2b:dd:fb:de:19:86:53:9e:19:7d: 67:5a:b5:ec:6a:df:7a:78:8e:9b:fb:d3:b8:30:e0:27:89:73: f9:ad:f9:39:d3:dd:dd:9d:d4:5a:4d:e9:79:73:63:cb:16:b8: b5:0a:47:8d -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICNK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5 NDgxRjFDNDQwHhcNMjUwNjI0MDEzMjE4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODVhMDAyMi01YmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxNDz6k2TY3mxoDvsm5+ItsvzIv8JC19kZQMpQzRCWEV7SL60gx+31QUCsfA2 TX7w9nYvCvy1H+tPlW9siBmkCa3alDAwCwace4ATu5MSQWc9hApTXBQ6rl+yDmLu QZ3Qu46YHrYS/nbKGbsW+9PwGc+kNcw9N6mUw26KY+4LX5Vi0qehlGTjtG82Q84N s33+ZoE2M6kYgWkpTn2xD/FxYkZFvIwO9P/CICL17NiThRyqC5BjJzpfpN/r/YCT c9zM/3fdifXarf3HkPEhe/zcgPeeJf+WJo6CKFR1wsu7N6axWyJxpHu5CLekaz+s RWBCwK/IlA7VK0Pdrx315dKNUQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFFvtbD0+ 6hzEjDAk4duww0AaCcU0MB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdEQTAvM0EwRDkzMTAxRDhDMTFFMjhFRkY1N0U3MDhCMDJDRDIvMTBCQzg4MzY1 MDlCMTFGMEExQzc4RjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMBIEAgABMAwDBAEr+J4DBAF3/H4wDgQCAAIwCAMGBCQHSADAMA0GCSqGSIb3 DQEBCwUAA4IBAQCRkKb7Z891I3YgH3R48T9n+KAO1bzViAcYWikF2ZZuEDnlsrzl 9URjTR+AVhEiKMOvWKnu5+YUPjxlnOpj3HUORwPKAq9sgeh45fH5420EuYItI0Vl BI4+Bkdih0ZiEcsHWOsx9Nu1uhhA9h8chMfiowavClU4WV9nBx0t/Sv4EBozw/IU n+/gitG4yJeG4caDNpZIqwtPMVjBqjzPvk4r/MCGMzKnPCvt8qklY/IlB8EhIFgn OCpFk6Fn8vsw1VCDVCzZqLIYKERu8e4klyvd+94ZhlOeGX1nWrXsat96eI6b+9O4 MOAniXP5rfk5093dndRaTel5c2PLFri1CkeN -----END CERTIFICATE-----Generated at Sun Jul 6 10:07:21 2025 by rpki-client