$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E4BA3CE8DFCE11EFBC4CD631C4F9AE02.roa File: E4BA3CE8DFCE11EFBC4CD631C4F9AE02.roa (raw, json) Hash identifier: H2psEBDgMdRvNZgUPZApVJCLqrPQ8EnSpGElYQR9ZLA= Subject key identifier: 4F:07:BA:FB:AC:2B:9A:A4:99:A0:4F:68:3C:88:EE:3F:DA:D8:1A:7F Certificate issuer: /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Certificate serial: 34B8 Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E4BA3CE8DFCE11EFBC4CD631C4F9AE02.roa Signing time: Sat 28 Jun 2025 02:53:55 +0000 ROA not before: Sat 28 Jun 2025 02:53:55 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 139759 IP address blocks: 119.252.112.0/21 maxlen: 21 119.252.112.0/24 maxlen: 24 119.252.116.0/22 maxlen: 22 119.252.122.0/24 maxlen: 24 124.109.8.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13496 (0x34b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Validity Not Before: Jun 28 02:53:55 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=685f5943-2578 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ed:fc:16:56:23:e9:20:12:02:62:6a:c6:ae: 91:9e:8c:f6:84:18:6c:da:5e:33:a2:5d:8b:f5:45: dd:6d:b9:bf:6e:04:a9:43:a1:e0:09:3b:65:bf:0a: 48:0d:74:b1:8a:37:55:51:7a:91:8d:51:0e:92:67: b0:d7:f6:8f:69:9e:2c:48:f1:ed:fd:85:d6:db:fe: e1:0f:c7:fe:f8:60:7b:72:71:47:d7:68:93:a4:6b: 41:c9:bc:fb:c6:14:0f:e6:9f:15:8e:7f:9e:cd:19: 0f:6c:13:ec:da:26:d7:e1:f9:2f:7a:e3:94:ef:c0: a3:ae:8d:e5:95:95:2d:6e:ee:ff:f3:89:c8:b3:ed: 3a:56:0b:4f:2f:53:1d:8a:73:ac:6a:6d:05:b0:3a: 28:f0:84:42:2b:d8:4d:69:ee:f6:fa:76:dd:c6:af: 5d:de:80:ac:81:39:c7:14:05:75:99:c2:7e:98:8b: c2:35:5f:b3:75:32:10:56:a6:16:bd:ff:f5:c9:c5: b7:02:63:1a:4e:f2:03:bf:c7:53:85:ba:ca:ef:1d: d5:43:65:56:39:22:93:2f:c3:da:62:c3:e2:fb:f6: cd:21:dc:c4:dd:3d:7a:e8:4b:3c:78:8a:30:80:c2: 9a:2d:b4:b4:5d:49:1b:36:66:3f:48:d8:bc:9d:65: 5c:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:07:BA:FB:AC:2B:9A:A4:99:A0:4F:68:3C:88:EE:3F:DA:D8:1A:7F X509v3 Authority Key Identifier: keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E4BA3CE8DFCE11EFBC4CD631C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 119.252.112.0/21 119.252.122.0/24 124.109.8.0/22 Signature Algorithm: sha256WithRSAEncryption 99:bc:36:34:37:df:c8:22:5a:d0:10:3a:bf:3e:18:07:38:1f: 5a:b5:f7:f6:70:84:71:9e:b3:0c:12:6d:8f:33:88:9e:c2:73: 56:10:b7:ee:f1:22:f6:a1:1e:74:47:b7:83:14:ef:98:d1:c7: 70:bf:4a:af:d7:bd:ed:5a:31:1e:91:ab:06:46:66:56:8a:74: c3:20:41:e3:b6:9d:81:05:e1:d6:d1:c6:83:11:99:85:87:4c: b2:8c:9e:bb:a4:6c:ac:4b:6e:68:5b:00:d4:b4:14:64:98:04: 8b:9d:03:27:45:bb:9e:ba:d2:46:1d:20:a4:8a:8d:42:5d:59: 20:13:e5:d1:44:cb:cb:73:11:19:3f:f1:6c:46:f7:ee:1b:6e: f1:10:5e:84:c7:a9:3d:44:17:76:b5:cb:91:34:65:f7:e4:f5: 27:3b:5c:c1:3a:d0:7c:33:8d:58:95:64:5b:ef:2a:58:60:2b: 5e:5e:55:51:89:6f:84:24:81:8a:e9:7e:ca:41:cd:a9:cd:d2: b0:9d:35:4e:f2:55:54:78:73:0c:ce:54:d8:29:e7:9c:70:a5: a9:ec:aa:54:bb:b2:aa:5a:44:cb:a5:21:ae:58:16:65:bd:f2: 8f:de:a6:d9:bb:54:f1:1d:53:af:1d:a8:45:3b:93:e1:49:47: 66:15:d7:0b -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICNLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5 NDgxRjFDNDQwHhcNMjUwNjI4MDI1MzU1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODVmNTk0My0yNTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1e38FlYj6SASAmJqxq6Rnoz2hBhs2l4zol2L9UXdbbm/bgSpQ6HgCTtlvwpI DXSxijdVUXqRjVEOkmew1/aPaZ4sSPHt/YXW2/7hD8f++GB7cnFH12iTpGtBybz7 xhQP5p8Vjn+ezRkPbBPs2ibX4fkveuOU78Cjro3llZUtbu7/84nIs+06VgtPL1Md inOsam0FsDoo8IRCK9hNae72+nbdxq9d3oCsgTnHFAV1mcJ+mIvCNV+zdTIQVqYW vf/1ycW3AmMaTvIDv8dThbrK7x3VQ2VWOSKTL8PaYsPi+/bNIdzE3T166Es8eIow gMKaLbS0XUkbNmY/SNi8nWVcawIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFE8Huvus K5qkmaBPaDyI7j/a2Bp/MB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdEQTAvM0EwRDkzMTAxRDhDMTFFMjhFRkY1N0U3MDhCMDJDRDIvRTRCQTNDRThE RkNFMTFFRkJDNENENjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAN3/HADBAB3/HoDBAJ8bQgwDQYJKoZIhvcNAQELBQADggEB AJm8NjQ338giWtAQOr8+GAc4H1q19/ZwhHGeswwSbY8ziJ7Cc1YQt+7xIvahHnRH t4MU75jRx3C/Sq/Xve1aMR6RqwZGZlaKdMMgQeO2nYEF4dbRxoMRmYWHTLKMnruk bKxLbmhbANS0FGSYBIudAydFu5660kYdIKSKjUJdWSAT5dFEy8tzERk/8WxG9+4b bvEQXoTHqT1EF3a1y5E0Zffk9Sc7XME60HwzjViVZFvvKlhgK15eVVGJb4QkgYrp fspBzanN0rCdNU7yVVR4cwzOVNgp55xwpansqlS7sqpaRMulIa5YFmW98o/eptm7 VPEdU68dqEU7k+FJR2YV1ws= -----END CERTIFICATE-----Generated at Sun Jul 6 09:26:23 2025 by rpki-client