$ rpki-client -vvf rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/15812F82C4A111EBAE6C7F49C4F9AE02.roa File: 15812F82C4A111EBAE6C7F49C4F9AE02.roa (raw, json) Hash identifier: lPqoKt6e9WB68QkGqWF9uf0n021O/vJN6Ok+8vPm99E= Subject key identifier: 38:FD:4B:0F:56:7E:1D:45:8D:52:67:B2:36:96:1C:B1:9F:CA:49:CC Certificate issuer: /CN=A915EE53/serialNumber=F8AA70916B6CA583C0363EB7A9A5F7F2627D7360 Certificate serial: 2655 Authority key identifier: F8:AA:70:91:6B:6C:A5:83:C0:36:3E:B7:A9:A5:F7:F2:62:7D:73:60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/15812F82C4A111EBAE6C7F49C4F9AE02.roa Signing time: Fri 04 Jul 2025 16:23:00 +0000 ROA not before: Fri 04 Jul 2025 16:23:00 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 55430 IP address blocks: 58.146.128.0/18 maxlen: 24 58.182.0.0/16 maxlen: 24 59.189.0.0/16 maxlen: 24 103.234.104.0/22 maxlen: 24 116.86.0.0/15 maxlen: 24 116.88.0.0/16 maxlen: 24 116.89.0.0/17 maxlen: 24 150.107.128.0/22 maxlen: 24 202.156.0.0/16 maxlen: 24 218.186.0.0/16 maxlen: 24 218.212.0.0/16 maxlen: 24 222.164.0.0/16 maxlen: 24 222.165.0.0/17 maxlen: 24 2404:e800::/31 maxlen: 32 2404:e800::/40 maxlen: 48 2404:e800:100::/40 maxlen: 48 2404:e800:2000::/40 maxlen: 48 2404:e801:1000::/40 maxlen: 48 2404:e801:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.crl rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 15:58:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9813 (0x2655) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915EE53, serialNumber=F8AA70916B6CA583C0363EB7A9A5F7F2627D7360 Validity Not Before: Jul 4 16:23:00 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6867ffe4-b48c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:b3:15:f6:93:f5:13:98:e7:7b:7d:84:bd:b1: f1:a6:55:34:28:73:36:b3:96:17:50:4f:80:34:c9: 00:f1:e8:af:25:93:37:98:44:2b:80:63:44:ef:0c: ac:d1:1b:d4:16:16:35:34:97:ce:72:ce:df:e7:0d: 78:b4:6b:66:88:0b:89:d6:33:f6:3e:c3:9d:06:f6: ac:10:61:94:6e:33:e9:9b:7b:8d:fc:b5:34:a5:b3: 2b:c9:4b:d1:a7:cb:8d:30:29:b1:ec:b7:65:88:66: f9:cd:30:f3:7c:d7:0d:9a:c1:d0:2b:83:6e:73:87: 7a:d7:14:0e:cc:87:f4:71:f0:df:1b:78:64:56:e8: 8e:c1:63:53:72:00:e6:76:71:69:bf:99:44:6d:09: 03:67:b4:30:0b:03:0b:fd:9b:a3:ba:24:eb:bb:14: bb:17:9f:15:ea:67:61:3d:55:2f:7e:67:34:70:90: c8:fe:d3:14:32:f1:bf:52:33:76:50:97:d1:ff:51: ed:31:d8:62:42:58:a2:43:96:2d:ea:a5:4d:d7:95: 38:ab:99:d2:58:c3:d5:81:cb:50:16:b5:81:45:e0: fa:50:88:05:17:8d:fc:d1:ef:66:7c:ad:7f:7e:a4: 5a:65:9e:83:db:bb:a0:88:1c:66:9e:f4:1c:d8:18: bd:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:FD:4B:0F:56:7E:1D:45:8D:52:67:B2:36:96:1C:B1:9F:CA:49:CC X509v3 Authority Key Identifier: keyid:F8:AA:70:91:6B:6C:A5:83:C0:36:3E:B7:A9:A5:F7:F2:62:7D:73:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/15812F82C4A111EBAE6C7F49C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.146.128.0/18 58.182.0.0/16 59.189.0.0/16 103.234.104.0/22 116.86.0.0-116.89.127.255 150.107.128.0/22 202.156.0.0/16 218.186.0.0/16 218.212.0.0/16 222.164.0.0-222.165.127.255 IPv6: 2404:e800::/31 Signature Algorithm: sha256WithRSAEncryption ab:54:d1:23:b5:93:ce:b2:0b:04:46:ae:48:b7:65:23:93:9e: b4:b6:02:2d:d7:d2:bb:7f:1c:45:e6:0e:0f:57:b4:8c:74:d4: 7e:77:4a:b2:94:ab:99:79:bb:fa:90:10:c8:b7:24:b0:d7:12: 21:86:96:9c:9e:09:fc:03:2f:21:f5:57:af:d2:f3:c2:a4:13: a8:b2:39:28:8a:26:7d:48:05:ca:5f:cf:6a:13:7b:ea:19:5f: f1:a7:83:c2:cd:c7:87:82:0a:f2:54:fa:a2:2a:99:18:89:db: b8:00:4d:02:16:2f:58:e1:fc:b6:d3:1e:e7:99:b2:e0:4d:e5: 12:0e:d2:fd:9a:87:15:2d:6d:ba:24:51:6f:80:24:89:04:ea: fa:c6:ca:87:4d:5e:a6:0f:82:86:e1:9a:39:02:7c:84:aa:bc: 55:8c:36:ed:a0:da:fe:21:c6:12:4c:24:e4:52:6f:f4:bb:b8: 87:53:4d:0a:29:00:d3:38:13:f0:2e:dc:f4:1d:41:19:f8:29: 6e:4f:58:d3:5e:57:7b:76:e7:4e:f1:f8:0d:52:95:9c:cb:04: d5:79:7c:3c:5c:ba:c2:68:d9:3a:c4:de:81:b5:d0:82:95:4d: 34:38:f6:1b:9a:0c:86:61:63:fa:17:9d:4f:a0:af:5b:e6:6f: eb:b1:46:d9 -----BEGIN CERTIFICATE----- MIIFvzCCBKegAwIBAgICJlUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUVFNTMxMTAvBgNVBAUTKEY4QUE3MDkxNkI2Q0E1ODNDMDM2M0VCN0E5QTVGN0Yy NjI3RDczNjAwHhcNMjUwNzA0MTYyMzAwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY3ZmZlNC1iNDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA27MV9pP1E5jne32EvbHxplU0KHM2s5YXUE+ANMkA8eivJZM3mEQrgGNE7wys 0RvUFhY1NJfOcs7f5w14tGtmiAuJ1jP2PsOdBvasEGGUbjPpm3uN/LU0pbMryUvR p8uNMCmx7LdliGb5zTDzfNcNmsHQK4Nuc4d61xQOzIf0cfDfG3hkVuiOwWNTcgDm dnFpv5lEbQkDZ7QwCwML/ZujuiTruxS7F58V6mdhPVUvfmc0cJDI/tMUMvG/UjN2 UJfR/1HtMdhiQliiQ5Yt6qVN15U4q5nSWMPVgctQFrWBReD6UIgFF4380e9mfK1/ fqRaZZ6D27ugiBxmnvQc2Bi9EQIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFDj9Sw9W fh1FjVJnsjaWHLGfyknMMB8GA1UdIwQYMBaAFPiqcJFrbKWDwDY+t6ml9/JifXNg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUU1My8zODUxMTg0MDQ1 ODgxMUU1OUIyRDgzNzFDNEY5QUUwMi8tS3B3a1d0c3BZUEFOajYzcWFYMzhtSjlj MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1LcHdrV3RzcFlQQU5qNjNxYVgzOG1KOWMyQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUVFNTMvMzg1MTE4NDA0NTg4MTFFNTlCMkQ4MzcxQzRGOUFFMDIvMTU4MTJGODJD NEExMTFFQkFFNkM3RjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQcBAf8E XjBcMEsEAgABMEUDBAY6koADAwA6tgMDADu9AwQCZ+poMAsDAwF0VgMEB3RZAAME ApZrgAMDAMqcAwMA2roDAwDa1DALAwMC3qQDBAfepQAwDQQCAAIwBwMFASQE6AAw DQYJKoZIhvcNAQELBQADggEBAKtU0SO1k86yCwRGrki3ZSOTnrS2Ai3X0rt/HEXm Dg9XtIx01H53SrKUq5l5u/qQEMi3JLDXEiGGlpyeCfwDLyH1V6/S88KkE6iyOSiK Jn1IBcpfz2oTe+oZX/Gng8LNx4eCCvJU+qIqmRiJ27gATQIWL1jh/LbTHueZsuBN 5RIO0v2ahxUtbbokUW+AJIkE6vrGyodNXqYPgobhmjkCfISqvFWMNu2g2v4hxhJM JORSb/S7uIdTTQopANM4E/Au3PQdQRn4KW5PWNNeV3t2507x+A1SlZzLBNV5fDxc usJo2TrE3oG10IKVTTQ49huaDIZhY/oXnU+gr1vmb+uxRtk= -----END CERTIFICATE-----Generated at Mon Oct 20 19:27:28 2025 by rpki-client