$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/971866124AEC11EF91EC775FC4F9AE02.roa File: 971866124AEC11EF91EC775FC4F9AE02.roa (raw, json) Hash identifier: MDzjDXZFFOaG6b4Hi2bRVyjseXED7kDvegJ5uB6PIoY= Subject key identifier: A9:12:4C:B3:75:6D:11:AA:20:5D:D8:6E:4F:66:9F:01:A2:C1:5E:BA Certificate issuer: /CN=A915F89C/serialNumber=D697BB6F3F99E94480EE0BBAD3D26800AB416260 Certificate serial: 354B Authority key identifier: D6:97:BB:6F:3F:99:E9:44:80:EE:0B:BA:D3:D2:68:00:AB:41:62:60 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1pe7bz-Z6USA7gu609JoAKtBYmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/971866124AEC11EF91EC775FC4F9AE02.roa Signing time: Mon 18 Aug 2025 14:50:20 +0000 ROA not before: Mon 18 Aug 2025 14:50:20 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 9506 IP address blocks: 128.106.64.0/18 maxlen: 24 128.106.128.0/17 maxlen: 24 165.21.24.0/21 maxlen: 21 165.21.24.0/22 maxlen: 22 165.21.28.0/23 maxlen: 23 165.21.64.0/22 maxlen: 22 165.21.68.0/23 maxlen: 23 165.21.75.0/24 maxlen: 24 165.21.76.0/23 maxlen: 23 165.21.78.0/24 maxlen: 24 165.21.112.0/21 maxlen: 21 165.21.124.0/22 maxlen: 22 165.21.128.0/22 maxlen: 22 165.21.132.0/24 maxlen: 24 165.21.134.0/24 maxlen: 24 165.21.135.0/24 maxlen: 24 165.21.154.0/24 maxlen: 24 165.21.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/1pe7bz-Z6USA7gu609JoAKtBYmA.crl rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/1pe7bz-Z6USA7gu609JoAKtBYmA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1pe7bz-Z6USA7gu609JoAKtBYmA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 14:22:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13643 (0x354b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915F89C, serialNumber=D697BB6F3F99E94480EE0BBAD3D26800AB416260 Validity Not Before: Aug 18 14:50:20 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68a33dac-3b93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:70:13:ff:51:85:48:37:a5:35:d1:ab:45:64: 50:0c:e8:eb:c4:42:4a:87:52:22:1c:61:5f:9f:21: d9:d0:ad:3d:47:d4:8f:68:52:1a:3d:34:c5:db:fe: 01:31:55:0c:fb:87:f4:d2:ef:20:18:24:2b:4a:45: 51:87:2e:c4:4d:59:97:73:7f:d6:05:94:1d:96:a5: 38:bb:fd:7e:76:57:42:ba:a6:50:a8:7a:4a:40:95: af:6a:b4:c9:91:d6:44:26:29:c2:81:19:f5:99:58: d5:bf:13:56:42:ce:b8:19:55:da:f6:0c:41:1d:66: 4f:09:80:e0:2b:c6:50:34:69:1f:2f:97:d0:f1:84: 62:f2:8c:96:87:66:cd:8b:55:1d:bc:2b:5e:f8:64: f7:84:7e:13:9b:35:93:6a:75:ad:82:4f:44:5f:dd: 1f:cb:2e:18:d2:2e:9f:24:f2:01:65:a4:a3:e0:57: 10:de:b7:a5:11:5f:07:5d:e0:49:5b:08:f3:81:08: 4b:20:16:67:d7:7c:bd:b5:1d:03:93:46:d1:25:79: 21:12:49:20:d1:8f:42:d3:97:7b:ec:66:b4:e0:f7: 9a:89:4a:c0:27:f3:77:f7:02:c2:a2:7f:33:8a:b5: b8:d5:4d:c2:61:35:73:e6:2e:40:b2:49:bb:35:e3: a4:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:12:4C:B3:75:6D:11:AA:20:5D:D8:6E:4F:66:9F:01:A2:C1:5E:BA X509v3 Authority Key Identifier: keyid:D6:97:BB:6F:3F:99:E9:44:80:EE:0B:BA:D3:D2:68:00:AB:41:62:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/1pe7bz-Z6USA7gu609JoAKtBYmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1pe7bz-Z6USA7gu609JoAKtBYmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/971866124AEC11EF91EC775FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 128.106.64.0-128.106.255.255 165.21.24.0/21 165.21.64.0-165.21.69.255 165.21.75.0-165.21.78.255 165.21.112.0/21 165.21.124.0-165.21.132.255 165.21.134.0/23 165.21.154.0/23 Signature Algorithm: sha256WithRSAEncryption 0b:f7:24:53:23:e3:0e:2c:f1:35:43:72:ac:26:ff:ea:b6:9f: e8:34:c7:3f:1c:77:fb:c8:01:03:dd:03:40:6d:db:11:a6:6f: dc:f9:dc:8a:47:2f:f9:ef:c3:2a:23:42:0d:c8:20:83:d5:47: de:1e:c8:38:71:59:81:c9:c2:bc:85:5c:14:bd:28:d2:9b:3a: 77:75:f8:28:3c:0d:b3:86:aa:4f:88:93:f5:f3:95:fb:52:58: 95:b6:8b:fe:a5:e7:c3:3c:77:bd:7b:21:19:d7:c8:14:be:08: 66:71:a2:0f:46:48:c5:b2:10:7c:75:99:74:3b:d5:de:1d:ba: 3b:40:5b:bd:65:d1:f5:a2:b5:fd:d8:9e:99:c4:3a:70:85:b8: b1:90:10:b3:dc:6a:bf:5f:d4:6b:16:e4:cc:b2:1a:7b:b6:3f: 19:4b:7f:fb:d2:1c:17:53:af:96:ef:eb:60:99:9b:d9:19:5e: ab:dc:f4:78:f9:c9:5e:9e:48:03:ea:3c:6f:4d:f0:0a:8f:21: 1c:b1:4e:19:28:0e:56:45:80:05:e2:0b:49:7c:f2:c6:52:74: 21:a0:84:f2:6d:7c:61:6a:ef:89:ea:e0:aa:4d:2e:2f:da:1f: 94:ae:11:3a:75:0c:c2:70:8b:fc:56:c5:82:51:d8:fa:9e:63: 58:e3:57:34 -----BEGIN CERTIFICATE----- MIIFujCCBKKgAwIBAgICNUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUY4OUMxMTAvBgNVBAUTKEQ2OTdCQjZGM0Y5OUU5NDQ4MEVFMEJCQUQzRDI2ODAw QUI0MTYyNjAwHhcNMjUwODE4MTQ1MDIwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGEzM2RhYy0zYjkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA43AT/1GFSDelNdGrRWRQDOjrxEJKh1IiHGFfnyHZ0K09R9SPaFIaPTTF2/4B MVUM+4f00u8gGCQrSkVRhy7ETVmXc3/WBZQdlqU4u/1+dldCuqZQqHpKQJWvarTJ kdZEJinCgRn1mVjVvxNWQs64GVXa9gxBHWZPCYDgK8ZQNGkfL5fQ8YRi8oyWh2bN i1UdvCte+GT3hH4TmzWTanWtgk9EX90fyy4Y0i6fJPIBZaSj4FcQ3relEV8HXeBJ WwjzgQhLIBZn13y9tR0Dk0bRJXkhEkkg0Y9C05d77Ga04PeaiUrAJ/N39wLCon8z irW41U3CYTVz5i5Askm7NeOkOQIDAQABo4IC3jCCAtowHQYDVR0OBBYEFKkSTLN1 bRGqIF3Ybk9mnwGiwV66MB8GA1UdIwQYMBaAFNaXu28/melEgO4LutPSaACrQWJg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy81QjA3RjNBQzFE ODMxMUUyOUIzNUE1RDgwOEIwMkNEMi8xcGU3YnotWjZVU0E3Z3U2MDlKb0FLdEJZ bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzFwZTdiei1aNlVTQTdndTYwOUpvQUt0QlltQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUY4OUMvNUIwN0YzQUMxRDgzMTFFMjlCMzVBNUQ4MDhCMDJDRDIvOTcxODY2MTI0 QUVDMTFFRjkxRUM3NzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaAYIKwYBBQUHAQcBAf8E WTBXMFUEAgABME8wCwMEBoBqQAMDAIBqAwQDpRUYMAwDBAalFUADBAGlFUQwDAME AKUVSwMEAKUVTgMEA6UVcDAMAwQCpRV8AwQApRWEAwQBpRWGAwQBpRWaMA0GCSqG SIb3DQEBCwUAA4IBAQAL9yRTI+MOLPE1Q3KsJv/qtp/oNMc/HHf7yAED3QNAbdsR pm/c+dyKRy/578MqI0INyCCD1UfeHsg4cVmBycK8hVwUvSjSmzp3dfgoPA2zhqpP iJP185X7UliVtov+pefDPHe9eyEZ18gUvghmcaIPRkjFshB8dZl0O9XeHbo7QFu9 ZdH1orX92J6ZxDpwhbixkBCz3Gq/X9RrFuTMshp7tj8ZS3/70hwXU6+W7+tgmZvZ GV6r3PR4+clenkgD6jxvTfAKjyEcsU4ZKA5WRYAF4gtJfPLGUnQhoITybXxhau+J 6uCqTS4v2h+UrhE6dQzCcIv8VsWCUdj6nmNY41c0 -----END CERTIFICATE-----Generated at Sun Aug 24 09:01:36 2025 by rpki-client