$ rpki-client -vvf rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/986FA3843F8F11EBA86B1F11C4F9AE02.roa File: 986FA3843F8F11EBA86B1F11C4F9AE02.roa (raw, json) Hash identifier: +7/Vt0FTaK5GWH/3IE+pQmL2wHj4vbU0fzaTx23ZBa4= Subject key identifier: 12:8E:E4:67:31:20:55:B0:6D:B4:6C:CF:2A:30:4D:99:39:71:3A:DF Certificate issuer: /CN=A916B18B/serialNumber=368F3C938B601412521A3A819009978FCFE91E7E Certificate serial: 1754 Authority key identifier: 36:8F:3C:93:8B:60:14:12:52:1A:3A:81:90:09:97:8F:CF:E9:1E:7E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/No88k4tgFBJSGjqBkAmXj8_pHn4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/986FA3843F8F11EBA86B1F11C4F9AE02.roa Signing time: Tue 01 Jul 2025 06:31:33 +0000 ROA not before: Tue 01 Jul 2025 06:31:33 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 18190 IP address blocks: 136.158.132.0/24 maxlen: 24 136.158.133.0/24 maxlen: 24 136.158.134.0/24 maxlen: 24 136.158.135.0/24 maxlen: 24 136.158.136.0/24 maxlen: 24 136.158.137.0/24 maxlen: 24 136.158.138.0/24 maxlen: 24 136.158.161.0/24 maxlen: 24 136.158.169.0/24 maxlen: 24 136.158.170.0/24 maxlen: 24 136.158.171.0/24 maxlen: 24 161.49.148.0/24 maxlen: 24 161.49.178.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/No88k4tgFBJSGjqBkAmXj8_pHn4.crl rsync://rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/No88k4tgFBJSGjqBkAmXj8_pHn4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/No88k4tgFBJSGjqBkAmXj8_pHn4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 16:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5972 (0x1754) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B18B, serialNumber=368F3C938B601412521A3A819009978FCFE91E7E Validity Not Before: Jul 1 06:31:33 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=686380c5-740f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:35:2c:ae:ca:e1:55:30:9d:c9:78:4a:22:9b: 62:e9:18:3a:a0:e4:4d:9f:fe:fd:ed:40:ff:ed:4f: 8b:7d:71:60:d6:d6:47:6d:b1:90:36:0c:1b:98:b2: 3f:93:63:c5:5e:20:f0:7c:7e:c9:46:bd:88:39:ff: 07:21:36:80:54:9a:98:47:78:2e:7b:30:8e:e7:20: 19:42:7a:7e:49:9e:d0:b7:47:16:9a:17:79:9b:96: d4:b4:8b:50:82:90:56:2c:ad:82:87:70:17:1f:26: 2d:db:4e:ed:04:53:ba:06:32:02:91:3a:a9:86:c5: 2d:57:c5:5d:e1:c1:13:40:48:f9:2c:c3:74:f7:e7: 65:d5:1f:eb:fc:40:97:18:44:a1:af:4b:88:77:f0: 11:44:4b:85:6f:c0:d4:95:a0:66:a6:8c:5a:37:2d: 5a:23:4f:03:88:1d:bd:f7:78:65:ae:65:3f:0f:f7: e4:f4:de:87:aa:17:c2:de:be:69:3a:46:bf:41:f6: b3:a9:7b:13:63:68:27:36:03:8f:84:4f:4a:f9:a1: a2:d2:39:48:ab:87:bd:3a:82:b3:fe:b2:7e:77:b1: a3:90:63:5e:e4:9a:04:9e:c3:a9:53:99:c1:08:48: 07:b9:26:37:d1:75:ab:ac:52:2e:97:a6:99:43:20: e9:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:8E:E4:67:31:20:55:B0:6D:B4:6C:CF:2A:30:4D:99:39:71:3A:DF X509v3 Authority Key Identifier: keyid:36:8F:3C:93:8B:60:14:12:52:1A:3A:81:90:09:97:8F:CF:E9:1E:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/No88k4tgFBJSGjqBkAmXj8_pHn4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/No88k4tgFBJSGjqBkAmXj8_pHn4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/986FA3843F8F11EBA86B1F11C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 136.158.132.0-136.158.138.255 136.158.161.0/24 136.158.169.0-136.158.171.255 161.49.148.0/24 161.49.178.0/24 Signature Algorithm: sha256WithRSAEncryption 43:a9:32:31:35:84:a0:95:66:a5:97:a9:df:3a:d6:b0:f3:3a: 8f:70:b3:64:c5:7f:5d:42:4a:4c:ca:cb:72:82:72:8d:7a:df: 2a:da:71:7c:0c:fd:10:d8:e2:e8:7a:aa:70:3c:5f:60:5d:c4: d2:80:84:1b:19:48:3d:49:67:a5:f9:2a:02:30:73:7d:7c:2f: d4:14:de:28:11:13:42:d6:37:a5:89:06:cc:61:b0:92:3d:f5: 92:d5:d5:cc:b6:19:63:08:8e:a5:87:07:9c:90:7f:1b:74:8c: b6:b9:a0:1a:01:e0:c1:8e:83:e0:d0:b0:99:15:18:d7:1e:3a: f2:76:d1:8c:df:d3:0e:b9:83:de:68:5b:4c:98:dc:d7:e6:e7: 41:4b:2a:41:05:33:d3:cf:55:a6:c4:ac:88:fa:84:bd:a4:7d: 08:3b:71:7d:e3:92:92:a7:f4:f3:85:e4:d3:fd:d8:28:bf:95: 21:99:34:2f:e9:75:e9:fb:e4:30:14:84:c7:31:15:4b:73:1e: 28:41:69:da:a9:33:48:04:b4:cd:f0:87:b7:0d:71:9f:97:15: 87:60:77:c2:f7:fd:61:e4:24:e8:38:db:37:21:75:1e:39:83: a8:19:e8:97:b8:45:da:3f:81:cb:13:1d:c0:da:af:de:28:01: c6:d7:c0:bd -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICF1QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkIxOEIxMTAvBgNVBAUTKDM2OEYzQzkzOEI2MDE0MTI1MjFBM0E4MTkwMDk5NzhG Q0ZFOTFFN0UwHhcNMjUwNzAxMDYzMTMzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODYzODBjNS03NDBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0zUsrsrhVTCdyXhKIpti6Rg6oORNn/797UD/7U+LfXFg1tZHbbGQNgwbmLI/ k2PFXiDwfH7JRr2IOf8HITaAVJqYR3guezCO5yAZQnp+SZ7Qt0cWmhd5m5bUtItQ gpBWLK2Ch3AXHyYt207tBFO6BjICkTqphsUtV8Vd4cETQEj5LMN09+dl1R/r/ECX GEShr0uId/ARREuFb8DUlaBmpoxaNy1aI08DiB2993hlrmU/D/fk9N6HqhfC3r5p Oka/QfazqXsTY2gnNgOPhE9K+aGi0jlIq4e9OoKz/rJ+d7GjkGNe5JoEnsOpU5nB CEgHuSY30XWrrFIul6aZQyDpvwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFBKO5Gcx IFWwbbRszyowTZk5cTrfMB8GA1UdIwQYMBaAFDaPPJOLYBQSUho6gZAJl4/P6R5+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjE4Qi9GOThCNUYwQzIx RjkxMUU4OTZDMUREMjNDNEY5QUUwMi9Obzg4azR0Z0ZCSlNHanFCa0FtWGo4X3BI bjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL05vODhrNHRnRkJKU0dqcUJrQW1YajhfcEhuNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkIxOEIvRjk4QjVGMEMyMUY5MTFFODk2QzFERDIzQzRGOUFFMDIvOTg2RkEzODQz RjhGMTFFQkE4NkIxRjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MDQEAgABMC4wDAMEAoiehAMEAIieigMEAIieoTAMAwQAiJ6pAwQCiJ6oAwQA oTGUAwQAoTGyMA0GCSqGSIb3DQEBCwUAA4IBAQBDqTIxNYSglWall6nfOtaw8zqP cLNkxX9dQkpMystygnKNet8q2nF8DP0Q2OLoeqpwPF9gXcTSgIQbGUg9SWel+SoC MHN9fC/UFN4oERNC1jeliQbMYbCSPfWS1dXMthljCI6lhweckH8bdIy2uaAaAeDB joPg0LCZFRjXHjrydtGM39MOuYPeaFtMmNzX5udBSypBBTPTz1WmxKyI+oS9pH0I O3F945KSp/TzheTT/dgov5UhmTQv6XXp++QwFITHMRVLcx4oQWnaqTNIBLTN8Ie3 DXGflxWHYHfC9/1h5CToONs3IXUeOYOoGeiXuEXaP4HLEx3A2q/eKAHG18C9 -----END CERTIFICATE-----Generated at Fri Jul 4 00:32:19 2025 by rpki-client