$ rpki-client -vvf rpki.apnic.net/member_repository/A9171155/09D36C90930511F0BEEAC611C4F9AE02/134623AC931511F092E28818C4F9AE02.roa File: 134623AC931511F092E28818C4F9AE02.roa (raw, json) Hash identifier: iROhbsxSxTl+6rqtSvLAjrMVa4sfvVVCQefqUmfddwg= Subject key identifier: 38:97:44:D9:B5:7B:FF:1F:02:92:31:4A:81:DE:A2:00:ED:E3:CD:CB Certificate issuer: /CN=A9171155/serialNumber=AD3FA6AF80E37311D0B3AEC94A757E54463C49B7 Certificate serial: 08 Authority key identifier: AD:3F:A6:AF:80:E3:73:11:D0:B3:AE:C9:4A:75:7E:54:46:3C:49:B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT-mr4DjcxHQs67JSnV-VEY8Sbc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171155/09D36C90930511F0BEEAC611C4F9AE02/134623AC931511F092E28818C4F9AE02.roa Signing time: Mon 22 Sep 2025 18:46:34 +0000 ROA not before: Mon 22 Sep 2025 18:46:34 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 154235 IP address blocks: 43.225.130.0/23 maxlen: 24 2402:2ba0::/32 maxlen: 32 2402:2ba0::/34 maxlen: 34 2402:2ba0:4000::/34 maxlen: 34 2402:2ba0:8000::/34 maxlen: 34 2402:2ba0:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171155/09D36C90930511F0BEEAC611C4F9AE02/rT-mr4DjcxHQs67JSnV-VEY8Sbc.crl rsync://rpki.apnic.net/member_repository/A9171155/09D36C90930511F0BEEAC611C4F9AE02/rT-mr4DjcxHQs67JSnV-VEY8Sbc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT-mr4DjcxHQs67JSnV-VEY8Sbc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8 (0x8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171155, serialNumber=AD3FA6AF80E37311D0B3AEC94A757E54463C49B7 Validity Not Before: Sep 22 18:46:34 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68d19989-21d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:c8:e0:84:4e:c4:7a:bb:0a:5a:a0:ba:6a:e2: a5:e0:4f:91:c6:5c:86:97:ec:76:f9:0b:3a:b9:49: c5:5a:45:88:56:b7:33:20:73:b5:d2:47:b4:08:7c: 94:db:6a:a5:e5:a1:f3:2f:99:ec:d7:f2:41:bd:e8: 1c:74:be:b1:8d:85:25:95:eb:dd:4d:40:f9:81:1e: 3e:0b:c8:79:01:65:d3:4f:00:c0:c6:19:db:c2:80: 0e:7f:7d:10:30:20:cc:eb:dc:ff:b7:c0:6d:79:cc: 53:fc:c0:e5:3f:a4:da:6c:44:75:fc:03:57:4a:92: 03:3f:1f:ef:df:c0:09:25:4e:e3:25:42:98:53:3f: 0c:d4:9b:f2:f1:9d:ef:ec:47:f6:98:04:0b:84:9f: b5:2f:4c:f7:36:29:e2:4b:54:ea:7f:e9:51:f4:67: 0f:c9:9a:97:d0:3a:4f:b4:91:c7:7a:15:6e:25:5e: 57:5e:4d:ad:52:b5:a5:48:2c:1e:a2:63:1f:05:c1: cb:bf:41:60:41:ad:96:ee:15:17:53:29:42:12:d8: 0a:de:60:c5:d9:a5:ed:5e:eb:b0:59:63:eb:ff:98: 84:af:3d:94:01:ff:e6:17:74:77:e6:ce:f6:f1:57: 4c:73:3d:b5:e6:8e:b4:01:a7:1d:d3:d0:4f:c7:39: 4e:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:97:44:D9:B5:7B:FF:1F:02:92:31:4A:81:DE:A2:00:ED:E3:CD:CB X509v3 Authority Key Identifier: keyid:AD:3F:A6:AF:80:E3:73:11:D0:B3:AE:C9:4A:75:7E:54:46:3C:49:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171155/09D36C90930511F0BEEAC611C4F9AE02/rT-mr4DjcxHQs67JSnV-VEY8Sbc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT-mr4DjcxHQs67JSnV-VEY8Sbc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171155/09D36C90930511F0BEEAC611C4F9AE02/134623AC931511F092E28818C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.130.0/23 IPv6: 2402:2ba0::/32 Signature Algorithm: sha256WithRSAEncryption 47:42:ae:5b:16:3e:23:06:66:98:e2:2c:4b:8a:b6:ee:05:ca: fc:7c:19:ae:3f:b2:4c:dd:38:6f:cb:17:2e:b3:66:ca:88:16: 51:42:83:34:24:d4:39:a3:15:91:66:7d:3e:c6:63:27:a2:59: 2f:e6:66:bb:b2:3c:bb:af:7e:3e:0c:34:3f:b3:94:ed:3b:a2: 02:27:63:45:05:e8:73:15:02:e6:a2:77:16:f0:8b:ba:01:80: 50:9d:2e:f5:58:b4:ad:d0:c9:77:c8:53:63:57:59:d5:06:d5: f3:29:72:34:99:67:37:cd:54:a2:cf:09:4b:ad:0b:35:ba:a2: 42:cb:6c:37:a6:06:bd:7a:a6:8d:dc:ea:a3:d9:36:7c:d3:69: ac:02:84:b1:19:ea:5c:c3:44:eb:72:84:79:1a:24:d8:39:32: 5e:bd:20:e7:14:b0:51:75:61:70:df:d8:4a:67:79:0c:b0:58: 29:82:60:79:0e:1f:63:23:59:b3:f8:31:7c:21:67:7d:2a:f0: cb:73:76:bb:86:82:0a:15:1a:e7:06:55:d6:9c:c9:73:0c:ff: 22:12:0f:52:64:61:47:24:bf:4f:dd:4c:4f:4c:d8:e6:1f:7f: 19:3e:74:35:a8:09:1d:e5:70:21:66:fc:08:6a:45:d9:90:cd: 59:46:ef:8a -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MTE1NTExMC8GA1UEBRMoQUQzRkE2QUY4MEUzNzMxMUQwQjNBRUM5NEE3NTdFNTQ0 NjNDNDlCNzAeFw0yNTA5MjIxODQ2MzRaFw0yNjEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZDE5OTg5LTIxZDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCkyOCETsR6uwpaoLpq4qXgT5HGXIaX7Hb5Czq5ScVaRYhWtzMgc7XSR7QIfJTb aqXlofMvmezX8kG96Bx0vrGNhSWV691NQPmBHj4LyHkBZdNPAMDGGdvCgA5/fRAw IMzr3P+3wG15zFP8wOU/pNpsRHX8A1dKkgM/H+/fwAklTuMlQphTPwzUm/Lxne/s R/aYBAuEn7UvTPc2KeJLVOp/6VH0Zw/JmpfQOk+0kcd6FW4lXldeTa1StaVILB6i Yx8Fwcu/QWBBrZbuFRdTKUIS2AreYMXZpe1e67BZY+v/mISvPZQB/+YXdHfmzvbx V0xzPbXmjrQBpx3T0E/HOU5lAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUOJdE2bV7 /x8CkjFKgd6iAO3jzcswHwYDVR0jBBgwFoAUrT+mr4DjcxHQs67JSnV+VEY8Sbcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcxMTU1LzA5RDM2QzkwOTMw NTExRjBCRUVBQzYxMUM0RjlBRTAyL3JULW1yNERqY3hIUXM2N0pTblYtVkVZOFNi Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvclQtbXI0RGpjeEhRczY3SlNuVi1WRVk4U2JjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTE1NS8wOUQzNkM5MDkzMDUxMUYwQkVFQUM2MTFDNEY5QUUwMi8xMzQ2MjNBQzkz MTUxMUYwOTJFMjg4MThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf MB0wDAQCAAEwBgMEASvhgjANBAIAAjAHAwUAJAIroDANBgkqhkiG9w0BAQsFAAOC AQEAR0KuWxY+IwZmmOIsS4q27gXK/HwZrj+yTN04b8sXLrNmyogWUUKDNCTUOaMV kWZ9PsZjJ6JZL+Zmu7I8u69+Pgw0P7OU7TuiAidjRQXocxUC5qJ3FvCLugGAUJ0u 9Vi0rdDJd8hTY1dZ1QbV8ylyNJlnN81Uos8JS60LNbqiQstsN6YGvXqmjdzqo9k2 fNNprAKEsRnqXMNE63KEeRok2DkyXr0g5xSwUXVhcN/YSmd5DLBYKYJgeQ4fYyNZ s/gxfCFnfSrwy3N2u4aCChUa5wZV1pzJcwz/IhIPUmRhRyS/T91MT0zY5h9/GT50 NagJHeVwIWb8CGpF2ZDNWUbvig== -----END CERTIFICATE-----Generated at Mon Oct 20 11:23:06 2025 by rpki-client