$ rpki-client -vvf rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/87C1A5F8245711F083602A0BC4F9AE02.roa File: 87C1A5F8245711F083602A0BC4F9AE02.roa (raw, json) Hash identifier: 3SdLflE7QNKZukodJvPP0+VEXx4PpxcKaoT3DVdeoho= Subject key identifier: EF:89:29:1B:F6:92:52:76:08:73:45:5F:05:93:33:2C:1A:1F:27:EA Certificate issuer: /CN=A9173780/serialNumber=9BC66CFF809A8A71212005DD9C27047AB418C8A7 Certificate serial: 0A08 Authority key identifier: 9B:C6:6C:FF:80:9A:8A:71:21:20:05:DD:9C:27:04:7A:B4:18:C8:A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8Zs_4CainEhIAXdnCcEerQYyKc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/87C1A5F8245711F083602A0BC4F9AE02.roa Signing time: Mon 28 Apr 2025 17:38:40 +0000 ROA not before: Mon 28 Apr 2025 17:38:40 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 24479 IP address blocks: 203.3.167.0/24 maxlen: 24 203.28.212.0/24 maxlen: 24 203.170.2.0/23 maxlen: 23 203.170.2.0/24 maxlen: 24 203.170.4.0/22 maxlen: 22 203.170.8.0/21 maxlen: 21 203.170.8.0/24 maxlen: 24 203.170.9.0/24 maxlen: 24 203.170.10.0/24 maxlen: 24 203.170.11.0/24 maxlen: 24 203.170.12.0/24 maxlen: 24 203.170.13.0/24 maxlen: 24 203.170.14.0/24 maxlen: 24 2402:4d40::/32 maxlen: 32 2402:4d40::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/m8Zs_4CainEhIAXdnCcEerQYyKc.crl rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/m8Zs_4CainEhIAXdnCcEerQYyKc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8Zs_4CainEhIAXdnCcEerQYyKc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:41:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2568 (0xa08) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9173780, serialNumber=9BC66CFF809A8A71212005DD9C27047AB418C8A7 Validity Not Before: Apr 28 17:38:40 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=680fbd20-a12c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:69:74:0c:3f:d7:16:b3:12:64:2e:2d:3b:51: bd:f0:f1:7e:2c:66:83:d4:85:3b:d5:18:15:32:c3: 1f:86:14:2d:a1:83:3e:da:66:5e:90:62:b8:81:2a: d3:16:f2:0b:69:07:ad:cd:a5:ad:fe:f0:d0:d4:73: 6f:1b:f8:8a:e8:66:5b:ba:4a:58:20:52:19:b5:16: 4d:c3:58:f8:30:45:d9:af:9c:5c:f7:36:40:87:74: 4d:09:b6:ad:cb:a4:93:f0:3e:a7:f3:8c:cb:c7:40: 0b:78:ad:93:30:5c:11:5a:57:5b:8e:1f:38:eb:40: a3:93:39:3a:b4:2f:1a:eb:e8:28:04:ae:1e:5e:6e: 70:e8:d8:da:eb:51:0d:30:4f:a3:8c:52:a2:e4:d2: 19:2a:83:0d:22:60:62:a6:67:df:4d:48:e3:a0:6a: 5d:fb:97:02:2a:1e:52:d9:91:6f:12:1b:34:26:85: 32:17:fb:c6:e8:23:63:8b:cc:5e:27:4d:e4:67:46: 9c:96:90:e6:04:69:6b:f1:21:0e:74:20:d6:cb:c3: ea:cf:c1:ad:ce:58:fa:be:48:a3:15:46:0d:16:b2: 92:a5:fc:05:d3:56:1d:d0:25:94:16:02:17:48:68: a0:b6:85:55:e2:33:dc:9b:29:45:f8:07:e7:5e:94: dd:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:89:29:1B:F6:92:52:76:08:73:45:5F:05:93:33:2C:1A:1F:27:EA X509v3 Authority Key Identifier: keyid:9B:C6:6C:FF:80:9A:8A:71:21:20:05:DD:9C:27:04:7A:B4:18:C8:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/m8Zs_4CainEhIAXdnCcEerQYyKc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8Zs_4CainEhIAXdnCcEerQYyKc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/87C1A5F8245711F083602A0BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.3.167.0/24 203.28.212.0/24 203.170.2.0-203.170.15.255 IPv6: 2402:4d40::/32 Signature Algorithm: sha256WithRSAEncryption 1b:95:ed:02:df:b8:1a:62:77:bb:1e:d6:4a:93:63:86:40:1b: c1:e6:b5:e6:41:c1:c3:ea:8f:9c:4b:87:4d:26:a3:d2:f8:88: 29:45:f9:fc:2e:78:bc:0c:55:f0:84:e7:03:b5:26:f2:0b:33: 0d:8d:37:0d:6f:26:32:3d:52:60:cb:86:cc:25:4b:be:76:21: c2:d8:2d:c8:f7:05:3e:29:7f:d9:3b:ed:70:f6:5a:31:b9:07: d4:65:17:d4:01:73:25:f4:53:dc:81:f7:4e:14:1a:a4:f7:b9: 41:3b:be:b4:6d:31:8e:07:a5:87:70:72:f5:0b:33:46:3e:25: 1e:a4:d9:bc:7e:b3:47:4e:2a:91:68:e9:80:70:20:34:3d:b1: fd:8c:4f:a8:fa:78:06:8c:e2:3c:81:90:aa:1a:c1:63:11:34: dc:1a:30:f8:31:8c:4d:a1:6f:6b:61:e4:4b:b5:b0:fc:52:b5: b5:e9:8a:6a:c8:59:4d:1f:64:e4:15:dd:15:16:82:18:14:48: 56:8d:44:e9:a7:8c:0b:76:86:83:6d:03:a8:92:e8:3a:99:6e: 5b:25:29:b9:2b:b6:83:79:db:94:2a:c4:36:3f:b1:de:8d:8f: f8:17:23:e1:c6:7e:2b:9e:b9:5c:f4:34:6e:7f:b6:1f:6b:42: 28:43:a0:73 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgICCggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzM3ODAxMTAvBgNVBAUTKDlCQzY2Q0ZGODA5QThBNzEyMTIwMDVERDlDMjcwNDdB QjQxOEM4QTcwHhcNMjUwNDI4MTczODQwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODBmYmQyMC1hMTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6Gl0DD/XFrMSZC4tO1G98PF+LGaD1IU71RgVMsMfhhQtoYM+2mZekGK4gSrT FvILaQetzaWt/vDQ1HNvG/iK6GZbukpYIFIZtRZNw1j4MEXZr5xc9zZAh3RNCbat y6ST8D6n84zLx0ALeK2TMFwRWldbjh8460Cjkzk6tC8a6+goBK4eXm5w6Nja61EN ME+jjFKi5NIZKoMNImBipmffTUjjoGpd+5cCKh5S2ZFvEhs0JoUyF/vG6CNji8xe J03kZ0aclpDmBGlr8SEOdCDWy8Pqz8Gtzlj6vkijFUYNFrKSpfwF01Yd0CWUFgIX SGigtoVV4jPcmylF+AfnXpTd3wIDAQABo4ICuDCCArQwHQYDVR0OBBYEFO+JKRv2 klJ2CHNFXwWTMywaHyfqMB8GA1UdIwQYMBaAFJvGbP+AmopxISAF3ZwnBHq0GMin MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Mzc4MC84RUI2MkRGQTc3 RUQxMUVBQUE0Q0M0MjJDNEY5QUUwMi9tOFpzXzRDYWluRWhJQVhkbkNjRWVyUVl5 S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL204WnNfNENhaW5FaElBWGRuQ2NFZXJRWXlLYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzM3ODAvOEVCNjJERkE3N0VEMTFFQUFBNENDNDIyQzRGOUFFMDIvODdDMUE1Rjgy NDU3MTFGMDgzNjAyQTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E MzAxMCAEAgABMBoDBADLA6cDBADLHNQwDAMEAcuqAgMEBMuqADANBAIAAjAHAwUA JAJNQDANBgkqhkiG9w0BAQsFAAOCAQEAG5XtAt+4GmJ3ux7WSpNjhkAbwea15kHB w+qPnEuHTSaj0viIKUX5/C54vAxV8ITnA7Um8gszDY03DW8mMj1SYMuGzCVLvnYh wtgtyPcFPil/2TvtcPZaMbkH1GUX1AFzJfRT3IH3ThQapPe5QTu+tG0xjgelh3By 9QszRj4lHqTZvH6zR04qkWjpgHAgND2x/YxPqPp4BoziPIGQqhrBYxE03Bow+DGM TaFva2HkS7Ww/FK1temKashZTR9k5BXdFRaCGBRIVo1E6aeMC3aGg20DqJLoOplu WyUpuSu2g3nblCrENj+x3o2P+Bcj4cZ+K565XPQ0bn+2H2tCKEOgcw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:25:19 2025 by rpki-client