$ rpki-client -vvf rpki.apnic.net/member_repository/A917FACB/1C946AF2B46511EF9BFBAA67C4F9AE02/817FDF1EB46511EF86BEAC6BC4F9AE02.roa File: 817FDF1EB46511EF86BEAC6BC4F9AE02.roa (raw, json) Hash identifier: wJ3laQ7nVagMEJPomzazSfS6B/Yq1uHmjJhmSe/2HtA= Subject key identifier: 39:AD:63:7A:8B:4D:DD:3E:D6:29:5E:6D:14:6E:87:77:4C:C8:39:4F Certificate issuer: /CN=A917FACB/serialNumber=402D1D0BD91F43802C7A0D70736188BEBA0A0812 Certificate serial: 94 Authority key identifier: 40:2D:1D:0B:D9:1F:43:80:2C:7A:0D:70:73:61:88:BE:BA:0A:08:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QC0dC9kfQ4Aseg1wc2GIvroKCBI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917FACB/1C946AF2B46511EF9BFBAA67C4F9AE02/817FDF1EB46511EF86BEAC6BC4F9AE02.roa Signing time: Tue 09 Sep 2025 06:43:17 +0000 ROA not before: Tue 09 Sep 2025 06:43:17 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 139020 IP address blocks: 160.250.138.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917FACB/1C946AF2B46511EF9BFBAA67C4F9AE02/QC0dC9kfQ4Aseg1wc2GIvroKCBI.crl rsync://rpki.apnic.net/member_repository/A917FACB/1C946AF2B46511EF9BFBAA67C4F9AE02/QC0dC9kfQ4Aseg1wc2GIvroKCBI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QC0dC9kfQ4Aseg1wc2GIvroKCBI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:29:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 148 (0x94) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917FACB, serialNumber=402D1D0BD91F43802C7A0D70736188BEBA0A0812 Validity Not Before: Sep 9 06:43:17 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68bfcc85-e428 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:aa:60:3f:5b:e6:f1:0d:5e:ab:33:81:1f:c9: c9:02:57:e8:0d:59:c1:c1:06:ae:d2:9f:cd:5b:fe: cb:da:97:24:00:ec:bc:70:3c:6b:7e:74:7f:e9:7d: fd:12:17:1a:29:c4:cf:7e:b4:29:80:bb:3e:41:fb: 9b:95:a9:a1:c5:3e:9a:68:03:28:40:7e:1d:5d:19: 09:61:6d:e5:7a:12:23:0b:ac:dd:40:24:d1:72:bb: 2d:00:31:bf:61:b8:f8:c5:98:1c:b4:61:cd:d0:7e: 04:f1:af:be:c4:e2:48:c2:66:87:f0:76:93:f1:8e: 8c:d3:df:c4:a9:72:85:fe:f9:fd:aa:55:35:ca:a0: 81:5d:a7:b6:45:f4:a2:d8:53:07:69:01:c2:49:57: 3d:59:41:eb:3d:c4:fe:10:84:57:b5:5c:63:a7:64: 51:b9:c6:bb:bc:52:22:4a:1f:f5:ed:cd:b9:d5:77: fc:45:31:5f:36:b5:93:28:b6:a3:5a:fb:5f:85:83: 21:97:72:2a:2f:58:27:82:dd:ec:19:69:22:d5:43: a1:ca:8c:99:44:74:d0:76:f7:aa:1a:1f:0f:c2:5c: 7f:a5:ec:b7:f1:9c:3f:d0:d4:40:06:8a:5e:22:55: 99:f8:a3:a0:12:74:10:05:9e:eb:93:fd:d2:be:da: e5:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:AD:63:7A:8B:4D:DD:3E:D6:29:5E:6D:14:6E:87:77:4C:C8:39:4F X509v3 Authority Key Identifier: keyid:40:2D:1D:0B:D9:1F:43:80:2C:7A:0D:70:73:61:88:BE:BA:0A:08:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917FACB/1C946AF2B46511EF9BFBAA67C4F9AE02/QC0dC9kfQ4Aseg1wc2GIvroKCBI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QC0dC9kfQ4Aseg1wc2GIvroKCBI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917FACB/1C946AF2B46511EF9BFBAA67C4F9AE02/817FDF1EB46511EF86BEAC6BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.250.138.0/23 Signature Algorithm: sha256WithRSAEncryption 87:94:f6:8c:c3:aa:cc:e8:93:d8:2f:de:6c:2c:53:2d:ed:50: 4d:88:e5:db:4b:72:ec:b1:f1:45:38:3e:08:77:94:25:ac:c8: ec:ba:4e:1f:4d:ae:7b:d5:99:ed:0a:16:93:06:0f:26:2d:eb: d9:29:88:13:cd:37:e9:f2:93:1b:ca:04:d5:df:6a:53:76:53: fa:b1:a6:a8:cf:07:e4:cd:fc:98:4b:24:29:50:16:ef:ad:53: 52:02:2f:b6:0e:c2:38:1f:53:2f:2d:40:4d:93:4e:af:de:f5: 18:b1:8d:b5:22:93:8f:e9:89:6f:71:8f:bb:e3:d6:4b:a2:d4: 86:6e:75:ae:79:bd:b4:de:fe:4c:c8:6f:50:dd:aa:fe:5f:d2: a5:fb:16:a6:0f:c1:28:e2:19:c2:02:c1:63:10:01:37:2b:17: 40:4d:8b:61:f5:00:2a:b9:2d:79:43:c4:b2:6e:80:5e:03:b2: d8:ea:d2:46:67:76:57:c9:14:5e:a5:12:82:aa:15:27:62:39: 52:d2:7e:1c:32:1f:d5:90:f9:4f:48:e2:10:20:0e:a9:a6:5c: 36:0f:df:fa:c6:31:af:61:68:b2:65:78:b9:05:5d:9a:21:fe: d6:fb:3c:62:28:dc:e0:3a:30:34:f1:7a:aa:7e:d5:ef:19:79: 8d:36:20:e4 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0ZBQ0IxMTAvBgNVBAUTKDQwMkQxRDBCRDkxRjQzODAyQzdBMEQ3MDczNjE4OEJF QkEwQTA4MTIwHhcNMjUwOTA5MDY0MzE3WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGJmY2M4NS1lNDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0qpgP1vm8Q1eqzOBH8nJAlfoDVnBwQau0p/NW/7L2pckAOy8cDxrfnR/6X39 EhcaKcTPfrQpgLs+QfublamhxT6aaAMoQH4dXRkJYW3lehIjC6zdQCTRcrstADG/ Ybj4xZgctGHN0H4E8a++xOJIwmaH8HaT8Y6M09/EqXKF/vn9qlU1yqCBXae2RfSi 2FMHaQHCSVc9WUHrPcT+EIRXtVxjp2RRuca7vFIiSh/17c251Xf8RTFfNrWTKLaj WvtfhYMhl3IqL1gngt3sGWki1UOhyoyZRHTQdveqGh8Pwlx/pey38Zw/0NRABope IlWZ+KOgEnQQBZ7rk/3SvtrlMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDmtY3qL Td0+1ilebRRuh3dMyDlPMB8GA1UdIwQYMBaAFEAtHQvZH0OALHoNcHNhiL66CggS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RkFDQi8xQzk0NkFGMkI0 NjUxMUVGOUJGQkFBNjdDNEY5QUUwMi9RQzBkQzlrZlE0QXNlZzF3YzJHSXZyb0tD QkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1FDMGRDOWtmUTRBc2VnMXdjMkdJdnJvS0NCSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0ZBQ0IvMUM5NDZBRjJCNDY1MTFFRjlCRkJBQTY3QzRGOUFFMDIvODE3RkRGMUVC NDY1MTFFRjg2QkVBQzZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAGg+oowDQYJKoZIhvcNAQELBQADggEBAIeU9ozDqszok9gv 3mwsUy3tUE2I5dtLcuyx8UU4Pgh3lCWsyOy6Th9NrnvVme0KFpMGDyYt69kpiBPN N+nykxvKBNXfalN2U/qxpqjPB+TN/JhLJClQFu+tU1ICL7YOwjgfUy8tQE2TTq/e 9RixjbUik4/piW9xj7vj1kui1IZuda55vbTe/kzIb1Ddqv5f0qX7FqYPwSjiGcIC wWMQATcrF0BNi2H1ACq5LXlDxLJugF4Dstjq0kZndlfJFF6lEoKqFSdiOVLSfhwy H9WQ+U9I4hAgDqmmXDYP3/rGMa9haLJleLkFXZoh/tb7PGIo3OA6MDTxeqp+1e8Z eY02IOQ= -----END CERTIFICATE-----Generated at Tue Oct 21 00:03:52 2025 by rpki-client