$ rpki-client -vvf rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/9E194914B3EC11EE8B2EE910C4F9AE02.roa File: 9E194914B3EC11EE8B2EE910C4F9AE02.roa (raw, json) Hash identifier: 9cLUWM+lWWpZt/EGTjBbXr6teTbVNtgXpN+WMvBwXno= Subject key identifier: ED:E0:80:AD:F9:82:65:69:C5:A6:A5:15:22:C9:9F:54:7E:3B:4C:37 Certificate issuer: /CN=A91805CE/serialNumber=72926FC60F7C184A61D73BD094AA6A386B63002A Certificate serial: 012A Authority key identifier: 72:92:6F:C6:0F:7C:18:4A:61:D7:3B:D0:94:AA:6A:38:6B:63:00:2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cpJvxg98GEph1zvQlKpqOGtjACo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/9E194914B3EC11EE8B2EE910C4F9AE02.roa Signing time: Tue 01 Jul 2025 05:42:23 +0000 ROA not before: Tue 01 Jul 2025 05:42:23 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 9463 IP address blocks: 202.74.128.0/22 maxlen: 22 202.74.132.0/22 maxlen: 22 202.74.136.0/22 maxlen: 22 202.74.140.0/22 maxlen: 22 202.74.147.0/24 maxlen: 24 202.74.148.0/24 maxlen: 24 202.74.152.0/23 maxlen: 23 202.74.152.0/24 maxlen: 24 202.74.153.0/24 maxlen: 24 202.74.154.0/23 maxlen: 23 202.74.154.0/24 maxlen: 24 202.74.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/cpJvxg98GEph1zvQlKpqOGtjACo.crl rsync://rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/cpJvxg98GEph1zvQlKpqOGtjACo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cpJvxg98GEph1zvQlKpqOGtjACo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 298 (0x12a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91805CE, serialNumber=72926FC60F7C184A61D73BD094AA6A386B63002A Validity Not Before: Jul 1 05:42:23 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6863753e-ca71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:23:f9:2a:02:e8:01:87:0c:d9:ed:b2:21:b5: 0f:44:36:ae:7c:6d:76:9c:b5:28:17:4c:b5:f9:2d: c7:16:61:b4:11:6f:15:4c:fb:78:43:a7:bd:04:73: a0:d8:eb:eb:7b:2a:b1:a8:ff:9d:40:bb:32:b2:3a: 20:c9:c5:5a:1b:63:c5:62:5e:e5:e8:83:8e:ea:cd: 25:1b:97:42:be:8e:90:43:c9:96:c6:a4:21:65:34: be:40:37:73:85:9c:b6:8b:46:10:92:17:d2:9b:6d: 49:23:2a:03:de:64:69:a6:03:4c:75:9e:f0:e9:da: c3:91:7d:e3:f5:72:b0:1d:52:f4:e9:7a:b4:7b:12: c9:03:2a:a2:29:7f:57:79:58:5a:0e:f0:84:ed:0f: 28:e0:11:8b:3d:61:df:41:e3:7d:26:0b:8c:b3:c7: a3:e2:e6:9f:99:bd:79:78:85:4a:79:83:cc:c9:7a: e6:c7:e8:a1:5f:90:9c:3e:cc:16:c4:60:e1:b1:f2: 2c:01:2f:aa:c1:6b:5a:69:f5:0c:47:a0:0a:0c:b1: 31:f4:bc:a1:24:26:b9:12:08:fe:1c:4e:fe:7d:a4: 15:5e:32:b6:92:e5:ba:58:96:af:f0:b1:e3:fc:e9: d0:4d:b0:f7:31:85:9a:31:cc:b9:d5:4c:64:d3:2c: 9f:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:E0:80:AD:F9:82:65:69:C5:A6:A5:15:22:C9:9F:54:7E:3B:4C:37 X509v3 Authority Key Identifier: keyid:72:92:6F:C6:0F:7C:18:4A:61:D7:3B:D0:94:AA:6A:38:6B:63:00:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/cpJvxg98GEph1zvQlKpqOGtjACo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cpJvxg98GEph1zvQlKpqOGtjACo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91805CE/0EB09D36AE7411EE8CED235CC4F9AE02/9E194914B3EC11EE8B2EE910C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.74.128.0/20 202.74.147.0-202.74.148.255 202.74.152.0/22 Signature Algorithm: sha256WithRSAEncryption 70:8b:8e:65:c7:a7:17:c5:09:df:7b:d8:1b:09:55:50:ff:a2: 64:12:3d:f5:92:42:cf:1c:9c:d1:2f:b3:4d:3f:f7:15:1a:1b: 7c:03:9f:09:c3:5b:03:80:e7:b0:63:b3:05:66:45:e7:46:42: fc:02:d4:7c:61:a0:a4:f7:d5:97:99:49:b1:56:cf:68:02:59: 31:78:20:de:00:06:9a:1b:3b:d5:a2:92:c8:66:71:14:33:77: 44:49:55:7c:78:fd:50:7c:d2:8a:be:72:d4:63:16:50:ab:b7: d6:65:59:e9:6a:71:1e:f1:54:60:24:d2:78:5e:81:ea:90:a7: 8e:f8:07:f2:9b:f8:f5:70:bf:96:f8:6e:93:94:24:05:93:5c: 81:38:d7:63:cc:dc:5b:e1:79:52:d0:29:37:f3:16:86:d0:c8: 33:dd:d6:0a:1f:f5:36:12:50:15:09:8f:da:89:39:66:fd:2f: c3:56:a4:49:25:04:f1:6c:d2:87:96:f0:73:71:eb:44:5f:7d: 44:83:52:05:23:e7:75:03:e4:92:f7:62:ca:f5:21:1e:fb:2a: f1:b1:ec:60:a3:ce:48:52:ce:5a:3f:cb:31:8d:00:9a:bb:c2: 36:d1:12:d1:40:d3:73:2c:64:cc:93:be:66:0f:74:e5:de:17: 23:66:03:b8 -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgICASowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODA1Q0UxMTAvBgNVBAUTKDcyOTI2RkM2MEY3QzE4NEE2MUQ3M0JEMDk0QUE2QTM4 NkI2MzAwMkEwHhcNMjUwNzAxMDU0MjIzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODYzNzUzZS1jYTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwCP5KgLoAYcM2e2yIbUPRDaufG12nLUoF0y1+S3HFmG0EW8VTPt4Q6e9BHOg 2OvreyqxqP+dQLsysjogycVaG2PFYl7l6IOO6s0lG5dCvo6QQ8mWxqQhZTS+QDdz hZy2i0YQkhfSm21JIyoD3mRppgNMdZ7w6drDkX3j9XKwHVL06Xq0exLJAyqiKX9X eVhaDvCE7Q8o4BGLPWHfQeN9JguMs8ej4uafmb15eIVKeYPMyXrmx+ihX5CcPswW xGDhsfIsAS+qwWtaafUMR6AKDLEx9LyhJCa5Egj+HE7+faQVXjK2kuW6WJav8LHj /OnQTbD3MYWaMcy51Uxk0yyfeQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFO3ggK35 gmVpxaalFSLJn1R+O0w3MB8GA1UdIwQYMBaAFHKSb8YPfBhKYdc70JSqajhrYwAq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDVDRS8wRUIwOUQzNkFF NzQxMUVFOENFRDIzNUNDNEY5QUUwMi9jcEp2eGc5OEdFcGgxenZRbEtwcU9HdGpB Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NwSnZ4Zzk4R0VwaDF6dlFsS3BxT0d0akFDby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODA1Q0UvMEVCMDlEMzZBRTc0MTFFRThDRUQyMzVDQzRGOUFFMDIvOUUxOTQ5MTRC M0VDMTFFRThCMkVFOTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E JDAiMCAEAgABMBoDBATKSoAwDAMEAMpKkwMEAMpKlAMEAspKmDANBgkqhkiG9w0B AQsFAAOCAQEAcIuOZcenF8UJ33vYGwlVUP+iZBI99ZJCzxyc0S+zTT/3FRobfAOf CcNbA4DnsGOzBWZF50ZC/ALUfGGgpPfVl5lJsVbPaAJZMXgg3gAGmhs71aKSyGZx FDN3RElVfHj9UHzSir5y1GMWUKu31mVZ6WpxHvFUYCTSeF6B6pCnjvgH8pv49XC/ lvhuk5QkBZNcgTjXY8zcW+F5UtApN/MWhtDIM93WCh/1NhJQFQmP2ok5Zv0vw1ak SSUE8WzSh5bwc3HrRF99RINSBSPndQPkkvdiyvUhHvsq8bHsYKPOSFLOWj/LMY0A mrvCNtES0UDTcyxkzJO+Zg905d4XI2YDuA== -----END CERTIFICATE-----Generated at Thu Jul 3 10:03:17 2025 by rpki-client