$ rpki-client -vvf rpki.apnic.net/member_repository/A9185413/759AD24CAB9E11EE963D317DC4F9AE02/C1D49C12AEDF11EE96155C68C4F9AE02.roa File: C1D49C12AEDF11EE96155C68C4F9AE02.roa (raw, json) Hash identifier: EH9Ecs3l16GCiHR30STE9VxjfuPqLau85IhtMpZldhM= Subject key identifier: FD:5E:B9:A2:6E:D7:0E:77:5A:DA:74:A5:36:E1:C9:6B:65:50:08:C5 Certificate issuer: /CN=A9185413/serialNumber=0F99B1FECFA57004F643D82BF511CDD474786DA0 Certificate serial: 0139 Authority key identifier: 0F:99:B1:FE:CF:A5:70:04:F6:43:D8:2B:F5:11:CD:D4:74:78:6D:A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D5mx_s-lcAT2Q9gr9RHN1HR4baA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185413/759AD24CAB9E11EE963D317DC4F9AE02/C1D49C12AEDF11EE96155C68C4F9AE02.roa Signing time: Sat 23 Aug 2025 04:22:05 +0000 ROA not before: Sat 23 Aug 2025 04:22:05 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 132787 IP address blocks: 43.242.244.0/24 maxlen: 24 43.242.245.0/24 maxlen: 24 43.242.246.0/24 maxlen: 24 43.242.247.0/24 maxlen: 24 103.24.172.0/24 maxlen: 24 103.24.173.0/24 maxlen: 24 103.24.174.0/24 maxlen: 24 103.24.175.0/24 maxlen: 24 2402:20a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185413/759AD24CAB9E11EE963D317DC4F9AE02/D5mx_s-lcAT2Q9gr9RHN1HR4baA.crl rsync://rpki.apnic.net/member_repository/A9185413/759AD24CAB9E11EE963D317DC4F9AE02/D5mx_s-lcAT2Q9gr9RHN1HR4baA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D5mx_s-lcAT2Q9gr9RHN1HR4baA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 04:40:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 313 (0x139) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185413, serialNumber=0F99B1FECFA57004F643D82BF511CDD474786DA0 Validity Not Before: Aug 23 04:22:05 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68a941ed-2180 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1a:9a:67:82:f7:75:9f:d9:68:ef:d4:24:fc: 0a:e3:7b:ae:59:49:ea:62:bf:23:06:a5:58:e4:a9: 64:58:09:f5:49:69:92:9a:a6:db:5b:83:54:2d:bc: a1:28:8a:e9:43:62:0c:bc:f2:43:44:81:84:ce:92: ef:10:e6:a9:98:e6:14:8a:5e:00:86:d7:8f:bb:3a: 26:47:bd:3e:28:b8:4b:66:ce:77:92:ce:5d:ef:25: 04:99:29:c5:0f:08:7f:35:3c:de:32:10:eb:17:c1: f0:b3:54:53:d8:c1:3c:d8:f9:e3:79:e3:82:98:1f: 62:02:71:c6:f4:2b:be:6c:70:79:a8:2a:3e:87:b0: d7:5d:7b:39:a7:97:01:cd:da:78:a4:f7:90:6a:be: 98:6b:b6:1d:af:9f:6c:96:9d:97:62:8b:9f:e3:c3: 0d:22:dd:e4:3b:1a:c1:da:60:32:c0:3c:08:ed:65: a0:de:d6:8c:51:c6:b9:f2:2d:4b:a4:9f:22:ab:13: e8:b5:33:f0:07:46:fe:09:d1:26:12:08:26:4f:f2: bc:a5:35:a2:50:18:53:85:b2:49:81:ab:35:54:4a: 39:e2:bf:62:36:14:7f:a5:24:0f:2b:7f:0d:85:93: 0c:e6:b6:20:00:52:38:a5:39:b6:22:58:07:87:05: 61:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:5E:B9:A2:6E:D7:0E:77:5A:DA:74:A5:36:E1:C9:6B:65:50:08:C5 X509v3 Authority Key Identifier: keyid:0F:99:B1:FE:CF:A5:70:04:F6:43:D8:2B:F5:11:CD:D4:74:78:6D:A0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185413/759AD24CAB9E11EE963D317DC4F9AE02/D5mx_s-lcAT2Q9gr9RHN1HR4baA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D5mx_s-lcAT2Q9gr9RHN1HR4baA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185413/759AD24CAB9E11EE963D317DC4F9AE02/C1D49C12AEDF11EE96155C68C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.242.244.0/22 103.24.172.0/22 IPv6: 2402:20a0::/32 Signature Algorithm: sha256WithRSAEncryption 96:7c:db:fe:bc:f2:52:b2:d7:86:da:62:93:c6:f3:52:79:b5: ad:ee:69:79:ac:8c:1e:d0:d0:c8:76:e6:7f:11:26:1d:f3:85: 2d:30:e5:a2:16:a2:5d:dc:ad:0f:35:fd:ad:8a:d2:f3:d4:4b: 6d:19:74:bb:3f:2f:7e:9a:2c:d8:aa:dc:ef:fd:bd:d2:57:00: 96:a6:01:b8:ab:51:fb:e3:c2:2e:0c:3b:9f:04:9b:8b:6e:f8: c2:90:2e:e1:7f:4a:e7:d6:32:80:5b:c9:44:3e:70:9a:b2:5c: 65:4d:42:69:93:3c:49:70:9f:0c:e3:39:a1:00:91:20:e5:ce: 86:60:a4:2c:21:a7:59:ae:bc:1d:40:15:a4:59:14:b6:6a:96: d1:7d:64:51:cb:ff:b2:00:95:3d:9b:1e:5f:b1:5b:62:55:ac: 7f:73:ea:88:27:cc:62:90:ef:54:34:d8:85:d9:a3:bf:94:d8: 49:04:02:7c:32:62:8a:da:0b:fd:6a:77:5b:35:93:4c:d1:38: e7:28:af:59:2b:b4:7f:60:22:92:df:31:c5:b4:74:4a:49:fc: 35:21:b1:a2:5d:57:cf:da:1a:0f:00:5e:56:5b:53:aa:e7:8e: 41:fa:ae:4f:12:98:8d:58:89:52:31:f0:1f:a8:75:40:ca:98: 72:61:da:6a -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICATkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODU0MTMxMTAvBgNVBAUTKDBGOTlCMUZFQ0ZBNTcwMDRGNjQzRDgyQkY1MTFDREQ0 NzQ3ODZEQTAwHhcNMjUwODIzMDQyMjA1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGE5NDFlZC0yMTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArxqaZ4L3dZ/ZaO/UJPwK43uuWUnqYr8jBqVY5KlkWAn1SWmSmqbbW4NULbyh KIrpQ2IMvPJDRIGEzpLvEOapmOYUil4AhtePuzomR70+KLhLZs53ks5d7yUEmSnF Dwh/NTzeMhDrF8Hws1RT2ME82PnjeeOCmB9iAnHG9Cu+bHB5qCo+h7DXXXs5p5cB zdp4pPeQar6Ya7Ydr59slp2XYouf48MNIt3kOxrB2mAywDwI7WWg3taMUca58i1L pJ8iqxPotTPwB0b+CdEmEggmT/K8pTWiUBhThbJJgas1VEo54r9iNhR/pSQPK38N hZMM5rYgAFI4pTm2IlgHhwVh6wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFP1euaJu 1w53Wtp0pTbhyWtlUAjFMB8GA1UdIwQYMBaAFA+Zsf7PpXAE9kPYK/URzdR0eG2g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTQxMy83NTlBRDI0Q0FC OUUxMUVFOTYzRDMxN0RDNEY5QUUwMi9ENW14X3MtbGNBVDJROWdyOVJITjFIUjRi YUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Q1bXhfcy1sY0FUMlE5Z3I5UkhOMUhSNGJhQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODU0MTMvNzU5QUQyNENBQjlFMTFFRTk2M0QzMTdEQzRGOUFFMDIvQzFENDlDMTJB RURGMTFFRTk2MTU1QzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIr8vQDBAJnGKwwDQQCAAIwBwMFACQCIKAwDQYJKoZIhvcN AQELBQADggEBAJZ82/688lKy14baYpPG81J5ta3uaXmsjB7Q0Mh25n8RJh3zhS0w 5aIWol3crQ81/a2K0vPUS20ZdLs/L36aLNiq3O/9vdJXAJamAbirUfvjwi4MO58E m4tu+MKQLuF/SufWMoBbyUQ+cJqyXGVNQmmTPElwnwzjOaEAkSDlzoZgpCwhp1mu vB1AFaRZFLZqltF9ZFHL/7IAlT2bHl+xW2JVrH9z6ognzGKQ71Q02IXZo7+U2EkE AnwyYoraC/1qd1s1k0zROOcor1krtH9gIpLfMcW0dEpJ/DUhsaJdV8/aGg8AXlZb U6rnjkH6rk8SmI1YiVIx8B+odUDKmHJh2mo= -----END CERTIFICATE-----Generated at Sun Aug 24 06:48:04 2025 by rpki-client