$ rpki-client -vvf rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/229CD24AF9FB11EB8CFF5E7DC4F9AE02.roa File: 229CD24AF9FB11EB8CFF5E7DC4F9AE02.roa (raw, json) Hash identifier: n04Y3sGneIDc0gFY4gtPPq0L4eOtSWnQu7Ei64M+chk= Subject key identifier: 84:79:6D:45:DB:E5:23:EA:B3:C4:BE:6E:39:A6:CB:0C:B3:F5:F0:0D Certificate issuer: /CN=A9185D6E/serialNumber=9524EA9B823C20FA78923BE6667E14F6C4C3B47E Certificate serial: 05CF Authority key identifier: 95:24:EA:9B:82:3C:20:FA:78:92:3B:E6:66:7E:14:F6:C4:C3:B4:7E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSTqm4I8IPp4kjvmZn4U9sTDtH4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/229CD24AF9FB11EB8CFF5E7DC4F9AE02.roa Signing time: Thu 02 Oct 2025 23:24:36 +0000 ROA not before: Thu 02 Oct 2025 23:24:35 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 394808 IP address blocks: 104.161.234.0/23 maxlen: 24 104.161.252.0/24 maxlen: 24 104.161.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.crl rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSTqm4I8IPp4kjvmZn4U9sTDtH4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 00:46:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1487 (0x5cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185D6E, serialNumber=9524EA9B823C20FA78923BE6667E14F6C4C3B47E Validity Not Before: Oct 2 23:24:35 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68df09b3-99d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:0a:29:5b:9d:d3:e0:cc:12:3c:9e:68:a0:88: c4:5f:e9:de:3d:bb:d4:fb:36:44:5a:9f:88:1c:32: fc:21:87:4f:c3:e0:a1:32:45:7d:d8:98:9f:f2:ca: 16:cb:e0:cd:ef:64:5e:20:79:24:04:11:61:bc:96: 65:e7:cc:21:a9:ce:b8:b9:0a:bb:22:78:f5:4c:79: f8:9a:fa:87:1f:de:9b:82:2c:5a:39:77:82:c7:3c: 0a:29:fe:57:5a:65:55:91:e5:c9:30:41:c6:4a:fa: e8:9d:6b:7c:be:78:b7:1d:52:53:5d:09:87:7e:64: b9:34:c0:81:71:54:63:b2:f2:1f:cf:1b:d9:e2:7e: 2d:e6:d5:53:f2:a8:53:d5:79:4c:89:35:01:6d:2c: 43:66:68:52:f0:8d:a8:b9:3a:39:d9:1b:50:eb:24: 66:81:ef:c0:4d:13:84:a7:e3:ad:2b:2d:51:fa:a7: ea:fe:df:e5:0b:82:d3:70:a0:df:d9:e7:5e:d6:ed: 88:37:e4:3c:d3:3d:76:15:e1:ec:e8:b1:a4:b2:c6: 9b:b0:c2:50:f9:9c:0c:25:79:a2:31:a8:18:9b:42: f7:d4:b3:ea:41:8f:01:d5:2f:9a:ed:c0:d6:99:22: 74:92:15:4c:e9:09:6c:00:9d:73:63:70:b1:21:36: 38:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:79:6D:45:DB:E5:23:EA:B3:C4:BE:6E:39:A6:CB:0C:B3:F5:F0:0D X509v3 Authority Key Identifier: keyid:95:24:EA:9B:82:3C:20:FA:78:92:3B:E6:66:7E:14:F6:C4:C3:B4:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/lSTqm4I8IPp4kjvmZn4U9sTDtH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSTqm4I8IPp4kjvmZn4U9sTDtH4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185D6E/4CBFF4AEDFF111EB894F3067C4F9AE02/229CD24AF9FB11EB8CFF5E7DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 104.161.234.0/23 104.161.252.0/23 Signature Algorithm: sha256WithRSAEncryption 92:ef:67:50:08:4b:c7:37:67:9b:8d:d8:b2:fd:8c:5b:21:71: c8:31:21:61:8c:ba:d4:dc:52:27:5d:d7:6c:57:47:41:22:e6: f7:36:87:94:2c:ce:51:c8:14:59:03:99:31:06:61:27:bc:0e: fd:f9:cf:ab:72:2a:d0:47:36:85:f0:22:4f:03:78:8c:00:be: 6e:b4:07:ab:86:6a:30:71:fb:0e:ce:9a:85:47:0f:91:6c:db: b4:f2:2d:f6:e4:c9:c6:5c:a7:d8:97:e1:f0:08:88:92:b2:2e: 46:37:a9:1e:9e:d2:fd:9d:09:75:c4:47:40:19:1e:a3:8b:ea: 3e:17:91:85:93:0c:d8:6e:46:4b:d7:8e:47:ef:34:c3:21:5e: 6a:0c:06:f9:53:0c:7e:6d:5e:30:71:17:1b:c1:fd:37:4a:e5: 0e:19:46:c0:15:0a:c6:ff:e8:b6:6c:74:18:aa:c2:7b:c8:4c: c7:91:d9:91:f9:85:3a:33:f9:38:e2:38:c2:c2:18:7d:bc:55: 8e:04:ef:81:11:9f:7c:88:af:3d:8a:55:b9:3d:62:dc:c7:f3: 5b:71:ae:71:81:f9:49:54:6c:50:5c:fd:de:f7:12:ca:6c:9e: 1f:d0:1f:a0:21:82:84:4c:62:23:c4:79:21:52:39:54:7c:77: cf:54:6b:e6 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVENkUxMTAvBgNVBAUTKDk1MjRFQTlCODIzQzIwRkE3ODkyM0JFNjY2N0UxNEY2 QzRDM0I0N0UwHhcNMjUxMDAyMjMyNDM1WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRmMDliMy05OWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqwopW53T4MwSPJ5ooIjEX+nePbvU+zZEWp+IHDL8IYdPw+ChMkV92Jif8soW y+DN72ReIHkkBBFhvJZl58whqc64uQq7Inj1THn4mvqHH96bgixaOXeCxzwKKf5X WmVVkeXJMEHGSvronWt8vni3HVJTXQmHfmS5NMCBcVRjsvIfzxvZ4n4t5tVT8qhT 1XlMiTUBbSxDZmhS8I2ouTo52RtQ6yRmge/ATROEp+OtKy1R+qfq/t/lC4LTcKDf 2ede1u2IN+Q80z12FeHs6LGkssabsMJQ+ZwMJXmiMagYm0L31LPqQY8B1S+a7cDW mSJ0khVM6QlsAJ1zY3CxITY4/QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIR5bUXb 5SPqs8S+bjmmywyz9fANMB8GA1UdIwQYMBaAFJUk6puCPCD6eJI75mZ+FPbEw7R+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUQ2RS80Q0JGRjRBRURG RjExMUVCODk0RjMwNjdDNEY5QUUwMi9sU1RxbTRJOElQcDRranZtWm40VTlzVER0 SDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xTVHFtNEk4SVBwNGtqdm1abjRVOXNURHRINC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODVENkUvNENCRkY0QUVERkYxMTFFQjg5NEYzMDY3QzRGOUFFMDIvMjI5Q0QyNEFG OUZCMTFFQjhDRkY1RTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAFooeoDBAFoofwwDQYJKoZIhvcNAQELBQADggEBAJLvZ1AI S8c3Z5uN2LL9jFshccgxIWGMutTcUidd12xXR0Ei5vc2h5QszlHIFFkDmTEGYSe8 Dv35z6tyKtBHNoXwIk8DeIwAvm60B6uGajBx+w7OmoVHD5Fs27TyLfbkycZcp9iX 4fAIiJKyLkY3qR6e0v2dCXXER0AZHqOL6j4XkYWTDNhuRkvXjkfvNMMhXmoMBvlT DH5tXjBxFxvB/TdK5Q4ZRsAVCsb/6LZsdBiqwnvITMeR2ZH5hToz+TjiOMLCGH28 VY4E74ERn3yIrz2KVbk9YtzH81txrnGB+UlUbFBc/d73Espsnh/QH6AhgoRMYiPE eSFSOVR8d89Ua+Y= -----END CERTIFICATE-----Generated at Mon Oct 20 09:55:48 2025 by rpki-client