$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/CF6343DE295D11F0B3C33614C4F9AE02.roa File: CF6343DE295D11F0B3C33614C4F9AE02.roa (raw, json) Hash identifier: soHDXhn1e2qK0BUfZsT/7EMAgURekf6y4K6+rsJFtvU= Subject key identifier: 78:76:A8:9F:DC:77:2F:56:E4:54:A4:91:84:39:D4:92:92:EA:C3:EE Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D Certificate serial: 04EC Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/CF6343DE295D11F0B3C33614C4F9AE02.roa Signing time: Tue 14 Oct 2025 02:42:24 +0000 ROA not before: Tue 14 Oct 2025 02:42:24 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 149026 IP address blocks: 203.32.7.0/24 maxlen: 24 203.32.22.0/24 maxlen: 24 203.32.38.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 04:36:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1260 (0x4ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918FC75, serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D Validity Not Before: Oct 14 02:42:24 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68edb890-28e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5f:36:59:e3:99:88:e3:4d:2c:f0:a4:0b:7f: cf:04:5b:0c:44:dc:18:a9:15:81:53:46:ae:63:db: 93:83:8d:d0:0d:a7:42:95:68:cc:b5:8d:34:c5:87: 52:21:f6:c7:da:d2:d2:b5:be:dc:f9:a6:ce:69:49: e7:1d:8d:5e:6a:69:07:0f:67:5b:0e:c5:ef:03:bc: 4b:34:17:44:e9:6f:fe:20:31:f6:1c:d8:05:e1:56: 02:ad:c4:6f:0a:c0:88:3e:a3:fd:4d:9c:52:68:9e: 60:f1:c7:c5:ff:82:af:cc:29:0e:e2:9b:ac:30:a9: 17:c9:10:ea:42:a4:62:4f:6a:e8:95:5d:de:7a:89: 74:b7:02:aa:67:ed:aa:7f:7b:36:3d:7f:6f:99:db: b8:c5:2b:50:d5:ef:2d:1a:7e:34:10:78:11:16:ed: 75:3d:ce:3c:ab:76:cd:f2:c3:50:29:58:13:85:7c: b2:4e:f2:25:39:96:9f:ea:dc:93:48:83:3d:e5:d9: 8c:cf:1d:d2:7d:aa:76:8b:2d:49:19:03:02:c0:86: a3:fa:a0:e7:67:aa:95:ca:51:92:f3:e0:19:9d:ee: 8d:3e:15:99:a5:6a:c6:7f:2d:93:0d:69:b5:a1:69: a4:6a:a8:c8:93:45:8c:c0:87:82:a3:32:f5:c3:7d: 1c:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:76:A8:9F:DC:77:2F:56:E4:54:A4:91:84:39:D4:92:92:EA:C3:EE X509v3 Authority Key Identifier: keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/CF6343DE295D11F0B3C33614C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.32.7.0/24 203.32.22.0/24 203.32.38.0/24 Signature Algorithm: sha256WithRSAEncryption c4:20:f7:3e:cf:e7:69:44:c3:58:b9:db:6a:bf:e9:63:21:60: f1:fc:19:0f:26:99:c5:4c:cf:48:5c:a3:49:8f:bc:ed:c4:2d: a7:e5:72:06:7f:cb:19:14:50:9c:d2:0d:a1:e9:2d:51:32:c2: 37:c5:5d:2d:28:f4:76:5a:ec:91:8c:42:15:ef:e7:7c:b3:23: 29:ce:d3:a7:a6:38:a0:9e:99:c9:5d:ba:74:43:70:e4:a0:8c: 43:69:ee:d8:16:ef:33:33:2b:67:7c:2d:65:7e:69:bd:6f:79: 33:98:23:27:46:4d:a7:cc:e8:d3:c8:e0:cf:19:15:a2:1a:c5: ae:ae:72:3c:f4:79:30:51:58:30:d6:6f:b1:2c:91:66:9a:4b: af:d1:f4:f1:27:ef:72:ee:7f:f7:7b:41:6e:16:cc:ea:f9:bd: 3f:55:e1:bc:cc:69:f0:86:1f:24:c9:5f:5f:3a:86:a6:0c:7b: 4f:a9:fa:59:2f:92:92:89:36:94:13:40:37:b8:3a:14:16:60: 1b:0d:d7:4d:c1:2d:56:91:5c:ea:d1:89:71:ee:87:c8:64:f4: df:a7:1d:41:2e:ed:8e:60:44:94:48:4b:9e:d7:5f:fb:44:74: 68:13:ae:cf:ba:e5:82:e4:d6:c3:be:23:08:86:44:39:a7:1f: f9:ec:4d:06 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICBOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF RDk4NDY0OUQwHhcNMjUxMDE0MDI0MjI0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGVkYjg5MC0yOGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv182WeOZiONNLPCkC3/PBFsMRNwYqRWBU0auY9uTg43QDadClWjMtY00xYdS IfbH2tLStb7c+abOaUnnHY1eamkHD2dbDsXvA7xLNBdE6W/+IDH2HNgF4VYCrcRv CsCIPqP9TZxSaJ5g8cfF/4KvzCkO4pusMKkXyRDqQqRiT2rolV3eeol0twKqZ+2q f3s2PX9vmdu4xStQ1e8tGn40EHgRFu11Pc48q3bN8sNQKVgThXyyTvIlOZaf6tyT SIM95dmMzx3Sfap2iy1JGQMCwIaj+qDnZ6qVylGS8+AZne6NPhWZpWrGfy2TDWm1 oWmkaqjIk0WMwIeCozL1w30c/QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHh2qJ/c dy9W5FSkkYQ51JKS6sPuMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvQ0Y2MzQzREUy OTVEMTFGMEIzQzMzNjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBADLIAcDBADLIBYDBADLICYwDQYJKoZIhvcNAQELBQADggEB AMQg9z7P52lEw1i522q/6WMhYPH8GQ8mmcVMz0hco0mPvO3ELaflcgZ/yxkUUJzS DaHpLVEywjfFXS0o9HZa7JGMQhXv53yzIynO06emOKCemcldunRDcOSgjENp7tgW 7zMzK2d8LWV+ab1veTOYIydGTafM6NPI4M8ZFaIaxa6ucjz0eTBRWDDWb7EskWaa S6/R9PEn73Luf/d7QW4WzOr5vT9V4bzMafCGHyTJX186hqYMe0+p+lkvkpKJNpQT QDe4OhQWYBsN103BLVaRXOrRiXHuh8hk9N+nHUEu7Y5gRJRIS57XX/tEdGgTrs+6 5YLk1sO+IwiGRDmnH/nsTQY= -----END CERTIFICATE-----Generated at Mon Oct 20 13:58:56 2025 by rpki-client