$ rpki-client -vvf rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/7F7231ACE18011EF8702D74DC4F9AE02.roa File: 7F7231ACE18011EF8702D74DC4F9AE02.roa (raw, json) Hash identifier: TY0we0LCT2NhieXnw4ZC8SmWs1+jQYEFzS94Z1jJrh0= Subject key identifier: 39:A3:E8:7C:BA:6F:BE:A4:09:D6:CD:04:E9:FF:72:45:BD:07:96:82 Certificate issuer: /CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41 Certificate serial: 0DC6 Authority key identifier: A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/7F7231ACE18011EF8702D74DC4F9AE02.roa Signing time: Thu 21 Aug 2025 13:16:25 +0000 ROA not before: Thu 21 Aug 2025 13:16:25 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 149765 IP address blocks: 43.246.200.0/24 maxlen: 24 43.246.201.0/24 maxlen: 24 103.109.56.0/24 maxlen: 24 103.109.57.0/24 maxlen: 24 103.109.59.0/24 maxlen: 24 103.111.13.0/24 maxlen: 24 2402:76c0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.crl rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:17:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3526 (0xdc6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198847, serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41 Validity Not Before: Aug 21 13:16:25 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=68a71c28-abee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:bb:6e:3b:68:98:4b:1b:95:c2:b9:2b:35:b3: 10:be:60:a0:2e:7c:6d:b3:b4:6b:ec:e6:90:29:cd: e7:05:f9:79:f9:46:36:f8:58:25:ea:9c:17:ef:85: 02:33:81:64:ad:ee:69:54:37:1b:b6:8c:e8:39:a0: b8:a5:d9:8c:d7:5d:3f:f1:39:ee:c9:d8:8f:1e:ba: 97:fc:79:f3:51:20:a4:53:b6:34:55:c1:55:6e:39: 57:c3:35:fc:c8:02:e5:10:5e:9d:d8:ca:d8:8e:bf: 0a:ac:af:3c:09:c3:38:bd:c8:25:b1:52:75:8f:8f: 4f:09:aa:d6:3b:de:85:fd:09:a0:ff:6a:ff:8f:93: a4:a9:96:f2:80:9f:94:c2:fd:53:63:01:6f:a3:81: 29:50:43:4b:c7:7f:ee:82:66:04:ff:8e:c7:12:3e: ce:7b:e6:64:ac:ae:b8:8b:57:fe:0d:56:a0:c9:7d: 0c:9b:2d:5c:37:ed:58:68:c1:dd:98:83:bd:78:a3: 5a:69:ba:8b:12:a2:81:47:5c:09:9b:91:0e:cf:e8: e5:3b:57:c2:29:fd:1f:c3:1a:8d:3f:08:a7:ce:e9: 13:d0:df:f2:3b:3b:dc:2e:54:c4:7e:8e:17:5d:a8: 0b:cf:90:78:b0:e0:bd:95:5a:44:38:d5:d0:99:c7: 99:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:A3:E8:7C:BA:6F:BE:A4:09:D6:CD:04:E9:FF:72:45:BD:07:96:82 X509v3 Authority Key Identifier: keyid:A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/7F7231ACE18011EF8702D74DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.246.200.0/23 103.109.56.0/23 103.109.59.0/24 103.111.13.0/24 IPv6: 2402:76c0::/32 Signature Algorithm: sha256WithRSAEncryption 8c:c0:cc:09:79:59:ac:c6:8b:8c:81:e7:0f:48:12:19:ab:84: 62:c2:48:0d:22:32:77:34:3c:2c:8e:b0:9e:fe:e0:77:68:34: 14:c2:bb:b9:e6:01:90:44:47:48:52:b9:24:48:8a:c8:eb:ec: b2:e3:a7:24:4b:43:e4:d9:cf:5e:74:30:3a:22:14:65:66:2b: 45:19:4f:01:fe:0d:bf:8f:46:31:18:37:79:ec:22:2e:54:36: 85:e4:0b:62:1d:fe:ea:35:fa:3a:e9:b5:a6:c7:5d:04:df:e8: 02:ec:3b:71:09:cc:63:70:ec:70:f1:94:b3:d1:5f:ab:5c:36: 57:fe:82:37:fd:ff:ae:34:c8:f6:b5:d3:8d:40:bc:c2:55:f1: d4:86:d4:9d:c0:8b:18:9e:38:c7:c3:bc:03:1c:7c:5c:95:2d: 2c:ce:93:ee:24:fc:29:86:64:60:85:f9:77:b1:1d:55:37:e0: 06:06:fe:00:47:98:04:c9:42:80:2a:83:51:66:bd:e7:c8:20: 5e:ad:51:45:28:50:5b:1f:82:fb:8e:c3:35:23:9c:17:32:ab: 0b:d3:01:a0:34:d2:bb:6a:1b:19:4d:ae:c3:41:0c:89:ff:53: bb:76:a7:c7:75:e4:ab:e9:eb:da:01:f6:81:2a:4d:0c:4d:1a: 7e:f6:8b:96 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICDcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTg4NDcxMTAvBgNVBAUTKEE2RUYwNkI2ODk1ODE4MjFDNzhDODgyOTFCQkRGNUM1 MTJBMzNGNDEwHhcNMjUwODIxMTMxNjI1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OGE3MWMyOC1hYmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAubtuO2iYSxuVwrkrNbMQvmCgLnxts7Rr7OaQKc3nBfl5+UY2+Fgl6pwX74UC M4Fkre5pVDcbtozoOaC4pdmM110/8TnuydiPHrqX/HnzUSCkU7Y0VcFVbjlXwzX8 yALlEF6d2MrYjr8KrK88CcM4vcglsVJ1j49PCarWO96F/Qmg/2r/j5OkqZbygJ+U wv1TYwFvo4EpUENLx3/ugmYE/47HEj7Oe+ZkrK64i1f+DVagyX0Mmy1cN+1YaMHd mIO9eKNaabqLEqKBR1wJm5EOz+jlO1fCKf0fwxqNPwinzukT0N/yOzvcLlTEfo4X XagLz5B4sOC9lVpEONXQmceZkwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFDmj6Hy6 b76kCdbNBOn/ckW9B5aCMB8GA1UdIwQYMBaAFKbvBraJWBghx4yIKRu99cUSoz9B MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODg0Ny9EREZCQjBCOEQ3 ODExMUU5QjQyM0FDNEJDNEY5QUUwMi9wdThHdG9sWUdDSEhqSWdwRzczMXhSS2pQ MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3B1OEd0b2xZR0NISGpJZ3BHNzMxeFJLalAwRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTg4NDcvRERGQkIwQjhENzgxMTFFOUI0MjNBQzRCQzRGOUFFMDIvN0Y3MjMxQUNF MTgwMTFFRjg3MDJENzREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAEr9sgDBAFnbTgDBABnbTsDBABnbw0wDQQCAAIwBwMFACQC dsAwDQYJKoZIhvcNAQELBQADggEBAIzAzAl5WazGi4yB5w9IEhmrhGLCSA0iMnc0 PCyOsJ7+4HdoNBTCu7nmAZBER0hSuSRIisjr7LLjpyRLQ+TZz150MDoiFGVmK0UZ TwH+Db+PRjEYN3nsIi5UNoXkC2Id/uo1+jrptabHXQTf6ALsO3EJzGNw7HDxlLPR X6tcNlf+gjf9/640yPa1041AvMJV8dSG1J3AixieOMfDvAMcfFyVLSzOk+4k/CmG ZGCF+XexHVU34AYG/gBHmATJQoAqg1FmvefIIF6tUUUoUFsfgvuOwzUjnBcyqwvT AaA00rtqGxlNrsNBDIn/U7t2p8d15Kvp69oB9oEqTQxNGn72i5Y= -----END CERTIFICATE-----Generated at Sun Aug 24 08:51:34 2025 by rpki-client