$ rpki-client -vvf rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/CC6220C0E02E11EEBA9D291AC4F9AE02.roa File: CC6220C0E02E11EEBA9D291AC4F9AE02.roa (raw, json) Hash identifier: EfnXa4JTXRSQtpkoLm2l4ZqnMhuE0NVKwTVdEbOaaqM= Subject key identifier: 5C:66:BC:7D:A0:F8:02:AF:6C:14:67:5F:E3:BA:3F:D4:3D:25:69:3C Certificate issuer: /CN=A91124CD/serialNumber=B02396C1E4976DC24BB9F240F5CE556ED827FA2B Certificate serial: D3 Authority key identifier: B0:23:96:C1:E4:97:6D:C2:4B:B9:F2:40:F5:CE:55:6E:D8:27:FA:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sCOWweSXbcJLufJA9c5Vbtgn-is.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/CC6220C0E02E11EEBA9D291AC4F9AE02.roa Signing time: Fri 25 Apr 2025 05:01:06 +0000 ROA not before: Fri 25 Apr 2025 05:01:06 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 152636 IP address blocks: 202.37.40.0/23 maxlen: 23 202.37.40.0/24 maxlen: 24 202.37.41.0/24 maxlen: 24 2001:df3:89c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/sCOWweSXbcJLufJA9c5Vbtgn-is.crl rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/sCOWweSXbcJLufJA9c5Vbtgn-is.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sCOWweSXbcJLufJA9c5Vbtgn-is.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 04:39:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 211 (0xd3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91124CD, serialNumber=B02396C1E4976DC24BB9F240F5CE556ED827FA2B Validity Not Before: Apr 25 05:01:06 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=680b1711-5b26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:fe:78:c0:17:a0:a8:df:db:89:73:3a:25:98: 68:f9:2a:83:7b:cb:a6:d2:e9:90:d1:f9:db:c1:62: 57:52:d5:21:24:4b:9c:35:c8:b4:dc:5d:01:04:6e: 4d:e0:54:23:80:2d:0f:97:59:df:0e:25:69:de:e1: 2a:6c:ad:dd:d7:7f:c5:eb:bc:e4:aa:14:08:0c:07: 73:dc:19:95:f5:92:21:23:2f:1f:69:de:8c:34:84: c9:da:e0:4c:3a:4a:43:37:17:45:1f:f2:b3:f0:3d: c8:c6:d9:d5:1e:b9:36:51:e4:33:88:2c:d1:89:68: 66:a3:d9:ee:8d:fd:08:c2:b3:ae:2c:45:1c:ca:c2: b4:d8:ac:04:1c:68:2c:2b:7e:ab:f4:8b:da:c9:3b: 77:77:f3:92:16:cc:56:f4:eb:4c:0a:d8:be:af:1e: 50:12:0c:24:d7:79:46:2c:5c:e2:02:e0:3a:9f:f9: 38:d8:75:d4:3f:88:05:c7:31:12:c3:f9:eb:9f:d2: 00:cf:2b:a5:28:c5:76:72:98:f7:33:87:b2:df:ad: 45:e4:5f:3b:87:fd:88:3c:9a:3b:b6:5c:52:71:85: 96:48:86:e2:5c:ae:08:f3:eb:92:de:26:7c:2e:35: 2c:a7:95:e5:14:32:46:52:00:5e:7b:09:ce:ab:d4: bd:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:66:BC:7D:A0:F8:02:AF:6C:14:67:5F:E3:BA:3F:D4:3D:25:69:3C X509v3 Authority Key Identifier: keyid:B0:23:96:C1:E4:97:6D:C2:4B:B9:F2:40:F5:CE:55:6E:D8:27:FA:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/sCOWweSXbcJLufJA9c5Vbtgn-is.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sCOWweSXbcJLufJA9c5Vbtgn-is.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91124CD/B97B7638E02D11EE9A042F5CC4F9AE02/CC6220C0E02E11EEBA9D291AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.37.40.0/23 IPv6: 2001:df3:89c0::/48 Signature Algorithm: sha256WithRSAEncryption 97:f0:01:17:0f:1e:a3:ff:47:9f:f2:62:54:79:8c:92:f5:37: 98:de:8b:27:bc:c1:7e:26:13:70:d4:e3:03:cb:f1:06:81:8c: 8f:15:31:05:74:fb:a4:f5:48:4d:3d:50:35:97:46:99:14:dd: 43:03:bb:a1:dc:f3:14:ec:d8:42:15:1c:68:6c:a7:c8:67:7b: cb:bc:dc:0b:2f:f0:cd:3c:14:b5:ae:02:22:f0:65:43:7b:0c: e3:92:60:39:29:e2:64:85:a6:46:9e:18:18:4a:9f:50:25:4d: 59:27:59:13:a1:56:d3:2f:5c:f9:4d:16:00:f3:cd:f4:77:1c: ab:76:c9:56:22:e8:95:d1:0e:97:b3:08:27:c5:d7:e7:2a:d6: eb:3a:d8:e3:8b:c1:12:18:c7:2b:c1:ad:55:5e:e0:95:38:30: 2b:99:23:2a:7b:f4:46:40:ea:15:bc:cb:ce:ca:ee:76:31:27: 6f:d4:21:b8:e4:77:b6:3e:fb:18:4d:f0:41:d6:8f:c4:cf:2a: 2f:0f:b9:f9:c3:f8:31:ae:67:da:ce:ef:63:50:aa:e8:b9:6b: 74:a1:e9:6f:6f:03:41:c9:2f:9b:eb:5a:93:7f:ce:fa:46:1e: f0:48:13:4c:f5:14:9d:cb:7d:cd:54:07:66:a0:47:d5:2f:ce: a6:80:96:0d -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICANMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTI0Q0QxMTAvBgNVBAUTKEIwMjM5NkMxRTQ5NzZEQzI0QkI5RjI0MEY1Q0U1NTZF RDgyN0ZBMkIwHhcNMjUwNDI1MDUwMTA2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODBiMTcxMS01YjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApf54wBegqN/biXM6JZho+SqDe8um0umQ0fnbwWJXUtUhJEucNci03F0BBG5N 4FQjgC0Pl1nfDiVp3uEqbK3d13/F67zkqhQIDAdz3BmV9ZIhIy8fad6MNITJ2uBM OkpDNxdFH/Kz8D3IxtnVHrk2UeQziCzRiWhmo9nujf0IwrOuLEUcysK02KwEHGgs K36r9IvayTt3d/OSFsxW9OtMCti+rx5QEgwk13lGLFziAuA6n/k42HXUP4gFxzES w/nrn9IAzyulKMV2cpj3M4ey361F5F87h/2IPJo7tlxScYWWSIbiXK4I8+uS3iZ8 LjUsp5XlFDJGUgBeewnOq9S9LwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFxmvH2g +AKvbBRnX+O6P9Q9JWk8MB8GA1UdIwQYMBaAFLAjlsHkl23CS7nyQPXOVW7YJ/or MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMjRDRC9COTdCNzYzOEUw MkQxMUVFOUEwNDJGNUNDNEY5QUUwMi9zQ09Xd2VTWGJjSkx1ZkpBOWM1VmJ0Z24t aXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NDT1d3ZVNYYmNKTHVmSkE5YzVWYnRnbi1pcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTI0Q0QvQjk3Qjc2MzhFMDJEMTFFRTlBMDQyRjVDQzRGOUFFMDIvQ0M2MjIwQzBF MDJFMTFFRUJBOUQyOTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAHKJSgwDwQCAAIwCQMHACABDfOJwDANBgkqhkiG9w0BAQsF AAOCAQEAl/ABFw8eo/9Hn/JiVHmMkvU3mN6LJ7zBfiYTcNTjA8vxBoGMjxUxBXT7 pPVITT1QNZdGmRTdQwO7odzzFOzYQhUcaGynyGd7y7zcCy/wzTwUta4CIvBlQ3sM 45JgOSniZIWmRp4YGEqfUCVNWSdZE6FW0y9c+U0WAPPN9Hccq3bJViLoldEOl7MI J8XX5yrW6zrY44vBEhjHK8GtVV7glTgwK5kjKnv0RkDqFbzLzsrudjEnb9QhuOR3 tj77GE3wQdaPxM8qLw+5+cP4Ma5n2s7vY1Cq6LlrdKHpb28DQckvm+tak3/O+kYe 8EgTTPUUnct9zVQHZqBH1S/OpoCWDQ== -----END CERTIFICATE-----Generated at Wed Nov 5 16:37:59 2025 by rpki-client