$ rpki-client -vvf rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/E35939C2261711EC9990A750C4F9AE02.roa File: E35939C2261711EC9990A750C4F9AE02.roa (raw, json) Hash identifier: EKL344c874zXObfFghZmauIp/iQl7AGjIR7DSSwVyAw= Subject key identifier: 07:94:69:38:3E:5A:C6:F5:8D:11:CC:29:64:AA:94:EB:0D:7E:5A:8A Certificate issuer: /CN=A9115C2E/serialNumber=392FC227EECC5A621572FADAAC651A3CEBB2163C Certificate serial: 09A6 Authority key identifier: 39:2F:C2:27:EE:CC:5A:62:15:72:FA:DA:AC:65:1A:3C:EB:B2:16:3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/E35939C2261711EC9990A750C4F9AE02.roa Signing time: Thu 06 Mar 2025 20:10:31 +0000 ROA not before: Thu 06 Mar 2025 20:10:31 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 45267 IP address blocks: 43.247.172.0/22 maxlen: 24 45.117.36.0/22 maxlen: 24 103.254.132.0/22 maxlen: 24 114.134.0.0/20 maxlen: 24 116.90.76.0/22 maxlen: 24 124.248.128.0/20 maxlen: 21 124.248.141.0/24 maxlen: 24 163.47.240.0/22 maxlen: 24 202.36.75.0/24 maxlen: 24 202.37.168.0/24 maxlen: 24 202.49.36.0/24 maxlen: 24 2400:bd00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.crl rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:54:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2470 (0x9a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9115C2E, serialNumber=392FC227EECC5A621572FADAAC651A3CEBB2163C Validity Not Before: Mar 6 20:10:31 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67ca0137-5eb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:fd:00:e4:2f:8d:f6:7a:b1:24:14:97:7d:3a: 18:86:67:b8:45:24:50:0c:ce:3a:9b:60:b8:63:f6: e0:9b:8e:53:0a:f9:10:19:42:76:62:4f:76:2f:dc: 40:ce:be:78:57:96:8c:07:8f:82:25:5d:a7:dd:b5: f5:0b:53:ab:db:25:42:bf:bd:e5:ce:cb:34:47:6c: 14:a5:48:e7:04:f6:84:fe:5c:5a:34:e3:57:03:ce: 27:bf:4e:05:37:cd:0a:5d:52:d2:6b:e9:b0:6d:dd: 82:14:77:0c:04:9a:03:da:d8:d6:65:64:ce:ee:4d: 38:39:09:35:f4:4d:27:ce:db:39:6d:86:c6:df:4e: 28:ad:88:14:20:b2:a5:5d:b7:41:56:64:8f:60:7a: be:b7:eb:37:5e:20:c7:d1:4c:79:92:fc:91:6d:a4: 42:50:3b:f0:9c:39:63:d5:c5:a4:e0:e4:d5:8c:33: 61:f8:8b:f2:3a:45:35:9c:3a:df:f8:da:4a:52:89: 76:7e:66:3f:67:fe:70:ca:83:ee:cd:74:ca:3c:34: 60:43:e0:ef:52:5c:5b:02:7e:42:d5:26:02:47:c1: 1b:d5:41:c7:40:ab:16:01:7c:b6:3a:37:48:05:d1: b2:4a:5a:e0:a2:60:f7:59:55:19:f7:8d:11:39:cc: fd:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:94:69:38:3E:5A:C6:F5:8D:11:CC:29:64:AA:94:EB:0D:7E:5A:8A X509v3 Authority Key Identifier: keyid:39:2F:C2:27:EE:CC:5A:62:15:72:FA:DA:AC:65:1A:3C:EB:B2:16:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/OS_CJ-7MWmIVcvrarGUaPOuyFjw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS_CJ-7MWmIVcvrarGUaPOuyFjw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9115C2E/38D1401C834811EAA7C47576C4F9AE02/E35939C2261711EC9990A750C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.247.172.0/22 45.117.36.0/22 103.254.132.0/22 114.134.0.0/20 116.90.76.0/22 124.248.128.0/20 163.47.240.0/22 202.36.75.0/24 202.37.168.0/24 202.49.36.0/24 IPv6: 2400:bd00::/32 Signature Algorithm: sha256WithRSAEncryption 00:71:84:83:d0:69:66:02:c2:75:3a:69:12:0d:56:76:ce:dd: 94:21:8f:9d:9e:ab:7e:0d:56:cf:61:dd:16:43:31:90:e4:12: 87:eb:63:e3:d6:60:fa:f3:b8:6a:db:4d:2e:9d:7e:b2:f8:34: 5a:25:9f:7d:60:60:b0:86:d9:6d:14:ad:64:e9:53:fb:29:6d: 06:41:be:0c:a1:c3:1f:9c:aa:dd:da:10:85:a0:cc:6f:13:8e: 5a:81:f0:c1:b1:04:37:a8:9c:79:40:d7:09:5e:d4:ad:0e:b1: 03:2f:96:fa:ae:84:36:0d:6c:22:70:86:8e:64:9d:ed:51:83: 8f:59:f8:eb:cd:4f:15:83:3a:95:32:98:e4:7f:f2:f7:fb:78: 54:ba:62:e3:38:67:28:be:06:f1:7f:4f:bc:f1:46:a2:e4:dd: 4e:6b:bd:1c:c1:7a:14:40:77:05:3c:a9:e3:a9:76:b9:c9:d8: 70:94:68:3d:23:33:b8:55:30:18:8c:44:69:8a:4d:b2:19:78: f3:09:5f:2d:b5:79:18:b3:97:b0:90:e0:cb:16:10:41:96:be: 09:a5:b3:e5:55:61:ca:da:23:ca:7b:1c:19:f9:33:8e:76:3f: 32:c1:f9:71:84:c2:fa:fb:7e:81:57:04:e3:1f:a7:84:2e:ae: ae:9f:51:88 -----BEGIN CERTIFICATE----- MIIFtjCCBJ6gAwIBAgICCaYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTVDMkUxMTAvBgNVBAUTKDM5MkZDMjI3RUVDQzVBNjIxNTcyRkFEQUFDNjUxQTND RUJCMjE2M0MwHhcNMjUwMzA2MjAxMDMxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2NhMDEzNy01ZWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3v0A5C+N9nqxJBSXfToYhme4RSRQDM46m2C4Y/bgm45TCvkQGUJ2Yk92L9xA zr54V5aMB4+CJV2n3bX1C1Or2yVCv73lzss0R2wUpUjnBPaE/lxaNONXA84nv04F N80KXVLSa+mwbd2CFHcMBJoD2tjWZWTO7k04OQk19E0nzts5bYbG304orYgUILKl XbdBVmSPYHq+t+s3XiDH0Ux5kvyRbaRCUDvwnDlj1cWk4OTVjDNh+IvyOkU1nDrf +NpKUol2fmY/Z/5wyoPuzXTKPDRgQ+DvUlxbAn5C1SYCR8Eb1UHHQKsWAXy2OjdI BdGySlrgomD3WVUZ940ROcz9PwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFAeUaTg+ Wsb1jRHMKWSqlOsNflqKMB8GA1UdIwQYMBaAFDkvwifuzFpiFXL62qxlGjzrshY8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNUMyRS8zOEQxNDAxQzgz NDgxMUVBQTdDNDc1NzZDNEY5QUUwMi9PU19DSi03TVdtSVZjdnJhckdVYVBPdXlG ancuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09TX0NKLTdNV21JVmN2cmFyR1VhUE91eUZqdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTVDMkUvMzhEMTQwMUM4MzQ4MTFFQUE3QzQ3NTc2QzRGOUFFMDIvRTM1OTM5QzIy NjE3MTFFQzk5OTBBNzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E VTBTMEIEAgABMDwDBAIr96wDBAItdSQDBAJn/oQDBARyhgADBAJ0WkwDBAR8+IAD BAKjL/ADBADKJEsDBADKJagDBADKMSQwDQQCAAIwBwMFACQAvQAwDQYJKoZIhvcN AQELBQADggEBAABxhIPQaWYCwnU6aRINVnbO3ZQhj52eq34NVs9h3RZDMZDkEofr Y+PWYPrzuGrbTS6dfrL4NFoln31gYLCG2W0UrWTpU/spbQZBvgyhwx+cqt3aEIWg zG8TjlqB8MGxBDeonHlA1wle1K0OsQMvlvquhDYNbCJwho5kne1Rg49Z+OvNTxWD OpUymOR/8vf7eFS6YuM4Zyi+BvF/T7zxRqLk3U5rvRzBehRAdwU8qeOpdrnJ2HCU aD0jM7hVMBiMRGmKTbIZePMJXy21eRizl7CQ4MsWEEGWvgmls+VVYcraI8p7HBn5 M452PzLB+XGEwvr7foFXBOMfp4Qurq6fUYg= -----END CERTIFICATE-----Generated at Wed Nov 5 13:30:06 2025 by rpki-client