$ rpki-client -vvf rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa File: 2FA57B9A97B611EDAE9D4381C4F9AE02.roa (raw, json) Hash identifier: /C/TeYf+QYgaRTA9LTGKRIOjHZCHFtEST+Y+0lrs4kM= Subject key identifier: 24:81:FB:7D:55:D0:5B:8A:AB:EE:D9:B9:4B:3D:10:E5:B3:32:DC:77 Certificate issuer: /CN=A9117E4D/serialNumber=AE107F3C2977717A1CD3571D183748FD07D9FC5F Certificate serial: 34F5 Authority key identifier: AE:10:7F:3C:29:77:71:7A:1C:D3:57:1D:18:37:48:FD:07:D9:FC:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa Signing time: Thu 30 Oct 2025 14:30:23 +0000 ROA not before: Thu 30 Oct 2025 14:30:23 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 7545 IP address blocks: 14.202.192.0/24 maxlen: 24 60.241.61.0/24 maxlen: 24 110.175.127.0/24 maxlen: 24 203.219.48.0/22 maxlen: 22 220.240.122.0/24 maxlen: 24 220.245.124.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.crl rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:27:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13557 (0x34f5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117E4D, serialNumber=AE107F3C2977717A1CD3571D183748FD07D9FC5F Validity Not Before: Oct 30 14:30:23 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=6903767f-2961 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:92:82:26:ab:b8:da:bc:e5:18:c4:ef:43:b2: e8:3c:39:44:ba:d5:a8:b7:27:d1:c2:f7:a0:a3:bc: bc:2a:87:e0:41:ce:22:f9:82:25:8f:d4:87:41:bb: 00:c0:ec:6b:34:e9:31:65:79:33:93:61:64:09:6e: 48:9d:80:66:c7:33:78:60:18:3e:b1:7e:42:56:ff: c9:ad:7f:e0:d3:de:bc:98:e4:43:5e:2d:ca:bb:35: 04:69:74:72:6d:8e:ff:64:52:8b:70:ba:92:1a:a1: 26:91:6b:c1:92:d8:8b:71:9a:23:b0:2e:7d:d2:84: 89:16:da:f5:e2:47:cb:d1:83:19:b4:71:ae:2d:6e: 08:e8:4d:80:8c:a8:d4:e0:75:a7:b9:65:27:5e:7f: 54:84:66:85:3e:26:b3:25:70:b6:0e:80:cd:32:71: df:81:79:12:2b:f4:31:76:38:be:d4:5e:de:0d:95: 04:95:b9:6f:f3:f6:c4:2c:95:e9:e3:6a:63:50:31: 4f:22:c4:49:32:d6:05:61:b3:24:14:03:b4:07:35: f5:2b:7a:85:65:b4:29:fe:f9:1a:9b:32:6c:63:38: 41:2c:08:45:9c:6b:6e:c9:34:3b:2e:04:c3:e7:a2: 0a:66:ee:93:d1:60:21:64:a5:83:04:99:da:5a:c8: 54:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:81:FB:7D:55:D0:5B:8A:AB:EE:D9:B9:4B:3D:10:E5:B3:32:DC:77 X509v3 Authority Key Identifier: keyid:AE:10:7F:3C:29:77:71:7A:1C:D3:57:1D:18:37:48:FD:07:D9:FC:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.202.192.0/24 60.241.61.0/24 110.175.127.0/24 203.219.48.0/22 220.240.122.0/24 220.245.124.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:2c:1b:9c:d4:48:26:84:39:c5:87:12:23:6d:74:f9:5e:79: a5:1c:22:ba:0d:2b:08:5e:6a:1b:e6:07:d1:90:77:9d:bc:8b: 3a:47:5c:81:95:17:db:6b:7f:f6:43:29:3a:fe:b5:a9:e9:09: f1:31:00:ab:aa:0e:95:b6:84:73:0a:77:cb:09:5f:a4:1a:39: 94:51:5c:80:77:5c:53:07:e5:62:f1:18:6c:af:5f:78:2e:07: bb:da:c8:54:06:b8:fc:b7:22:b7:2f:21:6f:1b:e4:f5:d7:fb: 87:e1:19:3a:77:27:5e:57:77:a6:a9:29:5c:d4:92:fd:d5:50: 71:a7:45:d0:42:f8:be:ae:e0:97:ca:b0:0c:68:9d:9d:fe:c4: 53:87:ba:74:09:b0:01:2b:d2:6b:73:09:5d:9e:9f:b8:4c:11: 62:22:52:96:a6:2e:77:21:1f:1d:0d:10:08:10:ed:cd:eb:0f: 5d:da:cf:8c:77:bc:3b:69:af:84:a9:c2:9a:a4:c4:6f:04:9a: d7:b2:bf:bd:6e:9d:be:5b:5f:03:d3:81:b7:6d:33:01:ed:f1: 53:83:28:45:d0:ac:fd:14:b0:82:e6:01:47:bf:2a:c1:6f:1b: 2c:c6:26:8c:59:56:d3:a3:3d:53:b7:d8:b3:60:57:18:53:84: 24:40:86:11 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICNPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTdFNEQxMTAvBgNVBAUTKEFFMTA3RjNDMjk3NzcxN0ExQ0QzNTcxRDE4Mzc0OEZE MDdEOUZDNUYwHhcNMjUxMDMwMTQzMDIzWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTAzNzY3Zi0yOTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvpKCJqu42rzlGMTvQ7LoPDlEutWotyfRwvego7y8KofgQc4i+YIlj9SHQbsA wOxrNOkxZXkzk2FkCW5InYBmxzN4YBg+sX5CVv/JrX/g0968mORDXi3KuzUEaXRy bY7/ZFKLcLqSGqEmkWvBktiLcZojsC590oSJFtr14kfL0YMZtHGuLW4I6E2AjKjU 4HWnuWUnXn9UhGaFPiazJXC2DoDNMnHfgXkSK/Qxdji+1F7eDZUElblv8/bELJXp 42pjUDFPIsRJMtYFYbMkFAO0BzX1K3qFZbQp/vkamzJsYzhBLAhFnGtuyTQ7LgTD 56IKZu6T0WAhZKWDBJnaWshUQwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFCSB+31V 0FuKq+7ZuUs9EOWzMtx3MB8GA1UdIwQYMBaAFK4Qfzwpd3F6HNNXHRg3SP0H2fxf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExN0U0RC9FQTFCMUQ2QTFE ODUxMUUyOTc5RkU3REMwOEIwMkNEMi9yaEJfUENsM2NYb2MwMWNkR0RkSV9RZlpf RjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JoQl9QQ2wzY1hvYzAxY2RHRGRJX1FmWl9GOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTdFNEQvRUExQjFENkExRDg1MTFFMjk3OUZFN0RDMDhCMDJDRDIvMkZBNTdCOUE5 N0I2MTFFREFFOUQ0MzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAAOysADBAA88T0DBABur38DBALL2zADBADc8HoDBALc9Xww DQYJKoZIhvcNAQELBQADggEBAJ8sG5zUSCaEOcWHEiNtdPleeaUcIroNKwheahvm B9GQd528izpHXIGVF9trf/ZDKTr+tanpCfExAKuqDpW2hHMKd8sJX6QaOZRRXIB3 XFMH5WLxGGyvX3guB7vayFQGuPy3IrcvIW8b5PXX+4fhGTp3J15Xd6apKVzUkv3V UHGnRdBC+L6u4JfKsAxonZ3+xFOHunQJsAEr0mtzCV2en7hMEWIiUpamLnchHx0N EAgQ7c3rD13az4x3vDtpr4SpwpqkxG8Emteyv71unb5bXwPTgbdtMwHt8VODKEXQ rP0UsILmAUe/KsFvGyzGJoxZVtOjPVO32LNgVxhThCRAhhE= -----END CERTIFICATE-----Generated at Wed Nov 5 00:20:55 2025 by rpki-client