$ rpki-client -vvf rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/1A52B0BA8A8811F0A0F59D1FC4F9AE02.roa File: 1A52B0BA8A8811F0A0F59D1FC4F9AE02.roa (raw, json) Hash identifier: eUyFtijE7ulYYeR6FE4HWasF4D8cnPdrEPGMIUGgb2s= Subject key identifier: 1A:FE:69:23:07:82:02:35:1D:92:6B:B6:0B:BD:89:56:7D:50:07:CF Certificate issuer: /CN=A9123059/serialNumber=497BB72718279DBCC985DBA6D39B36567F44E7AA Certificate serial: 0E Authority key identifier: 49:7B:B7:27:18:27:9D:BC:C9:85:DB:A6:D3:9B:36:56:7F:44:E7:AA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SXu3JxgnnbzJhdum05s2Vn9E56o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/1A52B0BA8A8811F0A0F59D1FC4F9AE02.roa Signing time: Fri 05 Sep 2025 18:42:42 +0000 ROA not before: Fri 05 Sep 2025 18:42:42 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 399480 IP address blocks: 192.138.118.0/23 maxlen: 24 192.138.120.0/22 maxlen: 24 192.138.124.0/23 maxlen: 24 192.153.221.0/24 maxlen: 24 192.153.222.0/23 maxlen: 24 192.153.224.0/22 maxlen: 24 192.153.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/SXu3JxgnnbzJhdum05s2Vn9E56o.crl rsync://rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/SXu3JxgnnbzJhdum05s2Vn9E56o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SXu3JxgnnbzJhdum05s2Vn9E56o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:52:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14 (0xe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9123059, serialNumber=497BB72718279DBCC985DBA6D39B36567F44E7AA Validity Not Before: Sep 5 18:42:42 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=68bb2f21-bfbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:84:e5:b2:5d:ea:4f:f2:17:01:97:67:ba:a7: 48:9a:dc:76:86:7c:72:4a:12:c5:34:84:a1:f2:dd: 55:cd:4e:d6:fb:78:d5:15:4b:c4:0c:06:49:93:48: e4:33:12:d2:d3:d7:ca:52:38:27:eb:f8:cc:15:1e: d5:f0:80:28:f3:71:a7:ae:58:f3:e2:eb:ef:51:98: 6e:39:0e:87:11:49:15:e4:40:a3:3d:dc:71:2b:8c: 1c:0b:d2:09:b8:fd:4c:ae:b6:af:77:c9:a7:4b:71: b8:b0:1d:a0:9b:a2:5a:8e:9c:e7:89:44:4f:67:fe: 48:ef:d1:89:bb:96:4f:11:cd:a8:ee:66:c8:8f:5e: 39:83:fc:ca:6d:2c:2c:86:8e:33:d2:39:cf:6f:3e: 8f:8d:8d:5b:0b:f2:dd:f1:99:6b:c2:9f:a3:d7:dd: 40:04:7a:01:6c:db:d1:77:59:82:49:ef:79:f0:d6: b4:44:47:4d:84:9d:24:db:b4:31:1e:47:94:b6:eb: e0:2f:7a:c8:45:ee:c9:c6:28:7d:f4:c5:75:60:0f: 47:c4:8b:f9:75:52:ce:a1:f3:2b:6d:a6:e7:09:b4: ac:80:9f:27:0f:30:c5:65:c5:98:89:e9:5e:a0:a2: f2:a8:2b:04:27:00:3b:9c:5b:10:4e:17:d3:26:37: 7f:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:FE:69:23:07:82:02:35:1D:92:6B:B6:0B:BD:89:56:7D:50:07:CF X509v3 Authority Key Identifier: keyid:49:7B:B7:27:18:27:9D:BC:C9:85:DB:A6:D3:9B:36:56:7F:44:E7:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/SXu3JxgnnbzJhdum05s2Vn9E56o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SXu3JxgnnbzJhdum05s2Vn9E56o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/1A52B0BA8A8811F0A0F59D1FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 192.138.118.0-192.138.125.255 192.153.221.0-192.153.228.255 Signature Algorithm: sha256WithRSAEncryption 74:e6:8d:d6:aa:24:90:74:69:6e:e7:18:8e:46:1a:69:e4:30: 99:e2:75:7e:9e:d9:47:6a:f2:b6:ea:e4:05:52:60:4c:2a:2c: 54:ae:dd:d7:7a:ab:d2:39:fd:38:7e:54:39:a0:2d:f1:1b:56: d9:73:17:85:e3:e1:77:14:32:ea:da:9a:78:22:96:54:54:be: ec:8d:2c:ec:c1:eb:1b:66:99:ac:93:0a:5f:0e:1b:f9:cd:30: 52:79:6e:39:f3:2f:84:88:19:cc:73:5a:cd:43:11:2d:f2:41: a8:91:63:56:68:69:a2:06:50:8d:5e:dd:67:f4:d2:95:3d:da: 0d:85:a1:3c:dd:74:a3:ab:8e:74:75:e4:ef:b2:77:49:63:02: ac:0e:d8:71:32:b8:51:19:7e:f0:6a:8a:8a:c9:d2:7a:90:f1: 2b:75:0a:7e:7d:cb:d7:9f:88:62:1c:24:fa:04:18:d4:f3:86: 92:97:08:b4:22:ca:e5:9c:33:6f:42:bf:8e:32:81:0a:df:98: 5e:9e:e8:92:b8:ab:49:fe:c1:31:ac:08:ad:a7:fe:08:be:63: df:c2:c5:af:3e:92:5f:e1:97:66:1b:d5:c9:97:3f:44:e7:6a: 7b:5f:e9:8e:21:70:e2:bd:a3:7d:c4:76:b2:19:fe:b6:0e:61: 26:b6:d4:ca -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy MzA1OTExMC8GA1UEBRMoNDk3QkI3MjcxODI3OURCQ0M5ODVEQkE2RDM5QjM2NTY3 RjQ0RTdBQTAeFw0yNTA5MDUxODQyNDJaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YmIyZjIxLWJmYmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDkhOWyXepP8hcBl2e6p0ia3HaGfHJKEsU0hKHy3VXNTtb7eNUVS8QMBkmTSOQz EtLT18pSOCfr+MwVHtXwgCjzcaeuWPPi6+9RmG45DocRSRXkQKM93HErjBwL0gm4 /Uyutq93yadLcbiwHaCbolqOnOeJRE9n/kjv0Ym7lk8RzajuZsiPXjmD/MptLCyG jjPSOc9vPo+NjVsL8t3xmWvCn6PX3UAEegFs29F3WYJJ73nw1rRER02EnSTbtDEe R5S26+AveshF7snGKH30xXVgD0fEi/l1Us6h8yttpucJtKyAnycPMMVlxZiJ6V6g ovKoKwQnADucWxBOF9MmN38JAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUGv5pIweC AjUdkmu2C72JVn1QB88wHwYDVR0jBBgwFoAUSXu3JxgnnbzJhdum05s2Vn9E56ow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIzMDU5L0IyQ0VBN0Y2NzlG NjExRjA5Q0U5QzMyOEM0RjlBRTAyL1NYdTNKeGdubmJ6SmhkdW0wNXMyVm45RTU2 by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvU1h1M0p4Z25uYnpKaGR1bTA1czJWbjlFNTZvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzA1OS9CMkNFQTdGNjc5RjYxMUYwOUNFOUMzMjhDNEY5QUUwMi8xQTUyQjBCQThB ODgxMUYwQTBGNTlEMUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA1BggrBgEFBQcBBwEB/wQm MCQwIgQCAAEwHDAMAwQBwIp2AwQBwIp8MAwDBADAmd0DBADAmeQwDQYJKoZIhvcN AQELBQADggEBAHTmjdaqJJB0aW7nGI5GGmnkMJnidX6e2Udq8rbq5AVSYEwqLFSu 3dd6q9I5/Th+VDmgLfEbVtlzF4Xj4XcUMuramngillRUvuyNLOzB6xtmmayTCl8O G/nNMFJ5bjnzL4SIGcxzWs1DES3yQaiRY1ZoaaIGUI1e3Wf00pU92g2FoTzddKOr jnR15O+yd0ljAqwO2HEyuFEZfvBqiorJ0nqQ8St1Cn59y9efiGIcJPoEGNTzhpKX CLQiyuWcM29Cv44ygQrfmF6e6JK4q0n+wTGsCK2n/gi+Y9/Cxa8+kl/hl2Yb1cmX P0Tnantf6Y4hcOK9o33EdrIZ/rYOYSa21Mo= -----END CERTIFICATE-----Generated at Wed Nov 5 09:58:21 2025 by rpki-client