$ rpki-client -vvf rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/43C5BAA282F411EE99AAAB12C4F9AE02.roa File: 43C5BAA282F411EE99AAAB12C4F9AE02.roa (raw, json) Hash identifier: rYwGjsQBpShXvyi5oxowpgOp3gdk00xJnm3EoG1TD+c= Subject key identifier: D1:26:9B:21:C1:8F:E4:A8:D8:F4:0F:25:50:60:FE:2D:42:29:87:04 Certificate issuer: /CN=A912BCAC/serialNumber=9CBE10D7C1DD44B7E590B5078BFC4F86CF8DB25A Certificate serial: ED Authority key identifier: 9C:BE:10:D7:C1:DD:44:B7:E5:90:B5:07:8B:FC:4F:86:CF:8D:B2:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL4Q18HdRLflkLUHi_xPhs-Nslo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/43C5BAA282F411EE99AAAB12C4F9AE02.roa Signing time: Wed 05 Feb 2025 13:18:24 +0000 ROA not before: Wed 05 Feb 2025 13:18:24 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 152098 IP address blocks: 36.50.40.0/24 maxlen: 24 36.50.41.0/24 maxlen: 24 2001:df3:1ec0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/nL4Q18HdRLflkLUHi_xPhs-Nslo.crl rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/nL4Q18HdRLflkLUHi_xPhs-Nslo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL4Q18HdRLflkLUHi_xPhs-Nslo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 03:58:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 237 (0xed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BCAC, serialNumber=9CBE10D7C1DD44B7E590B5078BFC4F86CF8DB25A Validity Not Before: Feb 5 13:18:24 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67a3651f-e1e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:42:bc:4c:2e:99:22:ed:70:8a:f9:bb:c8:9f: 46:93:83:7c:b0:9d:60:80:f1:e6:7a:23:57:bf:df: 5f:1e:a9:41:23:0a:23:00:4a:b7:43:f9:5b:66:ab: e1:8c:2c:74:d7:bf:89:45:22:91:6f:46:a0:35:4b: 96:d9:89:8a:36:1e:dc:d7:f1:d6:2b:29:71:58:a1: 41:32:f5:57:fa:b6:8c:a3:5c:35:7c:f5:91:1c:66: 0e:8d:e9:5f:d2:df:a6:27:ef:e2:c0:c0:81:cf:af: a4:71:77:51:6f:8e:43:f4:19:16:ef:9d:e0:fe:76: b4:91:de:12:05:39:79:0d:de:c5:21:45:4e:4b:37: 12:47:80:86:86:0a:33:a4:9b:fc:68:2e:97:4f:cb: 9b:fa:83:d4:99:c0:6f:fa:03:9d:13:62:6e:3b:c5: 65:4e:31:7d:7e:bb:a8:b3:2f:a3:2c:d0:0d:c2:58: 2b:13:07:79:4e:95:21:24:04:44:36:b0:4d:76:9a: 33:57:4b:71:bb:de:d0:2d:0a:18:fb:cc:1c:91:32: 96:6d:b9:b6:0d:fd:12:76:bf:e5:32:51:6d:8e:07: 87:4c:99:ec:f8:15:23:a8:9b:de:47:b4:4b:28:b5: 13:27:7d:c5:4b:da:30:c7:92:7d:76:2a:9c:50:08: 41:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:26:9B:21:C1:8F:E4:A8:D8:F4:0F:25:50:60:FE:2D:42:29:87:04 X509v3 Authority Key Identifier: keyid:9C:BE:10:D7:C1:DD:44:B7:E5:90:B5:07:8B:FC:4F:86:CF:8D:B2:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/nL4Q18HdRLflkLUHi_xPhs-Nslo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nL4Q18HdRLflkLUHi_xPhs-Nslo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BCAC/0152258E82F411EE9ED1F611C4F9AE02/43C5BAA282F411EE99AAAB12C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.50.40.0/23 IPv6: 2001:df3:1ec0::/48 Signature Algorithm: sha256WithRSAEncryption 1c:19:eb:6f:da:2b:2b:92:b5:a6:8c:9d:5a:72:3c:1e:b8:83: cf:cd:18:12:85:96:b2:89:b8:c8:54:90:e1:fb:17:fd:65:83: 33:0f:c8:f6:b8:a4:d5:3a:08:3c:78:06:06:ff:7a:11:f3:00: 6f:4a:50:45:4e:f6:03:50:c3:58:5a:dc:2b:ec:0f:b8:11:53: b5:6b:dd:7a:e6:5d:ec:f6:78:73:e7:89:55:04:2d:cc:e4:c3: 8f:fc:4a:74:94:8c:bf:14:b8:02:6c:ad:19:58:6d:d3:f4:6c: b6:fb:dc:a0:91:23:09:c2:87:b3:ed:1f:61:4a:38:58:ca:76: 82:d4:84:b1:ba:72:f8:54:02:5c:7e:9a:80:b9:4c:7e:61:88: e8:ef:36:30:77:36:c1:3a:60:ff:30:3e:6e:f2:96:8e:b9:7e: 1a:30:0e:e2:52:a0:80:74:bf:5b:41:00:90:3f:47:23:9d:0d: 6d:54:a6:a5:a5:39:0f:2b:1c:bc:a4:82:70:8b:73:f8:5f:c1: 06:ab:b4:d4:91:3a:bc:8f:d7:0d:30:58:2b:d1:5c:02:ce:45: 60:6c:d3:bb:9f:44:dd:1b:32:fa:54:3d:62:f3:de:7c:e1:fe: 56:05:c9:76:e6:35:70:90:e3:5e:4f:7d:c9:d2:ac:c0:50:51: 72:16:79:f8 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJDQUMxMTAvBgNVBAUTKDlDQkUxMEQ3QzFERDQ0QjdFNTkwQjUwNzhCRkM0Rjg2 Q0Y4REIyNUEwHhcNMjUwMjA1MTMxODI0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02N2EzNjUxZi1lMWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo0K8TC6ZIu1wivm7yJ9Gk4N8sJ1ggPHmeiNXv99fHqlBIwojAEq3Q/lbZqvh jCx017+JRSKRb0agNUuW2YmKNh7c1/HWKylxWKFBMvVX+raMo1w1fPWRHGYOjelf 0t+mJ+/iwMCBz6+kcXdRb45D9BkW753g/na0kd4SBTl5Dd7FIUVOSzcSR4CGhgoz pJv8aC6XT8ub+oPUmcBv+gOdE2JuO8VlTjF9fruosy+jLNANwlgrEwd5TpUhJARE NrBNdpozV0txu97QLQoY+8wckTKWbbm2Df0Sdr/lMlFtjgeHTJns+BUjqJveR7RL KLUTJ33FS9owx5J9diqcUAhBhQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNEmmyHB j+So2PQPJVBg/i1CKYcEMB8GA1UdIwQYMBaAFJy+ENfB3US35ZC1B4v8T4bPjbJa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkNBQy8wMTUyMjU4RTgy RjQxMUVFOUVEMUY2MTFDNEY5QUUwMi9uTDRRMThIZFJMZmxrTFVIaV94UGhzLU5z bG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25MNFExOEhkUkxmbGtMVUhpX3hQaHMtTnNsby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkJDQUMvMDE1MjI1OEU4MkY0MTFFRTlFRDFGNjExQzRGOUFFMDIvNDNDNUJBQTI4 MkY0MTFFRTk5QUFBQjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAEkMigwDwQCAAIwCQMHACABDfMewDANBgkqhkiG9w0BAQsF AAOCAQEAHBnrb9orK5K1poydWnI8HriDz80YEoWWsom4yFSQ4fsX/WWDMw/I9rik 1ToIPHgGBv96EfMAb0pQRU72A1DDWFrcK+wPuBFTtWvdeuZd7PZ4c+eJVQQtzOTD j/xKdJSMvxS4AmytGVht0/RstvvcoJEjCcKHs+0fYUo4WMp2gtSEsbpy+FQCXH6a gLlMfmGI6O82MHc2wTpg/zA+bvKWjrl+GjAO4lKggHS/W0EAkD9HI50NbVSmpaU5 DyscvKSCcItz+F/BBqu01JE6vI/XDTBYK9FcAs5FYGzTu59E3Rsy+lQ9YvPefOH+ VgXJduY1cJDjXk99ydKswFBRchZ5+A== -----END CERTIFICATE-----Generated at Wed Nov 5 19:47:01 2025 by rpki-client