$ rpki-client -vvf rpki.apnic.net/member_repository/A912BE25/D90526E4EE1111EC95299982C4F9AE02/3824E928764711F0980D9877C4F9AE02.roa File: 3824E928764711F0980D9877C4F9AE02.roa (raw, json) Hash identifier: JnAHd4uMfLRQkVeB0VbNVy59nSthnoANMmYI9+KMBss= Subject key identifier: 7B:A0:06:9B:CE:4B:32:96:11:DA:AA:97:29:9E:06:26:82:80:F9:2C Certificate issuer: /CN=A912BE25/serialNumber=A760ADE0C9D05EE679EC304122BC3350C8D2A439 Certificate serial: 031C Authority key identifier: A7:60:AD:E0:C9:D0:5E:E6:79:EC:30:41:22:BC:33:50:C8:D2:A4:39 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p2Ct4MnQXuZ57DBBIrwzUMjSpDk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BE25/D90526E4EE1111EC95299982C4F9AE02/3824E928764711F0980D9877C4F9AE02.roa Signing time: Mon 11 Aug 2025 00:07:51 +0000 ROA not before: Mon 11 Aug 2025 00:07:51 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 23887 IP address blocks: 119.63.0.0/23 maxlen: 23 202.71.176.0/23 maxlen: 23 202.71.179.0/24 maxlen: 24 202.71.186.0/24 maxlen: 24 2406:2a00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BE25/D90526E4EE1111EC95299982C4F9AE02/p2Ct4MnQXuZ57DBBIrwzUMjSpDk.crl rsync://rpki.apnic.net/member_repository/A912BE25/D90526E4EE1111EC95299982C4F9AE02/p2Ct4MnQXuZ57DBBIrwzUMjSpDk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p2Ct4MnQXuZ57DBBIrwzUMjSpDk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 796 (0x31c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BE25, serialNumber=A760ADE0C9D05EE679EC304122BC3350C8D2A439 Validity Not Before: Aug 11 00:07:51 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=68993456-f178 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:d1:35:75:d5:ee:34:75:77:03:da:48:ca:65: 82:15:66:ff:da:37:e3:85:96:60:37:89:98:8e:13: e3:ee:54:7c:bf:18:6d:4d:30:56:fb:e2:f3:37:05: b1:4a:a2:fb:be:36:a9:7f:76:c4:e7:d0:d4:7b:bb: fb:59:23:b2:18:3c:f4:74:45:85:96:09:3f:a9:bf: 3b:88:9b:f2:7d:47:70:78:e9:e2:9c:48:84:ba:c0: 53:99:22:26:94:16:19:f7:8a:0b:a8:1d:d7:3a:df: 21:5a:a7:8d:33:19:6e:5d:2b:df:bc:d7:11:3e:9c: 02:ac:d5:98:cb:0a:52:80:97:2e:67:be:2a:15:cf: c6:9e:3c:3e:b0:51:63:72:2f:d4:5e:24:28:f6:b5: bd:4d:76:12:64:4e:77:5d:8d:f8:66:52:70:6f:01: 56:a2:09:a1:c2:1f:22:26:92:bd:42:4c:b4:54:50: 92:45:ae:65:b9:d4:3e:c3:d7:84:5d:76:92:12:9a: da:ba:cb:52:99:cb:47:5b:01:21:93:de:5e:9e:5f: 52:21:1d:ae:0b:74:31:a7:8a:9a:05:a9:e1:7a:e0: b4:62:c7:87:0e:4a:01:60:f5:93:5b:29:a7:d6:37: 03:99:68:e7:32:2f:0a:1f:61:68:29:40:b8:fe:cf: 3d:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:A0:06:9B:CE:4B:32:96:11:DA:AA:97:29:9E:06:26:82:80:F9:2C X509v3 Authority Key Identifier: keyid:A7:60:AD:E0:C9:D0:5E:E6:79:EC:30:41:22:BC:33:50:C8:D2:A4:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BE25/D90526E4EE1111EC95299982C4F9AE02/p2Ct4MnQXuZ57DBBIrwzUMjSpDk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p2Ct4MnQXuZ57DBBIrwzUMjSpDk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BE25/D90526E4EE1111EC95299982C4F9AE02/3824E928764711F0980D9877C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 119.63.0.0/23 202.71.176.0/23 202.71.179.0/24 202.71.186.0/24 IPv6: 2406:2a00::/32 Signature Algorithm: sha256WithRSAEncryption 6a:73:74:63:75:ab:7f:76:73:f7:34:e1:8c:b4:d5:da:ac:31: cf:63:54:ca:3c:8f:cb:92:a9:d1:a2:f4:ff:e6:18:06:4e:9f: 29:57:ef:af:8d:38:30:fe:a0:97:d6:62:d4:8c:06:18:04:8c: da:3a:43:58:8a:cb:c0:43:5c:b1:95:11:82:78:e1:c2:bb:c7: 69:c8:45:b3:82:f4:4e:9d:a2:8e:66:ba:bd:73:2c:cd:15:43: a1:d7:0c:63:9f:74:77:ed:f1:f7:fc:7f:49:8b:bd:94:38:40: e4:f0:38:08:e1:67:de:85:b8:f4:95:8b:c3:ca:df:40:81:41: e8:06:da:95:ae:7c:ab:65:63:38:b6:7b:e4:23:cd:b9:6a:83: 8f:2b:9e:b3:df:eb:9e:bb:3b:f6:03:e1:ec:20:34:06:0f:db: cf:55:ca:00:1b:1b:d7:55:b3:cb:aa:88:07:aa:06:f5:30:bc: 3f:c0:1a:3e:15:89:9f:74:02:aa:43:05:f1:ee:55:e5:73:c3: 82:8e:a1:f6:ef:cf:15:46:50:77:9f:4a:b1:ee:1f:d0:74:b5: 46:bd:72:35:5b:28:bb:f3:a4:c3:db:3d:01:14:12:a3:a6:fb: 29:67:cf:e1:15:ba:a2:9b:d5:e7:2d:fe:5a:b7:d7:de:9c:92: 28:4b:3b:ef -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICAxwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJFMjUxMTAvBgNVBAUTKEE3NjBBREUwQzlEMDVFRTY3OUVDMzA0MTIyQkMzMzUw QzhEMkE0MzkwHhcNMjUwODExMDAwNzUxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODk5MzQ1Ni1mMTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1dE1ddXuNHV3A9pIymWCFWb/2jfjhZZgN4mYjhPj7lR8vxhtTTBW++LzNwWx SqL7vjapf3bE59DUe7v7WSOyGDz0dEWFlgk/qb87iJvyfUdweOninEiEusBTmSIm lBYZ94oLqB3XOt8hWqeNMxluXSvfvNcRPpwCrNWYywpSgJcuZ74qFc/Gnjw+sFFj ci/UXiQo9rW9TXYSZE53XY34ZlJwbwFWogmhwh8iJpK9Qky0VFCSRa5ludQ+w9eE XXaSEpraustSmctHWwEhk95enl9SIR2uC3Qxp4qaBanheuC0YseHDkoBYPWTWymn 1jcDmWjnMi8KH2FoKUC4/s897wIDAQABo4ICtjCCArIwHQYDVR0OBBYEFHugBpvO SzKWEdqqlymeBiaCgPksMB8GA1UdIwQYMBaAFKdgreDJ0F7meewwQSK8M1DI0qQ5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkUyNS9EOTA1MjZFNEVF MTExMUVDOTUyOTk5ODJDNEY5QUUwMi9wMkN0NE1uUVh1WjU3REJCSXJ3elVNalNw RGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3AyQ3Q0TW5RWHVaNTdEQkJJcnd6VU1qU3BEay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkJFMjUvRDkwNTI2RTRFRTExMTFFQzk1Mjk5OTgyQzRGOUFFMDIvMzgyNEU5Mjg3 NjQ3MTFGMDk4MEQ5ODc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAF3PwADBAHKR7ADBADKR7MDBADKR7owDQQCAAIwBwMFACQG KgAwDQYJKoZIhvcNAQELBQADggEBAGpzdGN1q392c/c04Yy01dqsMc9jVMo8j8uS qdGi9P/mGAZOnylX76+NODD+oJfWYtSMBhgEjNo6Q1iKy8BDXLGVEYJ44cK7x2nI RbOC9E6doo5mur1zLM0VQ6HXDGOfdHft8ff8f0mLvZQ4QOTwOAjhZ96FuPSVi8PK 30CBQegG2pWufKtlYzi2e+Qjzblqg48rnrPf6567O/YD4ewgNAYP289VygAbG9dV s8uqiAeqBvUwvD/AGj4ViZ90AqpDBfHuVeVzw4KOofbvzxVGUHefSrHuH9B0tUa9 cjVbKLvzpMPbPQEUEqOm+ylnz+EVuqKb1ect/lq3196ckihLO+8= -----END CERTIFICATE-----Generated at Mon Aug 11 10:42:56 2025 by rpki-client