$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/36DD8A88B68A11F09D04E950C4F9AE02.roa File: 36DD8A88B68A11F09D04E950C4F9AE02.roa (raw, json) Hash identifier: ePNogPPVbGEkJuQw5T0SxqhH/K2mvmcxCKSGqMSN+yc= Subject key identifier: 25:C4:2A:B1:28:82:C9:3C:BB:4B:7E:B2:91:36:44:1A:D3:22:BC:7F Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC Certificate serial: 0500 Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/36DD8A88B68A11F09D04E950C4F9AE02.roa Signing time: Mon 03 Nov 2025 00:44:54 +0000 ROA not before: Mon 03 Nov 2025 00:44:54 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 399989 IP address blocks: 113.20.48.0/22 maxlen: 22 113.20.52.0/22 maxlen: 22 223.29.128.0/22 maxlen: 22 223.29.136.0/22 maxlen: 22 223.29.140.0/22 maxlen: 22 223.29.144.0/22 maxlen: 22 223.29.148.0/22 maxlen: 22 223.29.152.0/22 maxlen: 22 223.29.156.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 00:44:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1280 (0x500) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912FC73, serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC Validity Not Before: Nov 3 00:44:54 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=6907fb06-c6e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:3b:af:ee:8c:c5:27:2b:be:8f:70:52:e5:ef: 08:45:e1:b2:aa:26:b4:62:c9:6c:a2:dd:35:b6:25: bf:06:51:7c:e2:92:cb:ac:ca:53:0f:84:2a:3c:7d: 58:31:a0:26:8f:b1:f7:58:fb:97:c5:7b:19:d3:64: 19:2c:00:6a:0b:2b:77:75:ea:78:0b:ce:87:bc:1d: a6:de:a3:6c:fe:7a:04:a7:00:05:6a:a6:ff:a5:9a: d9:5a:91:38:ac:ee:c9:3b:48:f5:e7:e4:44:c4:c4: d2:76:fd:8f:7b:d6:44:9c:f4:1e:5b:cb:36:a7:73: e5:a0:c0:06:76:1b:0a:dc:b8:3a:12:5f:a2:a7:f0: ee:86:ec:c7:28:d8:ee:3a:d2:9f:cb:c6:e4:9d:2f: c7:f5:1f:ed:d5:6b:6a:b7:cd:75:f8:16:c9:bb:f2: 32:18:84:f5:f4:fe:47:37:c5:6d:62:91:ea:19:ba: 3e:cb:7a:7b:da:19:27:ee:ca:2b:e5:76:5f:5f:13: 54:bd:c6:dd:4f:c2:fa:db:ca:c4:de:2e:30:f2:da: d4:4c:66:fa:7f:71:9b:df:75:d1:8c:9e:32:16:6a: 3c:27:a1:03:c9:5c:52:34:d7:3f:f6:69:a3:19:04: ca:0e:38:fb:c6:6d:52:2c:6e:b2:c1:b8:b7:d9:2a: d4:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:C4:2A:B1:28:82:C9:3C:BB:4B:7E:B2:91:36:44:1A:D3:22:BC:7F X509v3 Authority Key Identifier: keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/36DD8A88B68A11F09D04E950C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 113.20.48.0/21 223.29.128.0/22 223.29.136.0-223.29.159.255 Signature Algorithm: sha256WithRSAEncryption 25:c0:7c:32:24:4d:96:23:27:c1:21:6e:fd:f8:00:03:22:8f: d7:a7:22:d9:80:b9:c1:4b:f7:5c:a3:9e:89:9a:b9:eb:ce:4f: 44:a0:cf:1c:d7:2a:e1:cc:72:ab:b4:36:33:09:d1:09:83:62: 1a:f6:16:5a:7b:74:89:7d:ef:b8:3b:74:f2:dd:23:34:91:ef: a5:cc:b0:7a:80:22:9c:ea:13:39:9a:86:d3:16:93:90:e4:ac: d4:b9:aa:e1:20:bb:e6:3a:1d:fc:cf:d6:14:55:4e:e0:6d:5b: a6:d1:a7:78:d1:fd:59:60:c9:64:51:70:9e:cd:8f:b6:74:6b: a4:a2:6f:b5:57:09:4d:59:03:60:c8:09:d7:74:9a:2b:e0:74: c3:ef:0c:e0:5e:58:c2:37:1f:c5:49:bf:ac:2a:fa:10:1e:bb: 9d:6b:43:ea:7b:d0:cf:1b:ff:45:97:50:f8:54:f3:7d:74:f8: 6e:96:91:99:5e:d1:46:e7:7c:f4:bb:bd:d6:75:38:2d:e2:aa: a3:1e:36:8d:cd:f8:f4:b0:48:79:64:e7:92:78:b7:2e:bc:fd: ad:9e:a1:27:1c:1f:7a:34:f4:fe:b6:ab:1c:79:b6:c7:51:10: 80:dc:c8:8c:a6:25:a3:39:24:fd:39:62:33:d9:34:ff:2d:dd: a2:96:61:41 -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgICBQAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD RUZBRjVBQkMwHhcNMjUxMTAzMDA0NDU0WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTA3ZmIwNi1jNmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuDuv7ozFJyu+j3BS5e8IReGyqia0Yslsot01tiW/BlF84pLLrMpTD4QqPH1Y MaAmj7H3WPuXxXsZ02QZLABqCyt3dep4C86HvB2m3qNs/noEpwAFaqb/pZrZWpE4 rO7JO0j15+RExMTSdv2Pe9ZEnPQeW8s2p3PloMAGdhsK3Lg6El+ip/DuhuzHKNju OtKfy8bknS/H9R/t1Wtqt811+BbJu/IyGIT19P5HN8VtYpHqGbo+y3p72hkn7sor 5XZfXxNUvcbdT8L628rE3i4w8trUTGb6f3Gb33XRjJ4yFmo8J6EDyVxSNNc/9mmj GQTKDjj7xm1SLG6ywbi32SrUyQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFCXEKrEo gsk8u0t+spE2RBrTIrx/MB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvMzZERDhBODhC NjhBMTFGMDlEMDRFOTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E JDAiMCAEAgABMBoDBANxFDADBALfHYAwDAMEA98diAMEBd8dgDANBgkqhkiG9w0B AQsFAAOCAQEAJcB8MiRNliMnwSFu/fgAAyKP16ci2YC5wUv3XKOeiZq5685PRKDP HNcq4cxyq7Q2MwnRCYNiGvYWWnt0iX3vuDt08t0jNJHvpcyweoAinOoTOZqG0xaT kOSs1Lmq4SC75jod/M/WFFVO4G1bptGneNH9WWDJZFFwns2PtnRrpKJvtVcJTVkD YMgJ13SaK+B0w+8M4F5YwjcfxUm/rCr6EB67nWtD6nvQzxv/RZdQ+FTzfXT4bpaR mV7RRud89Lu91nU4LeKqox42jc349LBIeWTnkni3Lrz9rZ6hJxwfejT0/rarHHm2 x1EQgNzIjKYlozkk/TliM9k0/y3dopZhQQ== -----END CERTIFICATE-----Generated at Tue Nov 4 08:32:17 2025 by rpki-client