$ rpki-client -vvf rpki.apnic.net/member_repository/A913F4B0/2D270692A43311E988158F09C4F9AE02/7FC2BA3ACEE211EDAF41BC25C4F9AE02.roa File: 7FC2BA3ACEE211EDAF41BC25C4F9AE02.roa (raw, json) Hash identifier: 8+IpnBwQHZFdU/qAAvoleEEL7Zd7U6oO3b3IOyhASzo= Subject key identifier: 0A:91:62:E7:8C:02:69:4C:E3:00:9E:28:0F:D8:7E:4B:19:5D:8D:6A Certificate issuer: /CN=A913F4B0/serialNumber=194CFAEC075611FF83C421CDA8797ED30EA2D039 Certificate serial: 0E71 Authority key identifier: 19:4C:FA:EC:07:56:11:FF:83:C4:21:CD:A8:79:7E:D3:0E:A2:D0:39 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUz67AdWEf-DxCHNqHl-0w6i0Dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F4B0/2D270692A43311E988158F09C4F9AE02/7FC2BA3ACEE211EDAF41BC25C4F9AE02.roa Signing time: Fri 08 Aug 2025 18:27:31 +0000 ROA not before: Fri 08 Aug 2025 18:27:30 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 134809 IP address blocks: 43.228.200.0/22 maxlen: 22 43.252.216.0/22 maxlen: 22 103.12.140.0/22 maxlen: 22 103.22.160.0/22 maxlen: 22 103.26.248.0/22 maxlen: 22 103.194.80.0/22 maxlen: 22 163.53.224.0/22 maxlen: 22 2400:6e80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F4B0/2D270692A43311E988158F09C4F9AE02/GUz67AdWEf-DxCHNqHl-0w6i0Dk.crl rsync://rpki.apnic.net/member_repository/A913F4B0/2D270692A43311E988158F09C4F9AE02/GUz67AdWEf-DxCHNqHl-0w6i0Dk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUz67AdWEf-DxCHNqHl-0w6i0Dk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3697 (0xe71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F4B0, serialNumber=194CFAEC075611FF83C421CDA8797ED30EA2D039 Validity Not Before: Aug 8 18:27:30 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68964192-ddaf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:dc:15:26:7b:a7:49:f2:db:0f:51:d0:ad:c2: fa:6f:99:a5:5a:e8:d7:42:6c:a1:1d:9b:b0:89:36: 6e:71:4e:f5:de:64:19:45:be:92:bb:d0:46:7c:71: 36:6b:77:8b:4c:30:8c:2c:ab:86:c3:c8:87:dc:ed: 51:3a:97:d4:5f:41:9c:0f:ce:53:5a:65:6d:37:dd: a7:a6:f7:14:1f:9e:83:3e:34:f0:e8:4c:6c:a8:b9: a0:4d:25:28:61:81:a1:11:28:f5:3b:86:c9:ce:96: 81:13:cf:f9:41:cc:93:07:64:0d:d7:d7:9f:5b:5e: a5:09:d0:ed:92:61:7f:75:de:cb:26:a9:47:41:35: 0d:ef:7a:7f:fc:3e:e8:6d:ad:ec:c7:af:e8:44:6e: 19:03:e3:74:c7:cf:b0:3d:08:a4:74:b0:f3:1c:36: b5:98:70:8d:08:83:09:9f:f9:76:1f:00:49:02:57: f7:9c:4c:69:8d:5a:e2:49:b9:f6:eb:15:68:76:e5: 60:3e:4c:51:08:89:d0:59:ca:83:a6:06:4b:e0:21: e7:49:24:33:a6:c9:d8:76:bb:b2:a1:29:51:24:c0: df:9d:69:fa:6b:4d:6b:88:79:bd:db:2c:11:94:15: 2d:b5:94:8a:87:98:c9:d6:ec:4e:be:d9:f4:fb:19: 07:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:91:62:E7:8C:02:69:4C:E3:00:9E:28:0F:D8:7E:4B:19:5D:8D:6A X509v3 Authority Key Identifier: keyid:19:4C:FA:EC:07:56:11:FF:83:C4:21:CD:A8:79:7E:D3:0E:A2:D0:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F4B0/2D270692A43311E988158F09C4F9AE02/GUz67AdWEf-DxCHNqHl-0w6i0Dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUz67AdWEf-DxCHNqHl-0w6i0Dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F4B0/2D270692A43311E988158F09C4F9AE02/7FC2BA3ACEE211EDAF41BC25C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.200.0/22 43.252.216.0/22 103.12.140.0/22 103.22.160.0/22 103.26.248.0/22 103.194.80.0/22 163.53.224.0/22 IPv6: 2400:6e80::/32 Signature Algorithm: sha256WithRSAEncryption 75:ad:8c:af:fa:ff:e2:7f:87:af:fb:77:99:98:01:a8:45:e2: 11:50:2a:b4:d6:c6:5b:d4:b5:f2:08:9b:b1:a9:11:d8:96:83: c4:23:49:f9:a4:7a:72:9e:04:4a:b4:ab:8b:61:cd:f1:76:e7: c9:93:ba:80:cc:60:e9:af:7d:4b:52:41:f6:a9:62:fe:da:5c: c0:47:ef:6a:9a:fa:4f:8a:ed:5e:64:9f:e5:c5:81:1f:25:0f: 14:b4:4d:ed:3e:35:fc:f2:9e:70:88:ec:9d:22:e1:1b:96:f3: 16:b0:4a:ae:74:9b:b6:98:32:53:bd:d4:af:87:fe:73:8f:8b: ae:c2:16:3d:e6:8b:0a:d4:61:c8:0d:7c:dc:6d:fb:b9:42:a5: 55:9d:5b:ae:c4:0d:5b:39:e8:b7:71:bd:03:c9:f5:65:27:2b: d9:6d:50:c8:cf:46:dc:65:b7:11:33:e1:47:ba:b0:54:d5:ba: 37:dd:d4:12:9b:07:b4:af:16:ea:21:89:a9:d3:7b:ac:8c:c9: c9:dc:60:5d:cc:b7:50:b7:42:35:dd:c1:88:81:b3:70:a5:4f: 52:1a:c2:f5:23:fc:a4:b3:9e:5d:9c:81:9d:98:df:57:cd:11: 71:00:38:1f:94:80:51:00:92:ba:d1:17:4d:57:ca:53:2a:82: 17:c1:10:4c -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICDnEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0Y0QjAxMTAvBgNVBAUTKDE5NENGQUVDMDc1NjExRkY4M0M0MjFDREE4Nzk3RUQz MEVBMkQwMzkwHhcNMjUwODA4MTgyNzMwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODk2NDE5Mi1kZGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwdwVJnunSfLbD1HQrcL6b5mlWujXQmyhHZuwiTZucU713mQZRb6Su9BGfHE2 a3eLTDCMLKuGw8iH3O1ROpfUX0GcD85TWmVtN92npvcUH56DPjTw6ExsqLmgTSUo YYGhESj1O4bJzpaBE8/5QcyTB2QN19efW16lCdDtkmF/dd7LJqlHQTUN73p//D7o ba3sx6/oRG4ZA+N0x8+wPQikdLDzHDa1mHCNCIMJn/l2HwBJAlf3nExpjVriSbn2 6xVoduVgPkxRCInQWcqDpgZL4CHnSSQzpsnYdruyoSlRJMDfnWn6a01riHm92ywR lBUttZSKh5jJ1uxOvtn0+xkH0wIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFAqRYueM AmlM4wCeKA/YfksZXY1qMB8GA1UdIwQYMBaAFBlM+uwHVhH/g8Qhzah5ftMOotA5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjRCMC8yRDI3MDY5MkE0 MzMxMUU5ODgxNThGMDlDNEY5QUUwMi9HVXo2N0FkV0VmLUR4Q0hOcUhsLTB3Nmkw RGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dVejY3QWRXRWYtRHhDSE5xSGwtMHc2aTBEay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0Y0QjAvMkQyNzA2OTJBNDMzMTFFOTg4MTU4RjA5QzRGOUFFMDIvN0ZDMkJBM0FD RUUyMTFFREFGNDFCQzI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMDAEAgABMCoDBAIr5MgDBAIr/NgDBAJnDIwDBAJnFqADBAJnGvgDBAJnwlAD BAKjNeAwDQQCAAIwBwMFACQAboAwDQYJKoZIhvcNAQELBQADggEBAHWtjK/6/+J/ h6/7d5mYAahF4hFQKrTWxlvUtfIIm7GpEdiWg8QjSfmkenKeBEq0q4thzfF258mT uoDMYOmvfUtSQfapYv7aXMBH72qa+k+K7V5kn+XFgR8lDxS0Te0+NfzynnCI7J0i 4RuW8xawSq50m7aYMlO91K+H/nOPi67CFj3miwrUYcgNfNxt+7lCpVWdW67EDVs5 6LdxvQPJ9WUnK9ltUMjPRtxltxEz4Ue6sFTVujfd1BKbB7SvFuohianTe6yMycnc YF3Mt1C3QjXdwYiBs3ClT1IawvUj/KSznl2cgZ2Y31fNEXEAOB+UgFEAkrrRF01X ylMqghfBEEw= -----END CERTIFICATE-----Generated at Mon Aug 11 01:47:09 2025 by rpki-client