$ rpki-client -vvf rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/4ED5A00CFE2611EAA4F3424DC4F9AE02.roa File: 4ED5A00CFE2611EAA4F3424DC4F9AE02.roa (raw, json) Hash identifier: jObAEaW9jlDTMyIb6A8JZqjslqhvlPIsAzJOzv+NnRY= Subject key identifier: 02:48:C6:13:6B:B1:44:5D:76:2F:89:A3:C4:20:0F:7C:49:78:EA:5A Certificate issuer: /CN=A914988F/serialNumber=3FE6031F25567A4547CDE1731A2D814DB86E2094 Certificate serial: 07DE Authority key identifier: 3F:E6:03:1F:25:56:7A:45:47:CD:E1:73:1A:2D:81:4D:B8:6E:20:94 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/4ED5A00CFE2611EAA4F3424DC4F9AE02.roa Signing time: Mon 28 Jul 2025 21:32:07 +0000 ROA not before: Mon 28 Jul 2025 21:32:07 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 24226 IP address blocks: 45.126.128.0/22 maxlen: 22 103.152.188.0/23 maxlen: 23 103.195.8.0/22 maxlen: 22 103.197.60.0/22 maxlen: 22 2406:33c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.crl rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 21:24:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2014 (0x7de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914988F, serialNumber=3FE6031F25567A4547CDE1731A2D814DB86E2094 Validity Not Before: Jul 28 21:32:07 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=6887ec57-543c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:7f:24:05:ae:d6:5b:fd:0d:f9:2e:69:14:67: 55:72:47:ff:47:7a:11:8c:a8:60:e6:be:c1:23:1a: a6:aa:46:95:10:44:26:a7:a6:5f:8b:7c:d2:fe:1c: 95:de:fd:0c:97:f9:2c:71:82:ad:ee:28:a2:f5:2a: 3d:fd:6b:17:17:47:04:d2:44:89:b0:eb:e0:f4:cc: 8a:e7:74:de:bc:0f:9c:2d:e6:54:26:38:ff:f3:9b: 4c:fe:59:29:ca:0b:9f:0e:a0:89:13:c0:e7:02:fd: 0d:49:c3:f1:95:9a:81:4b:77:81:58:27:3b:cb:c6: 76:fb:ef:30:e5:f2:c2:d3:ca:06:25:26:2d:a2:84: 67:7c:dc:1f:d2:ef:8c:b7:ce:13:7f:ee:b1:47:ea: d6:f6:32:a4:d5:5a:7c:99:8b:52:2e:0d:61:92:a8: c7:ff:6c:7a:37:ea:ef:af:ab:26:bf:75:28:ef:cd: f8:11:a8:97:dc:a8:b8:37:7f:30:c8:cc:44:7e:6b: 94:b2:b1:e2:6b:11:44:1f:70:09:43:dd:82:b3:ef: 1c:ff:d9:1c:ab:21:fb:b5:11:8e:57:93:7e:5d:60: 5c:c6:52:36:40:17:f4:23:ae:c2:65:66:3f:07:e5: 20:0a:7d:af:3f:0e:9c:72:68:2a:f0:ca:24:78:29: fc:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:48:C6:13:6B:B1:44:5D:76:2F:89:A3:C4:20:0F:7C:49:78:EA:5A X509v3 Authority Key Identifier: keyid:3F:E6:03:1F:25:56:7A:45:47:CD:E1:73:1A:2D:81:4D:B8:6E:20:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/P-YDHyVWekVHzeFzGi2BTbhuIJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-YDHyVWekVHzeFzGi2BTbhuIJQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914988F/19247FBAFE2511EA9CC10C4CC4F9AE02/4ED5A00CFE2611EAA4F3424DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.126.128.0/22 103.152.188.0/23 103.195.8.0/22 103.197.60.0/22 IPv6: 2406:33c0::/32 Signature Algorithm: sha256WithRSAEncryption 64:88:de:f5:df:7e:b1:c8:af:f4:d3:d8:22:b9:01:14:86:8f: a9:cf:e6:a5:86:63:9e:4f:4e:47:65:d2:d6:39:a0:90:6c:a2: 3a:48:b6:9d:0d:3b:5c:1a:f8:9d:89:f0:2a:d8:dd:b0:a8:ec: 7a:a7:92:18:29:f8:56:9b:cc:fe:ac:d1:f3:7c:ee:53:96:1f: 04:7b:e7:d9:bd:aa:66:5c:68:b2:b0:a2:84:be:30:6f:ef:c7: 8e:93:92:d3:ef:f7:bb:92:98:94:ec:d8:d5:bc:99:0f:9c:79: 8f:d7:67:08:99:cb:81:86:6c:90:b8:df:df:1b:3d:63:1a:57: 47:a4:4a:50:d5:6b:2b:b1:af:fe:0f:e4:2f:7a:ab:05:5b:6e: 60:ac:a7:fa:94:59:9f:8e:73:65:e9:aa:79:be:1a:27:e6:63: f6:cc:39:8a:9c:df:65:b2:85:38:38:ce:c3:78:5d:3d:85:c7: c9:7d:c1:46:0f:e3:e2:fd:a5:3e:39:20:50:27:67:1b:dc:42: f5:88:56:06:6d:7b:39:a8:07:3c:d8:5a:fc:48:42:35:66:0b: a7:e1:0f:bf:f9:96:5d:ed:07:96:b0:8d:9c:39:f1:16:58:ca: 0e:aa:04:06:4e:b4:2e:49:21:7f:65:a6:fa:eb:6d:9c:f9:e3: 1e:da:97:51 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICB94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDk4OEYxMTAvBgNVBAUTKDNGRTYwMzFGMjU1NjdBNDU0N0NERTE3MzFBMkQ4MTRE Qjg2RTIwOTQwHhcNMjUwNzI4MjEzMjA3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODg3ZWM1Ny01NDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA838kBa7WW/0N+S5pFGdVckf/R3oRjKhg5r7BIxqmqkaVEEQmp6Zfi3zS/hyV 3v0Ml/kscYKt7iii9So9/WsXF0cE0kSJsOvg9MyK53TevA+cLeZUJjj/85tM/lkp ygufDqCJE8DnAv0NScPxlZqBS3eBWCc7y8Z2++8w5fLC08oGJSYtooRnfNwf0u+M t84Tf+6xR+rW9jKk1Vp8mYtSLg1hkqjH/2x6N+rvr6smv3Uo7834EaiX3Ki4N38w yMxEfmuUsrHiaxFEH3AJQ92Cs+8c/9kcqyH7tRGOV5N+XWBcxlI2QBf0I67CZWY/ B+UgCn2vPw6ccmgq8MokeCn8gwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFAJIxhNr sURddi+Jo8QgD3xJeOpaMB8GA1UdIwQYMBaAFD/mAx8lVnpFR83hcxotgU24biCU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OTg4Ri8xOTI0N0ZCQUZF MjUxMUVBOUNDMTBDNENDNEY5QUUwMi9QLVlESHlWV2VrVkh6ZUZ6R2kyQlRiaHVJ SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AtWURIeVZXZWtWSHplRnpHaTJCVGJodUlKUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDk4OEYvMTkyNDdGQkFGRTI1MTFFQTlDQzEwQzRDQzRGOUFFMDIvNEVENUEwMENG RTI2MTFFQUE0RjM0MjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAItfoADBAFnmLwDBAJnwwgDBAJnxTwwDQQCAAIwBwMFACQG M8AwDQYJKoZIhvcNAQELBQADggEBAGSI3vXffrHIr/TT2CK5ARSGj6nP5qWGY55P Tkdl0tY5oJBsojpItp0NO1wa+J2J8CrY3bCo7Hqnkhgp+FabzP6s0fN87lOWHwR7 59m9qmZcaLKwooS+MG/vx46TktPv97uSmJTs2NW8mQ+ceY/XZwiZy4GGbJC4398b PWMaV0ekSlDVayuxr/4P5C96qwVbbmCsp/qUWZ+Oc2Xpqnm+GifmY/bMOYqc32Wy hTg4zsN4XT2Fx8l9wUYP4+L9pT45IFAnZxvcQvWIVgZtezmoBzzYWvxIQjVmC6fh D7/5ll3tB5awjZw58RZYyg6qBAZOtC5JIX9lpvrrbZz54x7al1E= -----END CERTIFICATE-----Generated at Wed Aug 13 17:50:51 2025 by rpki-client