$ rpki-client -vvf rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/7CEC0182B10C11E5BB6B2A16C4F9AE02.roa File: 7CEC0182B10C11E5BB6B2A16C4F9AE02.roa (raw, json) Hash identifier: rWS5j2TJ+tCGGvBtanx4musy7r04IRKphVI4Md/BpKk= Subject key identifier: C3:0B:28:B3:AD:BD:2B:BC:04:48:7B:0F:1C:F9:57:BE:CE:7E:04:B0 Certificate issuer: /CN=A914EE0C/serialNumber=3E2B58437E86244139AE4CD03D97F40342850736 Certificate serial: 26FF Authority key identifier: 3E:2B:58:43:7E:86:24:41:39:AE:4C:D0:3D:97:F4:03:42:85:07:36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PitYQ36GJEE5rkzQPZf0A0KFBzY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/7CEC0182B10C11E5BB6B2A16C4F9AE02.roa Signing time: Sat 26 Jul 2025 15:52:51 +0000 ROA not before: Sat 26 Jul 2025 15:52:51 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 132917 IP address blocks: 43.226.8.0/24 maxlen: 24 43.226.9.0/24 maxlen: 24 43.226.10.0/24 maxlen: 24 43.226.11.0/24 maxlen: 24 103.250.48.0/24 maxlen: 24 103.250.49.0/24 maxlen: 24 103.250.50.0/24 maxlen: 24 103.250.51.0/24 maxlen: 24 2407:8300::/36 maxlen: 36 2407:8300:1000::/36 maxlen: 36 2407:8300:2000::/36 maxlen: 36 2407:8300:3000::/36 maxlen: 36 2407:8300:4000::/36 maxlen: 36 2407:8300:5000::/36 maxlen: 36 2407:8300:6000::/36 maxlen: 36 2407:8300:7000::/36 maxlen: 36 2407:8300:8000::/36 maxlen: 36 2407:8300:9000::/36 maxlen: 36 2407:8300:a000::/36 maxlen: 36 2407:8300:b000::/36 maxlen: 36 2407:8300:c000::/36 maxlen: 36 2407:8300:d000::/36 maxlen: 36 2407:8300:e000::/36 maxlen: 36 2407:8300:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/PitYQ36GJEE5rkzQPZf0A0KFBzY.crl rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/PitYQ36GJEE5rkzQPZf0A0KFBzY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PitYQ36GJEE5rkzQPZf0A0KFBzY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9983 (0x26ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EE0C, serialNumber=3E2B58437E86244139AE4CD03D97F40342850736 Validity Not Before: Jul 26 15:52:51 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6884f9d3-cc61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8a:ed:75:92:4d:fa:6a:9a:7e:f4:6f:d0:af: 69:9f:27:a4:b3:e1:0f:13:b6:ac:c4:25:e0:73:c5: fe:a4:e7:73:89:9d:06:5c:9e:ab:04:5d:08:ad:b7: ca:9c:2c:ad:4f:0e:96:22:08:e3:6c:8b:4b:01:1f: b6:68:a0:c3:ca:3d:9b:d4:a7:c4:b0:7b:15:97:68: 1b:47:2a:24:f2:e0:90:a0:eb:7f:ad:c4:15:6d:49: 8c:3c:b9:12:16:ea:fa:1e:9d:8c:56:2f:27:2a:98: db:c3:aa:c8:32:7a:23:84:80:69:c8:c0:f8:53:b0: 7f:e0:ef:59:64:06:54:ae:8b:8a:f7:15:a2:33:62: ee:96:c4:2e:d7:12:e5:e5:e6:62:0b:3c:86:73:c2: bb:c9:c4:01:99:e4:c2:f7:89:52:58:32:51:2a:b5: 3e:ca:ef:62:77:79:f9:52:23:ba:ac:0b:72:09:1e: 69:13:5d:5b:03:7f:f7:55:d8:20:64:9f:57:17:27: ce:a9:99:fb:88:04:1a:42:4f:2f:8b:b7:e7:2a:4a: c6:ec:5f:11:dc:c6:10:0e:fa:91:05:83:0a:a8:16: f5:d5:c8:bb:0b:8e:30:ed:45:e3:a0:dc:7e:be:19: 01:ec:e9:0d:1b:90:cd:07:c0:f3:bc:f0:df:42:fd: a9:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:0B:28:B3:AD:BD:2B:BC:04:48:7B:0F:1C:F9:57:BE:CE:7E:04:B0 X509v3 Authority Key Identifier: keyid:3E:2B:58:43:7E:86:24:41:39:AE:4C:D0:3D:97:F4:03:42:85:07:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/PitYQ36GJEE5rkzQPZf0A0KFBzY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PitYQ36GJEE5rkzQPZf0A0KFBzY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EE0C/22D53652D67211E4A2122351C4F9AE02/7CEC0182B10C11E5BB6B2A16C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.226.8.0/22 103.250.48.0/22 IPv6: 2407:8300::/32 Signature Algorithm: sha256WithRSAEncryption 9d:9b:46:79:09:90:a8:3a:f1:1e:b0:ec:7d:15:ac:4b:17:ca: cb:f7:94:78:72:85:58:e2:a8:a9:4d:fb:48:54:46:b1:fe:02: 59:25:c3:71:d6:a3:7e:e6:27:d2:e4:32:98:9c:eb:af:52:51: 49:46:3d:0e:0a:f5:f8:32:bf:c6:a0:26:2e:f7:14:64:5a:d8: 31:a9:10:21:15:20:61:64:bc:a7:29:58:74:d8:52:cd:e9:f6: 27:ab:64:4e:d2:cc:1d:a9:35:1a:01:cb:c1:87:1d:bf:7f:b1: 05:34:c7:85:b5:0e:70:b0:51:34:20:7c:ea:1a:79:d8:1d:ef: 95:20:b5:3a:67:74:c7:03:6c:0e:51:3c:52:f3:61:4a:62:d1: e6:d9:ae:3c:e6:98:b8:76:61:3e:4c:50:63:2e:74:63:b4:70: 5b:f5:6f:74:85:f3:92:c7:69:02:f9:fa:06:09:4b:5c:d8:20: 52:03:a6:83:54:15:6a:c8:ea:be:73:e0:c2:8e:a3:14:b6:e0: 84:a7:a4:75:9b:65:7d:4e:8f:1b:5d:ba:e0:aa:d5:5b:2e:c3: bb:07:0c:b8:18:f0:e6:20:ac:d7:7d:84:45:90:f9:71:05:4f: cf:5c:14:10:7d:5c:cf:40:df:fd:1b:3f:63:d6:59:c1:6b:0c: 72:e2:0c:43 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICJv8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVFMEMxMTAvBgNVBAUTKDNFMkI1ODQzN0U4NjI0NDEzOUFFNENEMDNEOTdGNDAz NDI4NTA3MzYwHhcNMjUwNzI2MTU1MjUxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODg0ZjlkMy1jYzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxIrtdZJN+mqafvRv0K9pnyeks+EPE7asxCXgc8X+pOdziZ0GXJ6rBF0IrbfK nCytTw6WIgjjbItLAR+2aKDDyj2b1KfEsHsVl2gbRyok8uCQoOt/rcQVbUmMPLkS Fur6Hp2MVi8nKpjbw6rIMnojhIBpyMD4U7B/4O9ZZAZUrouK9xWiM2LulsQu1xLl 5eZiCzyGc8K7ycQBmeTC94lSWDJRKrU+yu9id3n5UiO6rAtyCR5pE11bA3/3Vdgg ZJ9XFyfOqZn7iAQaQk8vi7fnKkrG7F8R3MYQDvqRBYMKqBb11ci7C44w7UXjoNx+ vhkB7OkNG5DNB8DzvPDfQv2pYwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMMLKLOt vSu8BEh7Dxz5V77OfgSwMB8GA1UdIwQYMBaAFD4rWEN+hiRBOa5M0D2X9ANChQc2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUUwQy8yMkQ1MzY1MkQ2 NzIxMUU0QTIxMjIzNTFDNEY5QUUwMi9QaXRZUTM2R0pFRTVya3pRUFpmMEEwS0ZC elkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BpdFlRMzZHSkVFNXJrelFQWmYwQTBLRkJ6WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEVFMEMvMjJENTM2NTJENjcyMTFFNEEyMTIyMzUxQzRGOUFFMDIvN0NFQzAxODJC MTBDMTFFNUJCNkIyQTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIr4ggDBAJn+jAwDQQCAAIwBwMFACQHgwAwDQYJKoZIhvcN AQELBQADggEBAJ2bRnkJkKg68R6w7H0VrEsXysv3lHhyhVjiqKlN+0hURrH+Alkl w3HWo37mJ9LkMpic669SUUlGPQ4K9fgyv8agJi73FGRa2DGpECEVIGFkvKcpWHTY Us3p9ierZE7SzB2pNRoBy8GHHb9/sQU0x4W1DnCwUTQgfOoaedgd75UgtTpndMcD bA5RPFLzYUpi0ebZrjzmmLh2YT5MUGMudGO0cFv1b3SF85LHaQL5+gYJS1zYIFID poNUFWrI6r5z4MKOoxS24ISnpHWbZX1OjxtduuCq1Vsuw7sHDLgY8OYgrNd9hEWQ +XEFT89cFBB9XM9A3/0bP2PWWcFrDHLiDEM= -----END CERTIFICATE-----Generated at Mon Aug 11 07:27:10 2025 by rpki-client