$ rpki-client -vvf rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/E9E80356AD6211EABEDF046AC4F9AE02.roa File: E9E80356AD6211EABEDF046AC4F9AE02.roa (raw, json) Hash identifier: aOqwloZ9sT/M1OqrjBKZ/MpZ3Pwla48CsTsMrgUxXsk= Subject key identifier: C4:95:B5:58:BE:CD:02:0A:34:F2:94:66:FF:EB:A0:9E:B3:87:AD:00 Certificate issuer: /CN=A914F5BA/serialNumber=1420F80709DDD3DFC3F511565503CEF4444BEDC3 Certificate serial: 08EA Authority key identifier: 14:20:F8:07:09:DD:D3:DF:C3:F5:11:56:55:03:CE:F4:44:4B:ED:C3 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/FCD4Bwnd09_D9RFWVQPO9ERL7cM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/E9E80356AD6211EABEDF046AC4F9AE02.roa Signing time: Mon 26 May 2025 20:37:10 +0000 ROA not before: Mon 26 May 2025 20:37:10 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 137811 IP address blocks: 5.28.32.0/21 maxlen: 21 5.28.32.0/24 maxlen: 24 5.28.33.0/24 maxlen: 24 5.28.34.0/24 maxlen: 24 5.28.35.0/24 maxlen: 24 5.28.36.0/23 maxlen: 24 5.28.38.0/24 maxlen: 24 5.28.39.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/FCD4Bwnd09_D9RFWVQPO9ERL7cM.crl rsync://rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/FCD4Bwnd09_D9RFWVQPO9ERL7cM.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/FCD4Bwnd09_D9RFWVQPO9ERL7cM.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:18:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2282 (0x8ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F5BA, serialNumber=1420F80709DDD3DFC3F511565503CEF4444BEDC3 Validity Not Before: May 26 20:37:10 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6834d0f6-03c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:cd:a0:29:9c:36:90:63:34:e9:a1:d0:d8:67: 9d:aa:6a:a6:26:4c:1e:94:6c:e7:43:81:72:fe:24: 60:1c:cb:6d:cf:da:fe:27:09:a9:a7:27:f9:00:f5: 72:af:e9:ff:5a:3c:ef:66:03:cf:46:d2:60:4f:62: 89:f0:69:c5:78:84:d0:08:f7:83:5a:00:4a:c6:97: ec:ec:90:70:be:e3:e7:19:ff:9d:27:f1:49:eb:d5: 71:f1:34:35:91:52:e7:11:5f:8b:11:32:2a:eb:2b: 88:66:29:66:8a:17:03:38:bf:cb:eb:ab:1e:b6:98: be:96:ce:76:aa:59:2d:70:d7:cb:b0:6d:0f:91:4c: cd:85:58:95:b8:ad:ad:16:8f:7e:20:bd:8c:1f:1e: e1:6b:e3:51:a0:45:fa:b5:96:f1:47:b6:f7:ca:5c: 6b:05:40:26:b2:23:4e:63:06:94:8f:e5:ac:23:cc: dd:bf:fd:87:79:3c:c0:47:ee:2f:6c:fa:73:7f:aa: c7:33:92:d9:8c:56:3f:35:69:22:fa:56:71:f9:e8: 04:1b:51:3c:22:fb:0f:1c:13:a2:55:80:bb:f1:31: e7:fa:f3:7b:7c:7b:65:ef:b2:68:65:9a:25:cd:9d: 0a:79:33:63:dd:c8:b9:42:5c:c4:9b:b1:c8:ad:4a: be:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:95:B5:58:BE:CD:02:0A:34:F2:94:66:FF:EB:A0:9E:B3:87:AD:00 X509v3 Authority Key Identifier: keyid:14:20:F8:07:09:DD:D3:DF:C3:F5:11:56:55:03:CE:F4:44:4B:ED:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/FCD4Bwnd09_D9RFWVQPO9ERL7cM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/FCD4Bwnd09_D9RFWVQPO9ERL7cM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F5BA/049DCD22AD6111EA8F1A8D63C4F9AE02/E9E80356AD6211EABEDF046AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 5.28.32.0/21 Signature Algorithm: sha256WithRSAEncryption a1:65:a1:6b:fb:5c:19:bf:de:27:fc:fe:1e:c3:b4:6d:0a:e4: 38:a6:01:50:b9:90:bc:02:29:c9:aa:2b:55:ee:af:e7:53:9c: fd:a6:44:5b:06:98:ee:39:5c:19:b3:90:58:40:b1:f2:8b:cd: 04:7e:be:25:e5:d6:bb:02:d7:10:5d:fd:fc:ba:54:5a:17:07: 06:ca:eb:c2:40:25:09:b6:b1:87:48:86:8c:46:4a:8b:ff:01: a0:c4:02:fd:37:6e:4e:73:21:7e:e0:cb:59:35:94:ba:c5:92: cf:08:64:fc:f9:24:15:0f:cf:25:b8:1e:46:c4:05:b1:f0:37: 6d:e6:e0:52:1b:48:23:80:c8:b5:d6:e3:c9:ff:c2:3a:e5:00: e2:c9:1b:b4:85:52:36:aa:9e:d2:bf:db:d1:8d:59:3d:e6:91: a3:c8:8b:9a:62:81:05:f3:bf:30:b7:c5:f1:e9:d6:95:08:a7: 92:b2:1f:9a:5d:48:84:93:4c:3e:64:01:c0:a6:2c:c0:1d:61: 26:b0:8c:5c:c2:13:ca:03:b6:1b:e7:78:d8:20:65:97:09:73: 41:b1:c7:8e:b7:83:fb:62:ae:3e:8a:18:3d:c2:87:0f:35:6d: 4b:50:5f:6e:69:fb:2f:73:d4:ee:34:86:b2:5d:db:58:bd:2f: b5:b7:2e:33 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1QkExMTAvBgNVBAUTKDE0MjBGODA3MDlEREQzREZDM0Y1MTE1NjU1MDNDRUY0 NDQ0QkVEQzMwHhcNMjUwNTI2MjAzNzEwWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM0ZDBmNi0wM2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwM2gKZw2kGM06aHQ2GedqmqmJkwelGznQ4Fy/iRgHMttz9r+Jwmppyf5APVy r+n/WjzvZgPPRtJgT2KJ8GnFeITQCPeDWgBKxpfs7JBwvuPnGf+dJ/FJ69Vx8TQ1 kVLnEV+LETIq6yuIZilmihcDOL/L66setpi+ls52qlktcNfLsG0PkUzNhViVuK2t Fo9+IL2MHx7ha+NRoEX6tZbxR7b3ylxrBUAmsiNOYwaUj+WsI8zdv/2HeTzAR+4v bPpzf6rHM5LZjFY/NWki+lZx+egEG1E8IvsPHBOiVYC78THn+vN7fHtl77JoZZol zZ0KeTNj3ci5QlzEm7HIrUq+uwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMSVtVi+ zQIKNPKUZv/roJ6zh60AMB8GA1UdIwQYMBaAFBQg+AcJ3dPfw/URVlUDzvRES+3D MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjVCQS8wNDlEQ0QyMkFE NjExMUVBOEYxQThENjNDNEY5QUUwMi9GQ0Q0QnduZDA5X0Q5UkZXVlFQTzlFUkw3 Y00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL0ZDRDRCd25kMDlfRDlSRldWUVBPOUVSTDdjTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEY1QkEvMDQ5RENEMjJBRDYxMTFFQThGMUE4RDYzQzRGOUFFMDIvRTlFODAzNTZB RDYyMTFFQUJFREYwNDZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAMFHCAwDQYJKoZIhvcNAQELBQADggEBAKFloWv7XBm/3if8 /h7DtG0K5DimAVC5kLwCKcmqK1Xur+dTnP2mRFsGmO45XBmzkFhAsfKLzQR+viXl 1rsC1xBd/fy6VFoXBwbK68JAJQm2sYdIhoxGSov/AaDEAv03bk5zIX7gy1k1lLrF ks8IZPz5JBUPzyW4HkbEBbHwN23m4FIbSCOAyLXW48n/wjrlAOLJG7SFUjaqntK/ 29GNWT3mkaPIi5pigQXzvzC3xfHp1pUIp5KyH5pdSISTTD5kAcCmLMAdYSawjFzC E8oDthvneNggZZcJc0Gxx463g/tirj6KGD3Chw81bUtQX25p+y9z1O40hrJd21i9 L7W3LjM= -----END CERTIFICATE-----Generated at Wed Nov 5 20:51:13 2025 by rpki-client