$ rpki-client -vvf rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/149AB4BE7CE911EEB9A02D83C4F9AE02.roa File: 149AB4BE7CE911EEB9A02D83C4F9AE02.roa (raw, json) Hash identifier: 2Zr7Hm+ka4YogIeAL8utcPORDLzzcWzkuQ8uJ6QbXYo= Subject key identifier: F6:DD:DD:48:5F:05:96:54:31:DC:A5:6E:B0:09:47:E5:3B:A3:31:18 Certificate issuer: /CN=A915177C/serialNumber=2293BD4C5E4F9A2965358CB018DF3E4EEE4DF1CF Certificate serial: 300C Authority key identifier: 22:93:BD:4C:5E:4F:9A:29:65:35:8C:B0:18:DF:3E:4E:EE:4D:F1:CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IpO9TF5PmillNYywGN8-Tu5N8c8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/149AB4BE7CE911EEB9A02D83C4F9AE02.roa Signing time: Mon 04 Aug 2025 15:56:01 +0000 ROA not before: Mon 04 Aug 2025 15:56:01 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 32590 IP address blocks: 45.121.184.0/22 maxlen: 24 103.10.124.0/23 maxlen: 24 103.28.54.0/23 maxlen: 24 2404:3fc0::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/IpO9TF5PmillNYywGN8-Tu5N8c8.crl rsync://rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/IpO9TF5PmillNYywGN8-Tu5N8c8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IpO9TF5PmillNYywGN8-Tu5N8c8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12300 (0x300c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915177C, serialNumber=2293BD4C5E4F9A2965358CB018DF3E4EEE4DF1CF Validity Not Before: Aug 4 15:56:01 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=6890d811-4a2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:9e:61:f7:7a:e9:01:57:7b:28:f4:e5:83:b9: c5:36:a3:4c:72:17:52:b1:67:c9:b7:ff:af:3c:31: bf:a6:b6:be:a5:13:1f:40:8a:f1:80:fe:cb:67:f8: a8:9b:cc:3c:cb:29:fc:9f:de:7b:aa:83:3a:80:ef: 2e:b5:13:96:61:af:e0:ff:8c:0d:e1:21:2b:73:0b: 6f:41:e9:3c:22:e2:48:d9:d9:e3:2a:8e:d9:68:c1: 53:8a:5b:fb:f3:2f:32:5f:40:30:1a:45:93:2f:f2: 38:c0:b7:15:15:a3:7b:f8:00:b5:0e:37:9f:17:ee: cd:14:e9:aa:81:08:d7:38:d0:2a:67:39:70:20:d1: 6c:d6:6e:c3:2c:4a:32:de:cf:38:7e:0a:1b:1f:2a: 16:77:4e:da:0c:29:48:94:59:a3:6e:ed:15:37:6e: 7e:83:fb:3a:ca:fc:0d:3f:2e:c3:f1:1a:07:62:37: cf:ee:5a:f3:f3:62:58:f1:ec:d4:0b:9e:92:4e:40: e9:3a:e5:64:5a:10:db:8a:70:af:4b:1e:28:8a:ee: 60:2d:a1:8a:7d:7e:71:d2:ee:38:41:d0:6e:3d:3e: 2d:30:a3:94:4d:5b:54:06:d9:50:45:5e:b4:a6:f3: 88:ba:ba:44:12:3d:ea:fd:aa:88:08:ac:4c:62:4a: 9b:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:DD:DD:48:5F:05:96:54:31:DC:A5:6E:B0:09:47:E5:3B:A3:31:18 X509v3 Authority Key Identifier: keyid:22:93:BD:4C:5E:4F:9A:29:65:35:8C:B0:18:DF:3E:4E:EE:4D:F1:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/IpO9TF5PmillNYywGN8-Tu5N8c8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IpO9TF5PmillNYywGN8-Tu5N8c8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/149AB4BE7CE911EEB9A02D83C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.121.184.0/22 103.10.124.0/23 103.28.54.0/23 IPv6: 2404:3fc0::/40 Signature Algorithm: sha256WithRSAEncryption b1:6a:07:68:c7:9a:aa:85:ef:df:28:07:e1:4c:b5:dd:3e:e0: 9b:db:96:b1:e8:28:d9:dd:07:eb:3a:24:d7:a5:11:88:47:df: 89:f6:1c:e4:cc:99:c1:38:88:97:8a:c1:da:c4:7f:25:09:d0: 56:07:35:20:e8:de:cf:4f:b6:fb:f0:1e:b3:11:8e:c4:2d:d4: b5:43:08:26:8f:ce:5e:5b:97:de:d1:3d:4a:df:60:74:0e:cf: 2d:57:72:c8:bb:70:01:30:ff:6f:0f:13:91:20:ad:25:25:08: 76:f2:eb:40:d8:62:6a:84:fe:b1:b3:52:a4:11:13:cd:dd:13: 10:7f:81:3b:5b:8e:1e:5e:4e:2f:7c:b0:07:eb:9f:50:9f:34: e7:10:6b:56:e1:d8:10:1f:31:b2:7d:e4:8d:5e:f9:c0:7d:d8: 8e:0d:8d:71:89:34:81:c6:07:60:d7:17:b8:1d:ac:4d:25:86: e3:29:98:0a:cd:32:ec:fb:f4:24:1a:d0:09:5b:fa:5b:11:7e: c6:2e:dd:44:a1:6e:20:a2:8d:b6:46:f5:3e:70:51:15:8f:c0: a8:22:9a:01:8a:a8:5f:cf:36:20:37:a6:bc:bb:13:b2:9d:81: 3f:3e:ef:44:3b:01:32:ff:0d:f7:a6:1d:48:06:59:fa:6f:32: 7f:74:0f:9c -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICMAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTE3N0MxMTAvBgNVBAUTKDIyOTNCRDRDNUU0RjlBMjk2NTM1OENCMDE4REYzRTRF RUU0REYxQ0YwHhcNMjUwODA0MTU1NjAxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODkwZDgxMS00YTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoJ5h93rpAVd7KPTlg7nFNqNMchdSsWfJt/+vPDG/pra+pRMfQIrxgP7LZ/io m8w8yyn8n957qoM6gO8utROWYa/g/4wN4SErcwtvQek8IuJI2dnjKo7ZaMFTilv7 8y8yX0AwGkWTL/I4wLcVFaN7+AC1DjefF+7NFOmqgQjXONAqZzlwINFs1m7DLEoy 3s84fgobHyoWd07aDClIlFmjbu0VN25+g/s6yvwNPy7D8RoHYjfP7lrz82JY8ezU C56STkDpOuVkWhDbinCvSx4oiu5gLaGKfX5x0u44QdBuPT4tMKOUTVtUBtlQRV60 pvOIurpEEj3q/aqICKxMYkqbuwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFPbd3Uhf BZZUMdylbrAJR+U7ozEYMB8GA1UdIwQYMBaAFCKTvUxeT5opZTWMsBjfPk7uTfHP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTc3Qy85MjRDRENDMDE0 MzAxMUUzQTBCMTlGMkE1OTExRUEzMi9JcE85VEY1UG1pbGxOWXl3R044LVR1NU44 YzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lwTzlURjVQbWlsbE5ZeXdHTjgtVHU1TjhjOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTE3N0MvOTI0Q0RDQzAxNDMwMTFFM0EwQjE5RjJBNTkxMUVBMzIvMTQ5QUI0QkU3 Q0U5MTFFRUI5QTAyRDgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMBgEAgABMBIDBAItebgDBAFnCnwDBAFnHDYwDgQCAAIwCAMGACQEP8AAMA0G CSqGSIb3DQEBCwUAA4IBAQCxagdox5qqhe/fKAfhTLXdPuCb25ax6CjZ3QfrOiTX pRGIR9+J9hzkzJnBOIiXisHaxH8lCdBWBzUg6N7PT7b78B6zEY7ELdS1Qwgmj85e W5fe0T1K32B0Ds8tV3LIu3ABMP9vDxORIK0lJQh28utA2GJqhP6xs1KkERPN3RMQ f4E7W44eXk4vfLAH659QnzTnEGtW4dgQHzGyfeSNXvnAfdiODY1xiTSBxgdg1xe4 HaxNJYbjKZgKzTLs+/QkGtAJW/pbEX7GLt1EoW4goo22RvU+cFEVj8CoIpoBiqhf zzYgN6a8uxOynYE/Pu9EOwEy/w33ph1IBln6bzJ/dA+c -----END CERTIFICATE-----Generated at Sun Aug 10 21:16:59 2025 by rpki-client