$ rpki-client -vvf rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/8CA88A568FD611F09FFCA92CC4F9AE02.roa File: 8CA88A568FD611F09FFCA92CC4F9AE02.roa (raw, json) Hash identifier: X1O7W3t2SP7SDbQ67NRf7y+vow5VXeN/HZMH9HZxaRQ= Subject key identifier: E5:84:CF:50:3A:40:B2:CA:5C:80:08:6B:36:8A:5B:FE:24:5D:A8:4B Certificate issuer: /CN=A9157B07/serialNumber=CCE9C5624BACF9D0985E3F2D6E31E6B2D86D82AE Certificate serial: 02 Authority key identifier: CC:E9:C5:62:4B:AC:F9:D0:98:5E:3F:2D:6E:31:E6:B2:D8:6D:82:AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/8CA88A568FD611F09FFCA92CC4F9AE02.roa Signing time: Fri 12 Sep 2025 12:46:49 +0000 ROA not before: Fri 12 Sep 2025 12:46:49 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 154219 IP address blocks: 203.34.241.0/24 maxlen: 24 2001:df6:1cc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.crl rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157B07, serialNumber=CCE9C5624BACF9D0985E3F2D6E31E6B2D86D82AE Validity Not Before: Sep 12 12:46:49 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68c41639-e0f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:fa:3c:0e:97:30:92:c7:68:8f:eb:37:a5:99: 17:e5:6b:35:14:95:cc:a0:16:72:ad:93:ca:d3:6a: b8:58:13:2b:27:de:7e:cb:19:9d:b1:7f:de:ee:a0: 75:51:ae:d4:82:59:22:b9:b0:9f:67:c5:09:17:ea: ab:3c:2d:28:7a:cf:b4:c9:e0:8a:27:1d:fb:10:70: 9d:d4:2c:56:be:08:a7:3e:3c:a8:81:29:67:fd:f4: 7c:82:ea:7a:42:29:ab:b2:ef:28:86:09:a9:96:5c: ca:5c:6f:bc:63:a0:b4:da:79:d9:ff:2b:ab:e9:62: 1f:f3:73:61:df:3c:5e:34:52:27:4a:8b:68:4b:60: 82:61:ca:90:ad:2a:0d:9d:0b:7c:64:b9:ac:0d:29: 85:6a:fb:fe:0f:ad:df:1c:ca:aa:89:a7:6a:4f:9e: 1e:2d:83:c2:f0:5f:fe:1a:74:e0:ce:e7:2c:a7:f4: 42:58:77:79:2e:fb:87:b4:2f:35:49:0a:69:5f:cc: 85:4f:eb:3f:9c:cf:63:22:f6:08:0e:1f:27:51:26: 76:9e:bc:b0:37:64:10:f5:4e:99:38:d8:41:05:37: b6:ad:2e:04:c7:cf:58:e8:13:cc:3e:52:f0:cb:af: 11:ed:2e:57:cc:7b:e9:36:71:aa:e4:2c:41:05:f6: 30:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:84:CF:50:3A:40:B2:CA:5C:80:08:6B:36:8A:5B:FE:24:5D:A8:4B X509v3 Authority Key Identifier: keyid:CC:E9:C5:62:4B:AC:F9:D0:98:5E:3F:2D:6E:31:E6:B2:D8:6D:82:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/8CA88A568FD611F09FFCA92CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.34.241.0/24 IPv6: 2001:df6:1cc0::/48 Signature Algorithm: sha256WithRSAEncryption 1a:1d:2f:86:34:c4:9f:e0:c7:4b:f1:2a:12:0e:2f:aa:4a:d4: 79:bd:c8:05:f2:b1:3f:07:bb:0d:b1:9f:45:f7:f2:57:98:7e: d6:51:14:25:30:ba:50:c7:50:01:40:ca:dd:3a:c8:d1:3d:f0: 36:2e:e9:bc:0e:b0:96:4d:7b:12:27:a3:98:d5:b1:79:f8:98: 10:fb:20:91:7c:5a:6b:6e:c7:46:3e:01:e7:91:a2:a4:a5:62: 0e:35:97:4c:a7:dc:6f:f3:12:c3:a3:75:de:7c:e8:0a:46:0f: 1f:c5:18:51:36:8d:d1:53:af:bd:f0:54:05:5d:3c:b7:a9:66: 3d:c8:dc:50:31:ad:24:4c:7f:e7:84:ed:8e:b3:85:a7:13:12: b3:6b:c7:d8:56:c4:6f:ad:d5:5b:3d:05:35:8c:75:6d:4a:cc: 2f:d3:c0:52:ed:e7:6b:94:cb:9c:2e:17:2c:42:70:2b:83:1f: f8:35:de:86:ff:31:c0:f9:2e:21:a8:bc:81:07:9b:30:88:e2: b5:72:da:e1:19:cf:04:0b:75:be:b5:2d:55:d0:da:c9:d3:5b: d7:63:33:24:9c:e2:c4:53:f0:33:38:ad:ee:8e:d7:6e:4c:29: 9b:9b:9b:b0:07:85:f6:10:45:a9:56:0b:0e:fe:08:46:55:5e: ec:04:9a:27 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 N0IwNzExMC8GA1UEBRMoQ0NFOUM1NjI0QkFDRjlEMDk4NUUzRjJENkUzMUU2QjJE ODZEODJBRTAeFw0yNTA5MTIxMjQ2NDlaFw0yNjEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YzQxNjM5LWUwZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCg+jwOlzCSx2iP6zelmRflazUUlcygFnKtk8rTarhYEysn3n7LGZ2xf97uoHVR rtSCWSK5sJ9nxQkX6qs8LSh6z7TJ4IonHfsQcJ3ULFa+CKc+PKiBKWf99HyC6npC Kauy7yiGCamWXMpcb7xjoLTaedn/K6vpYh/zc2HfPF40UidKi2hLYIJhypCtKg2d C3xkuawNKYVq+/4Prd8cyqqJp2pPnh4tg8LwX/4adODO5yyn9EJYd3ku+4e0LzVJ CmlfzIVP6z+cz2Mi9ggOHydRJnaevLA3ZBD1Tpk42EEFN7atLgTHz1joE8w+UvDL rxHtLlfMe+k2carkLEEF9jC9AgMBAAGjggKmMIICojAdBgNVHQ4EFgQU5YTPUDpA sspcgAhrNopb/iRdqEswHwYDVR0jBBgwFoAUzOnFYkus+dCYXj8tbjHmsthtgq4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3QjA3L0Q4ODU0NDkyOEZE NTExRjBBNjFDOUIyQkM0RjlBRTAyL3pPbkZZa3VzLWRDWVhqOHRiakhtc3RodGdx NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvek9uRllrdXMtZENZWGo4dGJqSG1zdGh0Z3E0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0IwNy9EODg1NDQ5MjhGRDUxMUYwQTYxQzlCMkJDNEY5QUUwMi84Q0E4OEE1NjhG RDYxMUYwOUZGQ0E5MkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAMsi8TAPBAIAAjAJAwcAIAEN9hzAMA0GCSqGSIb3DQEBCwUA A4IBAQAaHS+GNMSf4MdL8SoSDi+qStR5vcgF8rE/B7sNsZ9F9/JXmH7WURQlMLpQ x1ABQMrdOsjRPfA2Lum8DrCWTXsSJ6OY1bF5+JgQ+yCRfFprbsdGPgHnkaKkpWIO NZdMp9xv8xLDo3XefOgKRg8fxRhRNo3RU6+98FQFXTy3qWY9yNxQMa0kTH/nhO2O s4WnExKza8fYVsRvrdVbPQU1jHVtSswv08BS7edrlMucLhcsQnArgx/4Nd6G/zHA +S4hqLyBB5swiOK1ctrhGc8EC3W+tS1V0NrJ01vXYzMknOLEU/AzOK3ujtduTCmb m5uwB4X2EEWpVgsO/ghGVV7sBJon -----END CERTIFICATE-----Generated at Wed Nov 5 14:26:04 2025 by rpki-client