$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/72C9BE36950211EFAC892C5EC4F9AE02.roa File: 72C9BE36950211EFAC892C5EC4F9AE02.roa (raw, json) Hash identifier: tUqKc58G4NP/ZiNhEE4m52A3vGMH09GTzhVMgnnCe/8= Subject key identifier: 93:1B:BB:BD:E7:79:7D:45:0D:9A:CB:B6:DB:44:CB:DB:44:B7:E8:24 Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Certificate serial: 0B3C Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/72C9BE36950211EFAC892C5EC4F9AE02.roa Signing time: Tue 10 Jun 2025 22:10:12 +0000 ROA not before: Tue 10 Jun 2025 22:10:12 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 18004 IP address blocks: 43.152.164.0/24 maxlen: 24 43.152.165.0/24 maxlen: 24 43.175.123.0/24 maxlen: 24 43.175.198.0/24 maxlen: 24 43.175.199.0/24 maxlen: 24 43.175.200.0/24 maxlen: 24 43.175.201.0/24 maxlen: 24 240d:c010:11b::/48 maxlen: 48 240d:c010:13e::/48 maxlen: 48 240d:c010:13f::/48 maxlen: 48 240d:c010:140::/48 maxlen: 48 240d:c010:141::/48 maxlen: 48 240d:c010:151::/48 maxlen: 48 240d:c010:152::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Jun 2025 04:30:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2876 (0xb3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Validity Not Before: Jun 10 22:10:12 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6848ad43-bc89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:f5:b7:74:1f:d1:cd:51:d2:ac:d0:5e:72:bc: 90:79:32:30:da:80:ab:a0:62:a8:bf:ee:3e:bd:d8: 5f:6b:f9:c8:c2:7a:6a:b3:ac:55:cc:f9:f0:d4:85: cb:ce:5f:e9:77:06:13:b0:9e:48:f5:69:59:b7:2c: de:f0:ad:51:73:58:e4:90:9f:8e:ac:f5:be:d8:2d: 81:6a:82:04:c2:8d:83:b0:6b:34:bc:79:0b:09:74: d0:bc:77:f9:70:6e:26:d2:dc:6b:d9:4e:8f:18:23: 7c:5a:cb:f8:74:4a:88:3e:70:2d:62:57:03:fd:c9: 76:2b:3f:c6:41:a3:63:99:01:c4:e9:43:c9:3b:40: 3b:13:a6:eb:53:8d:0f:a5:67:53:af:28:ad:55:dc: 3d:94:66:f6:2a:d9:bc:72:92:28:da:08:1b:41:d9: 4d:79:1a:d6:e3:e7:df:73:ef:18:79:a5:61:e8:dc: db:f2:5a:e9:c5:78:44:47:e9:a2:9f:4b:a6:d3:d4: 14:bc:4e:c3:f8:5b:62:1b:89:90:d7:1d:14:39:2d: a3:8d:51:9c:96:c8:77:89:35:62:af:39:65:d6:5a: 0a:dd:61:fc:a8:52:86:f1:9c:08:c4:a4:5c:4c:b2: be:5a:fc:8f:85:31:bd:ed:40:b5:e1:08:ac:75:8b: 6e:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:1B:BB:BD:E7:79:7D:45:0D:9A:CB:B6:DB:44:CB:DB:44:B7:E8:24 X509v3 Authority Key Identifier: keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/72C9BE36950211EFAC892C5EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.152.164.0/23 43.175.123.0/24 43.175.198.0-43.175.201.255 IPv6: 240d:c010:11b::/48 240d:c010:13e::-240d:c010:141:ffff:ffff:ffff:ffff:ffff 240d:c010:151::-240d:c010:152:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption bd:58:26:a2:e1:1c:f0:c4:c8:83:e5:53:07:08:da:22:07:19: 9c:f4:74:5d:fe:5b:51:83:57:bc:03:4e:f8:8d:76:d0:2c:8c: cd:9f:de:c6:48:58:58:51:8e:4b:73:9d:8c:ec:ef:f0:74:61: 71:9a:85:52:d3:c4:b9:fe:30:56:da:f0:b0:21:31:15:aa:8f: fa:a5:75:f6:e8:e0:41:05:fb:c2:c7:bc:af:f2:85:ac:2e:b8: b3:d0:85:f0:b4:3f:d3:8b:48:06:74:d9:15:61:06:57:77:a7: dc:15:ff:9d:67:74:9e:e4:5f:ea:7c:d6:30:5e:9c:97:d6:56: 7d:5a:09:47:f2:4c:96:6a:cb:9e:af:7c:dd:8f:e5:51:4a:6e: b2:9f:a4:59:12:01:95:80:0e:32:a6:52:7f:db:f3:c8:e2:93: 8d:7b:18:80:b2:49:67:96:0a:c9:d7:69:4e:7d:79:40:9b:72: 4f:f4:ed:b0:e3:ea:33:de:b5:fc:ab:9c:5c:fa:7d:15:84:93: 54:ef:aa:7d:bb:d5:23:9b:4f:1e:4d:12:e5:28:89:37:e3:cb: 9f:6a:fd:fb:dc:7a:f2:c1:a1:e5:f3:62:44:88:ab:01:3f:2c: cc:6a:1e:75:58:21:76:73:f6:91:0d:7c:6d:03:97:bc:86:7f: 1e:42:b9:ea -----BEGIN CERTIFICATE----- MIIFvjCCBKagAwIBAgICCzwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5 NTA2QTU5QkQwHhcNMjUwNjEwMjIxMDEyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQ4YWQ0My1iYzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqfW3dB/RzVHSrNBecryQeTIw2oCroGKov+4+vdhfa/nIwnpqs6xVzPnw1IXL zl/pdwYTsJ5I9WlZtyze8K1Rc1jkkJ+OrPW+2C2BaoIEwo2DsGs0vHkLCXTQvHf5 cG4m0txr2U6PGCN8Wsv4dEqIPnAtYlcD/cl2Kz/GQaNjmQHE6UPJO0A7E6brU40P pWdTryitVdw9lGb2Ktm8cpIo2ggbQdlNeRrW4+ffc+8YeaVh6Nzb8lrpxXhER+mi n0um09QUvE7D+FtiG4mQ1x0UOS2jjVGclsh3iTVirzll1loK3WH8qFKG8ZwIxKRc TLK+WvyPhTG97UC14QisdYtunwIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFJMbu73n eX1FDZrLtttEy9tEt+gkMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvNzJDOUJFMzY5 NTAyMTFFRkFDODkyQzVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E XTBbMCAEAgABMBoDBAErmKQDBAArr3swDAMEASuvxgMEASuvyDA3BAIAAjAxAwcA JA3AEAEbMBIDBwEkDcAQAT4DBwEkDcAQAUAwEgMHACQNwBABUQMHACQNwBABUjAN BgkqhkiG9w0BAQsFAAOCAQEAvVgmouEc8MTIg+VTBwjaIgcZnPR0Xf5bUYNXvANO +I120CyMzZ/exkhYWFGOS3OdjOzv8HRhcZqFUtPEuf4wVtrwsCExFaqP+qV19ujg QQX7wse8r/KFrC64s9CF8LQ/04tIBnTZFWEGV3en3BX/nWd0nuRf6nzWMF6cl9ZW fVoJR/JMlmrLnq983Y/lUUpusp+kWRIBlYAOMqZSf9vzyOKTjXsYgLJJZ5YKyddp Tn15QJtyT/TtsOPqM961/KucXPp9FYSTVO+qfbvVI5tPHk0S5SiJN+PLn2r9+9x6 8sGh5fNiRIirAT8szGoedVghdnP2kQ18bQOXvIZ/HkK56g== -----END CERTIFICATE-----Generated at Fri Jun 20 21:28:58 2025 by rpki-client