$ rpki-client -vvf rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/4BB610C2E16511EC8EDF6621C4F9AE02.roa File: 4BB610C2E16511EC8EDF6621C4F9AE02.roa (raw, json) Hash identifier: ekyxreCpgMcKP34usIZn12GGqR3mbNPPXZzJX4hQpac= Subject key identifier: CF:00:2C:C3:52:36:28:80:EB:2B:69:AD:AD:FE:B7:EE:75:B7:4F:8B Certificate issuer: /CN=A9163824/serialNumber=7273853DA063EFCB8EC544B0320D5A707B94C089 Certificate serial: 072F Authority key identifier: 72:73:85:3D:A0:63:EF:CB:8E:C5:44:B0:32:0D:5A:70:7B:94:C0:89 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/4BB610C2E16511EC8EDF6621C4F9AE02.roa Signing time: Sat 12 Jul 2025 15:52:50 +0000 ROA not before: Sat 12 Jul 2025 15:52:50 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 133443 IP address blocks: 43.239.72.0/24 maxlen: 24 43.239.73.0/24 maxlen: 24 43.239.74.0/24 maxlen: 24 43.239.75.0/24 maxlen: 24 103.229.84.0/24 maxlen: 24 103.229.85.0/24 maxlen: 24 103.229.86.0/24 maxlen: 24 103.229.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.crl rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:46:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1839 (0x72f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9163824, serialNumber=7273853DA063EFCB8EC544B0320D5A707B94C089 Validity Not Before: Jul 12 15:52:50 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=687284d2-a0c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:63:94:b0:15:37:06:35:34:b5:9f:a8:d1:db: a8:5b:a7:7b:3d:ce:19:86:28:81:6b:66:e1:7d:13: 60:df:8a:49:89:4c:94:eb:5a:1f:73:03:26:38:4e: 04:5e:53:ea:3a:05:70:b3:07:91:5d:26:d6:9a:7d: c8:64:ba:90:4a:7c:35:1e:6b:b0:2d:b4:a9:b2:1a: 27:2d:15:7b:77:c7:91:5d:d6:27:25:46:65:de:0a: e3:14:fc:c1:28:44:22:35:87:ca:18:6a:57:26:87: 7b:6a:0f:e7:f8:95:34:99:9f:7e:b6:75:c7:02:53: 47:8d:89:a0:10:bc:5a:e0:4b:e7:f8:fe:df:f3:82: 34:31:ec:6d:08:cd:e5:46:7d:fc:8e:dd:8c:90:9d: 56:05:2c:76:0c:95:3f:2e:e1:71:24:bf:33:53:2b: a2:5d:21:fe:f0:80:68:3b:d2:48:be:df:3f:e2:7b: 7d:89:04:ad:cd:b0:d0:c8:78:e0:69:91:40:e9:1e: f9:ef:9c:7f:6c:29:4b:90:4a:d7:5a:ce:c8:3f:15: c5:dc:a5:92:bf:0f:8b:1f:7b:19:02:5d:ef:b0:db: 2d:4d:26:19:44:47:ce:83:02:15:d1:59:a8:95:d3: 84:33:0b:eb:f8:5a:27:cb:9a:05:ea:d6:9a:cf:57: 1f:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:00:2C:C3:52:36:28:80:EB:2B:69:AD:AD:FE:B7:EE:75:B7:4F:8B X509v3 Authority Key Identifier: keyid:72:73:85:3D:A0:63:EF:CB:8E:C5:44:B0:32:0D:5A:70:7B:94:C0:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/4BB610C2E16511EC8EDF6621C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.72.0/22 103.229.84.0/22 Signature Algorithm: sha256WithRSAEncryption 3b:59:d7:c1:6d:ab:e1:08:87:06:4a:3e:b6:80:b5:8a:e1:1f: 15:d9:3a:df:a4:42:1d:6d:86:0c:3c:a3:90:c7:e1:d9:bd:48: 0b:90:45:6a:4c:98:5d:6a:0e:22:cc:65:f2:7d:3f:67:6f:75: 63:8a:a6:f6:a5:93:4a:61:57:ad:36:29:9f:b0:da:c9:30:b1: d4:0b:83:0a:7b:75:16:86:5d:e9:84:5b:49:63:d8:97:ad:12: 7d:db:c5:3a:b5:2b:05:3e:aa:8a:35:49:fc:e6:66:6c:35:f8: 9e:98:fb:36:97:c5:b1:2f:90:ec:59:77:98:1c:1f:ba:23:74: ab:c6:2a:19:98:3b:1c:ac:70:c5:fb:56:76:6c:48:58:6b:a2: 18:65:2f:fe:dd:6d:cd:43:49:a5:3d:4d:8c:32:5b:f5:91:d1: cf:de:ea:19:f1:ea:06:96:ac:8a:95:8a:3d:80:06:39:b0:4f: 25:75:d8:20:b3:90:97:10:53:e5:d0:00:cd:a2:b4:cc:62:e1: 1e:5c:57:ee:95:7f:d0:50:d9:c1:44:d3:3c:2d:10:58:0f:86: 84:a9:40:e5:d2:e9:87:fd:86:55:a4:44:0a:f8:b0:54:06:0c: 62:02:a1:c0:a0:c0:99:2f:68:4b:8c:3d:bd:db:8c:eb:7f:88: bb:e8:bd:b9 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBy8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjM4MjQxMTAvBgNVBAUTKDcyNzM4NTNEQTA2M0VGQ0I4RUM1NDRCMDMyMEQ1QTcw N0I5NEMwODkwHhcNMjUwNzEyMTU1MjUwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODcyODRkMi1hMGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAumOUsBU3BjU0tZ+o0duoW6d7Pc4ZhiiBa2bhfRNg34pJiUyU61ofcwMmOE4E XlPqOgVwsweRXSbWmn3IZLqQSnw1HmuwLbSpshonLRV7d8eRXdYnJUZl3grjFPzB KEQiNYfKGGpXJod7ag/n+JU0mZ9+tnXHAlNHjYmgELxa4Evn+P7f84I0MextCM3l Rn38jt2MkJ1WBSx2DJU/LuFxJL8zUyuiXSH+8IBoO9JIvt8/4nt9iQStzbDQyHjg aZFA6R7575x/bClLkErXWs7IPxXF3KWSvw+LH3sZAl3vsNstTSYZREfOgwIV0Vmo ldOEMwvr+Fony5oF6taaz1cfuwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFM8ALMNS NiiA6ytpra3+t+51t0+LMB8GA1UdIwQYMBaAFHJzhT2gY+/LjsVEsDINWnB7lMCJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzgyNC9CQTBFRkU1MkZE MjUxMUU0OUQ5MzI3M0JDNEY5QUUwMi9jbk9GUGFCajc4dU94VVN3TWcxYWNIdVV3 SWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuT0ZQYUJqNzh1T3hVU3dNZzFhY0h1VXdJay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjM4MjQvQkEwRUZFNTJGRDI1MTFFNDlEOTMyNzNCQzRGOUFFMDIvNEJCNjEwQzJF MTY1MTFFQzhFREY2NjIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr70gDBAJn5VQwDQYJKoZIhvcNAQELBQADggEBADtZ18Ft q+EIhwZKPraAtYrhHxXZOt+kQh1thgw8o5DH4dm9SAuQRWpMmF1qDiLMZfJ9P2dv dWOKpvalk0phV602KZ+w2skwsdQLgwp7dRaGXemEW0lj2JetEn3bxTq1KwU+qoo1 SfzmZmw1+J6Y+zaXxbEvkOxZd5gcH7ojdKvGKhmYOxyscMX7VnZsSFhrohhlL/7d bc1DSaU9TYwyW/WR0c/e6hnx6gaWrIqVij2ABjmwTyV12CCzkJcQU+XQAM2itMxi 4R5cV+6Vf9BQ2cFE0zwtEFgPhoSpQOXS6Yf9hlWkRAr4sFQGDGICocCgwJkvaEuM Pb3bjOt/iLvovbk= -----END CERTIFICATE-----Generated at Wed Nov 5 00:15:53 2025 by rpki-client