$ rpki-client -vvf rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/BA1F21AC731111F0BD7FF574C4F9AE02.roa File: BA1F21AC731111F0BD7FF574C4F9AE02.roa (raw, json) Hash identifier: 20AfF76B9+g4MK13JnUrRZPbIDu/TESDofczBLuYHu0= Subject key identifier: 6E:2E:26:3E:08:CD:D1:05:02:21:A7:5C:DD:CE:D5:99:FC:94:B2:C0 Certificate issuer: /CN=A9164390/serialNumber=C6433C49E63CD92035B307E8F79637608FEADBF5 Certificate serial: 1CF1 Authority key identifier: C6:43:3C:49:E6:3C:D9:20:35:B3:07:E8:F7:96:37:60:8F:EA:DB:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xkM8SeY82SA1swfo95Y3YI_q2_U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/BA1F21AC731111F0BD7FF574C4F9AE02.roa Signing time: Thu 07 Aug 2025 21:26:31 +0000 ROA not before: Thu 07 Aug 2025 21:26:31 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 38201 IP address blocks: 43.255.148.0/22 maxlen: 22 43.255.148.0/23 maxlen: 23 43.255.150.0/23 maxlen: 23 103.239.160.0/22 maxlen: 22 103.239.160.0/23 maxlen: 23 103.239.160.0/24 maxlen: 24 103.239.161.0/24 maxlen: 24 103.239.162.0/23 maxlen: 23 175.176.144.0/22 maxlen: 22 175.176.144.0/23 maxlen: 23 175.176.146.0/23 maxlen: 23 175.176.147.0/24 maxlen: 24 202.134.24.0/21 maxlen: 21 202.134.24.0/22 maxlen: 22 202.134.24.0/24 maxlen: 24 202.134.25.0/24 maxlen: 24 202.134.26.0/24 maxlen: 24 202.134.27.0/24 maxlen: 24 202.134.28.0/24 maxlen: 24 202.134.29.0/24 maxlen: 24 202.134.30.0/24 maxlen: 24 202.134.31.0/24 maxlen: 24 2400:6400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/xkM8SeY82SA1swfo95Y3YI_q2_U.crl rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/xkM8SeY82SA1swfo95Y3YI_q2_U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xkM8SeY82SA1swfo95Y3YI_q2_U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7409 (0x1cf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9164390, serialNumber=C6433C49E63CD92035B307E8F79637608FEADBF5 Validity Not Before: Aug 7 21:26:31 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68951a07-e760 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ad:f6:ce:d3:85:80:04:54:0a:2c:93:2e:bc: 3d:d8:f3:ea:11:48:ac:94:c8:2b:80:85:cf:49:51: 15:6e:ea:7d:c2:b5:18:15:87:9c:06:33:91:f2:10: 88:85:14:e5:24:95:09:eb:40:be:46:d6:09:a8:7a: bd:85:10:c2:2f:a5:82:cf:08:6c:5c:b1:a5:59:d4: 86:cf:ec:cd:ef:e8:15:4a:bf:ba:48:04:cb:a0:fc: 88:30:d7:93:8a:f4:a4:01:34:58:34:33:0d:6a:9c: 2e:f3:cf:32:23:9b:de:9b:80:af:46:01:7d:c7:22: 8f:94:13:b6:d6:ee:46:40:0a:0e:29:ef:d1:54:7c: d5:f5:7a:51:c7:b5:ba:bb:5f:42:7a:be:65:36:96: a2:ba:a8:3f:55:92:d1:64:50:c8:53:cd:a9:59:f4: 40:a8:e0:a0:c9:ea:a3:53:7d:76:03:dc:e8:c8:57: 0f:42:9d:f9:6d:a8:4d:55:a0:21:1b:91:b4:15:22: 0a:87:8f:c8:09:54:17:ae:1f:75:06:55:f2:a0:7e: 31:95:37:18:29:3e:f1:8c:91:92:4f:04:11:81:44: e3:d3:a5:1f:85:7f:b1:8e:2f:e5:c3:a3:a5:24:fd: ba:09:c9:77:d0:b5:fb:cb:d4:78:d0:27:a3:6b:c3: 48:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:2E:26:3E:08:CD:D1:05:02:21:A7:5C:DD:CE:D5:99:FC:94:B2:C0 X509v3 Authority Key Identifier: keyid:C6:43:3C:49:E6:3C:D9:20:35:B3:07:E8:F7:96:37:60:8F:EA:DB:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/xkM8SeY82SA1swfo95Y3YI_q2_U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xkM8SeY82SA1swfo95Y3YI_q2_U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/BA1F21AC731111F0BD7FF574C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.148.0/22 103.239.160.0/22 175.176.144.0/22 202.134.24.0/21 IPv6: 2400:6400::/32 Signature Algorithm: sha256WithRSAEncryption 80:03:d9:f4:85:15:95:63:23:39:9a:ec:f7:1d:b3:33:6e:7c: 50:3c:9d:6b:ff:ad:aa:10:f6:fb:6d:b9:68:e9:ce:5d:ff:67: 7a:fc:1c:2c:03:25:1f:dd:ac:d2:f8:c5:52:62:43:08:37:b0: a2:2c:15:47:0e:17:43:d2:a5:a4:a9:f0:42:03:20:af:28:87: dd:f9:be:a2:9c:ee:af:8b:46:c9:af:a7:6c:bb:41:97:c8:d9: 7c:2c:ae:d7:05:a6:23:1e:f7:1e:56:67:02:ea:b4:58:68:9e: 2c:ee:b1:7a:b8:47:07:bd:c4:71:25:3a:73:f3:0b:47:c7:23: d9:be:c7:3e:23:d7:03:7d:9a:d8:46:37:d8:ff:40:e6:16:c8: 23:13:84:21:e5:1c:50:21:da:bb:2f:12:01:cf:25:24:a1:6a: db:26:e7:52:b0:4c:64:21:1c:23:db:06:85:41:12:16:ff:b9: 12:02:75:e8:f8:c8:9b:71:d3:28:2c:f7:83:02:fe:d4:51:76: 0c:19:15:e8:7b:cd:9d:08:0d:88:75:76:76:a5:ec:e5:a8:82: a6:70:d6:d6:bf:c0:27:d6:32:c8:07:a1:8c:2b:40:c1:53:2d: 3a:ab:bb:03:de:c6:50:51:07:0c:7c:fa:e6:cc:de:3b:50:c5: a1:3a:20:05 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICHPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjQzOTAxMTAvBgNVBAUTKEM2NDMzQzQ5RTYzQ0Q5MjAzNUIzMDdFOEY3OTYzNzYw OEZFQURCRjUwHhcNMjUwODA3MjEyNjMxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODk1MWEwNy1lNzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAta32ztOFgARUCiyTLrw92PPqEUislMgrgIXPSVEVbup9wrUYFYecBjOR8hCI hRTlJJUJ60C+RtYJqHq9hRDCL6WCzwhsXLGlWdSGz+zN7+gVSr+6SATLoPyIMNeT ivSkATRYNDMNapwu888yI5vem4CvRgF9xyKPlBO21u5GQAoOKe/RVHzV9XpRx7W6 u19Cer5lNpaiuqg/VZLRZFDIU82pWfRAqOCgyeqjU312A9zoyFcPQp35bahNVaAh G5G0FSIKh4/ICVQXrh91BlXyoH4xlTcYKT7xjJGSTwQRgUTj06UfhX+xji/lw6Ol JP26Ccl30LX7y9R40Ceja8NIEQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFG4uJj4I zdEFAiGnXN3O1Zn8lLLAMB8GA1UdIwQYMBaAFMZDPEnmPNkgNbMH6PeWN2CP6tv1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDM5MC8wRTkzNTRGQ0RD NUMxMUU2OEU5MTVFMzJDNEY5QUUwMi94a004U2VZODJTQTFzd2ZvOTVZM1lJX3Ey X1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hrTThTZVk4MlNBMXN3Zm85NVkzWUlfcTJfVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjQzOTAvMEU5MzU0RkNEQzVDMTFFNjhFOTE1RTMyQzRGOUFFMDIvQkExRjIxQUM3 MzExMTFGMEJEN0ZGNTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr/5QDBAJn76ADBAKvsJADBAPKhhgwDQQCAAIwBwMFACQA ZAAwDQYJKoZIhvcNAQELBQADggEBAIAD2fSFFZVjIzma7PcdszNufFA8nWv/raoQ 9vttuWjpzl3/Z3r8HCwDJR/drNL4xVJiQwg3sKIsFUcOF0PSpaSp8EIDIK8oh935 vqKc7q+LRsmvp2y7QZfI2XwsrtcFpiMe9x5WZwLqtFhonizusXq4Rwe9xHElOnPz C0fHI9m+xz4j1wN9mthGN9j/QOYWyCMThCHlHFAh2rsvEgHPJSShatsm51KwTGQh HCPbBoVBEhb/uRICdej4yJtx0ygs94MC/tRRdgwZFeh7zZ0IDYh1dnal7OWogqZw 1ta/wCfWMsgHoYwrQMFTLTqruwPexlBRBwx8+ubM3jtQxaE6IAU= -----END CERTIFICATE-----Generated at Mon Aug 11 07:26:37 2025 by rpki-client