$ rpki-client -vvf rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CB42F018F7C311EA8A722484C4F9AE02.roa File: CB42F018F7C311EA8A722484C4F9AE02.roa (raw, json) Hash identifier: +VXknte/mN+kJG0OMjeV9YUPJK6A2pn0gyb+jl0GEBE= Subject key identifier: D6:73:B7:AF:E5:96:57:1F:56:72:CC:8A:08:64:63:86:C4:84:10:55 Certificate issuer: /CN=A917AAAD/serialNumber=D617D4710482C7F775752057DC8682259B319C78 Certificate serial: 0821 Authority key identifier: D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CB42F018F7C311EA8A722484C4F9AE02.roa Signing time: Wed 22 Oct 2025 22:10:09 +0000 ROA not before: Wed 22 Oct 2025 22:10:09 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 7473 IP address blocks: 120.72.64.0/20 maxlen: 20 120.72.64.0/24 maxlen: 24 120.72.65.0/24 maxlen: 24 203.173.64.0/20 maxlen: 20 2404:1000::/32 maxlen: 32 2404:1000::/48 maxlen: 48 2404:1000:1::/48 maxlen: 48 2404:1000:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:59:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2081 (0x821) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AAAD, serialNumber=D617D4710482C7F775752057DC8682259B319C78 Validity Not Before: Oct 22 22:10:09 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68f95640-4d18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:fb:22:2d:82:ab:0d:48:59:0d:0c:72:02:17: f1:a7:a6:0c:4e:f3:a0:3a:56:74:87:43:f3:14:2e: fd:4a:ae:d7:a6:4e:f7:d7:6e:42:5f:5e:c5:11:e9: 75:86:9b:df:53:0f:60:37:a5:9b:71:94:49:61:54: 68:57:7e:48:2f:7b:eb:14:a3:97:c4:ff:02:ff:10: f0:8d:ed:52:bd:ec:22:27:bd:5e:26:3f:ea:a8:1d: 19:30:3d:1f:f7:5a:b8:39:ac:28:e7:67:3e:51:bf: 2a:ad:67:d6:4f:3a:6f:be:ca:a1:30:e6:85:be:da: 1f:0a:a2:a0:d8:03:7e:32:ad:e2:34:3f:2f:5b:ba: 40:77:ad:f7:f3:aa:5f:a5:25:70:be:d9:9b:60:42: 0c:2e:2e:31:c1:7b:2a:db:94:2b:e5:e5:52:cd:bc: 41:c1:f2:f0:22:65:26:2f:1c:e6:3f:78:9c:70:a5: 67:80:79:fa:6e:e9:a6:d2:2a:4a:1b:d5:17:ff:cf: 9e:9f:f5:b9:62:ac:5e:9c:8d:ad:83:63:7b:f9:ab: b1:40:42:bf:94:5c:c5:3f:63:59:66:c0:82:17:7f: f2:68:e1:6a:ac:d6:e1:89:04:a5:0a:0f:bc:6a:d5: 24:9a:7e:7d:1b:b3:81:f1:ab:dd:d5:9a:0f:2e:03: a2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:73:B7:AF:E5:96:57:1F:56:72:CC:8A:08:64:63:86:C4:84:10:55 X509v3 Authority Key Identifier: keyid:D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CB42F018F7C311EA8A722484C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.72.64.0/20 203.173.64.0/20 IPv6: 2404:1000::/32 Signature Algorithm: sha256WithRSAEncryption a5:d8:d9:d0:fa:07:6e:3c:7c:b3:7b:30:4c:9f:ef:6f:0c:02: 9e:ad:e9:65:45:a7:a0:73:08:62:2c:11:6e:85:e0:8f:54:fa: ff:79:71:72:62:5f:1c:08:29:68:f2:73:60:b2:80:79:8c:80: 7e:8d:9c:53:9d:cf:b4:e0:b1:b8:78:61:8b:32:8f:de:9d:06: 36:36:5e:e5:f7:53:a9:69:3b:c6:20:16:61:77:0f:27:61:f6: 94:25:79:32:97:45:02:59:d7:ee:3b:aa:1d:af:a3:eb:25:b1: 1b:ff:aa:da:6d:9b:5d:43:4e:c4:c9:3d:4d:43:4b:55:0f:40: 3e:de:19:f4:4b:1d:80:7b:cc:e5:d9:60:30:c3:ae:73:cd:a9: dd:d3:8d:69:74:b0:75:b5:4f:62:5a:ea:bc:61:c9:12:ac:69: a3:1f:f8:ff:34:b6:d4:12:b6:b3:ab:3d:dd:03:61:ab:a5:fc: 8f:55:33:10:d1:74:80:71:aa:8d:3f:45:cc:f6:57:70:65:61: 8b:cb:e1:0e:a1:92:ad:09:69:54:f3:63:f0:e0:a4:3b:3a:05: 79:82:93:44:0f:e9:3d:57:b0:0d:f7:90:f9:2b:e1:fa:a2:4f: 60:ac:5f:c9:b2:3f:b5:15:d9:42:ac:15:ff:ee:d6:81:00:0e: ef:02:64:35 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICCCEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FBQUQxMTAvBgNVBAUTKEQ2MTdENDcxMDQ4MkM3Rjc3NTc1MjA1N0RDODY4MjI1 OUIzMTlDNzgwHhcNMjUxMDIyMjIxMDA5WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY5NTY0MC00ZDE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwvsiLYKrDUhZDQxyAhfxp6YMTvOgOlZ0h0PzFC79Sq7Xpk73125CX17FEel1 hpvfUw9gN6WbcZRJYVRoV35IL3vrFKOXxP8C/xDwje1SvewiJ71eJj/qqB0ZMD0f 91q4Oawo52c+Ub8qrWfWTzpvvsqhMOaFvtofCqKg2AN+Mq3iND8vW7pAd63386pf pSVwvtmbYEIMLi4xwXsq25Qr5eVSzbxBwfLwImUmLxzmP3iccKVngHn6bumm0ipK G9UX/8+en/W5YqxenI2tg2N7+auxQEK/lFzFP2NZZsCCF3/yaOFqrNbhiQSlCg+8 atUkmn59G7OB8avd1ZoPLgOivQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNZzt6/l llcfVnLMighkY4bEhBBVMB8GA1UdIwQYMBaAFNYX1HEEgsf3dXUgV9yGgiWbMZx4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUFBRC9FM0IyQjY0NEY3 QzExMUVBODI3NUNCNjZDNEY5QUUwMi8xaGZVY1FTQ3hfZDFkU0JYM0lhQ0pac3hu SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFoZlVjUVNDeF9kMWRTQlgzSWFDSlpzeG5IZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0FBQUQvRTNCMkI2NDRGN0MxMTFFQTgyNzVDQjY2QzRGOUFFMDIvQ0I0MkYwMThG N0MzMTFFQThBNzIyNDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAR4SEADBATLrUAwDQQCAAIwBwMFACQEEAAwDQYJKoZIhvcN AQELBQADggEBAKXY2dD6B248fLN7MEyf728MAp6t6WVFp6BzCGIsEW6F4I9U+v95 cXJiXxwIKWjyc2CygHmMgH6NnFOdz7Tgsbh4YYsyj96dBjY2XuX3U6lpO8YgFmF3 Dydh9pQleTKXRQJZ1+47qh2vo+slsRv/qtptm11DTsTJPU1DS1UPQD7eGfRLHYB7 zOXZYDDDrnPNqd3TjWl0sHW1T2Ja6rxhyRKsaaMf+P80ttQStrOrPd0DYaul/I9V MxDRdIBxqo0/Rcz2V3BlYYvL4Q6hkq0JaVTzY/DgpDs6BXmCk0QP6T1XsA33kPkr 4fqiT2CsX8myP7UV2UKsFf/u1oEADu8CZDU= -----END CERTIFICATE-----Generated at Wed Nov 5 15:21:15 2025 by rpki-client