$ rpki-client -vvf rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/1966C856FB9E11ED8309FC1DC4F9AE02.roa File: 1966C856FB9E11ED8309FC1DC4F9AE02.roa (raw, json) Hash identifier: UaxkzwEU7Uh70PtMMkf/dHGEWq655rIu4QsEPhurB3I= Subject key identifier: 67:8A:56:FD:14:CE:B8:9D:BA:C8:A2:F5:5C:0B:AB:90:C5:D5:62:41 Certificate issuer: /CN=A917B540/serialNumber=702FA1AE9682B2B22ECDD9A53012F0E6F1BA1B9C Certificate serial: 01A6 Authority key identifier: 70:2F:A1:AE:96:82:B2:B2:2E:CD:D9:A5:30:12:F0:E6:F1:BA:1B:9C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cC-hrpaCsrIuzdmlMBLw5vG6G5w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/1966C856FB9E11ED8309FC1DC4F9AE02.roa Signing time: Sun 03 Aug 2025 04:09:49 +0000 ROA not before: Sun 03 Aug 2025 04:09:49 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 56309 IP address blocks: 43.229.76.0/22 maxlen: 24 103.22.180.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.crl rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cC-hrpaCsrIuzdmlMBLw5vG6G5w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 422 (0x1a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B540, serialNumber=702FA1AE9682B2B22ECDD9A53012F0E6F1BA1B9C Validity Not Before: Aug 3 04:09:49 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=688ee10d-89ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:47:8c:79:93:9b:20:f1:27:ec:a5:76:55:4a: dd:4d:11:6d:a8:df:67:5e:72:40:af:0d:ad:46:21: dd:b4:8a:7a:3d:25:5e:d7:9d:3d:4a:85:e0:d8:70: b4:c7:9c:d3:9e:ae:26:0d:94:83:a7:d2:b1:3a:76: 87:26:22:1b:4f:07:8c:cf:22:aa:0f:71:5b:e4:2a: 60:d0:8e:12:4b:39:f1:ab:59:48:93:57:58:80:f8: d7:3e:b7:6d:d5:30:42:1c:06:73:e1:d3:d9:d8:29: ab:e5:f0:a7:4b:cc:7a:da:7d:50:89:b9:1e:92:e7: ba:90:6b:8e:14:9e:91:26:fa:4c:4c:6e:90:d4:ac: 1c:68:d4:0f:be:68:a7:57:a2:67:ae:c6:3d:4e:e7: af:dc:16:77:8a:66:71:41:90:44:bd:99:ea:f8:10: d7:0b:73:56:a2:88:6e:d4:30:24:c6:d1:74:9b:8a: c1:8f:3b:50:cc:c2:fd:b9:b4:af:b7:4c:12:05:0a: 40:71:e5:79:ac:5f:2a:3f:8b:e6:4b:2f:0e:f3:dd: 10:d1:bf:c9:63:60:ab:0c:60:2f:c3:fb:da:80:61: 8f:97:61:7a:37:f0:3f:2c:87:f8:af:5d:fc:50:0e: 30:1d:21:7c:79:11:08:4d:dc:03:79:0a:6a:98:09: 39:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:8A:56:FD:14:CE:B8:9D:BA:C8:A2:F5:5C:0B:AB:90:C5:D5:62:41 X509v3 Authority Key Identifier: keyid:70:2F:A1:AE:96:82:B2:B2:2E:CD:D9:A5:30:12:F0:E6:F1:BA:1B:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cC-hrpaCsrIuzdmlMBLw5vG6G5w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/1966C856FB9E11ED8309FC1DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.76.0/22 103.22.180.0/22 Signature Algorithm: sha256WithRSAEncryption a4:32:ad:d1:ba:61:48:9f:03:49:75:ae:a0:35:35:1b:cb:45: 37:80:5f:08:dc:b6:3c:79:a8:4a:3f:14:0c:22:97:34:d3:06: f1:0b:c7:d3:87:50:6e:01:83:7f:4e:96:6f:c5:a9:02:59:b9: 1e:94:c2:61:c3:27:9d:cf:ab:ae:6f:3c:08:ac:52:5e:c6:11: 02:72:fc:2e:6c:5b:65:8c:68:90:f2:59:8e:05:20:27:d5:74: 94:37:b1:06:5d:06:fa:0d:36:a8:b6:33:26:fb:11:40:25:b4: 5c:f5:5c:a4:c6:98:c8:c6:74:ea:2c:26:28:8a:5f:20:2a:b8: df:86:84:2a:04:07:24:fb:2f:aa:e3:50:a8:cc:85:1b:cd:50: d4:cc:71:cd:41:7d:a3:51:2c:33:67:68:3e:57:8d:59:eb:5e: b3:4f:ac:ed:9b:6a:d7:2d:a9:4a:93:59:8f:d5:f1:b3:58:f2: 97:05:4b:5b:40:ab:60:8c:24:de:34:0b:88:92:2f:c2:2f:a9: c8:a0:43:db:b1:e9:82:57:30:99:ed:72:03:b0:08:d8:70:d8: ad:19:9a:e7:52:3b:ce:13:06:10:ac:e7:ed:9e:3f:83:30:d4: be:f6:49:03:9a:37:0e:bd:36:30:62:85:3d:f6:41:7b:24:89: 53:14:3f:0c -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAaYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I1NDAxMTAvBgNVBAUTKDcwMkZBMUFFOTY4MkIyQjIyRUNERDlBNTMwMTJGMEU2 RjFCQTFCOUMwHhcNMjUwODAzMDQwOTQ5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhlZTEwZC04OWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxkeMeZObIPEn7KV2VUrdTRFtqN9nXnJArw2tRiHdtIp6PSVe1509SoXg2HC0 x5zTnq4mDZSDp9KxOnaHJiIbTweMzyKqD3Fb5Cpg0I4SSznxq1lIk1dYgPjXPrdt 1TBCHAZz4dPZ2Cmr5fCnS8x62n1Qibkekue6kGuOFJ6RJvpMTG6Q1KwcaNQPvmin V6JnrsY9Tuev3BZ3imZxQZBEvZnq+BDXC3NWoohu1DAkxtF0m4rBjztQzML9ubSv t0wSBQpAceV5rF8qP4vmSy8O890Q0b/JY2CrDGAvw/vagGGPl2F6N/A/LIf4r138 UA4wHSF8eREITdwDeQpqmAk5JwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGeKVv0U zridusii9VwLq5DF1WJBMB8GA1UdIwQYMBaAFHAvoa6WgrKyLs3ZpTAS8Obxuhuc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjU0MC9EOTdBOTVCQ0Y4 ODAxMUVEQjlBQkZDNTZDNEY5QUUwMi9jQy1ocnBhQ3NySXV6ZG1sTUJMdzV2RzZH NXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NDLWhycGFDc3JJdXpkbWxNQkx3NXZHNkc1dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0I1NDAvRDk3QTk1QkNGODgwMTFFREI5QUJGQzU2QzRGOUFFMDIvMTk2NkM4NTZG QjlFMTFFRDgzMDlGQzFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr5UwDBAJnFrQwDQYJKoZIhvcNAQELBQADggEBAKQyrdG6 YUifA0l1rqA1NRvLRTeAXwjctjx5qEo/FAwilzTTBvELx9OHUG4Bg39Olm/FqQJZ uR6UwmHDJ53Pq65vPAisUl7GEQJy/C5sW2WMaJDyWY4FICfVdJQ3sQZdBvoNNqi2 Myb7EUAltFz1XKTGmMjGdOosJiiKXyAquN+GhCoEByT7L6rjUKjMhRvNUNTMcc1B faNRLDNnaD5XjVnrXrNPrO2batctqUqTWY/V8bNY8pcFS1tAq2CMJN40C4iSL8Iv qcigQ9ux6YJXMJntcgOwCNhw2K0ZmudSO84TBhCs5+2eP4Mw1L72SQOaNw69NjBi hT32QXskiVMUPww= -----END CERTIFICATE-----Generated at Sun Aug 10 10:36:03 2025 by rpki-client