$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/BE76C8186C6811F0B3FF7E69C4F9AE02.roa File: BE76C8186C6811F0B3FF7E69C4F9AE02.roa (raw, json) Hash identifier: 8/0p5mch1lOzxJGC3zlpDmvwoQsenGirWY8DqbHGuoU= Subject key identifier: 68:DE:8A:F5:22:DB:01:04:B0:00:9B:46:CB:70:B9:37:35:0F:B7:0E Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8 Certificate serial: 072C Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/BE76C8186C6811F0B3FF7E69C4F9AE02.roa Signing time: Tue 29 Jul 2025 10:42:37 +0000 ROA not before: Tue 29 Jul 2025 10:42:37 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 137076 IP address blocks: 14.96.24.0/21 maxlen: 24 14.96.32.0/21 maxlen: 24 14.96.40.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1836 (0x72c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DEA4, serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8 Validity Not Before: Jul 29 10:42:37 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=6888a59d-e33c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:f7:c8:6c:11:63:37:aa:bc:93:51:71:8a:5a: 13:53:b6:a1:8c:b6:c6:b7:cc:f9:25:9d:2f:59:6f: 71:12:68:75:a5:ac:97:5f:04:70:c8:23:1d:64:e6: 1a:e6:41:b0:5d:bd:66:8f:81:ce:66:53:66:4f:07: 17:e4:82:2a:71:9b:72:0b:03:2a:b8:d2:2a:8d:21: db:0e:16:f4:99:a0:a1:0e:ef:67:9b:d6:4d:13:95: fa:f7:45:e4:7e:b1:09:1e:e2:f7:5f:1b:6b:9a:99: 52:49:34:55:a8:c8:74:a0:10:3f:18:c1:ba:e1:7f: fe:ee:15:99:71:62:7d:ed:e7:4e:7d:8c:ea:82:db: 28:3a:5d:c4:5d:63:70:7c:39:21:63:8b:70:99:11: 04:bb:cb:b5:24:0c:0a:27:82:03:3c:61:09:58:d6: 8c:07:a7:79:04:27:5b:1f:ae:c1:97:d5:0d:a3:a1: c1:bf:df:a2:3b:d9:10:bb:15:d2:55:10:ab:ec:d7: f9:a3:4f:20:bc:74:2b:e1:87:6d:af:20:83:e4:2b: 79:c3:f5:50:82:d1:2b:42:e4:eb:d8:43:2f:73:bc: 84:40:d7:b7:d0:48:b0:d6:2a:23:d2:6e:df:42:4b: 41:78:6b:76:a8:46:d1:84:f5:01:42:97:2d:7e:3c: cd:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:DE:8A:F5:22:DB:01:04:B0:00:9B:46:CB:70:B9:37:35:0F:B7:0E X509v3 Authority Key Identifier: keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/BE76C8186C6811F0B3FF7E69C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.96.24.0-14.96.47.255 Signature Algorithm: sha256WithRSAEncryption cc:33:94:ba:cf:ba:46:84:10:0d:01:99:c5:b8:7d:6e:f2:f9: bd:74:17:ec:8d:3d:b0:69:9d:c6:96:d3:ec:53:f5:10:89:ad: 6f:02:ca:6a:19:0c:39:53:ab:c1:2a:32:c3:a1:29:3f:1f:86: 63:37:ee:52:f6:8b:1f:bc:84:68:85:32:d1:69:be:f4:84:e8: bf:f5:0d:22:e5:fe:bc:d6:7a:37:fd:7e:63:09:43:ba:26:51: 24:ef:af:5c:45:e8:88:d9:5e:0e:18:0b:c9:d8:c0:ca:39:4e: 0a:88:73:8a:42:da:0a:d4:58:e2:20:62:51:b1:80:cf:37:13: 26:72:93:a5:a6:bd:4b:12:ab:cc:d4:28:b5:6c:bf:0b:5e:bf: a5:66:a9:57:a8:ea:ea:55:48:b3:dc:86:43:fd:d7:66:a9:5b: 0d:ae:47:ab:9a:d2:e0:1c:e7:38:59:5f:8a:3b:d8:a1:ee:7e: 23:47:81:00:f4:89:21:b3:fc:8a:fc:52:8a:6e:e8:1d:31:63: 96:d7:31:1b:b8:18:0c:29:02:b7:e1:64:98:66:1a:ff:8e:6d: c4:ed:99:31:e1:af:19:f4:63:b7:6f:33:da:55:a3:e6:77:84: 68:22:3a:c6:55:b3:a1:c3:28:86:38:63:fb:19:b9:45:d7:f9: 56:65:ed:32 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgICBywwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw OTQ5NERCQzgwHhcNMjUwNzI5MTA0MjM3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODg4YTU5ZC1lMzNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzPfIbBFjN6q8k1FxiloTU7ahjLbGt8z5JZ0vWW9xEmh1payXXwRwyCMdZOYa 5kGwXb1mj4HOZlNmTwcX5IIqcZtyCwMquNIqjSHbDhb0maChDu9nm9ZNE5X690Xk frEJHuL3XxtrmplSSTRVqMh0oBA/GMG64X/+7hWZcWJ97edOfYzqgtsoOl3EXWNw fDkhY4twmREEu8u1JAwKJ4IDPGEJWNaMB6d5BCdbH67Bl9UNo6HBv9+iO9kQuxXS VRCr7Nf5o08gvHQr4YdtryCD5Ct5w/VQgtErQuTr2EMvc7yEQNe30Eiw1ioj0m7f QktBeGt2qEbRhPUBQpctfjzNkwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFGjeivUi 2wEEsACbRstwuTc1D7cOMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4 MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvQkU3NkM4MTg2 QzY4MTFGMEIzRkY3RTY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E GDAWMBQEAgABMA4wDAMEAw5gGAMEBA5gIDANBgkqhkiG9w0BAQsFAAOCAQEAzDOU us+6RoQQDQGZxbh9bvL5vXQX7I09sGmdxpbT7FP1EImtbwLKahkMOVOrwSoyw6Ep Px+GYzfuUvaLH7yEaIUy0Wm+9ITov/UNIuX+vNZ6N/1+YwlDuiZRJO+vXEXoiNle DhgLydjAyjlOCohzikLaCtRY4iBiUbGAzzcTJnKTpaa9SxKrzNQotWy/C16/pWap V6jq6lVIs9yGQ/3XZqlbDa5Hq5rS4BznOFlfijvYoe5+I0eBAPSJIbP8ivxSim7o HTFjltcxG7gYDCkCt+FkmGYa/45txO2ZMeGvGfRjt28z2lWj5neEaCI6xlWzocMo hjhj+xm5Rdf5VmXtMg== -----END CERTIFICATE-----Generated at Mon Aug 11 10:46:29 2025 by rpki-client