$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa File: DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa (raw, json) Hash identifier: JkA2VjRkGVaoGTtSe3EFAkpmSjP2mBiftG09Gd2raHk= Subject key identifier: 53:C5:FA:FC:50:D7:04:ED:63:4D:67:25:EA:5D:A0:AD:ED:CE:A1:32 Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8 Certificate serial: 0753 Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa Signing time: Sat 30 Aug 2025 23:15:26 +0000 ROA not before: Sat 30 Aug 2025 23:15:26 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 134540 IP address blocks: 14.96.64.0/20 maxlen: 24 14.96.80.0/20 maxlen: 24 14.96.96.0/20 maxlen: 20 14.96.96.0/20 maxlen: 24 14.96.112.0/20 maxlen: 24 2406:e00::/48 maxlen: 51 2406:e00:1::/48 maxlen: 51 2406:e00:2::/48 maxlen: 51 2406:e00:3::/48 maxlen: 51 2406:e00:4::/48 maxlen: 51 2406:e00:5::/48 maxlen: 51 2406:e00:6::/48 maxlen: 51 2406:e00:7::/48 maxlen: 51 2406:e00:8::/48 maxlen: 51 2406:e00:a::/48 maxlen: 51 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 22:34:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1875 (0x753) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DEA4, serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8 Validity Not Before: Aug 30 23:15:26 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b3860e-801c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:f0:af:28:39:5d:51:3a:e4:cf:71:b6:d6:79: 84:b6:5c:a5:32:e4:6e:ae:39:ce:96:1d:7f:ca:15: 52:29:64:de:5f:dc:06:be:e9:e0:61:ca:e4:22:fa: 62:7a:f2:e1:e5:34:87:2e:9d:71:1e:e7:a9:60:8e: ab:bb:09:ff:5e:96:f7:26:05:f8:53:cc:38:f3:3f: e5:0b:b8:ec:20:d4:98:b8:46:47:18:42:04:5b:86: e5:b9:05:1d:7b:0d:fd:73:0c:79:66:32:11:d2:59: 60:08:31:18:09:4d:89:24:df:f6:d4:06:da:32:d3: 42:3f:79:6e:14:a6:94:94:79:78:37:25:31:2c:4e: 88:c6:9f:7c:66:98:48:03:6f:4e:af:4a:51:d0:0e: 34:2b:7b:8a:fa:5c:86:bf:cf:9c:d2:23:9b:4b:de: 41:17:47:23:a8:61:98:36:05:3c:01:aa:10:ff:a0: bc:bb:f6:be:04:04:43:82:04:9b:c2:53:a2:37:bc: ed:64:e4:09:c9:35:d7:ed:d2:c0:53:15:e2:f9:b6: d7:5c:dd:94:62:56:99:95:5e:ae:b5:b4:de:16:1c: fd:1b:04:f7:df:e5:dd:9a:30:d6:d0:1a:89:2c:3d: ab:b0:dc:16:e3:1f:c7:1c:2a:27:9b:52:c3:e0:2d: 43:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:C5:FA:FC:50:D7:04:ED:63:4D:67:25:EA:5D:A0:AD:ED:CE:A1:32 X509v3 Authority Key Identifier: keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/DF7AF1FC42D811EF8EEF4E51C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.96.64.0/18 IPv6: 2406:e00::-2406:e00:8:ffff:ffff:ffff:ffff:ffff 2406:e00:a::/48 Signature Algorithm: sha256WithRSAEncryption 15:e6:d0:d3:b9:53:3d:3f:a6:40:b1:43:85:c0:47:7d:d8:79: 70:48:d5:4b:90:bc:34:53:35:ec:9b:ec:67:7f:cb:ec:74:73: d6:4c:7d:0e:13:d5:41:dd:d6:e4:6f:3e:d9:22:9c:72:ea:c1: 19:fc:06:c1:48:03:c7:ea:94:c4:c2:4d:d4:9d:70:11:d2:0f: 4b:0f:b3:2f:9b:71:06:e5:2b:d6:ca:71:35:5c:8e:bb:51:66: b8:fc:df:d9:e2:00:e7:ac:f9:e6:83:9b:83:88:39:1f:97:10: 49:af:d8:59:3d:ac:5f:6a:a5:a7:68:56:7e:d0:a6:c3:50:26: 7c:df:56:0a:09:8e:95:74:fc:01:83:55:19:6d:2f:5d:64:0c: 70:ea:af:41:f9:99:16:09:ec:d7:4a:52:f3:47:2e:1b:e8:74: f6:a1:65:77:e8:99:5f:71:29:31:d4:85:89:e4:97:b7:35:63: fb:a6:72:f1:86:a5:3d:40:e8:07:21:2f:56:b9:17:29:f8:d3: ca:97:a3:59:cf:e4:d2:49:4e:e7:71:23:44:58:a1:83:33:7d: 53:21:7d:6c:a9:09:1e:3d:ee:ea:2e:96:b7:8d:c3:8a:65:6d: a7:2b:d6:7e:2b:d4:70:21:a9:7e:a1:4b:b2:40:2b:e5:f6:81: 13:3f:e0:23 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICB1MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw OTQ5NERCQzgwHhcNMjUwODMwMjMxNTI2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIzODYwZS04MDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0vCvKDldUTrkz3G21nmEtlylMuRurjnOlh1/yhVSKWTeX9wGvungYcrkIvpi evLh5TSHLp1xHuepYI6ruwn/Xpb3JgX4U8w48z/lC7jsINSYuEZHGEIEW4bluQUd ew39cwx5ZjIR0llgCDEYCU2JJN/21AbaMtNCP3luFKaUlHl4NyUxLE6Ixp98ZphI A29Or0pR0A40K3uK+lyGv8+c0iObS95BF0cjqGGYNgU8AaoQ/6C8u/a+BARDggSb wlOiN7ztZOQJyTXX7dLAUxXi+bbXXN2UYlaZlV6utbTeFhz9GwT33+XdmjDW0BqJ LD2rsNwW4x/HHConm1LD4C1DpQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFFPF+vxQ 1wTtY01nJepdoK3tzqEyMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4 MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvREY3QUYxRkM0 MkQ4MTFFRjhFRUY0RTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMAwEAgABMAYDBAYOYEAwIAQCAAIwGjAPAwQBJAYOAwcAJAYOAAAIAwcAJAYO AAAKMA0GCSqGSIb3DQEBCwUAA4IBAQAV5tDTuVM9P6ZAsUOFwEd92HlwSNVLkLw0 UzXsm+xnf8vsdHPWTH0OE9VB3dbkbz7ZIpxy6sEZ/AbBSAPH6pTEwk3UnXAR0g9L D7Mvm3EG5SvWynE1XI67UWa4/N/Z4gDnrPnmg5uDiDkflxBJr9hZPaxfaqWnaFZ+ 0KbDUCZ831YKCY6VdPwBg1UZbS9dZAxw6q9B+ZkWCezXSlLzRy4b6HT2oWV36Jlf cSkx1IWJ5Je3NWP7pnLxhqU9QOgHIS9WuRcp+NPKl6NZz+TSSU7ncSNEWKGDM31T IX1sqQkePe7qLpa3jcOKZW2nK9Z+K9RwIal+oUuyQCvl9oETP+Aj -----END CERTIFICATE-----Generated at Wed Nov 5 05:18:54 2025 by rpki-client