$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/5A87E8B01A7E11EAB32DB717C4F9AE02.roa File: 5A87E8B01A7E11EAB32DB717C4F9AE02.roa (raw, json) Hash identifier: UlsLBtLt0R/8xmCMcPjGCQeyrPLxXJO5Rt8PNkLHAYM= Subject key identifier: 51:80:A6:45:D3:6A:E8:9E:31:D5:B9:77:F0:1A:3A:60:FA:45:63:3D Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7 Certificate serial: 369F Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/5A87E8B01A7E11EAB32DB717C4F9AE02.roa Signing time: Sat 02 Aug 2025 15:53:06 +0000 ROA not before: Sat 02 Aug 2025 15:53:06 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 24206 IP address blocks: 110.44.168.0/22 maxlen: 22 110.44.168.0/23 maxlen: 23 110.44.168.0/24 maxlen: 24 110.44.169.0/24 maxlen: 24 110.44.170.0/23 maxlen: 23 110.44.170.0/24 maxlen: 24 110.44.171.0/24 maxlen: 24 110.44.173.0/24 maxlen: 24 110.44.174.0/24 maxlen: 24 203.84.136.0/21 maxlen: 21 203.84.136.0/22 maxlen: 22 203.84.136.0/23 maxlen: 23 203.84.136.0/24 maxlen: 24 203.84.137.0/24 maxlen: 24 203.84.138.0/23 maxlen: 23 203.84.138.0/24 maxlen: 24 203.84.139.0/24 maxlen: 24 203.84.140.0/22 maxlen: 22 203.84.140.0/23 maxlen: 23 203.84.140.0/24 maxlen: 24 203.84.141.0/24 maxlen: 24 203.84.142.0/23 maxlen: 23 203.84.142.0/24 maxlen: 24 203.84.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13983 (0x369f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7 Validity Not Before: Aug 2 15:53:06 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=688e3462-926c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:59:e9:30:fe:1b:ec:d9:74:30:90:66:e0:cb: 32:b7:2c:79:00:bf:7f:cd:08:ae:e0:5e:25:74:8d: db:22:f0:eb:46:0c:33:76:a0:45:9e:b9:9d:76:f4: fb:a6:1e:80:a8:ad:5a:de:91:98:b5:97:e4:34:c9: 60:db:7f:04:68:6a:81:38:cc:c1:1a:b4:e1:3e:1d: 22:06:53:8c:fd:29:85:d4:40:c1:3a:97:b0:66:d1: 2e:37:c4:83:f5:1d:55:60:06:c0:77:8c:53:ac:67: ee:07:96:4b:d8:39:17:40:9c:61:ed:b8:3f:a5:15: d0:08:47:62:dc:75:8b:d8:d9:97:38:6d:16:a7:1c: a7:b4:64:ca:98:b5:33:e5:77:10:0a:3b:7d:2a:13: 6d:5e:a9:bc:1d:74:c5:2c:ed:2f:87:fb:08:f5:17: 4a:2d:77:55:64:74:9e:74:6b:34:9c:b2:92:9b:45: 54:10:3a:a2:91:32:15:a0:5a:df:a0:23:d2:71:f7: 72:01:00:c1:fb:bc:77:20:e1:27:8f:2c:2b:4d:f6: e2:12:f3:1b:a5:3c:f3:45:b9:80:b6:41:60:2c:d3: 71:61:2d:fe:62:a4:c8:a6:1e:0c:04:9f:bc:44:35: 74:e2:9d:4a:d9:da:4c:05:28:5c:26:0e:c7:33:0b: 04:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:80:A6:45:D3:6A:E8:9E:31:D5:B9:77:F0:1A:3A:60:FA:45:63:3D X509v3 Authority Key Identifier: keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/5A87E8B01A7E11EAB32DB717C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 110.44.168.0/22 110.44.173.0-110.44.174.255 203.84.136.0/21 Signature Algorithm: sha256WithRSAEncryption 7c:24:35:1a:9d:4f:43:9f:41:09:ee:dd:f5:24:e5:bd:0d:80: ae:4d:d4:be:14:90:c4:1f:3f:5b:d2:98:d0:e2:55:d9:f5:21: a0:9e:97:57:ab:81:7c:f6:d7:a9:f0:85:45:39:9a:6a:c6:23: a9:ca:3d:c4:24:39:b7:c0:da:13:a0:ce:17:64:dd:5b:99:14: 7b:d6:74:af:73:ee:77:e3:64:e5:ea:4b:cb:82:2b:2f:ef:3a: 4b:44:fa:82:cc:62:3e:96:a7:7c:76:2d:03:5a:36:0e:2d:2b: 43:64:4f:f7:0e:a3:2b:d0:4b:c7:bd:e1:e0:ef:37:1c:f0:ec: a9:97:94:db:72:ab:9c:1e:ae:6b:d2:60:4d:a3:8b:43:4e:bb: 7d:d3:a1:76:da:f1:76:ad:00:86:ec:40:2d:6d:48:fb:e5:ed: fb:b3:3f:8f:dd:e3:d2:5b:44:b2:29:15:b2:1c:1c:bd:4e:51: 5e:9d:dc:d6:8a:11:05:d8:ee:81:0c:63:c8:f4:54:79:e8:c2: 40:67:c7:15:fb:cf:d0:ce:6e:0d:33:22:47:52:93:dd:06:24: bd:47:97:ff:f2:18:d4:6e:2e:23:b5:10:65:f4:d4:9d:d8:6a: 4c:fa:5e:1b:99:05:da:39:d5:69:e6:43:09:d1:ea:86:80:bd: 95:74:66:4e -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgICNp8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG QUIyNEQ3RTcwHhcNMjUwODAyMTU1MzA2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhlMzQ2Mi05MjZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoVnpMP4b7Nl0MJBm4Msytyx5AL9/zQiu4F4ldI3bIvDrRgwzdqBFnrmddvT7 ph6AqK1a3pGYtZfkNMlg238EaGqBOMzBGrThPh0iBlOM/SmF1EDBOpewZtEuN8SD 9R1VYAbAd4xTrGfuB5ZL2DkXQJxh7bg/pRXQCEdi3HWL2NmXOG0WpxyntGTKmLUz 5XcQCjt9KhNtXqm8HXTFLO0vh/sI9RdKLXdVZHSedGs0nLKSm0VUEDqikTIVoFrf oCPScfdyAQDB+7x3IOEnjywrTfbiEvMbpTzzRbmAtkFgLNNxYS3+YqTIph4MBJ+8 RDV04p1K2dpMBShcJg7HMwsEhQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFFGApkXT auieMdW5d/AaOmD6RWM9MB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNUE4N0U4QjAx QTdFMTFFQUIzMkRCNzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E JDAiMCAEAgABMBoDBAJuLKgwDAMEAG4srQMEAG4srgMEA8tUiDANBgkqhkiG9w0B AQsFAAOCAQEAfCQ1Gp1PQ59BCe7d9STlvQ2Ark3UvhSQxB8/W9KY0OJV2fUhoJ6X V6uBfPbXqfCFRTmaasYjqco9xCQ5t8DaE6DOF2TdW5kUe9Z0r3Pud+Nk5epLy4Ir L+86S0T6gsxiPpanfHYtA1o2Di0rQ2RP9w6jK9BLx73h4O83HPDsqZeU23KrnB6u a9JgTaOLQ067fdOhdtrxdq0AhuxALW1I++Xt+7M/j93j0ltEsikVshwcvU5RXp3c 1ooRBdjugQxjyPRUeejCQGfHFfvP0M5uDTMiR1KT3QYkvUeX//IY1G4uI7UQZfTU ndhqTPpeG5kF2jnVaeZDCdHqhoC9lXRmTg== -----END CERTIFICATE-----Generated at Sat Aug 9 03:04:29 2025 by rpki-client