$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/C38EA6882B3411F0929A5143C4F9AE02.roa File: C38EA6882B3411F0929A5143C4F9AE02.roa (raw, json) Hash identifier: O/MYc8i2CGeR6AN9fL5if15pU9jVw9Ui7eLYCWL41Lc= Subject key identifier: A2:5A:4E:25:36:71:06:CC:D3:AA:97:21:8C:B4:CC:B4:D3:59:2D:0C Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7 Certificate serial: 36AE Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/C38EA6882B3411F0929A5143C4F9AE02.roa Signing time: Sat 02 Aug 2025 15:53:19 +0000 ROA not before: Sat 02 Aug 2025 15:53:19 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 45725 IP address blocks: 43.230.152.0/24 maxlen: 24 43.230.153.0/24 maxlen: 24 43.230.154.0/24 maxlen: 24 43.230.155.0/24 maxlen: 24 103.245.136.0/24 maxlen: 24 103.245.137.0/24 maxlen: 24 103.245.138.0/24 maxlen: 24 103.245.139.0/24 maxlen: 24 180.211.88.0/21 maxlen: 24 202.150.160.0/21 maxlen: 24 202.150.168.0/21 maxlen: 24 2402:780::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13998 (0x36ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7 Validity Not Before: Aug 2 15:53:19 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=688e346e-2157 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:52:bf:11:3d:b2:ba:ce:bb:f5:60:0a:be:e6: 24:f2:e9:dd:64:60:b9:6e:fa:bd:9a:23:ae:54:e4: aa:c2:6f:d1:ce:7a:54:b6:1c:6d:4f:8a:51:cd:5e: e4:a5:43:2a:a7:0c:cc:28:d6:e5:e8:c3:0f:37:cf: cb:e9:8b:f8:fd:e1:e7:f2:3c:01:c7:96:11:f4:68: 36:a1:35:89:c1:be:7f:66:28:2f:72:40:4b:47:1a: 16:93:f0:cd:4e:c8:16:fb:0a:f0:01:97:8b:cf:45: c2:7f:79:8e:cb:b2:a4:3d:e9:cf:1a:a9:24:1a:5e: ed:d4:20:b9:15:de:cb:8e:de:64:1c:ab:8d:6f:62: 49:f0:16:64:89:67:ca:ec:07:35:f0:e8:17:8a:b5: 48:47:24:4d:53:1c:cc:ce:2b:06:8d:e9:b5:88:50: a2:1d:2d:e6:a2:90:0e:94:1b:a0:53:11:a6:f0:64: 18:56:d8:3a:8a:f4:b7:eb:89:ae:7a:2d:d3:a4:1b: 13:e6:2e:82:d5:82:94:6f:aa:e4:e8:f3:21:88:ae: 0f:59:1f:cf:0d:a5:52:ef:8b:e7:85:b4:c9:1b:12: e5:2e:43:f2:ac:61:4d:f5:d0:83:a2:c4:31:8f:54: 94:ab:7c:32:04:39:21:84:91:47:b2:ee:24:b7:81: e6:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:5A:4E:25:36:71:06:CC:D3:AA:97:21:8C:B4:CC:B4:D3:59:2D:0C X509v3 Authority Key Identifier: keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/C38EA6882B3411F0929A5143C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.152.0/22 103.245.136.0/22 180.211.88.0/21 202.150.160.0/20 IPv6: 2402:780::/32 Signature Algorithm: sha256WithRSAEncryption 03:5f:2e:99:e4:3f:23:43:91:f9:07:9a:38:a4:a8:4d:9b:71: 19:22:44:5b:6e:30:ab:13:94:e8:9f:29:36:c4:6a:76:26:39: 75:6d:37:75:cf:fd:85:40:e9:56:ff:b3:bf:ce:19:8b:75:d8: cb:e2:00:48:81:4e:87:8f:1f:7b:f0:93:e8:4a:61:c4:c2:b2: 21:d4:4c:7b:22:0a:f4:da:06:b2:2f:f5:2e:d7:f7:8b:cb:a9: e6:bd:0f:cd:a7:43:0c:37:07:eb:e7:b3:6f:e6:fa:18:7d:2f: 7f:09:b3:58:16:a1:0c:ed:04:cb:d5:76:cf:a2:de:2b:f5:51: 5a:a6:5b:14:71:22:15:9e:9d:1d:df:27:49:1e:7b:5d:16:fd: 66:69:3d:4b:ef:0f:de:7f:55:c2:4b:7d:11:ec:b2:7a:a7:c8: 9c:db:4d:2a:05:af:01:71:3f:d5:15:a9:c8:2d:81:ad:30:ea: a4:dc:9c:c2:8f:e4:dc:fd:38:44:e0:97:63:a3:1d:50:a2:95: 99:df:79:2c:6d:c9:03:03:42:de:af:9b:44:7a:13:c3:a1:05: 2d:6e:71:e6:14:59:f0:fa:78:c2:07:e2:c3:c4:ad:76:ae:57: 07:ea:b8:74:34:d3:a5:99:af:fd:d6:64:a3:bc:c6:d2:6d:2f: 31:45:b4:77 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICNq4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG QUIyNEQ3RTcwHhcNMjUwODAyMTU1MzE5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhlMzQ2ZS0yMTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzFK/ET2yus679WAKvuYk8undZGC5bvq9miOuVOSqwm/RznpUthxtT4pRzV7k pUMqpwzMKNbl6MMPN8/L6Yv4/eHn8jwBx5YR9Gg2oTWJwb5/ZigvckBLRxoWk/DN TsgW+wrwAZeLz0XCf3mOy7KkPenPGqkkGl7t1CC5Fd7Ljt5kHKuNb2JJ8BZkiWfK 7Ac18OgXirVIRyRNUxzMzisGjem1iFCiHS3mopAOlBugUxGm8GQYVtg6ivS364mu ei3TpBsT5i6C1YKUb6rk6PMhiK4PWR/PDaVS74vnhbTJGxLlLkPyrGFN9dCDosQx j1SUq3wyBDkhhJFHsu4kt4HmqwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFKJaTiU2 cQbM06qXIYy0zLTTWS0MMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvQzM4RUE2ODgy QjM0MTFGMDkyOUE1MTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr5pgDBAJn9YgDBAO001gDBATKlqAwDQQCAAIwBwMFACQC B4AwDQYJKoZIhvcNAQELBQADggEBAANfLpnkPyNDkfkHmjikqE2bcRkiRFtuMKsT lOifKTbEanYmOXVtN3XP/YVA6Vb/s7/OGYt12MviAEiBToePH3vwk+hKYcTCsiHU THsiCvTaBrIv9S7X94vLqea9D82nQww3B+vns2/m+hh9L38Js1gWoQztBMvVds+i 3iv1UVqmWxRxIhWenR3fJ0kee10W/WZpPUvvD95/VcJLfRHssnqnyJzbTSoFrwFx P9UVqcgtga0w6qTcnMKP5Nz9OETgl2OjHVCilZnfeSxtyQMDQt6vm0R6E8OhBS1u ceYUWfD6eMIH4sPErXauVwfquHQ006WZr/3WZKO8xtJtLzFFtHc= -----END CERTIFICATE-----Generated at Sat Aug 9 15:14:09 2025 by rpki-client