$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/7817D2327A5C11EDA0156D76C4F9AE02.roa File: 7817D2327A5C11EDA0156D76C4F9AE02.roa (raw, json) Hash identifier: /aLZRZnVDc3gbgHvgjjTVhimEYu2WCp9inOhdZerK9k= Subject key identifier: FC:24:70:EB:B9:61:17:65:83:0C:68:D0:0B:9E:05:64:4D:8D:D2:FE Certificate issuer: /CN=A918D0AA/serialNumber=0A161F177AF2AC8A75D41AFE47AD40D2AB9187CA Certificate serial: 01B1 Authority key identifier: 0A:16:1F:17:7A:F2:AC:8A:75:D4:1A:FE:47:AD:40:D2:AB:91:87:CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ChYfF3ryrIp11Br-R61A0quRh8o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/7817D2327A5C11EDA0156D76C4F9AE02.roa Signing time: Tue 25 Feb 2025 04:35:57 +0000 ROA not before: Tue 25 Feb 2025 04:35:57 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 9555 IP address blocks: 202.125.8.0/24 maxlen: 24 202.125.9.0/24 maxlen: 24 203.2.208.0/24 maxlen: 24 203.23.18.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/ChYfF3ryrIp11Br-R61A0quRh8o.crl rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/ChYfF3ryrIp11Br-R61A0quRh8o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ChYfF3ryrIp11Br-R61A0quRh8o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:14:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 433 (0x1b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0AA, serialNumber=0A161F177AF2AC8A75D41AFE47AD40D2AB9187CA Validity Not Before: Feb 25 04:35:57 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67bd48ad-ed0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:a4:c5:19:2e:e2:5f:bf:96:48:b3:d7:fa:1b: 79:c7:d2:79:fa:d2:64:fd:98:b8:3e:cb:5a:91:a3: c9:f6:4f:51:63:08:61:70:58:66:76:82:ee:e6:50: 4f:6f:92:c0:1f:9c:34:e2:42:ef:10:b7:de:77:10: 79:38:5a:1e:be:27:37:6d:a1:26:3d:47:52:f7:ff: 09:09:89:01:64:3a:2c:2b:14:b3:b4:34:c6:80:2d: f0:7c:f7:b7:2b:26:09:a9:b8:c7:b8:86:11:63:73: f7:8e:41:4f:70:69:56:1c:3b:3d:f8:a0:28:de:2e: b1:d0:70:4f:fb:26:61:b9:0b:34:4f:a4:73:25:1a: 04:15:8a:2c:52:69:c9:f2:d2:f7:f5:df:18:ce:1d: bb:bd:0a:9e:66:e9:a3:ef:25:33:7b:54:82:db:25: a7:2e:51:10:f3:0f:48:e8:6d:90:0c:21:0e:29:cc: f7:0d:ba:c2:a8:f4:a9:6c:fc:84:b7:3a:a1:0c:cb: a2:42:ee:00:e9:68:e8:f1:be:58:b1:3d:ff:9d:6f: c7:0f:49:87:23:2f:93:4b:4d:c4:f8:4f:df:6e:b9: 1c:69:54:95:5e:d2:e9:db:5e:d3:12:2f:4b:75:ab: 2d:4a:bb:63:a6:df:2a:ca:f3:4d:9b:70:9e:8b:70: f1:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:24:70:EB:B9:61:17:65:83:0C:68:D0:0B:9E:05:64:4D:8D:D2:FE X509v3 Authority Key Identifier: keyid:0A:16:1F:17:7A:F2:AC:8A:75:D4:1A:FE:47:AD:40:D2:AB:91:87:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/ChYfF3ryrIp11Br-R61A0quRh8o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ChYfF3ryrIp11Br-R61A0quRh8o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0AA/365BCCEC7A3C11ED861B2933C4F9AE02/7817D2327A5C11EDA0156D76C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.125.8.0/23 203.2.208.0/24 203.23.18.0/24 Signature Algorithm: sha256WithRSAEncryption 94:a6:9a:5d:ad:9b:61:46:7c:5c:5f:db:65:9d:7f:40:74:1b: f4:bc:b4:69:70:80:d0:6c:e1:40:56:7e:69:f0:7f:10:1e:29: 46:6b:18:f7:7b:38:bf:2e:10:0b:f1:e0:fa:7f:77:15:26:d8: 4d:55:1c:20:36:8d:60:44:da:26:3b:79:3e:ce:0a:5a:14:48: 26:5d:ac:25:c2:ac:78:42:7e:bf:1a:32:37:45:40:a2:db:54: af:fe:93:95:f1:2f:4b:cd:2b:35:f5:94:3b:f2:23:2d:35:bd: 66:be:2f:c8:d7:f8:bb:8a:9e:cb:16:23:bd:ed:2b:91:93:c2: c1:3d:b0:1d:63:65:7e:a8:10:47:f0:dc:af:d3:44:fe:69:fa: da:b2:b1:25:f8:0c:e4:c5:63:d5:d3:df:46:97:cf:4e:2b:17: 94:bc:62:96:7d:62:6a:55:e1:9f:a1:cb:8a:7c:a0:17:52:7c: 90:c4:99:d6:76:5d:e3:31:4a:10:ae:22:87:35:b7:17:8e:6f: 27:df:12:a2:94:13:93:b9:cb:e5:12:b6:4c:40:a8:d8:26:73: 20:64:39:18:b6:5a:7c:65:f0:a7:7f:25:81:37:9d:1e:a3:c2: 96:c2:68:af:da:f6:2e:78:c0:ee:df:1b:9b:37:3b:d0:5d:73: 85:75:c9:c0 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICAbEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwQUExMTAvBgNVBAUTKDBBMTYxRjE3N0FGMkFDOEE3NUQ0MUFGRTQ3QUQ0MEQy QUI5MTg3Q0EwHhcNMjUwMjI1MDQzNTU3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2JkNDhhZC1lZDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqKTFGS7iX7+WSLPX+ht5x9J5+tJk/Zi4PstakaPJ9k9RYwhhcFhmdoLu5lBP b5LAH5w04kLvELfedxB5OFoevic3baEmPUdS9/8JCYkBZDosKxSztDTGgC3wfPe3 KyYJqbjHuIYRY3P3jkFPcGlWHDs9+KAo3i6x0HBP+yZhuQs0T6RzJRoEFYosUmnJ 8tL39d8Yzh27vQqeZumj7yUze1SC2yWnLlEQ8w9I6G2QDCEOKcz3DbrCqPSpbPyE tzqhDMuiQu4A6Wjo8b5YsT3/nW/HD0mHIy+TS03E+E/fbrkcaVSVXtLp217TEi9L dastSrtjpt8qyvNNm3Cei3DxDwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPwkcOu5 YRdlgwxo0AueBWRNjdL+MB8GA1UdIwQYMBaAFAoWHxd68qyKddQa/ketQNKrkYfK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBBQS8zNjVCQ0NFQzdB M0MxMUVEODYxQjI5MzNDNEY5QUUwMi9DaFlmRjNyeXJJcDExQnItUjYxQTBxdVJo OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NoWWZGM3J5cklwMTFCci1SNjFBMHF1Umg4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEQwQUEvMzY1QkNDRUM3QTNDMTFFRDg2MUIyOTMzQzRGOUFFMDIvNzgxN0QyMzI3 QTVDMTFFREEwMTU2RDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAHKfQgDBADLAtADBADLFxIwDQYJKoZIhvcNAQELBQADggEB AJSmml2tm2FGfFxf22Wdf0B0G/S8tGlwgNBs4UBWfmnwfxAeKUZrGPd7OL8uEAvx 4Pp/dxUm2E1VHCA2jWBE2iY7eT7OCloUSCZdrCXCrHhCfr8aMjdFQKLbVK/+k5Xx L0vNKzX1lDvyIy01vWa+L8jX+LuKnssWI73tK5GTwsE9sB1jZX6oEEfw3K/TRP5p +tqysSX4DOTFY9XT30aXz04rF5S8YpZ9YmpV4Z+hy4p8oBdSfJDEmdZ2XeMxShCu Ioc1txeObyffEqKUE5O5y+UStkxAqNgmcyBkORi2Wnxl8Kd/JYE3nR6jwpbCaK/a 9i54wO7fG5s3O9Bdc4V1ycA= -----END CERTIFICATE-----Generated at Wed Nov 5 13:06:58 2025 by rpki-client