$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/221CA28E9CC111EF9A7F886BC4F9AE02.roa File: 221CA28E9CC111EF9A7F886BC4F9AE02.roa (raw, json) Hash identifier: 8tiLkRIcwU6E4Mdov4/yLa/FeNVJ1qFPzQgL+ULn+ws= Subject key identifier: F7:E5:82:CD:C9:A2:DD:92:F9:AA:22:6B:2B:84:92:AE:52:11:E8:4E Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 1D75 Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/221CA28E9CC111EF9A7F886BC4F9AE02.roa Signing time: Thu 08 May 2025 15:52:53 +0000 ROA not before: Thu 08 May 2025 15:52:53 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 138778 IP address blocks: 157.20.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7541 (0x1d75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: May 8 15:52:53 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd355-9dc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:a0:66:df:08:02:2f:7b:55:3c:3b:cf:c5:16: 33:ba:ce:77:a6:45:94:41:ef:db:b2:8f:69:dd:3c: 12:2f:53:7c:c8:c4:3c:e3:fc:50:69:a5:0f:52:5a: d0:52:85:1e:e5:2d:db:c7:28:79:8d:f3:f4:94:db: d6:28:08:b4:8c:bd:b4:bc:7c:f9:e0:0c:2e:41:2b: f1:28:94:d7:c1:50:9d:64:8c:1c:68:6c:76:23:dd: ad:e4:a2:bf:9b:4c:9d:f1:6c:5e:87:46:a9:57:ce: a5:44:3d:ea:5b:81:ce:99:c9:67:f8:6e:97:4c:a4: 08:20:72:b7:50:30:c5:ca:82:b3:22:fe:46:62:1c: 15:35:9b:66:1b:bb:51:1b:cf:2a:14:ee:83:b9:9a: 3a:96:f7:1f:19:78:7c:1c:7e:08:68:23:9a:ea:5a: 97:dd:51:41:28:a4:7b:42:f7:06:6f:fe:33:20:41: 3c:86:a9:74:4b:84:91:b0:38:c0:2f:9a:a3:c2:ed: d6:42:37:ad:ab:d0:1d:7a:26:ee:5d:9b:6b:79:39: e1:55:83:4c:e0:57:2f:55:8e:2b:0d:e2:3d:98:8f: 77:be:ea:68:1c:7d:27:f5:2a:c2:cb:57:28:56:c6: 5a:fa:7a:1b:67:34:be:1e:62:b8:ba:1d:e1:d9:48: b4:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:E5:82:CD:C9:A2:DD:92:F9:AA:22:6B:2B:84:92:AE:52:11:E8:4E X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/221CA28E9CC111EF9A7F886BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.20.138.0/23 Signature Algorithm: sha256WithRSAEncryption 6d:07:b5:36:9d:9c:08:f9:31:5a:2e:5f:26:1d:c4:3e:e5:79: b8:95:56:46:33:5c:4d:b4:58:d5:3b:52:f3:6d:46:fe:7c:3e: 99:e2:fb:7b:61:6e:1a:06:11:f5:e3:0f:d8:d6:20:3c:22:11: 86:48:51:d0:c3:cb:be:f3:16:61:86:91:af:a0:90:f4:48:43: 0a:00:c1:b1:1f:96:0e:79:95:32:e3:5e:54:7d:5c:87:f5:3a: 15:97:70:d0:45:81:10:f2:af:34:43:9c:dd:59:20:8a:18:b8: 2f:62:9e:29:11:5e:e3:d1:95:7a:aa:af:33:dd:5a:30:3d:59: 50:53:86:d2:6e:cb:fe:86:9c:62:d1:4e:8f:31:aa:35:4d:9b: cc:f6:ba:41:3d:e3:a4:50:b2:ef:67:06:51:38:2d:65:da:f0: c1:1f:8e:61:10:92:75:82:54:4e:dd:14:c4:86:28:22:6a:8d: 2f:36:c6:9a:75:5f:8e:10:07:c2:e9:e3:d0:3a:a0:e0:b5:b0: ad:c0:7a:a3:30:ad:57:36:fb:b4:83:3d:42:9f:0f:6d:9f:da: 42:6a:0d:26:6e:85:85:ab:2c:cf:18:95:41:d0:5e:18:5c:33: 77:83:40:96:70:26:9d:72:c5:4d:75:f7:62:02:7d:b4:04:a2: 9d:bb:62:33 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICHXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjUwNTA4MTU1MjUzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFjZDM1NS05ZGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6aBm3wgCL3tVPDvPxRYzus53pkWUQe/bso9p3TwSL1N8yMQ84/xQaaUPUlrQ UoUe5S3bxyh5jfP0lNvWKAi0jL20vHz54AwuQSvxKJTXwVCdZIwcaGx2I92t5KK/ m0yd8Wxeh0apV86lRD3qW4HOmcln+G6XTKQIIHK3UDDFyoKzIv5GYhwVNZtmG7tR G88qFO6DuZo6lvcfGXh8HH4IaCOa6lqX3VFBKKR7QvcGb/4zIEE8hql0S4SRsDjA L5qjwu3WQjetq9AdeibuXZtreTnhVYNM4FcvVY4rDeI9mI93vupoHH0n9SrCy1co VsZa+nobZzS+HmK4uh3h2Ui0TQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPflgs3J ot2S+aoiayuEkq5SEehOMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMjIxQ0EyOEU5 Q0MxMTFFRjlBN0Y4ODZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAGdFIowDQYJKoZIhvcNAQELBQADggEBAG0HtTadnAj5MVou XyYdxD7lebiVVkYzXE20WNU7UvNtRv58Ppni+3thbhoGEfXjD9jWIDwiEYZIUdDD y77zFmGGka+gkPRIQwoAwbEflg55lTLjXlR9XIf1OhWXcNBFgRDyrzRDnN1ZIIoY uC9inikRXuPRlXqqrzPdWjA9WVBThtJuy/6GnGLRTo8xqjVNm8z2ukE946RQsu9n BlE4LWXa8MEfjmEQknWCVE7dFMSGKCJqjS82xpp1X44QB8Lp49A6oOC1sK3AeqMw rVc2+7SDPUKfD22f2kJqDSZuhYWrLM8YlUHQXhhcM3eDQJZwJp1yxU1192ICfbQE op27YjM= -----END CERTIFICATE-----Generated at Tue Nov 4 22:21:27 2025 by rpki-client