$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/20C55D2C852F11EE9E90ED29C4F9AE02.roa File: 20C55D2C852F11EE9E90ED29C4F9AE02.roa (raw, json) Hash identifier: SJt9Dvt8hJW88hmBMWlxndwBGr19cD1MmKJ16RWNKas= Subject key identifier: A3:BB:4F:4E:F1:7F:B8:F1:EC:87:1C:E6:3B:DC:E6:12:45:16:09:2C Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B92B Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/20C55D2C852F11EE9E90ED29C4F9AE02.roa Signing time: Thu 08 May 2025 16:27:25 +0000 ROA not before: Thu 08 May 2025 16:27:25 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 151695 IP address blocks: 43.228.164.0/23 maxlen: 24 2001:df3:1340::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47403 (0xb92b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:27:25 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cdb6d-5861 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:de:f1:6b:73:7b:b0:cf:db:75:c2:17:56:bb: 0b:e3:9c:74:e5:90:29:9a:62:90:97:68:2b:a0:d0: bc:e5:7e:f0:37:66:e5:4c:64:0f:e1:a0:c0:a2:65: 5e:cb:fd:58:df:a5:1b:99:f1:0c:21:a6:4d:a1:3d: 96:6e:ab:e1:8c:4f:fb:a8:cd:c5:81:59:13:95:c1: 29:06:e4:f4:3e:23:bd:10:11:13:9c:cf:5b:64:fa: 56:98:82:ec:fd:2a:20:e8:8d:05:e2:20:14:11:4a: 39:0d:45:1d:09:7e:07:fc:42:be:9f:ad:5e:a6:02: cc:11:7a:cb:fd:c8:f0:37:5a:84:89:ab:cf:b2:76: d3:bf:1d:3e:97:12:0e:59:ed:e2:18:02:98:a2:1c: a9:28:0e:3c:a1:64:f7:bc:d4:22:8d:3a:70:e3:10: 90:28:7f:fd:72:99:2d:71:d8:59:2d:38:71:f5:db: c0:64:d4:17:86:9d:7b:81:a1:67:3e:87:03:63:78: 76:0b:64:92:8c:5b:4a:25:9b:76:27:d3:27:4d:9f: a9:0f:44:9b:fd:91:49:87:17:4b:b2:0c:a0:bd:c6: 6e:93:67:ea:ff:94:10:af:97:d9:19:14:82:a8:ab: 14:9f:1d:77:0e:27:1b:80:1f:cd:d4:1b:38:50:7f: 7c:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:BB:4F:4E:F1:7F:B8:F1:EC:87:1C:E6:3B:DC:E6:12:45:16:09:2C X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/20C55D2C852F11EE9E90ED29C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.164.0/23 IPv6: 2001:df3:1340::/48 Signature Algorithm: sha256WithRSAEncryption 67:17:11:95:77:72:dd:e1:fd:c3:33:0f:ac:07:18:0e:41:d5: 44:0c:36:01:14:da:92:00:bd:18:e3:f4:c2:7c:13:6b:0e:68: 23:ef:7a:47:07:45:2d:0b:c5:36:9c:06:e1:2a:b7:5b:86:3a: 15:ac:78:b0:c8:d8:e4:36:dc:1b:b0:c9:90:eb:39:d7:af:14: e2:75:72:de:6a:07:6b:96:08:f0:7b:b1:f2:67:0c:28:27:e5: 41:1d:e4:40:c2:b9:5a:f0:f9:dd:90:56:09:5e:64:61:f5:57: ec:9c:b7:d8:64:b9:20:4f:c7:69:b6:0e:7a:d7:75:1f:2c:b5: 05:b4:78:a3:bf:18:d7:68:93:42:51:36:4c:41:2e:98:39:f0: 1f:fc:ea:38:3e:73:7a:39:d7:d0:77:59:7f:3a:ee:d9:52:2e: dd:5c:5b:6f:8c:d6:d5:f0:cc:2c:8c:96:0a:85:2e:16:e9:4b: 68:b9:15:9d:ac:0d:b1:49:46:33:f0:9e:d1:45:4d:fe:6e:99: 9a:8c:53:b2:be:a0:a5:1f:28:b5:55:3f:98:dd:84:59:e1:f0: 5e:ce:66:f9:6c:8f:06:4a:f2:47:91:bb:e9:2f:0d:33:3b:41: 2b:c0:7e:a8:5f:8c:21:32:bd:15:68:dc:73:75:b9:ba:9c:e7: 61:30:5e:71 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIDALkrMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MjcyNVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2RiNmQtNTg2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALve8Wtze7DP23XCF1a7C+OcdOWQKZpikJdoK6DQvOV+8Ddm5UxkD+GgwKJl Xsv9WN+lG5nxDCGmTaE9lm6r4YxP+6jNxYFZE5XBKQbk9D4jvRARE5zPW2T6VpiC 7P0qIOiNBeIgFBFKOQ1FHQl+B/xCvp+tXqYCzBF6y/3I8DdahImrz7J2078dPpcS Dlnt4hgCmKIcqSgOPKFk97zUIo06cOMQkCh//XKZLXHYWS04cfXbwGTUF4ade4Gh Zz6HA2N4dgtkkoxbSiWbdifTJ02fqQ9Em/2RSYcXS7IMoL3GbpNn6v+UEK+X2RkU gqirFJ8ddw4nG4AfzdQbOFB/fCECAwEAAaOCAqYwggKiMB0GA1UdDgQWBBSju09O 8X+48eyHHOY73OYSRRYJLDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIwQzU1RDJD ODUyRjExRUU5RTkwRUQyOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/ BCEwHzAMBAIAATAGAwQBK+SkMA8EAgACMAkDBwAgAQ3zE0AwDQYJKoZIhvcNAQEL BQADggEBAGcXEZV3ct3h/cMzD6wHGA5B1UQMNgEU2pIAvRjj9MJ8E2sOaCPvekcH RS0LxTacBuEqt1uGOhWseLDI2OQ23BuwyZDrOdevFOJ1ct5qB2uWCPB7sfJnDCgn 5UEd5EDCuVrw+d2QVgleZGH1V+yct9hkuSBPx2m2DnrXdR8stQW0eKO/GNdok0JR NkxBLpg58B/86jg+c3o519B3WX867tlSLt1cW2+M1tXwzCyMlgqFLhbpS2i5FZ2s DbFJRjPwntFFTf5umZqMU7K+oKUfKLVVP5jdhFnh8F7OZvlsjwZK8keRu+kvDTM7 QSvAfqhfjCEyvRVo3HN1ubqc52EwXnE= -----END CERTIFICATE-----Generated at Wed Nov 5 23:47:51 2025 by rpki-client