$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/58DEB04A096E11F08A2F7049C4F9AE02.roa File: 58DEB04A096E11F08A2F7049C4F9AE02.roa (raw, json) Hash identifier: Vo7+KScEq2Fu80Iuqzf/tQWNLU57uOgHVs+mjS09KR8= Subject key identifier: CF:4B:18:59:46:6D:E5:EA:0F:B2:24:9E:9A:F2:A5:7C:F7:8A:5F:12 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: BA00 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/58DEB04A096E11F08A2F7049C4F9AE02.roa Signing time: Thu 08 May 2025 16:30:37 +0000 ROA not before: Thu 08 May 2025 16:30:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 33480 IP address blocks: 202.162.234.0/24 maxlen: 24 202.162.235.0/24 maxlen: 24 202.162.236.0/24 maxlen: 24 202.162.237.0/24 maxlen: 24 202.162.238.0/24 maxlen: 24 202.162.239.0/24 maxlen: 24 202.162.240.0/24 maxlen: 24 202.162.241.0/24 maxlen: 24 202.162.242.0/24 maxlen: 24 202.162.243.0/24 maxlen: 24 202.162.244.0/24 maxlen: 24 202.162.245.0/24 maxlen: 24 202.162.246.0/24 maxlen: 24 202.162.247.0/24 maxlen: 24 202.162.248.0/24 maxlen: 24 202.162.250.0/24 maxlen: 24 202.162.251.0/24 maxlen: 24 202.162.252.0/24 maxlen: 24 202.162.253.0/24 maxlen: 24 202.162.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47616 (0xba00) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:30:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cdc2d-e524 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:83:24:38:74:2e:91:fe:85:9f:e6:5b:26:20: 70:4e:bb:24:05:ee:c6:9b:df:de:31:46:46:f9:d9: 4f:a9:66:44:d6:6c:8b:b5:29:4e:d6:a8:51:7c:9a: c5:70:0b:eb:e7:87:3c:38:ee:24:e5:c4:8b:cd:93: ee:46:5c:6b:42:ea:1f:ea:99:ab:1e:1f:6d:8b:2d: 84:1d:b8:14:94:ec:8f:11:c6:d4:55:5f:9e:2c:43: af:83:11:c9:80:cc:e3:51:c0:36:21:cd:6f:9a:b6: 62:12:b9:d8:f4:23:b1:ad:b5:9c:57:b6:e2:02:e3: 15:83:9e:82:a9:25:90:28:32:c3:ad:99:ba:4c:78: b8:af:1d:70:ff:ee:0a:63:85:39:3d:76:ce:95:b4: dd:65:30:3f:d9:b0:a1:90:9f:e4:2a:3e:b2:60:69: 91:4f:47:2e:4e:70:f9:12:c9:bb:5b:b8:c7:32:a8: a9:89:82:f8:24:cf:ef:fa:fc:c9:89:a2:0e:bf:08: 5d:88:04:21:c2:ea:aa:6f:d7:ef:6a:c0:e7:d3:44: a8:64:7a:02:97:3c:b2:d7:81:48:f2:b2:cb:df:ca: b7:a1:8a:d7:86:18:1c:32:8f:0b:06:04:c9:6c:86: b6:4a:b5:e4:bb:1f:6c:e0:48:e8:e2:a7:ca:14:1e: f9:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:4B:18:59:46:6D:E5:EA:0F:B2:24:9E:9A:F2:A5:7C:F7:8A:5F:12 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/58DEB04A096E11F08A2F7049C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.162.234.0-202.162.248.255 202.162.250.0-202.162.254.255 Signature Algorithm: sha256WithRSAEncryption 62:38:ee:e1:2f:b1:b5:af:34:4c:6d:fa:21:08:a4:a4:dc:37: 05:96:a1:a0:36:b5:73:1b:86:16:b5:df:cc:66:cd:27:bf:dd: f8:84:c2:0a:64:19:e4:7b:43:33:c7:31:8b:84:7b:29:7f:12: d5:3a:bd:1f:4a:e2:c7:16:f6:ce:18:e7:9f:ef:47:a6:b2:6f: 31:e3:8c:79:bf:1a:dd:f1:b6:43:5d:c5:02:36:ee:f9:a8:a3: 25:08:9d:86:c4:6e:ae:c6:1c:d5:6c:2e:aa:17:5a:ed:b9:0a: eb:a8:60:88:04:a2:7e:12:80:95:a0:22:66:31:9c:dc:18:a4: cc:31:14:31:3d:c7:a9:85:85:0c:41:5e:63:99:d8:bd:c6:20: 32:d7:8f:60:8d:48:ee:25:04:4a:21:57:0d:0d:21:4b:97:33: a6:d4:11:b1:fe:20:c0:8a:bb:1e:9e:56:62:14:88:65:01:12: 86:fd:af:1e:78:bf:e2:4f:5b:aa:c6:d0:26:f7:ba:6c:ec:8f: 8c:cc:ff:95:1f:e8:d6:97:b0:84:dc:b5:9c:78:a5:31:f4:7b: 8e:d4:bf:cb:38:6e:c6:fb:a8:3b:68:89:e4:db:c1:b3:b6:79: 0c:6e:00:59:c1:86:c8:44:ff:ae:e9:f8:fb:dc:8a:69:a8:dd: 6e:28:31:91 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgIDALoAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MzAzN1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2RjMmQtZTUyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKmDJDh0LpH+hZ/mWyYgcE67JAXuxpvf3jFGRvnZT6lmRNZsi7UpTtaoUXya xXAL6+eHPDjuJOXEi82T7kZca0LqH+qZqx4fbYsthB24FJTsjxHG1FVfnixDr4MR yYDM41HANiHNb5q2YhK52PQjsa21nFe24gLjFYOegqklkCgyw62Zukx4uK8dcP/u CmOFOT12zpW03WUwP9mwoZCf5Co+smBpkU9HLk5w+RLJu1u4xzKoqYmC+CTP7/r8 yYmiDr8IXYgEIcLqqm/X72rA59NEqGR6Apc8steBSPKyy9/Kt6GK14YYHDKPCwYE yWyGtkq15LsfbOBI6OKnyhQe+S8CAwEAAaOCAqswggKnMB0GA1UdDgQWBBTPSxhZ Rm3l6g+yJJ6a8qV894pfEjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU4REVCMDRB MDk2RTExRjA4QTJGNzA0OUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDUGCCsGAQUFBwEHAQH/ BCYwJDAiBAIAATAcMAwDBAHKouoDBADKovgwDAMEAcqi+gMEAMqi/jANBgkqhkiG 9w0BAQsFAAOCAQEAYjju4S+xta80TG36IQikpNw3BZahoDa1cxuGFrXfzGbNJ7/d +ITCCmQZ5HtDM8cxi4R7KX8S1Tq9H0rixxb2zhjnn+9HprJvMeOMeb8a3fG2Q13F Ajbu+aijJQidhsRursYc1Wwuqhda7bkK66hgiASifhKAlaAiZjGc3BikzDEUMT3H qYWFDEFeY5nYvcYgMtePYI1I7iUESiFXDQ0hS5czptQRsf4gwIq7Hp5WYhSIZQES hv2vHni/4k9bqsbQJve6bOyPjMz/lR/o1pewhNy1nHilMfR7jtS/yzhuxvuoO2iJ 5NvBs7Z5DG4AWcGGyET/run4+9yKaajdbigxkQ== -----END CERTIFICATE-----Generated at Wed Nov 5 19:24:01 2025 by rpki-client