$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/729D426E7A2E11EAB9C9B47EC4F9AE02.roa File: 729D426E7A2E11EAB9C9B47EC4F9AE02.roa (raw, json) Hash identifier: eFC9gSjUKRGAp0o613KnFdiDIAMqY6gTXvphAS2bHG8= Subject key identifier: 98:6B:67:AC:45:95:D2:4E:77:20:D3:BD:EC:CF:0A:38:65:F5:D8:3B Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: C069 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/729D426E7A2E11EAB9C9B47EC4F9AE02.roa Signing time: Thu 17 Jul 2025 06:03:50 +0000 ROA not before: Thu 17 Jul 2025 06:03:50 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 45536 IP address blocks: 43.225.164.0/22 maxlen: 24 103.21.76.0/22 maxlen: 24 103.224.32.0/22 maxlen: 24 123.255.248.0/22 maxlen: 24 203.223.188.0/22 maxlen: 24 2405:e8c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49257 (0xc069) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jul 17 06:03:50 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68789246-81f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:1f:71:02:e0:60:a8:66:91:24:5a:5d:f9:1c: d5:14:49:6b:cf:94:da:83:6b:61:d5:92:79:1b:df: 5b:d1:f1:4b:47:24:4c:49:cf:d4:e8:d6:62:2b:37: 1a:62:e8:f8:67:5c:99:7a:4e:ef:71:05:29:26:10: 17:cd:4c:74:e3:01:4b:f5:b2:c3:18:37:a3:f5:e5: 08:07:53:24:2d:fc:77:b1:43:e3:d0:4b:23:84:31: 27:73:da:f1:0d:26:4e:6a:cf:e7:76:8d:a9:52:36: 96:01:20:20:cb:f4:62:d5:3a:5c:73:25:7f:d5:21: d2:22:88:e8:63:13:63:e3:e2:c6:fa:43:9e:cf:19: 18:d0:9e:23:7a:76:31:12:f5:45:4d:f2:8a:98:95: 92:2a:90:74:c3:9c:b0:a6:de:aa:9b:c4:68:18:3e: d2:6d:05:56:0a:93:df:a9:12:7c:22:5b:f7:ab:ba: d6:07:ed:a2:ff:00:83:79:7b:f8:38:c1:ac:ed:7a: ed:b9:58:01:90:d7:39:b9:2c:fa:d6:3d:c8:aa:4b: d4:e7:c5:f0:a2:94:72:d1:8c:dc:67:4a:0c:71:15: 82:ee:54:6a:46:b3:a6:c4:60:26:2a:01:df:a2:ef: ed:13:78:a7:80:5c:da:32:81:9d:fb:c0:f6:f2:2a: 6b:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:6B:67:AC:45:95:D2:4E:77:20:D3:BD:EC:CF:0A:38:65:F5:D8:3B X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/729D426E7A2E11EAB9C9B47EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.164.0/22 103.21.76.0/22 103.224.32.0/22 123.255.248.0/22 203.223.188.0/22 IPv6: 2405:e8c0::/32 Signature Algorithm: sha256WithRSAEncryption bb:2b:50:55:0f:fa:3c:d7:44:43:cb:40:ea:1d:17:dc:bb:f9: c0:1f:97:e0:5a:01:31:45:b1:49:50:43:33:b7:76:c2:54:be: 54:82:59:73:d9:8c:e9:75:e9:f9:67:45:a5:96:48:dc:1a:4d: 9d:97:d4:26:58:d8:26:73:65:7b:e8:f8:d4:12:3b:ca:06:61: 9c:88:bb:f5:d4:5d:41:95:1f:0e:f6:86:81:32:d8:f6:3e:08: 6d:d5:83:6f:19:8f:b9:ff:a0:85:59:11:6f:13:ee:10:69:25: 4e:99:f0:6a:65:fc:f7:88:13:47:49:8f:0b:31:ff:d8:4b:b2: 97:01:5f:72:80:04:40:00:d0:5a:82:7f:53:08:28:cb:5d:6d: e5:1e:c9:81:c5:49:33:bb:8d:d4:94:fb:cf:e2:9f:ae:98:2e: ed:d7:01:04:f5:df:d0:ca:03:75:2c:6d:e4:9d:39:aa:bf:63: e7:8e:de:08:f9:e7:84:69:3c:ab:58:16:68:29:bd:2d:f7:56: 2c:fc:8e:df:70:eb:b7:e3:02:62:91:2a:6f:04:3f:61:7b:8c: 60:0a:b0:77:97:66:f9:99:78:31:be:67:8b:43:ce:f5:e0:5c: 92:a7:d1:24:a2:85:3b:10:a4:2c:73:97:60:6a:e9:13:ec:04: c6:a0:8a:c1 -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgIDAMBpMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDcxNzA2MDM1MFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjg3ODkyNDYtODFmODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKwfcQLgYKhmkSRaXfkc1RRJa8+U2oNrYdWSeRvfW9HxS0ckTEnP1OjWYis3 GmLo+GdcmXpO73EFKSYQF81MdOMBS/Wywxg3o/XlCAdTJC38d7FD49BLI4QxJ3Pa 8Q0mTmrP53aNqVI2lgEgIMv0YtU6XHMlf9Uh0iKI6GMTY+PixvpDns8ZGNCeI3p2 MRL1RU3yipiVkiqQdMOcsKbeqpvEaBg+0m0FVgqT36kSfCJb96u61gftov8Ag3l7 +DjBrO167blYAZDXObks+tY9yKpL1OfF8KKUctGM3GdKDHEVgu5UakazpsRgJioB 36Lv7RN4p4Bc2jKBnfvA9vIqa2sCAwEAAaOCArwwggK4MB0GA1UdDgQWBBSYa2es RZXSTncg073szwo4ZfXYOzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzcyOUQ0MjZF N0EyRTExRUFCOUM5QjQ3RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEYGCCsGAQUFBwEHAQH/ BDcwNTAkBAIAATAeAwQCK+GkAwQCZxVMAwQCZ+AgAwQCe//4AwQCy9+8MA0EAgAC MAcDBQAkBejAMA0GCSqGSIb3DQEBCwUAA4IBAQC7K1BVD/o810RDy0DqHRfcu/nA H5fgWgExRbFJUEMzt3bCVL5Ugllz2Yzpden5Z0WllkjcGk2dl9QmWNgmc2V76PjU EjvKBmGciLv11F1BlR8O9oaBMtj2Pght1YNvGY+5/6CFWRFvE+4QaSVOmfBqZfz3 iBNHSY8LMf/YS7KXAV9ygARAANBagn9TCCjLXW3lHsmBxUkzu43UlPvP4p+umC7t 1wEE9d/QygN1LG3knTmqv2Pnjt4I+eeEaTyrWBZoKb0t91Ys/I7fcOu34wJikSpv BD9he4xgCrB3l2b5mXgxvmeLQ8714FySp9EkooU7EKQsc5dgaukT7ATGoIrB -----END CERTIFICATE-----Generated at Sun Aug 10 13:51:25 2025 by rpki-client