$ rpki-client -vvf rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/B08503D8F8AA11EE91684140C4F9AE02.roa File: B08503D8F8AA11EE91684140C4F9AE02.roa (raw, json) Hash identifier: /SYnf8xCqV4M9ZyljYxcqSyU1MxH8Hs1CHdh62/lPpM= Subject key identifier: AC:BF:2B:7C:DD:F0:06:3F:80:2E:8E:EA:9F:4D:FE:4A:AA:35:43:ED Certificate issuer: /CN=A91297A2/serialNumber=E3907B48E6987E2FDFCED01ED01D40B3F63DB118 Certificate serial: 0150 Authority key identifier: E3:90:7B:48:E6:98:7E:2F:DF:CE:D0:1E:D0:1D:40:B3:F6:3D:B1:18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45B7SOaYfi_fztAe0B1As_Y9sRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/B08503D8F8AA11EE91684140C4F9AE02.roa Signing time: Thu 10 Jul 2025 17:08:36 +0000 ROA not before: Thu 10 Jul 2025 17:08:36 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 10143 IP address blocks: 103.65.140.0/24 maxlen: 24 202.27.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.crl rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45B7SOaYfi_fztAe0B1As_Y9sRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 04:27:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 336 (0x150) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91297A2, serialNumber=E3907B48E6987E2FDFCED01ED01D40B3F63DB118 Validity Not Before: Jul 10 17:08:36 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=686ff394-26d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:5f:ad:78:1b:2a:3b:49:ba:2a:ef:d3:ce:a8: a2:b0:3b:db:f4:20:4c:d6:f3:48:e3:a0:e3:9d:f5: 14:04:d8:62:ac:c4:1b:85:65:0f:9e:b2:b6:9b:08: 5f:57:d2:5a:bd:56:27:97:a1:4b:4d:09:9b:70:52: b8:04:61:2c:4b:32:4d:79:ac:2a:55:47:0f:5b:13: a2:6b:2b:78:dc:6f:12:e1:d1:26:a7:a8:fa:bc:1a: 9e:d7:cc:57:15:02:99:4f:be:50:82:a5:53:10:9a: e9:2c:b9:75:d0:a9:fd:a7:6d:98:9d:63:9c:e5:d0: ae:60:71:c5:88:8a:a9:96:8d:a5:3c:98:4f:9d:df: 51:12:db:8c:07:74:84:67:e5:85:05:a2:ed:bf:b7: 44:ef:27:de:5c:85:fe:97:3c:8d:f9:33:e4:0c:9f: 37:f5:8e:fd:80:bd:72:66:88:92:51:d6:44:3a:f1: c2:34:7a:92:9c:d1:ab:d6:92:2c:bb:82:6d:cc:9b: 6d:49:bc:38:65:1f:61:f3:48:7c:1f:b0:57:e6:fa: 82:99:79:df:a1:b3:35:a0:a7:ea:5c:2a:c7:74:9d: b2:86:f0:6b:88:75:0a:88:bb:01:b1:23:ee:c5:f8: 80:c1:1b:35:c2:f8:30:12:21:ec:01:11:43:5e:ba: 6d:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:BF:2B:7C:DD:F0:06:3F:80:2E:8E:EA:9F:4D:FE:4A:AA:35:43:ED X509v3 Authority Key Identifier: keyid:E3:90:7B:48:E6:98:7E:2F:DF:CE:D0:1E:D0:1D:40:B3:F6:3D:B1:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45B7SOaYfi_fztAe0B1As_Y9sRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/B08503D8F8AA11EE91684140C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.65.140.0/24 202.27.229.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:06:00:e3:b9:79:2e:89:4f:a6:f8:93:e1:24:77:34:ff:9e: 1c:9d:2b:fb:35:01:5a:83:97:51:9e:09:b3:6c:a2:95:20:20: f8:72:d0:e6:77:80:3b:5a:38:0b:8e:c9:1e:c7:d3:37:a4:da: 79:d5:9c:aa:7f:cd:29:a9:2a:95:80:51:02:23:2e:c1:83:4e: 50:1b:7b:54:1b:2d:55:42:9a:ae:6e:cc:2c:86:7a:4b:b0:8e: 6d:de:32:7d:e6:e5:28:31:1a:d8:64:84:8a:be:d3:8a:c9:a4: 19:f4:c1:8b:7c:a1:f9:82:44:e8:60:a6:5b:20:14:74:63:78: ca:56:9a:9a:47:9b:9d:6e:5f:a3:69:bb:33:ec:9e:ad:d5:a7: 9d:82:84:96:16:5e:6e:b4:1f:54:a5:c5:fc:14:fa:bd:29:2e: 0a:00:79:30:5f:fb:80:4a:ae:65:05:ee:36:2e:ff:62:a3:87: db:a5:5c:23:dd:0c:b7:ee:b7:59:9f:73:8d:3b:bb:5a:2a:88: e1:04:06:64:b5:78:b3:bd:2f:76:e8:11:81:03:15:78:77:df: 1f:6e:dc:17:c7:b1:4e:9d:6d:c7:39:29:10:c7:66:d7:2a:12: 9c:ec:d7:aa:63:9f:32:51:f9:7b:f0:57:76:55:e5:d8:5f:ed: 74:57:f2:ed -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjk3QTIxMTAvBgNVBAUTKEUzOTA3QjQ4RTY5ODdFMkZERkNFRDAxRUQwMUQ0MEIz RjYzREIxMTgwHhcNMjUwNzEwMTcwODM2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODZmZjM5NC0yNmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwV+teBsqO0m6Ku/TzqiisDvb9CBM1vNI46DjnfUUBNhirMQbhWUPnrK2mwhf V9JavVYnl6FLTQmbcFK4BGEsSzJNeawqVUcPWxOiayt43G8S4dEmp6j6vBqe18xX FQKZT75QgqVTEJrpLLl10Kn9p22YnWOc5dCuYHHFiIqplo2lPJhPnd9REtuMB3SE Z+WFBaLtv7dE7yfeXIX+lzyN+TPkDJ839Y79gL1yZoiSUdZEOvHCNHqSnNGr1pIs u4JtzJttSbw4ZR9h80h8H7BX5vqCmXnfobM1oKfqXCrHdJ2yhvBriHUKiLsBsSPu xfiAwRs1wvgwEiHsARFDXrptDQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKy/K3zd 8AY/gC6O6p9N/kqqNUPtMB8GA1UdIwQYMBaAFOOQe0jmmH4v387QHtAdQLP2PbEY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOTdBMi9CM0RGQzg4NDZE NjIxMUVFQjMwN0NFMTlDNEY5QUUwMi80NUI3U09hWWZpX2Z6dEFlMEIxQXNfWTlz UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ1QjdTT2FZZmlfZnp0QWUwQjFBc19ZOXNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mjk3QTIvQjNERkM4ODQ2RDYyMTFFRUIzMDdDRTE5QzRGOUFFMDIvQjA4NTAzRDhG OEFBMTFFRTkxNjg0MTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBABnQYwDBADKG+UwDQYJKoZIhvcNAQELBQADggEBAD0GAOO5 eS6JT6b4k+EkdzT/nhydK/s1AVqDl1GeCbNsopUgIPhy0OZ3gDtaOAuOyR7H0zek 2nnVnKp/zSmpKpWAUQIjLsGDTlAbe1QbLVVCmq5uzCyGekuwjm3eMn3m5SgxGthk hIq+04rJpBn0wYt8ofmCROhgplsgFHRjeMpWmppHm51uX6NpuzPsnq3Vp52ChJYW Xm60H1SlxfwU+r0pLgoAeTBf+4BKrmUF7jYu/2Kjh9ulXCPdDLfut1mfc407u1oq iOEEBmS1eLO9L3boEYEDFXh33x9u3BfHsU6dbcc5KRDHZtcqEpzs16pjnzJR+Xvw V3ZV5dhf7XRX8u0= -----END CERTIFICATE-----Generated at Sun Jul 20 11:31:40 2025 by rpki-client