$ rpki-client -vvf rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/99C6F94CF52511E7948D5A0BC4F9AE02.roa File: 99C6F94CF52511E7948D5A0BC4F9AE02.roa (raw, json) Hash identifier: aM0yH97r/h3xu615cUuk5zwsCFMLHVQ8whXpoG1e1kM= Subject key identifier: C4:FE:60:CF:8C:F2:E8:67:BC:19:78:ED:29:9D:E4:B4:AC:43:B5:EB Certificate issuer: /CN=A9153AA6/serialNumber=E5C3A686C83DEE6D33BFEC541EACB4A4A0899279 Certificate serial: 16E1 Authority key identifier: E5:C3:A6:86:C8:3D:EE:6D:33:BF:EC:54:1E:AC:B4:A4:A0:89:92:79 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5cOmhsg97m0zv-xUHqy0pKCJknk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/99C6F94CF52511E7948D5A0BC4F9AE02.roa Signing time: Fri 04 Jul 2025 17:25:57 +0000 ROA not before: Fri 04 Jul 2025 17:25:57 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 132365 IP address blocks: 103.72.109.0/24 maxlen: 24 103.90.0.0/23 maxlen: 23 103.90.0.0/24 maxlen: 24 103.90.1.0/24 maxlen: 24 103.90.2.0/24 maxlen: 24 2401:3b40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/5cOmhsg97m0zv-xUHqy0pKCJknk.crl rsync://rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/5cOmhsg97m0zv-xUHqy0pKCJknk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5cOmhsg97m0zv-xUHqy0pKCJknk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 16:47:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5857 (0x16e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153AA6, serialNumber=E5C3A686C83DEE6D33BFEC541EACB4A4A0899279 Validity Not Before: Jul 4 17:25:57 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68680ea4-d2ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:63:b2:4f:8b:4a:b0:7e:0e:52:b3:d4:17:5e: 1e:fa:47:f6:59:00:ad:79:0f:14:a7:b2:9a:5c:a7: 0b:06:2d:a5:f4:e2:26:dc:c1:b1:46:2e:62:99:e3: 3a:79:f1:85:7b:81:8e:55:ef:6a:a3:fd:42:6f:86: e1:53:5c:98:c6:a0:b0:2d:29:58:3a:01:ea:79:c3: fb:d6:82:3e:97:8e:19:d5:17:af:d5:96:2b:ba:ca: a5:77:19:77:fe:0e:e1:08:a2:20:5c:76:06:3d:14: f6:d2:c0:c4:54:27:d7:b8:00:59:4e:d5:3e:50:56: d0:cf:55:de:6d:97:5a:0b:00:44:0c:92:7e:c2:1b: 34:d4:be:11:75:6a:6d:45:8b:c2:7c:34:b9:82:99: 8e:94:4f:a1:83:f9:9a:eb:9b:0e:65:f8:62:af:b9: fd:1a:d2:7f:1b:37:42:2b:20:44:1f:e5:e8:61:d5: df:83:b8:49:28:c8:c2:6f:52:e9:b8:5a:d0:51:e6: dc:6a:04:f6:a6:b1:75:e8:65:27:bb:8a:24:f8:46: 2a:30:13:d8:94:6c:a2:b3:ea:09:6b:65:2f:ac:e6: 84:42:91:7f:15:12:7f:cf:ba:c3:cb:33:1c:34:7c: 03:79:ba:2e:bf:1d:88:49:a6:38:39:d3:0b:43:e5: b0:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:FE:60:CF:8C:F2:E8:67:BC:19:78:ED:29:9D:E4:B4:AC:43:B5:EB X509v3 Authority Key Identifier: keyid:E5:C3:A6:86:C8:3D:EE:6D:33:BF:EC:54:1E:AC:B4:A4:A0:89:92:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/5cOmhsg97m0zv-xUHqy0pKCJknk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5cOmhsg97m0zv-xUHqy0pKCJknk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153AA6/9C3D87E6F52411E79644B009C4F9AE02/99C6F94CF52511E7948D5A0BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.109.0/24 103.90.0.0-103.90.2.255 IPv6: 2401:3b40::/32 Signature Algorithm: sha256WithRSAEncryption 1a:8e:4c:a4:d0:99:89:d3:da:b4:48:45:3f:49:c7:fe:6a:02: 63:a6:bb:fa:6a:a6:0a:16:92:dc:66:3b:ba:2c:fa:41:11:bd: 4c:6f:5c:b9:9e:e9:8b:67:d6:dd:95:5e:9f:a8:e4:79:84:9a: 19:ae:47:6a:d1:f2:ce:ec:cd:34:2f:83:74:27:3a:5b:a1:e2: c1:80:5f:f8:16:d8:6e:5d:38:df:cd:9c:b5:e8:f5:e9:32:04: b5:70:83:fb:8c:39:aa:bd:2a:75:87:1b:13:ec:a0:bb:25:5c: 7f:d7:44:a9:a2:40:0d:51:a8:85:5e:06:70:44:30:58:5f:4f: f9:a9:79:95:68:c4:a2:7d:e9:3b:f4:06:f1:54:81:a8:a1:9c: 85:4f:79:35:d0:9c:dd:f1:f4:15:85:9e:51:13:e7:0f:06:f3: 2f:32:ca:c0:0c:a3:2a:26:e2:4d:a5:6d:83:1f:55:38:7d:6a: 95:73:3a:dd:7b:be:4d:e4:f6:39:92:4a:dc:ee:78:95:6a:6f: 05:cb:ba:eb:3c:9c:34:db:50:1e:5d:92:07:7e:bd:79:93:2a: 6a:d6:ac:f9:ad:4a:d6:b7:e4:32:eb:c2:8a:ef:af:34:34:da: 6b:4c:c2:57:62:db:5c:a7:87:dd:e2:1e:c6:7f:c5:64:72:39: be:65:5c:84 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICFuEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTNBQTYxMTAvBgNVBAUTKEU1QzNBNjg2QzgzREVFNkQzM0JGRUM1NDFFQUNCNEE0 QTA4OTkyNzkwHhcNMjUwNzA0MTcyNTU3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY4MGVhNC1kMmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn2OyT4tKsH4OUrPUF14e+kf2WQCteQ8Up7KaXKcLBi2l9OIm3MGxRi5imeM6 efGFe4GOVe9qo/1Cb4bhU1yYxqCwLSlYOgHqecP71oI+l44Z1Rev1ZYrusqldxl3 /g7hCKIgXHYGPRT20sDEVCfXuABZTtU+UFbQz1XebZdaCwBEDJJ+whs01L4RdWpt RYvCfDS5gpmOlE+hg/ma65sOZfhir7n9GtJ/GzdCKyBEH+XoYdXfg7hJKMjCb1Lp uFrQUebcagT2prF16GUnu4ok+EYqMBPYlGyis+oJa2UvrOaEQpF/FRJ/z7rDyzMc NHwDebouvx2ISaY4OdMLQ+WwJwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFMT+YM+M 8uhnvBl47Smd5LSsQ7XrMB8GA1UdIwQYMBaAFOXDpobIPe5tM7/sVB6stKSgiZJ5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0FBNi85QzNEODdFNkY1 MjQxMUU3OTY0NEIwMDlDNEY5QUUwMi81Y09taHNnOTdtMHp2LXhVSHF5MHBLQ0pr bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVjT21oc2c5N20wenYteFVIcXkwcEtDSmtuay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTNBQTYvOUMzRDg3RTZGNTI0MTFFNzk2NDRCMDA5QzRGOUFFMDIvOTlDNkY5NENG NTI1MTFFNzk0OEQ1QTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMBkEAgABMBMDBABnSG0wCwMDAWdaAwQAZ1oCMA0EAgACMAcDBQAkATtAMA0G CSqGSIb3DQEBCwUAA4IBAQAajkyk0JmJ09q0SEU/Scf+agJjprv6aqYKFpLcZju6 LPpBEb1Mb1y5numLZ9bdlV6fqOR5hJoZrkdq0fLO7M00L4N0JzpboeLBgF/4Fthu XTjfzZy16PXpMgS1cIP7jDmqvSp1hxsT7KC7JVx/10SpokANUaiFXgZwRDBYX0/5 qXmVaMSifek79AbxVIGooZyFT3k10Jzd8fQVhZ5RE+cPBvMvMsrADKMqJuJNpW2D H1U4fWqVczrde75N5PY5kkrc7niVam8Fy7rrPJw021AeXZIHfr15kypq1qz5rUrW t+Qy68KK7680NNprTMJXYttcp4fd4h7Gf8Vkcjm+ZVyE -----END CERTIFICATE-----Generated at Wed Jul 23 02:31:27 2025 by rpki-client