$ rpki-client -vvf rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/5997C4D0719A11EEBBA64415C4F9AE02.roa File: 5997C4D0719A11EEBBA64415C4F9AE02.roa (raw, json) Hash identifier: 2hIQWvs5gCQjNeqkzYCi7IsHJw8uYq2a3BY4+uJn8rA= Subject key identifier: D2:34:9E:7C:AE:E6:04:58:CC:F5:0F:E7:A1:F1:DB:54:10:89:8A:7A Certificate issuer: /CN=A918BB4D/serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24 Certificate serial: 06EC Authority key identifier: EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/5997C4D0719A11EEBBA64415C4F9AE02.roa Signing time: Wed 02 Jul 2025 22:32:00 +0000 ROA not before: Wed 02 Jul 2025 22:32:00 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 6134 IP address blocks: 43.254.216.0/22 maxlen: 24 103.238.224.0/22 maxlen: 24 103.244.88.0/22 maxlen: 24 116.206.176.0/22 maxlen: 24 2001:df5:8300::/48 maxlen: 48 2401:e9e0::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.crl rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 22:22:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1772 (0x6ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918BB4D, serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24 Validity Not Before: Jul 2 22:32:00 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=6865b35f-42d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ae:5c:59:4b:8e:2b:1e:02:c1:28:77:a6:66: 07:a1:00:12:8d:ed:98:97:60:b0:df:66:a0:27:57: 0b:13:81:60:35:6e:e0:47:17:55:53:c6:23:09:07: ea:fc:08:cf:a3:74:49:36:88:a0:ec:c3:01:95:d6: c7:d7:47:2f:7b:41:12:6d:9b:75:a7:1f:ae:99:3e: 5a:8b:e2:9a:49:5e:93:30:44:44:cb:1f:78:90:9c: a7:2e:42:dc:d1:2d:e5:2f:3b:fb:99:7f:8b:80:eb: b7:f8:bc:9e:7f:2f:d7:d6:6b:2c:e6:d5:d2:68:58: 25:e0:4f:09:90:14:04:2b:1a:86:27:fb:cf:63:e3: 95:93:53:74:49:bc:12:8b:37:0c:6a:4f:a3:a8:dd: e3:ad:ca:c1:e1:3d:c1:6c:5b:bc:0e:14:90:62:2a: dd:fd:08:c6:e7:54:b7:fd:57:ce:45:cc:58:7d:a9: b0:50:e1:63:47:05:a5:09:47:18:77:98:d6:6a:eb: 9c:59:4d:af:b0:58:88:62:cd:e4:6e:f8:82:94:f5: 48:53:d4:f2:f7:13:59:d4:5f:aa:61:3e:a3:35:57: 25:be:ee:4c:38:21:f8:15:0e:83:e4:d5:74:c7:0a: c9:bc:9c:5b:b5:d5:5b:93:ed:3e:6d:71:61:c7:0b: 57:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:34:9E:7C:AE:E6:04:58:CC:F5:0F:E7:A1:F1:DB:54:10:89:8A:7A X509v3 Authority Key Identifier: keyid:EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/5997C4D0719A11EEBBA64415C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.254.216.0/22 103.238.224.0/22 103.244.88.0/22 116.206.176.0/22 IPv6: 2001:df5:8300::/48 2401:e9e0::/36 Signature Algorithm: sha256WithRSAEncryption cd:99:d0:8d:85:6f:97:8c:eb:4a:27:d1:4e:b0:d0:52:e2:84: 29:ba:97:ae:bf:3c:a7:bd:23:19:2e:c4:8c:94:7f:41:9f:9e: ea:30:a1:82:d2:b6:b8:e7:95:dd:a0:af:43:2b:9f:89:6c:9e: 17:14:d6:ee:fa:c9:16:c0:63:cc:32:a2:26:87:18:4b:a8:e5: f5:6a:63:3e:64:cf:4b:14:aa:d0:fb:59:7b:a6:90:5e:cc:ab: 41:5d:ad:96:86:27:b4:92:b8:ad:e7:72:49:7c:11:1c:6c:ab: 6c:ca:3d:55:0e:60:82:ec:c7:b5:79:73:62:66:b1:7f:e3:88: 0b:ad:00:24:92:59:1b:b5:79:75:4e:f7:52:58:e7:94:1e:a1: 9b:01:fc:e1:bc:45:b1:42:c2:ef:6a:ba:96:20:0e:ee:22:41: af:51:40:f2:a7:ee:af:ec:39:88:85:5d:70:d9:09:5e:ea:dd: be:4c:18:e8:06:80:6c:52:35:8a:ce:1a:27:26:c9:24:d7:46: 79:93:ca:5e:7e:2b:9e:93:96:e1:d6:c7:5f:9f:c8:63:1d:6b: b4:31:9e:ac:59:ec:fa:19:b2:b6:c6:37:6b:23:d3:d7:66:28: 77:3e:0a:fa:ba:59:8e:9c:cf:24:8c:f0:00:3c:2a:af:02:c8: 4c:f8:a8:f3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgICBuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEJCNEQxMTAvBgNVBAUTKEVGNDAzNjQzRUE5ODIwQUU2RDlENjIyRjlBRUZEN0E0 QzkxNTRGMjQwHhcNMjUwNzAyMjIzMjAwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY1YjM1Zi00MmQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAya5cWUuOKx4CwSh3pmYHoQASje2Yl2Cw32agJ1cLE4FgNW7gRxdVU8YjCQfq /AjPo3RJNoig7MMBldbH10cve0ESbZt1px+umT5ai+KaSV6TMEREyx94kJynLkLc 0S3lLzv7mX+LgOu3+Lyefy/X1mss5tXSaFgl4E8JkBQEKxqGJ/vPY+OVk1N0SbwS izcMak+jqN3jrcrB4T3BbFu8DhSQYird/QjG51S3/VfORcxYfamwUOFjRwWlCUcY d5jWauucWU2vsFiIYs3kbviClPVIU9Ty9xNZ1F+qYT6jNVclvu5MOCH4FQ6D5NV0 xwrJvJxbtdVbk+0+bXFhxwtXDwIDAQABo4ICwDCCArwwHQYDVR0OBBYEFNI0nnyu 5gRYzPUP56Hx21QQiYp6MB8GA1UdIwQYMBaAFO9ANkPqmCCubZ1iL5rv16TJFU8k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkI0RC9DQTU2M0JFODY1 MjIxMUVCODBGNkU5NEJDNEY5QUUwMi83MEEyUS1xWUlLNXRuV0l2bXVfWHBNa1ZU eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzcwQTJRLXFZSUs1dG5XSXZtdV9YcE1rVlR5US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEJCNEQvQ0E1NjNCRTg2NTIyMTFFQjgwRjZFOTRCQzRGOUFFMDIvNTk5N0M0RDA3 MTlBMTFFRUJCQTY0NDE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E OzA5MB4EAgABMBgDBAIr/tgDBAJn7uADBAJn9FgDBAJ0zrAwFwQCAAIwEQMHACAB DfWDAAMGBCQB6eAAMA0GCSqGSIb3DQEBCwUAA4IBAQDNmdCNhW+XjOtKJ9FOsNBS 4oQpupeuvzynvSMZLsSMlH9Bn57qMKGC0ra455XdoK9DK5+JbJ4XFNbu+skWwGPM MqImhxhLqOX1amM+ZM9LFKrQ+1l7ppBezKtBXa2Whie0krit53JJfBEcbKtsyj1V DmCC7Me1eXNiZrF/44gLrQAkklkbtXl1TvdSWOeUHqGbAfzhvEWxQsLvarqWIA7u IkGvUUDyp+6v7DmIhV1w2Qle6t2+TBjoBoBsUjWKzhonJskk10Z5k8pefiuek5bh 1sdfn8hjHWu0MZ6sWez6GbK2xjdrI9PXZih3Pgr6ulmOnM8kjPAAPCqvAshM+Kjz -----END CERTIFICATE-----Generated at Sun Jul 20 13:38:32 2025 by rpki-client