$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D4C5651A623C11F0955BD477C4F9AE02.roa File: D4C5651A623C11F0955BD477C4F9AE02.roa (raw, json) Hash identifier: GLBmHyLbybNuzFXxpUK4J+KxacL90yJH8hrjWRCwJx8= Subject key identifier: ED:F8:BB:06:52:64:A5:7B:AF:4C:68:DB:80:BF:D3:82:CE:13:24:4F Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: C04E Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D4C5651A623C11F0955BD477C4F9AE02.roa Signing time: Wed 16 Jul 2025 12:07:51 +0000 ROA not before: Wed 16 Jul 2025 12:07:50 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 152542 IP address blocks: 103.201.136.0/24 maxlen: 24 103.201.137.0/24 maxlen: 24 103.201.138.0/24 maxlen: 24 103.201.139.0/24 maxlen: 24 2001:df6:f180::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 11:52:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49230 (0xc04e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jul 16 12:07:50 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68779616-42ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:5b:aa:67:71:85:9c:94:55:e1:51:2b:0d:b2: eb:25:7d:ee:85:2e:f6:97:a8:0b:fb:ea:6c:70:e9: b5:63:57:45:c2:e1:12:00:01:18:6f:f0:49:2c:a7: 54:12:bd:0a:d4:7b:da:ea:dd:db:bf:73:40:71:3c: 96:5e:f8:10:36:3d:3d:92:b0:f4:d0:4f:75:02:42: 23:ee:ab:03:f3:9e:0b:22:b6:4b:32:fc:00:c2:2c: 5e:32:cc:3b:98:8e:28:2a:f7:99:d6:92:0c:fc:ae: cb:81:93:33:d6:e6:3e:f1:58:89:06:47:fd:34:c9: 90:4f:0a:72:bc:cd:d7:5c:86:ad:85:ee:59:3f:66: b6:e6:ae:bc:23:88:65:dc:bb:35:06:4f:a8:60:dc: d9:5f:07:cd:32:ce:fc:05:03:4f:6a:3d:31:4c:bf: 63:42:9a:2a:1e:c0:5e:37:66:73:22:25:25:6d:cf: af:ad:49:a7:67:9a:37:e5:c1:13:74:e1:c7:cb:df: 42:bf:bf:55:40:e9:70:d3:fb:5f:7c:44:06:5e:db: b1:1f:82:75:21:ea:b4:34:67:23:11:0d:40:53:80: 0e:fc:7e:df:70:23:f8:92:97:91:f0:94:4e:99:13: d4:0f:7e:e6:9d:4c:22:23:90:bd:ec:70:e3:1e:51: bc:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:F8:BB:06:52:64:A5:7B:AF:4C:68:DB:80:BF:D3:82:CE:13:24:4F X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D4C5651A623C11F0955BD477C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.201.136.0/22 IPv6: 2001:df6:f180::/48 Signature Algorithm: sha256WithRSAEncryption 28:dd:67:ec:39:c3:e3:cd:6c:08:f2:fd:bd:d9:9e:66:ba:aa: 08:97:8c:68:71:2d:18:fc:43:0b:20:1c:fa:00:0c:d6:aa:a2: f6:3d:93:ff:5a:6d:56:ad:a5:a7:a0:80:69:8a:e6:99:5e:97: ec:37:28:82:68:42:3a:50:da:93:77:9b:79:8b:8d:d7:48:ba: e7:ef:e1:2b:3e:9d:10:22:3c:6d:dd:70:27:f0:f0:ad:b7:20: 90:ed:e5:7f:98:cc:ec:12:40:9c:e8:e4:11:82:13:66:b5:00: 09:3d:5e:86:78:25:4a:34:30:79:23:1d:55:7f:c9:85:11:d3: 46:63:6d:72:6f:97:eb:14:e4:8c:fb:eb:71:ce:e6:3c:4b:a5: 5c:6d:c7:c2:63:be:00:9b:7e:e4:08:25:cd:a5:7e:cd:b2:62: f7:43:30:b3:24:35:df:31:66:64:7b:bb:3c:78:88:3d:a1:66: 02:69:18:0b:03:d9:a1:2b:3c:f9:ae:59:32:c3:c3:c6:5a:16: 22:d8:0d:b4:b9:f1:e7:da:f7:75:1e:df:ed:d5:b0:bc:de:ef: 78:9b:bf:df:3f:e3:a6:88:b3:b1:f6:08:f5:3b:0e:93:37:6e: 42:aa:c4:16:e9:19:c2:33:73:a1:75:1d:fd:04:9d:dc:74:42: 53:9f:21:f8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIDAMBOMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDcxNjEyMDc1MFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjg3Nzk2MTYtNDJlZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANFbqmdxhZyUVeFRKw2y6yV97oUu9peoC/vqbHDptWNXRcLhEgABGG/wSSyn VBK9CtR72urd279zQHE8ll74EDY9PZKw9NBPdQJCI+6rA/OeCyK2SzL8AMIsXjLM O5iOKCr3mdaSDPyuy4GTM9bmPvFYiQZH/TTJkE8KcrzN11yGrYXuWT9mtuauvCOI Zdy7NQZPqGDc2V8HzTLO/AUDT2o9MUy/Y0KaKh7AXjdmcyIlJW3Pr61Jp2eaN+XB E3Thx8vfQr+/VUDpcNP7X3xEBl7bsR+CdSHqtDRnIxENQFOADvx+33Aj+JKXkfCU TpkT1A9+5p1MIiOQvexw4x5RvPkCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBTt+LsG UmSle69MaNuAv9OCzhMkTzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Q0QzU2NTFB NjIzQzExRjA5NTVCRDQ3N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/ BCEwHzAMBAIAATAGAwQCZ8mIMA8EAgACMAkDBwAgAQ328YAwDQYJKoZIhvcNAQEL BQADggEBACjdZ+w5w+PNbAjy/b3Znma6qgiXjGhxLRj8QwsgHPoADNaqovY9k/9a bVatpaeggGmK5plel+w3KIJoQjpQ2pN3m3mLjddIuufv4Ss+nRAiPG3dcCfw8K23 IJDt5X+YzOwSQJzo5BGCE2a1AAk9XoZ4JUo0MHkjHVV/yYUR00ZjbXJvl+sU5Iz7 63HO5jxLpVxtx8JjvgCbfuQIJc2lfs2yYvdDMLMkNd8xZmR7uzx4iD2hZgJpGAsD 2aErPPmuWTLDw8ZaFiLYDbS58efa93Ue3+3VsLze73ibv98/46aIs7H2CPU7DpM3 bkKqxBbpGcIzc6F1Hf0Endx0QlOfIfg= -----END CERTIFICATE-----Generated at Mon Jul 21 12:45:20 2025 by rpki-client