$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/F2CD19D6E96011EF8940367DC4F9AE02.roa File: F2CD19D6E96011EF8940367DC4F9AE02.roa (raw, json) Hash identifier: qc4m83ow/HQw4squEH0ZGSEZLA7zoXhgkL6VJ3EiLOM= Subject key identifier: 8D:25:3A:3A:0E:9C:60:5F:C4:5C:39:2C:63:01:C6:64:0F:A4:53:4D Certificate issuer: /CN=A91A6F68/serialNumber=620D39B3A1837973BD13269F2B06AC9B2738820D Certificate serial: 64 Authority key identifier: 62:0D:39:B3:A1:83:79:73:BD:13:26:9F:2B:06:AC:9B:27:38:82:0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yg05s6GDeXO9EyafKwasmyc4gg0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/F2CD19D6E96011EF8940367DC4F9AE02.roa Signing time: Wed 23 Jul 2025 06:35:19 +0000 ROA not before: Wed 23 Jul 2025 06:35:19 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 50049 IP address blocks: 43.250.52.0/22 maxlen: 22 43.250.52.0/24 maxlen: 24 43.250.53.0/24 maxlen: 24 43.250.54.0/24 maxlen: 24 43.250.55.0/24 maxlen: 24 103.41.176.0/22 maxlen: 22 103.41.176.0/24 maxlen: 24 103.41.177.0/24 maxlen: 24 103.41.178.0/24 maxlen: 24 103.41.179.0/24 maxlen: 24 103.147.152.0/24 maxlen: 24 2406:4fc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/Yg05s6GDeXO9EyafKwasmyc4gg0.crl rsync://rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/Yg05s6GDeXO9EyafKwasmyc4gg0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yg05s6GDeXO9EyafKwasmyc4gg0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Jul 2025 07:30:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A6F68, serialNumber=620D39B3A1837973BD13269F2B06AC9B2738820D Validity Not Before: Jul 23 06:35:19 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=688082a7-f6b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:5e:2a:db:37:9f:ed:fe:12:ca:e7:d9:69:4c: 96:c1:ef:77:b7:1a:1b:fd:d5:67:7c:18:f6:02:9c: 07:0e:df:6c:30:b0:3a:5e:2a:9e:ad:a9:c7:1d:6b: 7a:98:dd:bd:79:7d:c5:1f:25:94:9f:0d:bd:6e:74: b0:30:6c:91:47:b4:af:1d:75:92:99:1c:1b:2b:bb: 55:b2:85:df:af:85:e3:6f:a9:68:93:48:24:2e:2f: 5f:c9:b7:7f:70:c1:fe:05:6c:71:e9:c8:41:2b:bc: b1:2f:fc:e1:65:af:6b:65:d2:f0:71:b5:c0:32:ac: 7f:86:32:06:93:51:1a:9c:17:24:5d:e9:bd:d2:6c: 0a:6c:c4:67:3d:a8:8c:4a:9e:55:41:63:4e:38:7b: 44:26:c7:0c:57:8b:e9:43:d7:f7:45:d9:16:26:d2: 63:2a:f2:30:22:19:fa:7b:b8:da:6e:bb:c3:c9:7b: f4:e9:c4:40:c1:1c:c4:52:c4:7f:1e:6f:16:95:94: b4:88:fd:83:86:be:63:38:75:fa:48:95:c0:15:74: dc:53:a9:dd:77:d3:2f:c2:90:f8:33:42:25:cb:bd: 65:bc:6e:a3:c8:32:c6:a3:0b:1c:d2:f5:92:bd:61: ad:2e:e4:06:df:d0:7d:40:dc:04:7f:31:36:fb:bf: 7f:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:25:3A:3A:0E:9C:60:5F:C4:5C:39:2C:63:01:C6:64:0F:A4:53:4D X509v3 Authority Key Identifier: keyid:62:0D:39:B3:A1:83:79:73:BD:13:26:9F:2B:06:AC:9B:27:38:82:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/Yg05s6GDeXO9EyafKwasmyc4gg0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yg05s6GDeXO9EyafKwasmyc4gg0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/F2CD19D6E96011EF8940367DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.250.52.0/22 103.41.176.0/22 103.147.152.0/24 IPv6: 2406:4fc0::/32 Signature Algorithm: sha256WithRSAEncryption ad:6d:3c:c5:59:c6:53:5a:ed:b5:2e:ff:d8:ad:d6:16:a7:d9: 95:94:cd:90:48:0e:9e:2a:b8:78:bd:59:c7:f9:95:fa:d1:c5: bb:76:a5:87:f6:ad:a7:7b:2f:5e:68:e0:ef:38:44:ae:44:97: 64:df:dd:79:76:fa:1c:3f:14:46:e1:65:62:2d:b6:e3:82:35: 47:5a:f1:69:43:fb:11:bc:69:a1:be:87:b2:8b:fc:37:5b:48: 86:61:6e:66:45:25:c3:f6:be:a6:aa:63:8c:82:f6:6e:a9:42: 10:2c:b6:8a:c7:15:50:c5:d4:cd:b8:01:6b:e4:c1:ba:74:d0: 64:37:5e:4f:be:44:ca:8a:7f:d7:92:48:26:32:b2:c1:ac:17: 81:77:8d:69:e3:fb:e4:4d:89:0e:44:3c:b8:e4:37:04:d9:33: 6f:dc:fa:3a:19:4a:71:82:a0:68:59:c3:d2:5b:15:2d:83:0c: 8b:74:8b:df:91:ed:64:db:6c:2f:a8:74:13:43:e8:41:84:7f: 84:30:1a:17:49:2a:24:a9:f2:e2:bf:4e:74:1d:8b:f5:9a:31: 2f:1c:64:80:6b:32:fa:3b:4a:62:98:60:4a:29:f3:ac:4b:ba: d8:45:96:7b:03:ca:f0:c0:86:28:ab:0a:37:43:6d:34:c3:f0: be:11:91:4f -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgIBZDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NkY2ODExMC8GA1UEBRMoNjIwRDM5QjNBMTgzNzk3M0JEMTMyNjlGMkIwNkFDOUIy NzM4ODIwRDAeFw0yNTA3MjMwNjM1MTlaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ODA4MmE3LWY2YjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDmXirbN5/t/hLK59lpTJbB73e3Ghv91Wd8GPYCnAcO32wwsDpeKp6tqccda3qY 3b15fcUfJZSfDb1udLAwbJFHtK8ddZKZHBsru1Wyhd+vheNvqWiTSCQuL1/Jt39w wf4FbHHpyEErvLEv/OFlr2tl0vBxtcAyrH+GMgaTURqcFyRd6b3SbApsxGc9qIxK nlVBY044e0QmxwxXi+lD1/dF2RYm0mMq8jAiGfp7uNpuu8PJe/TpxEDBHMRSxH8e bxaVlLSI/YOGvmM4dfpIlcAVdNxTqd130y/CkPgzQiXLvWW8bqPIMsajCxzS9ZK9 Ya0u5Abf0H1A3AR/MTb7v39BAgMBAAGjggKwMIICrDAdBgNVHQ4EFgQUjSU6Og6c YF/EXDksYwHGZA+kU00wHwYDVR0jBBgwFoAUYg05s6GDeXO9EyafKwasmyc4gg0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE2RjY4LzkyRTI1OTYyREYy MTExRUY4MzNGNEYyQ0M0RjlBRTAyL1lnMDVzNkdEZVhPOUV5YWZLd2FzbXljNGdn MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWWcwNXM2R0RlWE85RXlhZkt3YXNteWM0Z2cwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NkY2OC85MkUyNTk2MkRGMjExMUVGODMzRjRGMkNDNEY5QUUwMi9GMkNEMTlENkU5 NjAxMUVGODk0MDM2N0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA6BggrBgEFBQcBBwEB/wQr MCkwGAQCAAEwEgMEAiv6NAMEAmcpsAMEAGeTmDANBAIAAjAHAwUAJAZPwDANBgkq hkiG9w0BAQsFAAOCAQEArW08xVnGU1rttS7/2K3WFqfZlZTNkEgOniq4eL1Zx/mV +tHFu3alh/atp3svXmjg7zhErkSXZN/deXb6HD8URuFlYi2244I1R1rxaUP7Ebxp ob6Hsov8N1tIhmFuZkUlw/a+pqpjjIL2bqlCECy2iscVUMXUzbgBa+TBunTQZDde T75Eyop/15JIJjKywawXgXeNaeP75E2JDkQ8uOQ3BNkzb9z6OhlKcYKgaFnD0lsV LYMMi3SL35HtZNtsL6h0E0PoQYR/hDAaF0kqJKny4r9OdB2L9ZoxLxxkgGsy+jtK YphgSinzrEu62EWWewPK8MCGKKsKN0NtNMPwvhGRTw== -----END CERTIFICATE-----Generated at Wed Jul 23 23:29:49 2025 by rpki-client