$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE146/E41AB42ABD3111EBBFC3F921C4F9AE02/DD46BB92EDAB11EDBE91BB82C4F9AE02.roa File: DD46BB92EDAB11EDBE91BB82C4F9AE02.roa (raw, json) Hash identifier: c8cUKtHR+v6GeQIBes/j8ws19Cb2Y3YmnrIM72F/Gtk= Subject key identifier: 8E:CE:D3:A4:19:65:99:30:93:77:42:BB:28:D0:C1:0C:E1:63:46:59 Certificate issuer: /CN=A91BE146/serialNumber=43EA3A2DC08C5E1F2CD68411644A05C076E88C08 Certificate serial: 0608 Authority key identifier: 43:EA:3A:2D:C0:8C:5E:1F:2C:D6:84:11:64:4A:05:C0:76:E8:8C:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-o6LcCMXh8s1oQRZEoFwHbojAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BE146/E41AB42ABD3111EBBFC3F921C4F9AE02/DD46BB92EDAB11EDBE91BB82C4F9AE02.roa Signing time: Thu 17 Jul 2025 13:53:14 +0000 ROA not before: Thu 17 Jul 2025 13:53:14 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 11158 IP address blocks: 117.103.120.0/24 maxlen: 24 117.103.121.0/24 maxlen: 24 117.103.122.0/24 maxlen: 24 117.103.123.0/24 maxlen: 24 117.103.126.0/24 maxlen: 24 117.103.127.0/24 maxlen: 24 119.31.160.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BE146/E41AB42ABD3111EBBFC3F921C4F9AE02/Q-o6LcCMXh8s1oQRZEoFwHbojAg.crl rsync://rpki.apnic.net/member_repository/A91BE146/E41AB42ABD3111EBBFC3F921C4F9AE02/Q-o6LcCMXh8s1oQRZEoFwHbojAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-o6LcCMXh8s1oQRZEoFwHbojAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 23:17:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1544 (0x608) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BE146, serialNumber=43EA3A2DC08C5E1F2CD68411644A05C076E88C08 Validity Not Before: Jul 17 13:53:14 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=6879004a-7f7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:93:55:74:9d:f7:5c:6d:c0:a6:3c:23:f2:f6: a5:a6:f5:2a:82:ac:92:58:e6:48:30:f9:a7:a1:06: 5a:fd:b8:fa:33:55:68:37:f1:0c:8f:2e:ac:26:80: 90:2f:a7:22:64:5e:6c:03:dc:fd:95:2d:e1:44:ae: 2f:ff:ec:88:e6:46:c5:e9:0c:32:db:0c:9d:d5:a7: 8d:81:e6:68:13:c5:77:ec:37:d5:89:0e:2a:39:00: a6:5f:ae:17:f4:00:d9:30:98:c6:40:72:58:2c:e8: f8:18:5e:cb:b7:94:5a:d1:c8:4a:61:92:63:dc:0a: 16:e4:df:c2:ec:41:7b:5e:52:e4:c0:a9:81:fe:9a: d2:d1:77:fa:4c:19:c3:25:6f:2b:96:8a:56:71:37: 97:2f:91:99:4d:61:27:b6:7f:81:0c:d9:03:76:eb: e0:4f:62:64:2d:dc:17:46:eb:99:06:6a:c5:76:73: 05:f7:19:08:fb:06:62:31:de:09:55:9c:76:6e:30: 1c:3b:24:28:51:dd:2e:b9:22:f8:d0:b0:36:ce:a2: 44:a2:cf:52:cb:70:1e:4d:7a:0e:8e:94:b3:5f:7e: 37:ef:45:f7:84:9f:35:99:b3:ea:9e:6f:bd:34:19: c1:0d:a7:0c:d2:33:49:ab:bb:98:2d:c7:b9:b4:ee: 7a:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:CE:D3:A4:19:65:99:30:93:77:42:BB:28:D0:C1:0C:E1:63:46:59 X509v3 Authority Key Identifier: keyid:43:EA:3A:2D:C0:8C:5E:1F:2C:D6:84:11:64:4A:05:C0:76:E8:8C:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BE146/E41AB42ABD3111EBBFC3F921C4F9AE02/Q-o6LcCMXh8s1oQRZEoFwHbojAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-o6LcCMXh8s1oQRZEoFwHbojAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE146/E41AB42ABD3111EBBFC3F921C4F9AE02/DD46BB92EDAB11EDBE91BB82C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 117.103.120.0/22 117.103.126.0/23 119.31.160.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:fe:46:98:b1:67:3c:81:7e:39:96:09:df:bc:26:98:53:f9: 38:ff:05:dc:33:95:68:0c:81:f1:89:dc:86:81:4b:92:ea:37: 92:c0:f2:a2:42:1d:09:b2:10:1a:b6:6e:39:c7:7d:84:b9:b4: 58:6b:df:cd:b5:ac:b7:fc:57:17:99:d2:12:52:54:93:a1:a7: 8a:00:3d:68:c7:9b:f7:68:05:f1:b8:31:ef:7d:80:8f:7c:4b: cb:a4:be:d4:41:c0:3c:eb:c2:19:fb:39:2a:a1:41:07:c4:3a: 43:1c:c6:a0:4e:1f:c3:0c:31:d6:5f:7b:c2:98:d2:07:eb:a3: b7:f8:a2:ba:e2:fd:a6:1f:04:4b:66:13:12:b8:78:2d:a6:f8: 27:57:11:c5:2e:25:b2:55:b0:f2:52:03:bf:85:ad:5c:37:84: 63:67:d1:6a:b2:dd:78:f7:6f:89:b3:b9:2b:11:42:e7:16:f8: 38:25:c5:c3:8c:d9:f7:05:fd:5e:be:eb:a1:44:5b:c9:5b:8b: d2:d8:d5:91:a6:05:71:68:dc:50:0d:10:de:25:7e:ee:da:54: 2a:f7:57:25:08:b5:c8:08:a4:83:08:19:52:08:16:2f:99:e0: ac:26:d6:d1:07:c3:a3:21:0b:66:fe:03:a9:fe:1b:51:dd:4f: 5c:bd:00:59 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICBggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkUxNDYxMTAvBgNVBAUTKDQzRUEzQTJEQzA4QzVFMUYyQ0Q2ODQxMTY0NEEwNUMw NzZFODhDMDgwHhcNMjUwNzE3MTM1MzE0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODc5MDA0YS03ZjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuZNVdJ33XG3Apjwj8valpvUqgqySWOZIMPmnoQZa/bj6M1VoN/EMjy6sJoCQ L6ciZF5sA9z9lS3hRK4v/+yI5kbF6Qwy2wyd1aeNgeZoE8V37DfViQ4qOQCmX64X 9ADZMJjGQHJYLOj4GF7Lt5Ra0chKYZJj3AoW5N/C7EF7XlLkwKmB/prS0Xf6TBnD JW8rlopWcTeXL5GZTWEntn+BDNkDduvgT2JkLdwXRuuZBmrFdnMF9xkI+wZiMd4J VZx2bjAcOyQoUd0uuSL40LA2zqJEos9Sy3AeTXoOjpSzX34370X3hJ81mbPqnm+9 NBnBDacM0jNJq7uYLce5tO56WwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFI7O06QZ ZZkwk3dCuyjQwQzhY0ZZMB8GA1UdIwQYMBaAFEPqOi3AjF4fLNaEEWRKBcB26IwI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRTE0Ni9FNDFBQjQyQUJE MzExMUVCQkZDM0Y5MjFDNEY5QUUwMi9RLW82TGNDTVhoOHMxb1FSWkVvRndIYm9q QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1EtbzZMY0NNWGg4czFvUVJaRW9Gd0hib2pBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkUxNDYvRTQxQUI0MkFCRDMxMTFFQkJGQzNGOTIxQzRGOUFFMDIvREQ0NkJCOTJF REFCMTFFREJFOTFCQjgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAJ1Z3gDBAF1Z34DBAB3H6AwDQYJKoZIhvcNAQELBQADggEB ABr+RpixZzyBfjmWCd+8JphT+Tj/BdwzlWgMgfGJ3IaBS5LqN5LA8qJCHQmyEBq2 bjnHfYS5tFhr3821rLf8VxeZ0hJSVJOhp4oAPWjHm/doBfG4Me99gI98S8ukvtRB wDzrwhn7OSqhQQfEOkMcxqBOH8MMMdZfe8KY0gfro7f4orri/aYfBEtmExK4eC2m +CdXEcUuJbJVsPJSA7+FrVw3hGNn0Wqy3Xj3b4mzuSsRQucW+DglxcOM2fcF/V6+ 66FEW8lbi9LY1ZGmBXFo3FANEN4lfu7aVCr3VyUItcgIpIMIGVIIFi+Z4Kwm1tEH w6MhC2b+A6n+G1HdT1y9AFk= -----END CERTIFICATE-----Generated at Sun Jul 20 04:04:21 2025 by rpki-client