$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/30B2E99E5FB611F089B44784C4F9AE02.roa File: 30B2E99E5FB611F089B44784C4F9AE02.roa (raw, json) Hash identifier: negZFqmBMo6VKE4VUMOsRrfxv0TCnbtWxCJ6jQA2XAg= Subject key identifier: 13:9B:C4:35:7D:5B:92:04:EC:8C:8C:11:CB:A3:F4:13:EE:27:0D:96 Certificate issuer: /CN=A91CC0C9/serialNumber=47B577B9C8ABE2C3600C5B4E793FF4D47B650620 Certificate serial: 23 Authority key identifier: 47:B5:77:B9:C8:AB:E2:C3:60:0C:5B:4E:79:3F:F4:D4:7B:65:06:20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R7V3ucir4sNgDFtOeT_01HtlBiA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/30B2E99E5FB611F089B44784C4F9AE02.roa Signing time: Sun 13 Jul 2025 07:19:45 +0000 ROA not before: Sun 13 Jul 2025 07:19:45 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 138415 IP address blocks: 43.224.30.0/24 maxlen: 24 43.224.31.0/24 maxlen: 24 103.46.226.0/24 maxlen: 24 103.46.227.0/24 maxlen: 24 103.82.140.0/24 maxlen: 24 103.82.141.0/24 maxlen: 24 103.82.142.0/24 maxlen: 24 103.82.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/R7V3ucir4sNgDFtOeT_01HtlBiA.crl rsync://rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/R7V3ucir4sNgDFtOeT_01HtlBiA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R7V3ucir4sNgDFtOeT_01HtlBiA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 08:28:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CC0C9, serialNumber=47B577B9C8ABE2C3600C5B4E793FF4D47B650620 Validity Not Before: Jul 13 07:19:45 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68735e11-772b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:95:a0:76:9d:e4:f7:e5:d8:2f:b5:f1:18:71: 3b:79:17:42:2a:8a:c8:21:1d:e8:d4:0f:f5:1d:e7: e0:4b:92:f3:fd:59:3c:44:77:85:ef:05:ce:df:21: 25:75:07:b0:c9:83:68:c8:7a:60:94:af:42:19:f4: 2e:16:77:04:8e:b6:a2:4b:0b:f4:d9:f1:7f:d5:57: 3c:c4:9e:9a:de:7f:56:ad:0f:69:09:6a:84:23:82: 0b:8a:b6:02:c0:78:8e:b1:7d:97:8f:12:08:0d:b3: 41:95:42:2d:d0:0b:f9:c9:9c:40:f3:b7:98:38:eb: ba:7d:e3:7c:92:89:ba:72:05:d9:f3:3e:45:d9:f3: 8c:b8:a9:1a:fb:3d:ff:16:73:80:ce:c9:ad:c8:5f: e6:c4:b6:a6:ca:5d:ce:37:7a:c6:21:44:32:9c:70: 9a:3a:df:f6:64:9d:44:33:56:4d:6e:d2:6e:49:10: ba:42:c0:b8:66:af:6f:58:67:b7:af:d9:aa:91:b1: f5:31:d6:ad:8d:d1:b2:15:f3:ac:c5:f7:6f:ca:ed: 17:70:f6:f0:f7:a0:b8:b5:72:c2:9c:88:5a:40:c6: 45:47:bd:d5:6a:c8:2c:0e:d5:45:6f:e5:a4:de:6a: c5:fc:8a:7c:1e:e5:4f:c6:16:b5:4b:6e:62:70:21: 5c:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:9B:C4:35:7D:5B:92:04:EC:8C:8C:11:CB:A3:F4:13:EE:27:0D:96 X509v3 Authority Key Identifier: keyid:47:B5:77:B9:C8:AB:E2:C3:60:0C:5B:4E:79:3F:F4:D4:7B:65:06:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/R7V3ucir4sNgDFtOeT_01HtlBiA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R7V3ucir4sNgDFtOeT_01HtlBiA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC0C9/C5DABEEA5FB411F08203447DC4F9AE02/30B2E99E5FB611F089B44784C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.30.0/23 103.46.226.0/23 103.82.140.0/22 Signature Algorithm: sha256WithRSAEncryption 8a:d8:d1:8d:9a:c9:3b:0b:bf:06:06:f9:13:02:06:fb:56:ff: 10:98:a1:7e:e1:e6:0d:df:ad:b0:f2:0a:15:01:a0:fe:68:ff: 5b:03:09:02:be:09:46:ca:ed:f1:65:16:08:1c:76:d6:73:7e: 86:7d:ed:04:96:cf:f9:75:8e:4b:91:04:8e:76:b6:08:7b:3b: a7:27:38:0a:9a:0f:3e:06:86:76:dd:9c:c0:98:5a:e6:6e:0e: 9e:8f:11:cc:87:63:d8:5d:69:c0:73:f6:66:03:81:7e:89:87: 39:1c:74:ac:00:41:f7:1a:71:5e:1e:7a:d4:ed:cb:a0:ed:f4: 5e:23:53:c1:3e:5a:a5:ee:5d:45:a9:37:7f:3a:c7:a4:c6:12: 98:7f:c7:bd:b3:66:a0:e8:5a:93:b0:d3:5b:3e:36:2b:c2:8e: 4b:69:ad:f7:91:20:fb:ce:3a:7a:9a:20:28:bf:02:0d:8a:74: b3:16:87:61:50:ea:2a:67:6c:0d:b6:5b:fa:1a:8e:ca:c9:b6: a7:54:35:06:f9:be:da:d4:de:0f:00:08:73:69:78:63:b0:f7: 57:29:59:0e:e3:da:21:3c:93:61:89:cb:15:54:d9:13:40:a0: 78:f8:f3:3b:4b:a0:36:f2:b1:5e:6a:94:ea:0b:b9:c3:54:d1: 7f:4e:cc:36 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QzBDOTExMC8GA1UEBRMoNDdCNTc3QjlDOEFCRTJDMzYwMEM1QjRFNzkzRkY0RDQ3 QjY1MDYyMDAeFw0yNTA3MTMwNzE5NDVaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NzM1ZTExLTc3MmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8laB2neT35dgvtfEYcTt5F0IqisghHejUD/Ud5+BLkvP9WTxEd4XvBc7fISV1 B7DJg2jIemCUr0IZ9C4WdwSOtqJLC/TZ8X/VVzzEnpref1atD2kJaoQjgguKtgLA eI6xfZePEggNs0GVQi3QC/nJnEDzt5g467p943ySibpyBdnzPkXZ84y4qRr7Pf8W c4DOya3IX+bEtqbKXc43esYhRDKccJo63/ZknUQzVk1u0m5JELpCwLhmr29YZ7ev 2aqRsfUx1q2N0bIV86zF92/K7Rdw9vD3oLi1csKciFpAxkVHvdVqyCwO1UVv5aTe asX8inwe5U/GFrVLbmJwIVw1AgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUE5vENX1b kgTsjIwRy6P0E+4nDZYwHwYDVR0jBBgwFoAUR7V3ucir4sNgDFtOeT/01HtlBiAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNDMEM5L0M1REFCRUVBNUZC NDExRjA4MjAzNDQ3REM0RjlBRTAyL1I3VjN1Y2lyNHNOZ0RGdE9lVF8wMUh0bEJp QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUjdWM3VjaXI0c05nREZ0T2VUXzAxSHRsQmlBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QzBDOS9DNURBQkVFQTVGQjQxMUYwODIwMzQ0N0RDNEY5QUUwMi8zMEIyRTk5RTVG QjYxMUYwODlCNDQ3ODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc MBowGAQCAAEwEgMEASvgHgMEAWcu4gMEAmdSjDANBgkqhkiG9w0BAQsFAAOCAQEA itjRjZrJOwu/Bgb5EwIG+1b/EJihfuHmDd+tsPIKFQGg/mj/WwMJAr4JRsrt8WUW CBx21nN+hn3tBJbP+XWOS5EEjna2CHs7pyc4CpoPPgaGdt2cwJha5m4Ono8RzIdj 2F1pwHP2ZgOBfomHORx0rABB9xpxXh561O3LoO30XiNTwT5ape5dRak3fzrHpMYS mH/HvbNmoOhak7DTWz42K8KOS2mt95Eg+846epogKL8CDYp0sxaHYVDqKmdsDbZb +hqOysm2p1Q1Bvm+2tTeDwAIc2l4Y7D3VylZDuPaITyTYYnLFVTZE0CgePjzO0ug NvKxXmqU6gu5w1TRf07MNg== -----END CERTIFICATE-----Generated at Sun Jul 20 09:00:12 2025 by rpki-client