$ rpki-client -vvf rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/D00FC228F46111ECA631AC55C4F9AE02.roa File: D00FC228F46111ECA631AC55C4F9AE02.roa (raw, json) Hash identifier: LAD7dRCik0KzxFNr8quzKbBZIsig686rpItw8aFMMeA= Subject key identifier: 6C:4D:87:C2:32:48:8B:DB:DE:ED:B0:FA:C2:51:7D:90:E7:E5:09:36 Certificate issuer: /CN=A91D112B/serialNumber=F04B24D2482EF01F88B7D0D62A53922739B7880D Certificate serial: 075D Authority key identifier: F0:4B:24:D2:48:2E:F0:1F:88:B7:D0:D6:2A:53:92:27:39:B7:88:0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Esk0kgu8B-It9DWKlOSJzm3iA0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/D00FC228F46111ECA631AC55C4F9AE02.roa Signing time: Wed 16 Jul 2025 22:02:00 +0000 ROA not before: Wed 16 Jul 2025 22:02:00 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 134236 IP address blocks: 45.120.96.0/22 maxlen: 22 45.120.96.0/23 maxlen: 23 45.120.96.0/24 maxlen: 24 45.120.97.0/24 maxlen: 24 45.120.98.0/23 maxlen: 23 45.120.98.0/24 maxlen: 24 45.120.99.0/24 maxlen: 24 103.60.160.0/22 maxlen: 22 103.60.160.0/23 maxlen: 23 103.60.160.0/24 maxlen: 24 103.60.161.0/24 maxlen: 24 103.60.162.0/23 maxlen: 23 103.60.162.0/24 maxlen: 24 103.60.163.0/24 maxlen: 24 2406:cc40::/32 maxlen: 32 2406:cc40:1::/48 maxlen: 48 2406:cc40:2::/48 maxlen: 48 2406:cc40:a::/48 maxlen: 48 2406:cc40:b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/8Esk0kgu8B-It9DWKlOSJzm3iA0.crl rsync://rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/8Esk0kgu8B-It9DWKlOSJzm3iA0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Esk0kgu8B-It9DWKlOSJzm3iA0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 21:57:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1885 (0x75d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D112B, serialNumber=F04B24D2482EF01F88B7D0D62A53922739B7880D Validity Not Before: Jul 16 22:02:00 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68782158-a6d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:1a:7f:7c:ce:37:66:62:4b:b2:57:1b:43:5f: ff:6e:20:e9:16:05:c7:02:da:87:97:97:c3:a8:3d: e3:e4:1a:48:4f:28:7c:0e:36:61:18:1c:70:4b:a9: 7c:80:9a:b0:9a:74:28:06:dc:28:e4:bb:fe:96:7f: 0c:2d:05:94:76:ee:61:09:70:c3:ba:22:b5:a2:f9: 30:61:d9:58:21:dc:c0:5f:77:3c:33:8a:e8:4b:6b: 14:86:90:22:32:92:29:67:6d:46:ac:d6:05:3f:6a: ec:64:2e:a5:73:3d:20:fe:a3:39:82:15:b8:d7:3a: 1c:c5:9e:64:ca:f6:20:80:d2:c2:08:d5:21:a6:44: ec:12:b8:12:56:0e:9f:09:8b:ae:be:54:b9:85:69: 81:4e:a6:50:90:ef:c4:b3:12:40:c8:6b:74:07:c6: 6d:2c:ef:6f:3c:09:1d:c6:e8:1b:64:be:59:54:40: 23:98:8e:e2:76:0d:6c:22:5f:72:58:01:66:a5:22: e4:a1:f2:9a:21:35:6c:5c:f2:8d:c3:18:10:51:0e: a8:42:d9:7b:fc:79:41:e2:ba:bc:92:25:db:3b:43: 25:0d:1d:11:ae:b8:7f:90:19:6b:ae:71:45:aa:26: 78:9b:36:27:52:a0:66:f0:b5:da:70:f8:68:a3:c9: bb:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:4D:87:C2:32:48:8B:DB:DE:ED:B0:FA:C2:51:7D:90:E7:E5:09:36 X509v3 Authority Key Identifier: keyid:F0:4B:24:D2:48:2E:F0:1F:88:B7:D0:D6:2A:53:92:27:39:B7:88:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/8Esk0kgu8B-It9DWKlOSJzm3iA0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Esk0kgu8B-It9DWKlOSJzm3iA0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/D00FC228F46111ECA631AC55C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.120.96.0/22 103.60.160.0/22 IPv6: 2406:cc40::/32 Signature Algorithm: sha256WithRSAEncryption 28:ba:a7:42:df:c1:b2:7f:03:50:f9:73:46:cd:0c:a8:cd:a5: 9a:ef:2f:03:8d:7f:23:5e:b7:79:0d:e3:01:de:cd:0a:5c:28: 33:2e:1d:41:54:55:62:da:0d:93:a3:9e:e6:66:e5:05:be:f9: 6e:8b:89:51:8c:b3:cb:2e:07:fb:fe:d2:6a:cf:c9:24:49:a6: 53:ed:88:09:73:9d:be:9c:d6:0b:1d:bb:fe:0c:89:fe:07:5a: 1f:41:df:e5:52:08:9d:67:2b:24:a3:13:c7:6b:b4:e8:0c:8f: 4f:5c:c9:aa:c8:80:4c:bf:bc:c1:41:7c:90:ef:84:c5:ae:7c: a9:2a:51:c6:76:d8:b6:f8:f9:bc:c8:18:29:0b:f5:af:b3:cf: dd:a4:1c:de:f7:d4:ac:a9:45:1f:35:00:b4:b2:64:04:94:35: 86:11:36:09:cc:12:2d:f1:54:2e:2a:b0:cb:46:bd:2f:b9:f1: 4e:c5:03:55:2f:a8:f5:62:50:e5:d8:4a:5e:df:e1:0d:0c:09: ea:02:c6:7d:07:03:75:d8:37:c9:5c:15:36:e5:6c:72:54:e3: f4:03:04:d4:61:95:f1:b8:a1:63:83:6d:13:91:fc:31:8d:bf: 5c:cb:1a:1c:63:bd:58:2d:a5:1b:2f:de:7d:51:8f:74:8b:34: f9:fc:66:76 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICB10wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDExMkIxMTAvBgNVBAUTKEYwNEIyNEQyNDgyRUYwMUY4OEI3RDBENjJBNTM5MjI3 MzlCNzg4MEQwHhcNMjUwNzE2MjIwMjAwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODc4MjE1OC1hNmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Bp/fM43ZmJLslcbQ1//biDpFgXHAtqHl5fDqD3j5BpITyh8DjZhGBxwS6l8 gJqwmnQoBtwo5Lv+ln8MLQWUdu5hCXDDuiK1ovkwYdlYIdzAX3c8M4roS2sUhpAi MpIpZ21GrNYFP2rsZC6lcz0g/qM5ghW41zocxZ5kyvYggNLCCNUhpkTsErgSVg6f CYuuvlS5hWmBTqZQkO/EsxJAyGt0B8ZtLO9vPAkdxugbZL5ZVEAjmI7idg1sIl9y WAFmpSLkofKaITVsXPKNwxgQUQ6oQtl7/HlB4rq8kiXbO0MlDR0Rrrh/kBlrrnFF qiZ4mzYnUqBm8LXacPhoo8m7YQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGxNh8Iy SIvb3u2w+sJRfZDn5Qk2MB8GA1UdIwQYMBaAFPBLJNJILvAfiLfQ1ipTkic5t4gN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTEyQi8xQ0QwRTA1MDJG MzQxMUVCOTdGRTE3ODZDNEY5QUUwMi84RXNrMGtndThCLUl0OURXS2xPU0p6bTNp QTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhFc2swa2d1OEItSXQ5RFdLbE9TSnptM2lBMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDExMkIvMUNEMEUwNTAyRjM0MTFFQjk3RkUxNzg2QzRGOUFFMDIvRDAwRkMyMjhG NDYxMTFFQ0E2MzFBQzU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIteGADBAJnPKAwDQQCAAIwBwMFACQGzEAwDQYJKoZIhvcN AQELBQADggEBACi6p0LfwbJ/A1D5c0bNDKjNpZrvLwONfyNet3kN4wHezQpcKDMu HUFUVWLaDZOjnuZm5QW++W6LiVGMs8suB/v+0mrPySRJplPtiAlznb6c1gsdu/4M if4HWh9B3+VSCJ1nKySjE8drtOgMj09cyarIgEy/vMFBfJDvhMWufKkqUcZ22Lb4 +bzIGCkL9a+zz92kHN731KypRR81ALSyZASUNYYRNgnMEi3xVC4qsMtGvS+58U7F A1UvqPViUOXYSl7f4Q0MCeoCxn0HA3XYN8lcFTblbHJU4/QDBNRhlfG4oWODbROR /DGNv1zLGhxjvVgtpRsv3n1Rj3SLNPn8ZnY= -----END CERTIFICATE-----Generated at Sun Jul 20 14:20:43 2025 by rpki-client