$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDAD4/C423183077B511ECA5BCE05FC4F9AE02/168BE8747EEE11ECAB036C59C4F9AE02.roa File: 168BE8747EEE11ECAB036C59C4F9AE02.roa (raw, json) Hash identifier: wF1Z2aa2PTEiRRPCp23vYrxyf7/d64gIm78PkkwoFEI= Subject key identifier: D4:37:33:B0:14:76:6D:2B:ED:2E:80:AC:C0:73:87:B6:1B:93:14:8C Certificate issuer: /CN=A91FDAD4/serialNumber=5430A414AA05B6731DC2D64A70C619C669346A0E Certificate serial: 0441 Authority key identifier: 54:30:A4:14:AA:05:B6:73:1D:C2:D6:4A:70:C6:19:C6:69:34:6A:0E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VDCkFKoFtnMdwtZKcMYZxmk0ag4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDAD4/C423183077B511ECA5BCE05FC4F9AE02/168BE8747EEE11ECAB036C59C4F9AE02.roa Signing time: Sun 29 Jun 2025 22:36:01 +0000 ROA not before: Sun 29 Jun 2025 22:36:01 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 149440 IP address blocks: 103.179.142.0/24 maxlen: 24 103.179.143.0/24 maxlen: 24 223.165.6.0/24 maxlen: 24 2400:8d60:1::/48 maxlen: 48 2400:8d60:2::/48 maxlen: 48 2400:8d60:3::/48 maxlen: 48 2400:8d60:4::/48 maxlen: 48 2400:8d60:5::/48 maxlen: 48 2400:8d60:6::/48 maxlen: 48 2400:8d60:7::/48 maxlen: 48 2400:8d60:8::/48 maxlen: 48 2400:8d60:9::/48 maxlen: 48 2400:8d60:10::/48 maxlen: 48 2400:8d60:11::/48 maxlen: 48 2400:8d60:12::/48 maxlen: 48 2400:8d60:13::/48 maxlen: 48 2400:8d60:14::/48 maxlen: 48 2400:8d60:15::/48 maxlen: 48 2400:8d60:16::/48 maxlen: 48 2400:8d60:17::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDAD4/C423183077B511ECA5BCE05FC4F9AE02/VDCkFKoFtnMdwtZKcMYZxmk0ag4.crl rsync://rpki.apnic.net/member_repository/A91FDAD4/C423183077B511ECA5BCE05FC4F9AE02/VDCkFKoFtnMdwtZKcMYZxmk0ag4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VDCkFKoFtnMdwtZKcMYZxmk0ag4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 00:20:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1089 (0x441) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDAD4, serialNumber=5430A414AA05B6731DC2D64A70C619C669346A0E Validity Not Before: Jun 29 22:36:01 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=6861bfd1-fc56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:22:20:2d:25:cb:55:3c:4c:3b:e3:02:d8:4d: e9:60:a3:1c:11:91:97:ab:1e:c9:d8:e4:8c:23:9b: 26:e3:f3:9d:cf:0d:89:c2:7d:36:f3:ca:55:da:7a: fd:36:e3:36:b8:38:17:2c:c1:1c:40:41:41:d3:82: b2:a9:b7:25:11:95:b5:71:68:ee:04:d1:a3:4f:a9: 5d:5d:99:e9:44:5b:13:24:36:a0:fe:5e:08:9e:12: dd:2c:57:56:6a:31:ac:b4:f4:f4:c8:8c:72:df:51: d4:bb:5c:00:b5:fe:e6:c2:06:0e:3e:5e:54:58:00: 91:80:07:50:1f:2f:ff:ba:16:aa:b3:d8:4d:f5:41: 74:e1:37:d6:b9:aa:1f:bd:b7:8e:3c:09:ce:b3:90: 64:88:aa:9d:32:f6:40:10:a7:76:15:de:bc:f0:9a: 0d:8c:30:44:d1:a3:4a:af:c8:97:6f:f0:f0:c6:72: de:df:d7:af:49:25:d5:3a:94:ba:84:30:6f:f3:8e: f0:7d:7d:6e:ed:3e:c2:84:a4:9d:55:14:ff:6b:88: 15:9a:cb:6a:58:d3:fd:a1:b2:56:ad:0c:1b:be:d3: 2f:16:98:e4:30:e1:c0:a5:14:a3:b7:ff:da:13:79: 91:48:b5:13:64:3a:44:fe:d6:4a:35:20:f8:10:7f: cf:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:37:33:B0:14:76:6D:2B:ED:2E:80:AC:C0:73:87:B6:1B:93:14:8C X509v3 Authority Key Identifier: keyid:54:30:A4:14:AA:05:B6:73:1D:C2:D6:4A:70:C6:19:C6:69:34:6A:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C423183077B511ECA5BCE05FC4F9AE02/VDCkFKoFtnMdwtZKcMYZxmk0ag4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VDCkFKoFtnMdwtZKcMYZxmk0ag4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C423183077B511ECA5BCE05FC4F9AE02/168BE8747EEE11ECAB036C59C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.179.142.0/23 223.165.6.0/24 IPv6: 2400:8d60:1::-2400:8d60:9:ffff:ffff:ffff:ffff:ffff 2400:8d60:10::/45 Signature Algorithm: sha256WithRSAEncryption 7a:04:18:e8:15:9a:d9:0b:90:f3:0e:70:03:bc:25:67:ad:0e: 45:b4:46:47:3e:a8:b5:62:6a:bc:7e:77:f8:57:1b:80:bf:32: 14:ea:93:17:37:ec:30:ba:17:6c:bb:bb:42:79:d5:56:b6:fa: e5:86:57:5d:10:99:62:e4:63:79:ef:29:44:fd:58:aa:49:fc: fe:78:aa:5c:fe:83:8a:1a:72:f3:59:71:df:1f:c0:77:ca:dd: db:cc:5d:56:eb:69:c8:45:11:c3:21:20:5e:ef:24:a7:1c:9d: aa:45:f5:dd:9d:df:a1:8d:43:4d:1d:f1:a1:1c:65:f6:08:bd: 26:1b:2c:f2:39:9c:9d:ab:65:64:4b:a8:05:76:09:10:4b:c3: 5a:7a:be:70:a3:40:64:e8:88:32:d8:20:a7:8d:58:28:5a:ec: 50:f3:65:55:d2:ae:9f:14:77:9a:16:b0:50:85:5d:92:54:df: 35:ae:36:5d:35:5d:bb:3b:7f:89:e0:d9:b2:96:48:91:78:cf: 90:09:84:40:e8:09:7c:ee:6a:36:d8:71:66:43:2e:2d:93:f5: f1:bb:ce:b1:4b:fd:24:a1:db:27:12:91:d9:93:e2:0b:37:fa: 2f:87:2b:46:56:80:83:79:27:cf:3c:49:22:1c:fc:96:c1:87: bd:3a:d9:5e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgICBEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRBRDQxMTAvBgNVBAUTKDU0MzBBNDE0QUEwNUI2NzMxREMyRDY0QTcwQzYxOUM2 NjkzNDZBMEUwHhcNMjUwNjI5MjIzNjAxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODYxYmZkMS1mYzU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3SIgLSXLVTxMO+MC2E3pYKMcEZGXqx7J2OSMI5sm4/Odzw2Jwn0288pV2nr9 NuM2uDgXLMEcQEFB04KyqbclEZW1cWjuBNGjT6ldXZnpRFsTJDag/l4InhLdLFdW ajGstPT0yIxy31HUu1wAtf7mwgYOPl5UWACRgAdQHy//uhaqs9hN9UF04TfWuaof vbeOPAnOs5BkiKqdMvZAEKd2Fd688JoNjDBE0aNKr8iXb/DwxnLe39evSSXVOpS6 hDBv847wfX1u7T7ChKSdVRT/a4gVmstqWNP9obJWrQwbvtMvFpjkMOHApRSjt//a E3mRSLUTZDpE/tZKNSD4EH/P1wIDAQABo4ICwDCCArwwHQYDVR0OBBYEFNQ3M7AU dm0r7S6ArMBzh7YbkxSMMB8GA1UdIwQYMBaAFFQwpBSqBbZzHcLWSnDGGcZpNGoO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREFENC9DNDIzMTgzMDc3 QjUxMUVDQTVCQ0UwNUZDNEY5QUUwMi9WRENrRktvRnRuTWR3dFpLY01ZWnhtazBh ZzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZEQ2tGS29GdG5NZHd0WktjTVlaeG1rMGFnNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkRBRDQvQzQyMzE4MzA3N0I1MTFFQ0E1QkNFMDVGQzRGOUFFMDIvMTY4QkU4NzQ3 RUVFMTFFQ0FCMDM2QzU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E OzA5MBIEAgABMAwDBAFns44DBADfpQYwIwQCAAIwHTASAwcAJACNYAABAwcBJACN YAAIAwcDJACNYAAQMA0GCSqGSIb3DQEBCwUAA4IBAQB6BBjoFZrZC5DzDnADvCVn rQ5FtEZHPqi1Ymq8fnf4VxuAvzIU6pMXN+wwuhdsu7tCedVWtvrlhlddEJli5GN5 7ylE/ViqSfz+eKpc/oOKGnLzWXHfH8B3yt3bzF1W62nIRRHDISBe7ySnHJ2qRfXd nd+hjUNNHfGhHGX2CL0mGyzyOZydq2VkS6gFdgkQS8Naer5wo0Bk6Igy2CCnjVgo WuxQ82VV0q6fFHeaFrBQhV2SVN81rjZdNV27O3+J4NmylkiReM+QCYRA6Al87mo2 2HFmQy4tk/Xxu86xS/0kodsnEpHZk+ILN/ovhytGVoCDeSfPPEkiHPyWwYe9Otle -----END CERTIFICATE-----Generated at Mon Jul 21 02:06:47 2025 by rpki-client