$ rpki-client -vvf rpki.apnic.net/member_repository/A911AE8B/EC257CC6E02511E991A9774DC4F9AE02/677F3316E02711E9AB669750C4F9AE02.roa File: 677F3316E02711E9AB669750C4F9AE02.roa (raw, json) Hash identifier: 4yWetI8VRw7mXlPSVbHYiXd6wjj+BvrR9fES4qn/WNo= Subject key identifier: A1:05:98:26:1E:D9:FF:01:E5:85:F3:8C:57:F2:6B:1D:BB:BE:BB:3E Certificate issuer: /CN=A911AE8B/serialNumber=802C751FA984347DF9C93CEDB97ED951A9528286 Certificate serial: 0D20 Authority key identifier: 80:2C:75:1F:A9:84:34:7D:F9:C9:3C:ED:B9:7E:D9:51:A9:52:82:86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCx1H6mENH35yTztuX7ZUalSgoY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911AE8B/EC257CC6E02511E991A9774DC4F9AE02/677F3316E02711E9AB669750C4F9AE02.roa Signing time: Mon 02 Jun 2025 18:21:01 +0000 ROA not before: Mon 02 Jun 2025 18:21:01 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 134823 IP address blocks: 103.214.16.0/22 maxlen: 24 144.48.32.0/22 maxlen: 24 2001:df5:7e80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911AE8B/EC257CC6E02511E991A9774DC4F9AE02/gCx1H6mENH35yTztuX7ZUalSgoY.crl rsync://rpki.apnic.net/member_repository/A911AE8B/EC257CC6E02511E991A9774DC4F9AE02/gCx1H6mENH35yTztuX7ZUalSgoY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCx1H6mENH35yTztuX7ZUalSgoY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 18:32:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3360 (0xd20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911AE8B, serialNumber=802C751FA984347DF9C93CEDB97ED951A9528286 Validity Not Before: Jun 2 18:21:01 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=683deb8d-e7dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:5a:43:4b:c1:bf:4c:e5:78:1c:3c:9e:96:de: e8:69:ce:ce:0c:86:d6:57:3c:55:4f:9f:06:8e:cc: a4:83:b8:e9:6d:62:f0:c2:59:36:26:5a:18:82:f1: b6:ef:79:f0:ca:1a:42:b1:c9:69:72:d2:7c:b2:56: 44:7d:3d:0b:39:da:5a:96:e0:57:dc:9c:6b:e2:b0: e0:dd:89:7c:d2:e6:00:8e:6a:73:da:38:92:38:2d: 82:51:5e:c6:e1:7f:81:b4:17:ae:12:50:0f:b1:36: 43:b7:69:e5:c4:7f:a2:c5:80:e4:c5:eb:2e:5b:34: 00:44:f4:ff:13:16:ba:e5:fb:49:6f:87:fd:1c:70: 7d:a6:2b:21:d7:d9:6a:99:d3:9b:3d:c5:5f:e0:88: b3:55:c9:91:68:96:19:9e:c8:fa:73:f4:b7:13:81: 7b:4b:a3:e3:09:db:38:45:bf:57:4b:06:40:e9:53: 0e:9e:0a:e2:59:08:db:b9:cb:f8:40:5d:13:c8:20: ea:25:43:6e:70:08:b7:81:1f:f0:b5:2d:6a:9b:a8: f9:c3:f3:e3:38:33:c6:fd:6d:67:c5:bb:35:4c:25: 85:c2:a1:85:b1:75:16:92:91:c1:be:99:9a:de:5d: 1d:92:7f:b7:00:78:49:90:ad:98:29:2a:4e:47:9f: aa:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:05:98:26:1E:D9:FF:01:E5:85:F3:8C:57:F2:6B:1D:BB:BE:BB:3E X509v3 Authority Key Identifier: keyid:80:2C:75:1F:A9:84:34:7D:F9:C9:3C:ED:B9:7E:D9:51:A9:52:82:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911AE8B/EC257CC6E02511E991A9774DC4F9AE02/gCx1H6mENH35yTztuX7ZUalSgoY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCx1H6mENH35yTztuX7ZUalSgoY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AE8B/EC257CC6E02511E991A9774DC4F9AE02/677F3316E02711E9AB669750C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.214.16.0/22 144.48.32.0/22 IPv6: 2001:df5:7e80::/48 Signature Algorithm: sha256WithRSAEncryption 3d:21:59:22:f5:96:e9:44:8c:aa:21:2f:cd:98:12:ce:f9:52: 88:ec:63:3f:ba:ac:94:61:01:de:45:f6:3a:83:4b:80:aa:dd: a0:ec:b2:4e:e4:47:03:41:9e:1d:a4:23:a1:04:d2:f2:39:d6: c6:02:9d:14:f6:c4:37:73:a5:82:2b:60:56:d3:85:15:e7:85: 66:79:df:8b:8a:7e:97:00:5a:33:dd:a0:82:b0:65:52:81:04: 95:ad:d0:24:84:2e:68:97:96:76:ee:ab:a7:d1:cf:07:2b:85: 38:f9:3d:e1:44:70:04:1b:d6:96:e2:25:fd:80:25:6d:84:64: 32:29:b4:f5:0d:34:c9:97:e5:e7:9c:c0:5c:d7:c8:cb:4f:48: ee:e8:85:fa:d0:83:32:3a:20:1e:87:6f:d6:2f:6e:1e:a4:c1: 23:a8:99:a3:6f:11:94:b2:74:72:1e:fe:66:5a:52:36:16:26: c7:61:7e:aa:5a:c7:10:16:60:9a:34:36:6c:6d:af:79:b7:4a: 2e:98:ef:07:0c:7e:2d:11:d9:44:2b:7f:bf:c1:23:0c:5b:a2: 2f:a4:23:6a:97:2a:45:ee:48:06:77:2a:e2:70:6a:6f:9f:46: 66:60:08:8b:0e:a8:45:85:85:38:94:a9:36:da:bf:16:7b:22: 76:56:59:a1 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICDSAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUFFOEIxMTAvBgNVBAUTKDgwMkM3NTFGQTk4NDM0N0RGOUM5M0NFREI5N0VEOTUx QTk1MjgyODYwHhcNMjUwNjAyMTgyMTAxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNkZWI4ZC1lN2RjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwFpDS8G/TOV4HDyelt7oac7ODIbWVzxVT58Gjsykg7jpbWLwwlk2JloYgvG2 73nwyhpCsclpctJ8slZEfT0LOdpaluBX3Jxr4rDg3Yl80uYAjmpz2jiSOC2CUV7G 4X+BtBeuElAPsTZDt2nlxH+ixYDkxesuWzQARPT/Exa65ftJb4f9HHB9pish19lq mdObPcVf4IizVcmRaJYZnsj6c/S3E4F7S6PjCds4Rb9XSwZA6VMOngriWQjbucv4 QF0TyCDqJUNucAi3gR/wtS1qm6j5w/PjODPG/W1nxbs1TCWFwqGFsXUWkpHBvpma 3l0dkn+3AHhJkK2YKSpOR5+qAQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFKEFmCYe 2f8B5YXzjFfyax27vrs+MB8GA1UdIwQYMBaAFIAsdR+phDR9+ck87bl+2VGpUoKG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUU4Qi9FQzI1N0NDNkUw MjUxMUU5OTFBOTc3NERDNEY5QUUwMi9nQ3gxSDZtRU5IMzV5VHp0dVg3WlVhbFNn b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dDeDFINm1FTkgzNXlUenR1WDdaVWFsU2dvWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUFFOEIvRUMyNTdDQzZFMDI1MTFFOTkxQTk3NzREQzRGOUFFMDIvNjc3RjMzMTZF MDI3MTFFOUFCNjY5NzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBAJn1hADBAKQMCAwDwQCAAIwCQMHACABDfV+gDANBgkqhkiG 9w0BAQsFAAOCAQEAPSFZIvWW6USMqiEvzZgSzvlSiOxjP7qslGEB3kX2OoNLgKrd oOyyTuRHA0GeHaQjoQTS8jnWxgKdFPbEN3OlgitgVtOFFeeFZnnfi4p+lwBaM92g grBlUoEEla3QJIQuaJeWdu6rp9HPByuFOPk94URwBBvWluIl/YAlbYRkMim09Q00 yZfl55zAXNfIy09I7uiF+tCDMjogHodv1i9uHqTBI6iZo28RlLJ0ch7+ZlpSNhYm x2F+qlrHEBZgmjQ2bG2vebdKLpjvBwx+LRHZRCt/v8EjDFuiL6QjapcqRe5IBncq 4nBqb59GZmAIiw6oRYWFOJSpNtq/FnsidlZZoQ== -----END CERTIFICATE-----Generated at Sat Oct 25 11:35:57 2025 by rpki-client