$ rpki-client -vvf rpki.apnic.net/member_repository/A911B8D9/AF5CDB04C70811EDA874AE85C4F9AE02/F50351E0C70A11EDB29DDE85C4F9AE02.roa File: F50351E0C70A11EDB29DDE85C4F9AE02.roa (raw, json) Hash identifier: hqEhlFzljzL9QNC3npjH/PXhuwMeiWo8+fxKQZav0bo= Subject key identifier: 00:DE:11:A0:D4:86:EE:25:65:D0:C9:4C:09:DA:A3:A3:6F:BC:B2:4F Certificate issuer: /CN=A911B8D9/serialNumber=038EC0AEB8350C9DA7E6F20B26D2F350BA6C2409 Certificate serial: 019F Authority key identifier: 03:8E:C0:AE:B8:35:0C:9D:A7:E6:F2:0B:26:D2:F3:50:BA:6C:24:09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A47Arrg1DJ2n5vILJtLzULpsJAk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B8D9/AF5CDB04C70811EDA874AE85C4F9AE02/F50351E0C70A11EDB29DDE85C4F9AE02.roa Signing time: Sun 01 Jun 2025 03:19:52 +0000 ROA not before: Sun 01 Jun 2025 03:19:52 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 134122 IP address blocks: 103.105.122.0/23 maxlen: 23 103.105.122.0/24 maxlen: 24 103.105.123.0/24 maxlen: 24 2400:eb20::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B8D9/AF5CDB04C70811EDA874AE85C4F9AE02/A47Arrg1DJ2n5vILJtLzULpsJAk.crl rsync://rpki.apnic.net/member_repository/A911B8D9/AF5CDB04C70811EDA874AE85C4F9AE02/A47Arrg1DJ2n5vILJtLzULpsJAk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A47Arrg1DJ2n5vILJtLzULpsJAk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 03:19:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 415 (0x19f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B8D9, serialNumber=038EC0AEB8350C9DA7E6F20B26D2F350BA6C2409 Validity Not Before: Jun 1 03:19:52 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=683bc6d8-b905 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:81:b5:c4:90:e3:5e:c6:26:3e:fc:49:64:df: 82:05:34:d2:96:65:92:b6:97:34:3a:a5:d6:eb:9a: f5:90:95:ac:71:fd:2a:45:65:26:ff:39:2f:f0:c1: 4a:80:87:3a:3f:7b:38:32:21:1b:c4:37:23:0e:de: 93:72:2b:4d:fc:d6:21:3f:b1:93:04:ba:49:a8:73: 6d:63:29:3f:ac:ae:75:ca:2e:4c:a6:79:ad:40:0d: f0:40:d2:80:1a:e7:be:b7:31:5e:ed:12:a1:b2:fb: 7f:0a:d5:4b:76:49:b5:ef:95:c0:9f:b8:b8:dd:4f: 46:f8:ee:ec:97:97:6e:07:d5:92:48:69:e4:24:a6: f7:da:6b:ce:c3:fb:eb:be:34:87:32:76:20:d7:ca: 3c:f0:30:1c:1e:9f:fb:e8:c3:e2:50:4c:e8:32:a4: 92:df:03:0b:11:6b:f4:80:70:8e:06:8f:eb:46:71: c9:74:dc:21:9c:a0:4f:f4:6c:4c:dd:d3:92:77:f0: 8d:7c:19:03:32:bc:f1:9a:6c:b1:ad:79:54:7d:f6: 94:95:06:37:3a:d3:39:3b:e9:63:b9:f4:de:6d:3a: f4:67:ee:51:b1:f4:78:4f:28:0d:e1:d7:30:08:87: 66:56:0d:85:f2:bd:9c:97:05:2b:42:7d:0b:87:54: 81:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:DE:11:A0:D4:86:EE:25:65:D0:C9:4C:09:DA:A3:A3:6F:BC:B2:4F X509v3 Authority Key Identifier: keyid:03:8E:C0:AE:B8:35:0C:9D:A7:E6:F2:0B:26:D2:F3:50:BA:6C:24:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B8D9/AF5CDB04C70811EDA874AE85C4F9AE02/A47Arrg1DJ2n5vILJtLzULpsJAk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A47Arrg1DJ2n5vILJtLzULpsJAk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B8D9/AF5CDB04C70811EDA874AE85C4F9AE02/F50351E0C70A11EDB29DDE85C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.105.122.0/23 IPv6: 2400:eb20::/32 Signature Algorithm: sha256WithRSAEncryption 68:ca:f3:8c:a3:cb:94:3a:d0:04:a4:e1:ee:c2:4c:72:0a:47: 21:3f:e9:b0:e1:0e:c6:29:a9:bd:fb:78:33:e1:d4:64:75:09: 9f:bc:3f:79:cc:03:da:f4:ba:78:93:43:71:4e:ea:89:4f:f2: 63:82:21:66:03:62:82:77:53:54:97:7a:2a:3a:b2:b7:d3:1d: c3:69:16:03:53:56:d7:27:ef:9e:d9:b4:d0:7d:e1:cd:0a:74: b8:4c:d8:ce:35:bd:25:c5:19:e4:3b:2b:4f:35:3c:6e:2e:8b: 14:55:47:39:3d:1f:b4:6f:dc:73:6f:09:46:97:58:ae:c2:8e: ae:aa:c0:36:79:f9:77:8c:cf:9c:68:52:78:c0:1d:29:3e:83: 9b:9b:e5:70:5b:38:b4:af:40:01:3e:1e:4b:2f:11:fe:df:dc: 08:7b:06:6a:a5:4e:3f:e8:f6:08:9d:35:6a:21:99:4e:74:dc: cf:05:07:8e:c3:0c:06:6c:00:a1:62:df:81:ee:be:6e:f9:14: 13:51:aa:2f:d9:4d:79:ea:5d:1d:eb:33:16:f2:6b:0c:b4:36: 2d:76:80:57:e3:0f:01:23:a4:a5:45:66:eb:52:aa:d6:46:4a: 30:60:77:14:21:a9:ea:df:c3:5d:1e:01:fa:87:fd:11:50:4a: 22:2f:c1:aa -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICAZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI4RDkxMTAvBgNVBAUTKDAzOEVDMEFFQjgzNTBDOURBN0U2RjIwQjI2RDJGMzUw QkE2QzI0MDkwHhcNMjUwNjAxMDMxOTUyWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiYzZkOC1iOTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlIG1xJDjXsYmPvxJZN+CBTTSlmWStpc0OqXW65r1kJWscf0qRWUm/zkv8MFK gIc6P3s4MiEbxDcjDt6TcitN/NYhP7GTBLpJqHNtYyk/rK51yi5MpnmtQA3wQNKA Gue+tzFe7RKhsvt/CtVLdkm175XAn7i43U9G+O7sl5duB9WSSGnkJKb32mvOw/vr vjSHMnYg18o88DAcHp/76MPiUEzoMqSS3wMLEWv0gHCOBo/rRnHJdNwhnKBP9GxM 3dOSd/CNfBkDMrzxmmyxrXlUffaUlQY3OtM5O+ljufTebTr0Z+5RsfR4TygN4dcw CIdmVg2F8r2clwUrQn0Lh1SBSQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFADeEaDU hu4lZdDJTAnao6NvvLJPMB8GA1UdIwQYMBaAFAOOwK64NQydp+byCybS81C6bCQJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjhEOS9BRjVDREIwNEM3 MDgxMUVEQTg3NEFFODVDNEY5QUUwMi9BNDdBcnJnMURKMm41dklMSnRMelVMcHNK QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0E0N0FycmcxREoybjV2SUxKdEx6VUxwc0pBay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI4RDkvQUY1Q0RCMDRDNzA4MTFFREE4NzRBRTg1QzRGOUFFMDIvRjUwMzUxRTBD NzBBMTFFREIyOURERTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnaXowDQQCAAIwBwMFACQA6yAwDQYJKoZIhvcNAQELBQAD ggEBAGjK84yjy5Q60ASk4e7CTHIKRyE/6bDhDsYpqb37eDPh1GR1CZ+8P3nMA9r0 uniTQ3FO6olP8mOCIWYDYoJ3U1SXeio6srfTHcNpFgNTVtcn757ZtNB94c0KdLhM 2M41vSXFGeQ7K081PG4uixRVRzk9H7Rv3HNvCUaXWK7Cjq6qwDZ5+XeMz5xoUnjA HSk+g5ub5XBbOLSvQAE+HksvEf7f3Ah7BmqlTj/o9gidNWohmU503M8FB47DDAZs AKFi34Huvm75FBNRqi/ZTXnqXR3rMxbyawy0Ni12gFfjDwEjpKVFZutSqtZGSjBg dxQhqerfw10eAfqH/RFQSiIvwao= -----END CERTIFICATE-----Generated at Mon Jun 2 06:33:29 2025 by rpki-client