$ rpki-client -vvf rpki.apnic.net/member_repository/A9125949/663B25F236E611F0951EB87EC4F9AE02/D01462D636E611F090C5647FC4F9AE02.roa File: D01462D636E611F090C5647FC4F9AE02.roa (raw, json) Hash identifier: FQtkhR7K7QV32QbqO8VdQAo75j1/gLUGSAPk3ncX5y8= Subject key identifier: 9B:0E:94:A3:F7:F0:CB:4F:0E:3F:A2:AF:48:13:7F:AC:35:9D:4F:10 Certificate issuer: /CN=A9125949/serialNumber=5A358B484AD87FE029C101DAE6D2ED828D860553 Certificate serial: 0C Authority key identifier: 5A:35:8B:48:4A:D8:7F:E0:29:C1:01:DA:E6:D2:ED:82:8D:86:05:53 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WjWLSErYf-ApwQHa5tLtgo2GBVM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125949/663B25F236E611F0951EB87EC4F9AE02/D01462D636E611F090C5647FC4F9AE02.roa Signing time: Thu 22 May 2025 08:33:58 +0000 ROA not before: Thu 22 May 2025 08:33:58 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 9304 IP address blocks: 103.5.220.0/22 maxlen: 22 124.158.192.0/19 maxlen: 19 180.131.160.0/19 maxlen: 19 202.55.32.0/19 maxlen: 19 202.55.40.0/22 maxlen: 22 202.80.128.0/20 maxlen: 20 202.80.138.0/24 maxlen: 24 202.92.160.0/19 maxlen: 19 202.92.177.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125949/663B25F236E611F0951EB87EC4F9AE02/WjWLSErYf-ApwQHa5tLtgo2GBVM.crl rsync://rpki.apnic.net/member_repository/A9125949/663B25F236E611F0951EB87EC4F9AE02/WjWLSErYf-ApwQHa5tLtgo2GBVM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WjWLSErYf-ApwQHa5tLtgo2GBVM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 08:03:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12 (0xc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125949, serialNumber=5A358B484AD87FE029C101DAE6D2ED828D860553 Validity Not Before: May 22 08:33:58 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=682ee176-64e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c9:20:f4:85:53:ff:84:24:bf:b2:5f:54:af: a5:9c:59:c8:b5:7a:f9:eb:66:82:d5:53:90:88:e1: 6f:9a:9b:4a:73:a6:a3:57:92:14:4c:2c:b4:02:07: fa:ad:e7:b4:71:69:2f:48:8c:b5:18:18:1b:a1:c5: 0a:e3:4c:85:17:18:c2:17:4b:56:bb:ef:47:41:d3: f2:20:ba:10:9e:21:c1:ad:db:4a:87:a2:35:96:b0: 83:0d:78:8e:66:93:6c:72:cf:5b:ee:0d:49:b7:51: a5:04:0b:9f:63:f8:35:12:5f:a5:25:6b:e1:30:08: d4:5d:76:72:21:64:a1:5c:bd:37:37:e7:96:cb:43: 53:c8:b6:49:0d:46:3d:5e:bd:69:a6:03:4b:30:4a: 73:4f:bb:00:24:f8:a3:2a:c5:7b:24:42:db:ba:03: 4c:d2:ef:bd:f9:3f:ed:87:24:98:67:0d:b3:13:88: d7:00:cd:6c:0a:71:d6:76:24:4c:47:88:13:c4:d8: 6f:09:44:06:11:83:a7:d8:5e:89:07:75:2d:51:4d: b7:6c:06:13:10:7a:fc:f0:cf:15:47:e8:76:23:e6: 43:d4:c7:76:2c:25:12:76:8d:6a:d1:62:c7:07:4e: ad:86:4c:ad:22:50:c6:91:68:f9:52:86:03:01:9d: af:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:0E:94:A3:F7:F0:CB:4F:0E:3F:A2:AF:48:13:7F:AC:35:9D:4F:10 X509v3 Authority Key Identifier: keyid:5A:35:8B:48:4A:D8:7F:E0:29:C1:01:DA:E6:D2:ED:82:8D:86:05:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125949/663B25F236E611F0951EB87EC4F9AE02/WjWLSErYf-ApwQHa5tLtgo2GBVM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WjWLSErYf-ApwQHa5tLtgo2GBVM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125949/663B25F236E611F0951EB87EC4F9AE02/D01462D636E611F090C5647FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.5.220.0/22 124.158.192.0/19 180.131.160.0/19 202.55.32.0/19 202.80.128.0/20 202.92.160.0/19 Signature Algorithm: sha256WithRSAEncryption 86:0f:0d:87:d8:b4:74:94:8d:6f:6d:28:97:33:d7:c6:d8:d3: 74:f1:c0:4e:bd:06:95:52:28:bc:02:26:3c:7f:c1:b3:85:20: bc:15:88:11:22:38:9c:38:40:2f:8a:61:b4:83:39:c7:b8:d0: 04:24:92:d9:15:84:25:d3:47:d3:1c:2d:b1:2a:0e:c1:cb:ac: 93:15:94:a2:25:26:c7:1b:fe:49:db:c4:fe:1e:b1:42:c0:f6: 26:ca:2e:75:8c:a7:fd:c3:69:22:ed:55:8f:5a:2a:75:e4:b3: 72:6d:75:b3:97:17:d2:15:b8:08:63:85:1b:9e:23:5d:02:95: b4:6f:31:e7:93:59:00:4a:ad:07:a6:ce:cd:e4:ac:b8:3e:cb: ca:1d:5d:cd:99:50:af:93:14:eb:2f:a1:15:1b:d9:01:f6:5e: 7e:4e:40:41:07:27:1d:8d:47:8b:04:33:c5:6c:fa:6f:27:32: 61:6e:6f:93:86:1f:b6:86:cf:c2:cf:84:81:36:9a:ba:4f:45: 7c:50:e6:81:9a:9c:5d:67:b0:26:34:45:a3:b7:e3:79:1a:f8: cf:1e:eb:f9:a5:ca:73:79:92:7b:d3:76:ba:7f:85:d5:36:eb: 44:39:83:62:5d:ec:26:f3:4b:6d:55:63:dd:e3:c6:ac:a7:19: 37:df:f6:26 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy NTk0OTExMC8GA1UEBRMoNUEzNThCNDg0QUQ4N0ZFMDI5QzEwMURBRTZEMkVEODI4 RDg2MDU1MzAeFw0yNTA1MjIwODMzNThaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MmVlMTc2LTY0ZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGySD0hVP/hCS/sl9Ur6WcWci1evnrZoLVU5CI4W+am0pzpqNXkhRMLLQCB/qt 57RxaS9IjLUYGBuhxQrjTIUXGMIXS1a770dB0/IguhCeIcGt20qHojWWsIMNeI5m k2xyz1vuDUm3UaUEC59j+DUSX6Ula+EwCNRddnIhZKFcvTc355bLQ1PItkkNRj1e vWmmA0swSnNPuwAk+KMqxXskQtu6A0zS7735P+2HJJhnDbMTiNcAzWwKcdZ2JExH iBPE2G8JRAYRg6fYXokHdS1RTbdsBhMQevzwzxVH6HYj5kPUx3YsJRJ2jWrRYscH Tq2GTK0iUMaRaPlShgMBna+hAgMBAAGjggKzMIICrzAdBgNVHQ4EFgQUmw6Uo/fw y08OP6KvSBN/rDWdTxAwHwYDVR0jBBgwFoAUWjWLSErYf+ApwQHa5tLtgo2GBVMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI1OTQ5LzY2M0IyNUYyMzZF NjExRjA5NTFFQjg3RUM0RjlBRTAyL1dqV0xTRXJZZi1BcHdRSGE1dEx0Z28yR0JW TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvV2pXTFNFcllmLUFwd1FIYTV0THRnbzJHQlZNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NTk0OS82NjNCMjVGMjM2RTYxMUYwOTUxRUI4N0VDNEY5QUUwMi9EMDE0NjJENjM2 RTYxMUYwOTBDNTY0N0ZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA9BggrBgEFBQcBBwEB/wQu MCwwKgQCAAEwJAMEAmcF3AMEBXyewAMEBbSDoAMEBco3IAMEBMpQgAMEBcpcoDAN BgkqhkiG9w0BAQsFAAOCAQEAhg8Nh9i0dJSNb20olzPXxtjTdPHATr0GlVIovAIm PH/Bs4UgvBWIESI4nDhAL4phtIM5x7jQBCSS2RWEJdNH0xwtsSoOwcuskxWUoiUm xxv+SdvE/h6xQsD2JsoudYyn/cNpIu1Vj1oqdeSzcm11s5cX0hW4CGOFG54jXQKV tG8x55NZAEqtB6bOzeSsuD7Lyh1dzZlQr5MU6y+hFRvZAfZefk5AQQcnHY1HiwQz xWz6bycyYW5vk4YftobPws+EgTaauk9FfFDmgZqcXWewJjRFo7fjeRr4zx7r+aXK c3mSe9N2un+F1TbrRDmDYl3sJvNLbVVj3ePGrKcZN9/2Jg== -----END CERTIFICATE-----Generated at Wed Jun 4 00:11:15 2025 by rpki-client