$ rpki-client -vvf rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/C4F9C4A03CCB11F0A0971A87C4F9AE02.roa File: C4F9C4A03CCB11F0A0971A87C4F9AE02.roa (raw, json) Hash identifier: xHCZ2/dEn0nHhWiq6+O/i6vGEe0ccZlJVNPLmFkzdOM= Subject key identifier: 5D:7D:F0:7B:38:FD:0E:B9:AD:73:A2:FA:B5:8C:96:F7:EB:3C:3A:EE Certificate issuer: /CN=A91275FD/serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5 Certificate serial: 274F Authority key identifier: 4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/C4F9C4A03CCB11F0A0971A87C4F9AE02.roa Signing time: Thu 29 May 2025 20:31:29 +0000 ROA not before: Thu 29 May 2025 20:31:29 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 17970 IP address blocks: 43.255.216.0/22 maxlen: 22 61.9.32.0/19 maxlen: 22 61.9.96.0/19 maxlen: 22 61.14.192.0/21 maxlen: 24 103.239.200.0/22 maxlen: 22 202.81.168.0/21 maxlen: 22 202.81.172.0/24 maxlen: 24 202.81.173.0/24 maxlen: 24 202.81.174.0/24 maxlen: 24 202.81.175.0/24 maxlen: 24 203.76.192.0/21 maxlen: 22 203.76.195.0/24 maxlen: 24 203.76.196.0/24 maxlen: 24 219.90.80.0/20 maxlen: 20 219.90.80.0/22 maxlen: 22 219.90.84.0/22 maxlen: 22 219.90.84.0/24 maxlen: 24 219.90.86.0/24 maxlen: 24 219.90.87.0/24 maxlen: 24 219.90.88.0/22 maxlen: 22 219.90.90.0/24 maxlen: 24 219.90.91.0/24 maxlen: 24 219.90.92.0/22 maxlen: 22 219.90.92.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.crl rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 15:50:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10063 (0x274f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91275FD, serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5 Validity Not Before: May 29 20:31:29 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6838c421-1a51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:90:c6:55:e2:50:fd:cc:93:89:f9:2f:90:95: 57:e0:a3:2a:f7:38:b9:fc:c7:3a:8b:9b:c5:37:18: a6:fe:ba:85:89:3a:b0:61:a5:2c:03:cd:6f:9c:5c: 7f:cb:00:99:99:c7:9a:f8:17:c7:5e:29:1c:3f:cf: 9f:ff:2e:7b:bf:34:61:0f:4f:a2:94:d7:4d:59:14: 9b:e1:7b:47:02:94:69:67:bf:2b:2f:1a:b9:46:2d: 5f:63:0e:f6:90:90:fd:7c:b0:2d:06:ea:84:71:eb: f3:45:40:eb:ce:52:cc:7a:cf:35:ad:80:c6:30:05: f4:59:3a:df:3d:36:40:64:98:19:0d:43:32:38:ba: 25:5e:1b:83:9a:29:41:d4:f3:88:d0:ce:f6:54:9d: 7a:0c:a1:b4:eb:54:74:4d:d4:25:e5:46:64:e7:18: 0f:08:4c:7f:0e:e5:40:b3:4d:91:da:1c:70:ba:b4: 5b:21:69:82:43:6b:1a:53:47:02:db:66:01:52:c9: d3:2e:be:e9:b3:35:ac:fe:5d:18:b6:c8:f1:db:df: ee:bc:0f:38:20:b9:4f:b7:f8:f0:2a:21:89:10:e3: 02:27:38:95:61:ad:0b:15:e7:bc:4a:eb:13:3b:21: f3:0b:07:8d:ed:88:20:b1:2a:2a:fd:3b:6d:1c:ad: 56:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:7D:F0:7B:38:FD:0E:B9:AD:73:A2:FA:B5:8C:96:F7:EB:3C:3A:EE X509v3 Authority Key Identifier: keyid:4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/C4F9C4A03CCB11F0A0971A87C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.216.0/22 61.9.32.0/19 61.9.96.0/19 61.14.192.0/21 103.239.200.0/22 202.81.168.0/21 203.76.192.0/21 219.90.80.0/20 Signature Algorithm: sha256WithRSAEncryption 53:f1:7a:48:8f:fb:03:ac:a7:24:9c:a4:8a:4d:b7:ff:df:3e: 5a:b2:78:79:17:28:f8:82:3b:fa:94:fe:2e:3f:51:7d:c6:ed: 38:fe:eb:b8:20:aa:bd:f8:41:9d:10:1c:9c:05:26:de:9f:34: 05:47:0d:a3:45:b1:52:1a:2a:dd:9d:8e:27:89:db:94:86:36: a7:32:ba:f0:3e:32:dc:3a:28:34:26:c5:2e:27:27:b4:b4:49: a7:c5:dd:a0:64:70:c0:70:ce:c0:87:bc:74:08:fe:3c:69:55: 47:b2:2f:81:52:ca:ad:f2:a1:93:18:12:36:1a:c8:8b:27:85: af:9a:ca:59:ef:c6:5b:00:1a:83:7e:c6:0a:66:57:5d:17:6f: ff:6b:2b:87:f3:74:74:46:37:70:56:13:20:5e:ee:8a:21:af: 80:f1:f5:d9:74:25:e1:f6:c4:49:7d:fa:66:a1:2a:f5:58:e6: 89:17:06:30:2f:fc:64:6b:b1:ee:75:34:b8:32:fa:d6:c5:04: cb:7e:dc:ab:99:4e:1f:e6:53:bd:74:00:c0:d5:4c:7c:42:bf: d5:96:53:91:6b:1c:4c:b1:4f:c5:76:66:1a:46:79:40:bc:b8: 30:72:37:c7:ca:99:8e:b0:08:63:43:91:74:ea:cb:a7:6a:cb: c6:e6:73:a8 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgICJ08wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc1RkQxMTAvBgNVBAUTKDRFMTBGMTNGMjk1RkJGMkIzNTlDODREREQxNjUxQkM4 NTFBQThBRjUwHhcNMjUwNTI5MjAzMTI5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM4YzQyMS0xYTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnpDGVeJQ/cyTifkvkJVX4KMq9zi5/Mc6i5vFNxim/rqFiTqwYaUsA81vnFx/ ywCZmcea+BfHXikcP8+f/y57vzRhD0+ilNdNWRSb4XtHApRpZ78rLxq5Ri1fYw72 kJD9fLAtBuqEcevzRUDrzlLMes81rYDGMAX0WTrfPTZAZJgZDUMyOLolXhuDmilB 1POI0M72VJ16DKG061R0TdQl5UZk5xgPCEx/DuVAs02R2hxwurRbIWmCQ2saU0cC 22YBUsnTLr7pszWs/l0Ytsjx29/uvA84ILlPt/jwKiGJEOMCJziVYa0LFee8SusT OyHzCweN7YggsSoq/TttHK1WIwIDAQABo4ICvzCCArswHQYDVR0OBBYEFF198Hs4 /Q65rXOi+rWMlvfrPDruMB8GA1UdIwQYMBaAFE4Q8T8pX78rNZyE3dFlG8hRqor1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVGRC9FMUVGRDlCNkRF Q0UxMUU0QTE0RjAwNjhDNEY5QUUwMi9UaER4UHlsZnZ5czFuSVRkMFdVYnlGR3Fp dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RoRHhQeWxmdnlzMW5JVGQwV1VieUZHcWl2VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mjc1RkQvRTFFRkQ5QjZERUNFMTFFNEExNEYwMDY4QzRGOUFFMDIvQzRGOUM0QTAz Q0NCMTFGMEEwOTcxQTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E OjA4MDYEAgABMDADBAIr/9gDBAU9CSADBAU9CWADBAM9DsADBAJn78gDBAPKUagD BAPLTMADBATbWlAwDQYJKoZIhvcNAQELBQADggEBAFPxekiP+wOspyScpIpNt//f PlqyeHkXKPiCO/qU/i4/UX3G7Tj+67ggqr34QZ0QHJwFJt6fNAVHDaNFsVIaKt2d jieJ25SGNqcyuvA+Mtw6KDQmxS4nJ7S0SafF3aBkcMBwzsCHvHQI/jxpVUeyL4FS yq3yoZMYEjYayIsnha+aylnvxlsAGoN+xgpmV10Xb/9rK4fzdHRGN3BWEyBe7ooh r4Dx9dl0JeH2xEl9+mahKvVY5okXBjAv/GRrse51NLgy+tbFBMt+3KuZTh/mU710 AMDVTHxCv9WWU5FrHEyxT8V2ZhpGeUC8uDByN8fKmY6wCGNDkXTqy6dqy8bmc6g= -----END CERTIFICATE-----Generated at Tue Jun 3 23:48:19 2025 by rpki-client