$ rpki-client -vvf rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa File: D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa (raw, json) Hash identifier: DvLUGxpnlD+w7CjAnjLD3ciQNtC4SJP+lB2sIfV00Es= Subject key identifier: 16:E9:CD:C7:66:9E:96:39:FE:6E:B3:04:C2:42:EC:24:5B:B8:B3:AF Certificate issuer: /CN=A91356BB/serialNumber=2CCA13540F013B93B23C9DF14D9617DA40CB2677 Certificate serial: 0518 Authority key identifier: 2C:CA:13:54:0F:01:3B:93:B2:3C:9D:F1:4D:96:17:DA:40:CB:26:77 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa Signing time: Sun 01 Jun 2025 00:33:20 +0000 ROA not before: Sun 01 Jun 2025 00:33:20 +0000 ROA not after: Wed 01 Oct 2025 00:00:00 +0000 asID: 16509 IP address blocks: 203.20.192.0/24 maxlen: 24 203.20.193.0/24 maxlen: 24 203.20.194.0/24 maxlen: 24 203.20.195.0/24 maxlen: 24 203.20.196.0/24 maxlen: 24 203.20.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.crl rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 00:33:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1304 (0x518) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91356BB, serialNumber=2CCA13540F013B93B23C9DF14D9617DA40CB2677 Validity Not Before: Jun 1 00:33:20 2025 GMT Not After : Oct 1 00:00:00 2025 GMT Subject: CN=683b9fd0-d414 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:36:2d:1f:ed:6b:bd:4f:7b:62:a0:2b:d6:e5: 16:d2:eb:37:4f:ba:b7:63:df:79:e9:d1:7b:b8:2d: 94:e5:3a:5f:35:6e:1a:80:b8:2c:37:df:ad:2d:f5: 24:2e:ec:fe:3e:2b:b7:03:34:7c:83:59:f5:a0:71: 5a:ba:11:cd:14:e3:f6:84:4f:68:74:27:31:e0:b0: 4e:1e:ec:3e:90:07:d3:8a:ba:48:9d:56:22:5b:ee: d5:7b:f7:4f:2f:c6:99:b1:70:61:5e:e5:e4:b6:55: db:73:52:67:7c:79:9f:2b:cc:48:6d:76:d3:e2:8e: 03:81:a1:52:3b:cc:1a:4f:3a:3e:0c:06:d2:43:0f: 6c:fb:1d:39:2c:98:cf:57:fb:3d:93:82:06:06:2f: b9:54:1d:83:a8:e3:7f:d7:ab:aa:35:17:1b:01:b4: 2c:1c:a7:1c:7e:e4:5a:1e:08:45:40:de:c3:18:6e: 2d:61:22:4d:77:08:64:d4:2e:40:0b:2a:44:f4:40: 8b:7e:50:dc:a2:31:9c:2d:2f:df:de:31:45:b2:09: af:5f:fd:38:53:61:7c:c1:d0:ff:6d:96:43:d7:8e: 25:65:7e:6c:57:69:47:78:52:51:a8:e2:2f:e5:54: 00:6f:26:83:c5:af:18:ef:a9:43:ae:fe:ae:25:1d: 3f:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:E9:CD:C7:66:9E:96:39:FE:6E:B3:04:C2:42:EC:24:5B:B8:B3:AF X509v3 Authority Key Identifier: keyid:2C:CA:13:54:0F:01:3B:93:B2:3C:9D:F1:4D:96:17:DA:40:CB:26:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LMoTVA8BO5OyPJ3xTZYX2kDLJnc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91356BB/5CEA549416D511ECA7F3F46AC4F9AE02/D8CA5BF0D91811EFA4F02F4EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.20.192.0-203.20.196.255 203.20.198.0/24 Signature Algorithm: sha256WithRSAEncryption 56:7f:ee:09:bb:bd:04:c3:aa:6f:6c:73:45:1e:f5:bc:1a:38: ec:cc:e7:14:ac:8b:e9:60:73:1e:94:32:2b:4b:34:40:9f:8f: f9:f6:6a:c0:76:76:25:ea:06:a7:e8:fc:e2:c3:74:04:c4:63: 80:1f:28:dc:fb:2c:cb:06:eb:32:49:ee:eb:d1:47:3e:ba:32: 92:2d:d9:82:e2:45:81:5a:15:98:02:22:57:7b:e2:58:7d:5c: 4f:2b:b4:89:62:55:82:bd:46:c2:32:09:f7:60:04:48:cd:94: 40:3a:e5:49:05:2f:5b:03:bc:89:e9:55:e7:d7:9d:39:53:e5: 4a:27:7e:b7:6e:c1:e2:25:12:06:f6:d2:6a:8c:0c:8c:d4:72: d3:14:a3:6f:3c:e8:44:6c:6f:ce:cb:5e:13:bd:43:f7:8c:53: d1:3f:1d:d4:63:ad:45:7d:27:50:12:05:88:0b:2f:61:1a:a3: 5f:e1:2e:6e:ca:cc:26:64:97:c9:bd:69:3b:4d:70:dd:c3:be: de:cb:de:0c:95:6e:16:71:e1:75:70:51:3c:e9:14:0b:c0:9b: 78:a2:e6:8c:36:c6:ef:95:cd:6a:66:83:61:86:61:8a:81:24: ac:58:bc:29:9a:57:e7:02:66:12:35:d2:91:19:67:6d:09:06: 9c:23:f7:b4 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICBRgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzU2QkIxMTAvBgNVBAUTKDJDQ0ExMzU0MEYwMTNCOTNCMjNDOURGMTREOTYxN0RB NDBDQjI2NzcwHhcNMjUwNjAxMDAzMzIwWhcNMjUxMDAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiOWZkMC1kNDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzDYtH+1rvU97YqAr1uUW0us3T7q3Y9956dF7uC2U5TpfNW4agLgsN9+tLfUk Luz+Piu3AzR8g1n1oHFauhHNFOP2hE9odCcx4LBOHuw+kAfTirpInVYiW+7Ve/dP L8aZsXBhXuXktlXbc1JnfHmfK8xIbXbT4o4DgaFSO8waTzo+DAbSQw9s+x05LJjP V/s9k4IGBi+5VB2DqON/16uqNRcbAbQsHKccfuRaHghFQN7DGG4tYSJNdwhk1C5A CypE9ECLflDcojGcLS/f3jFFsgmvX/04U2F8wdD/bZZD144lZX5sV2lHeFJRqOIv 5VQAbyaDxa8Y76lDrv6uJR0/WwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFBbpzcdm npY5/m6zBMJC7CRbuLOvMB8GA1UdIwQYMBaAFCzKE1QPATuTsjyd8U2WF9pAyyZ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNTZCQi81Q0VBNTQ5NDE2 RDUxMUVDQTdGM0Y0NkFDNEY5QUUwMi9MTW9UVkE4Qk81T3lQSjN4VFpZWDJrRExK bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xNb1RWQThCTzVPeVBKM3hUWllYMmtETEpuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzU2QkIvNUNFQTU0OTQxNkQ1MTFFQ0E3RjNGNDZBQzRGOUFFMDIvRDhDQTVCRjBE OTE4MTFFRkE0RjAyRjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQwDAMEBssUwAMEAMsUxAMEAMsUxjANBgkqhkiG9w0BAQsFAAOC AQEAVn/uCbu9BMOqb2xzRR71vBo47MznFKyL6WBzHpQyK0s0QJ+P+fZqwHZ2JeoG p+j84sN0BMRjgB8o3PssywbrMknu69FHProyki3ZguJFgVoVmAIiV3viWH1cTyu0 iWJVgr1GwjIJ92AESM2UQDrlSQUvWwO8ielV59edOVPlSid+t27B4iUSBvbSaowM jNRy0xSjbzzoRGxvzsteE71D94xT0T8d1GOtRX0nUBIFiAsvYRqjX+EubsrMJmSX yb1pO01w3cO+3sveDJVuFnHhdXBRPOkUC8CbeKLmjDbG75XNamaDYYZhioEkrFi8 KZpX5wJmEjXSkRlnbQkGnCP3tA== -----END CERTIFICATE-----Generated at Mon Jun 2 05:44:07 2025 by rpki-client