$ rpki-client -vvf rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/CF949C10359A11F0AFFF2848C4F9AE02.roa File: CF949C10359A11F0AFFF2848C4F9AE02.roa (raw, json) Hash identifier: cIB0S20gV/ZhV77XZTzfCkZr/IsCbhpCdfiUC7S/47s= Subject key identifier: CA:06:A5:3A:81:33:71:95:18:3A:B0:EB:E4:DE:2F:54:8C:0F:0C:39 Certificate issuer: /CN=A913C432/serialNumber=329DA03DB9944751498A5FCA53C85DAA60CB9A32 Certificate serial: 0FF9 Authority key identifier: 32:9D:A0:3D:B9:94:47:51:49:8A:5F:CA:53:C8:5D:AA:60:CB:9A:32 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mp2gPbmUR1FJil_KU8hdqmDLmjI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/CF949C10359A11F0AFFF2848C4F9AE02.roa Signing time: Tue 20 May 2025 16:52:27 +0000 ROA not before: Tue 20 May 2025 16:52:27 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 138981 IP address blocks: 103.138.24.0/22 maxlen: 22 2404:bec0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/Mp2gPbmUR1FJil_KU8hdqmDLmjI.crl rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/Mp2gPbmUR1FJil_KU8hdqmDLmjI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mp2gPbmUR1FJil_KU8hdqmDLmjI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 15 Jun 2025 17:25:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4089 (0xff9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913C432, serialNumber=329DA03DB9944751498A5FCA53C85DAA60CB9A32 Validity Not Before: May 20 16:52:27 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=682cb34b-3186 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:f5:10:10:a9:6e:79:0e:b7:b6:19:5c:2b:cc: 23:ef:0a:22:38:06:38:0b:68:3e:b3:bb:90:0b:52: 0b:aa:9c:c7:51:fe:7d:8f:a5:b0:3d:c4:24:0a:17: 88:27:c6:b9:c5:f9:d6:3f:a4:4c:f5:9d:9d:48:e4: a2:a3:79:31:42:54:db:0b:e1:90:4b:87:f2:78:46: 5a:40:5a:3f:04:46:5d:21:bb:55:64:a6:cd:0e:83: 86:46:71:61:07:ba:48:4f:27:a4:39:9e:dc:cc:c3: d7:0c:ed:d7:23:00:7f:79:ec:ed:ff:68:7a:b8:14: 92:de:f0:a0:10:7b:a3:94:84:fa:98:73:ea:8e:36: 18:3a:ff:b2:c3:31:25:c4:cf:d3:49:64:d0:66:0b: 20:0f:1a:8d:35:09:a1:b3:f4:25:3a:fd:73:de:d4: 4e:02:79:df:74:63:57:08:9b:41:7a:e4:11:f1:fe: cf:bd:b0:5c:57:2e:12:20:19:eb:50:b5:15:1f:55: ee:eb:b9:65:2a:7a:d3:16:07:1c:f6:0c:25:ea:c3: ca:dd:8d:42:10:36:d0:86:15:59:96:40:90:50:d5: b2:e5:0b:89:88:25:8f:3e:08:b9:48:0f:a2:10:47: 12:62:2a:3a:09:6d:96:9f:4f:0f:44:0f:aa:3b:c3: 7a:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:06:A5:3A:81:33:71:95:18:3A:B0:EB:E4:DE:2F:54:8C:0F:0C:39 X509v3 Authority Key Identifier: keyid:32:9D:A0:3D:B9:94:47:51:49:8A:5F:CA:53:C8:5D:AA:60:CB:9A:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/Mp2gPbmUR1FJil_KU8hdqmDLmjI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Mp2gPbmUR1FJil_KU8hdqmDLmjI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C432/2DCABA685CF211E984939224C4F9AE02/CF949C10359A11F0AFFF2848C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.24.0/22 IPv6: 2404:bec0::/32 Signature Algorithm: sha256WithRSAEncryption b8:70:b9:35:7e:b5:13:37:9b:33:f0:ec:c4:14:e4:50:46:00: 7c:13:18:0d:82:3d:10:3d:81:8b:84:a7:9d:ac:ef:6a:4d:c8: 2a:14:c1:d0:59:14:7f:16:ca:2d:8b:ad:fd:af:19:a1:03:d2: 70:1e:d8:1a:28:af:05:12:9c:05:03:0d:ac:b8:81:0a:73:5a: dc:ae:22:a0:c0:62:52:e7:6e:43:ba:dc:74:a7:b5:75:22:2d: 9c:ad:4c:db:94:c6:3c:9b:08:33:1e:97:e1:cf:09:08:b9:76: ec:83:c8:04:d8:40:27:88:44:5c:b8:01:09:c0:3a:ce:0b:dd: 20:fe:d0:2a:7b:b1:b7:c4:22:df:a1:63:55:ff:70:67:ed:f5: 70:9e:4e:a9:4e:16:54:ad:fc:4b:9d:37:88:96:03:d2:38:a4: f7:78:e1:a7:3e:ad:20:e0:f2:79:64:ef:99:a8:00:4b:a0:cc: ab:bb:ef:f8:1d:be:d0:90:45:fe:da:52:ba:56:c1:73:38:39: 82:2b:58:f2:96:af:2b:9b:29:7a:75:89:db:f3:1f:6a:2b:55: 71:3e:20:00:f5:e8:4b:b6:0d:49:19:bf:8f:a0:c1:71:4a:ef: 45:b6:7f:bb:98:e2:0e:5e:5e:41:ee:4a:5f:87:a1:66:a3:6c: 79:76:a5:9d -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICD/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0M0MzIxMTAvBgNVBAUTKDMyOURBMDNEQjk5NDQ3NTE0OThBNUZDQTUzQzg1REFB NjBDQjlBMzIwHhcNMjUwNTIwMTY1MjI3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJjYjM0Yi0zMTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw/UQEKlueQ63thlcK8wj7woiOAY4C2g+s7uQC1ILqpzHUf59j6WwPcQkCheI J8a5xfnWP6RM9Z2dSOSio3kxQlTbC+GQS4fyeEZaQFo/BEZdIbtVZKbNDoOGRnFh B7pITyekOZ7czMPXDO3XIwB/eezt/2h6uBSS3vCgEHujlIT6mHPqjjYYOv+ywzEl xM/TSWTQZgsgDxqNNQmhs/QlOv1z3tROAnnfdGNXCJtBeuQR8f7PvbBcVy4SIBnr ULUVH1Xu67llKnrTFgcc9gwl6sPK3Y1CEDbQhhVZlkCQUNWy5QuJiCWPPgi5SA+i EEcSYio6CW2Wn08PRA+qO8N6NQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMoGpTqB M3GVGDqw6+TeL1SMDww5MB8GA1UdIwQYMBaAFDKdoD25lEdRSYpfylPIXapgy5oy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzQzMi8yRENBQkE2ODVD RjIxMUU5ODQ5MzkyMjRDNEY5QUUwMi9NcDJnUGJtVVIxRkppbF9LVThoZHFtRExt akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01wMmdQYm1VUjFGSmlsX0tVOGhkcW1ETG1qSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0M0MzIvMkRDQUJBNjg1Q0YyMTFFOTg0OTM5MjI0QzRGOUFFMDIvQ0Y5NDlDMTAz NTlBMTFGMEFGRkYyODQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnihgwDQQCAAIwBwMFACQEvsAwDQYJKoZIhvcNAQELBQAD ggEBALhwuTV+tRM3mzPw7MQU5FBGAHwTGA2CPRA9gYuEp52s72pNyCoUwdBZFH8W yi2Lrf2vGaED0nAe2BoorwUSnAUDDay4gQpzWtyuIqDAYlLnbkO63HSntXUiLZyt TNuUxjybCDMel+HPCQi5duyDyATYQCeIRFy4AQnAOs4L3SD+0Cp7sbfEIt+hY1X/ cGft9XCeTqlOFlSt/EudN4iWA9I4pPd44ac+rSDg8nlk75moAEugzKu77/gdvtCQ Rf7aUrpWwXM4OYIrWPKWryubKXp1idvzH2orVXE+IAD16Eu2DUkZv4+gwXFK70W2 f7uY4g5eXkHuSl+HoWajbHl2pZ0= -----END CERTIFICATE-----Generated at Tue Jun 10 15:32:48 2025 by rpki-client