$ rpki-client -vvf rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa File: CB04F4409BE611EF8AFF947CC4F9AE02.roa (raw, json) Hash identifier: dpgju7iuP30Aavz0ylQpReDz9TYSxJYbLPo42YBL4vg= Subject key identifier: B3:ED:D8:82:55:95:57:3B:0E:2C:AC:91:F0:22:C0:DC:FE:BF:14:8C Certificate issuer: /CN=A91415AA/serialNumber=0CFCCC5980F57E6BC84DF11B4C571935D25DACCA Certificate serial: 6F Authority key identifier: 0C:FC:CC:59:80:F5:7E:6B:C8:4D:F1:1B:4C:57:19:35:D2:5D:AC:CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa Signing time: Sat 31 May 2025 19:44:53 +0000 ROA not before: Sat 31 May 2025 19:44:53 +0000 ROA not after: Wed 01 Oct 2025 00:00:00 +0000 asID: 139025 IP address blocks: 103.138.155.0/24 maxlen: 24 103.160.158.0/24 maxlen: 24 2001:df2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.crl rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 19:44:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 111 (0x6f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91415AA, serialNumber=0CFCCC5980F57E6BC84DF11B4C571935D25DACCA Validity Not Before: May 31 19:44:53 2025 GMT Not After : Oct 1 00:00:00 2025 GMT Subject: CN=683b5c34-811f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:0a:90:42:69:06:f5:3d:aa:c2:0d:b8:29:35: f9:b5:9d:a4:78:9d:d2:db:68:ae:d5:e9:26:df:fa: 1c:5c:90:5a:91:d5:23:f8:ab:5e:7b:8b:52:82:be: c0:7d:d4:49:ae:f3:fd:de:60:6b:2d:b0:52:f1:bd: 82:20:81:16:46:bf:9e:63:3a:e4:9c:22:15:91:cc: 37:9d:14:bc:8d:8d:03:06:15:07:f7:32:19:b8:7e: 44:86:bf:47:79:dc:52:e7:5f:8a:fb:f2:1c:f2:db: f0:e2:1e:20:23:26:63:17:cd:a7:07:2c:c0:1f:43: 27:b2:7b:dc:7b:4e:1c:ce:91:b8:60:34:a3:0b:96: 84:af:26:df:61:da:21:6b:b1:fb:e5:cb:fc:a6:92: 89:1c:0c:4f:f6:be:2a:25:54:72:9a:4a:bb:e8:e2: 6c:c5:88:2b:85:61:32:6e:ad:fc:01:1e:73:2d:a5: 00:1a:4c:fc:99:ff:7b:b8:0a:29:a7:04:e1:e4:af: 83:3e:06:d8:2a:4b:e0:f2:19:a7:84:68:3f:5d:33: 01:e5:08:17:2d:b3:bc:66:f5:37:da:0b:54:de:db: 07:4f:6b:d4:0b:6b:2f:7f:f8:9e:38:74:44:8d:7c: 30:8d:75:af:83:f2:27:3b:01:79:cf:8f:78:88:52: a2:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:ED:D8:82:55:95:57:3B:0E:2C:AC:91:F0:22:C0:DC:FE:BF:14:8C X509v3 Authority Key Identifier: keyid:0C:FC:CC:59:80:F5:7E:6B:C8:4D:F1:1B:4C:57:19:35:D2:5D:AC:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.155.0/24 103.160.158.0/24 IPv6: 2001:df2:c080::/48 Signature Algorithm: sha256WithRSAEncryption 68:aa:2c:52:5d:ff:ce:97:ab:3d:a0:c6:3f:11:4b:a4:c4:2e: f7:8a:d8:bf:6d:20:c0:47:70:f8:c3:04:65:50:18:d0:4f:e1: 0e:15:19:b9:88:e0:33:39:6f:97:1d:02:8b:bb:64:c6:66:87: a8:7c:96:5b:c9:51:f2:77:42:7c:6a:f8:77:81:07:ff:21:93: 99:e1:fb:e9:ec:ca:05:2c:d2:cb:7f:34:19:c7:23:ca:e5:c3: cd:05:53:b2:4b:5e:7e:2e:d0:19:d8:09:15:1f:6d:95:fe:c3: ce:d4:ad:c8:57:bb:34:7c:3d:93:6b:aa:a5:b3:fd:42:e2:4e: 1b:9a:d4:16:e6:ef:ee:08:45:01:cc:6e:c5:78:c6:ae:0c:62: 23:0a:fd:26:91:eb:b1:71:e7:61:3c:a6:60:7d:f3:01:b5:22: 62:0a:62:7f:56:34:13:08:b0:fb:ee:cc:7a:5c:90:4c:a8:c3: 58:30:08:80:2f:78:9a:5d:cc:a7:c1:f2:66:cb:7d:9a:1b:4a: d1:b6:d3:ed:ea:f0:0b:b4:ab:11:f7:4a:0c:db:6e:bd:b0:db: e8:b9:eb:ea:41:66:c8:c2:3d:60:ee:8d:4b:30:92:1a:94:5d: 81:13:88:bc:a7:94:be:e7:f0:c1:7d:99:ae:05:bd:e6:25:84: 11:73:c9:f7 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIBbzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MTVBQTExMC8GA1UEBRMoMENGQ0NDNTk4MEY1N0U2QkM4NERGMTFCNEM1NzE5MzVE MjVEQUNDQTAeFw0yNTA1MzExOTQ0NTNaFw0yNTEwMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4M2I1YzM0LTgxMWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2CpBCaQb1ParCDbgpNfm1naR4ndLbaK7V6Sbf+hxckFqR1SP4q157i1KCvsB9 1Emu8/3eYGstsFLxvYIggRZGv55jOuScIhWRzDedFLyNjQMGFQf3Mhm4fkSGv0d5 3FLnX4r78hzy2/DiHiAjJmMXzacHLMAfQyeye9x7ThzOkbhgNKMLloSvJt9h2iFr sfvly/ymkokcDE/2violVHKaSrvo4mzFiCuFYTJurfwBHnMtpQAaTPyZ/3u4Cimn BOHkr4M+BtgqS+DyGaeEaD9dMwHlCBcts7xm9TfaC1Te2wdPa9QLay9/+J44dESN fDCNda+D8ic7AXnPj3iIUqI/AgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUs+3YglWV VzsOLKyR8CLA3P6/FIwwHwYDVR0jBBgwFoAUDPzMWYD1fmvITfEbTFcZNdJdrMow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQxNUFBLzNFRkEyNDE0NjJF MDExRUFBNkQ1OUEyQ0M0RjlBRTAyL0RQek1XWUQxZm12SVRmRWJURmNaTmRKZHJN by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvRFB6TVdZRDFmbXZJVGZFYlRGY1pOZEpkck1vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTVBQS8zRUZBMjQxNDYyRTAxMUVBQTZENTlBMkNDNEY5QUUwMi9DQjA0RjQ0MDlC RTYxMUVGOEFGRjk0N0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn MCUwEgQCAAEwDAMEAGeKmwMEAGegnjAPBAIAAjAJAwcAIAEN8sCAMA0GCSqGSIb3 DQEBCwUAA4IBAQBoqixSXf/Ol6s9oMY/EUukxC73iti/bSDAR3D4wwRlUBjQT+EO FRm5iOAzOW+XHQKLu2TGZoeofJZbyVHyd0J8avh3gQf/IZOZ4fvp7MoFLNLLfzQZ xyPK5cPNBVOyS15+LtAZ2AkVH22V/sPO1K3IV7s0fD2Ta6qls/1C4k4bmtQW5u/u CEUBzG7FeMauDGIjCv0mkeuxcedhPKZgffMBtSJiCmJ/VjQTCLD77sx6XJBMqMNY MAiAL3iaXcynwfJmy32aG0rRttPt6vALtKsR90oM2269sNvouevqQWbIwj1g7o1L MJIalF2BE4i8p5S+5/DBfZmuBb3mJYQRc8n3 -----END CERTIFICATE-----Generated at Mon Jun 2 06:53:28 2025 by rpki-client