$ rpki-client -vvf rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa File: D7120558A7ED11EA95BED565C4F9AE02.roa (raw, json) Hash identifier: 69e6c/vHo1P1XZkYWN+UCZupbdC0oSmCyhIpttIVtDU= Subject key identifier: 60:AE:6C:72:50:3C:A9:1C:35:39:A3:E3:2B:3C:43:99:28:3E:F1:78 Certificate issuer: /CN=A9161A58/serialNumber=B4669D30D210E4907CD2888BE74B89A6DD3CB6C8 Certificate serial: 0925 Authority key identifier: B4:66:9D:30:D2:10:E4:90:7C:D2:88:8B:E7:4B:89:A6:DD:3C:B6:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tGadMNIQ5JB80oiL50uJpt08tsg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa Signing time: Sat 31 May 2025 20:26:47 +0000 ROA not before: Sat 31 May 2025 20:26:47 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 135386 IP address blocks: 43.230.204.0/22 maxlen: 22 43.230.204.0/24 maxlen: 24 43.230.205.0/24 maxlen: 24 43.230.206.0/24 maxlen: 24 43.230.207.0/24 maxlen: 24 103.50.16.0/22 maxlen: 22 103.56.44.0/22 maxlen: 22 103.56.44.0/24 maxlen: 24 103.56.45.0/24 maxlen: 24 103.56.46.0/24 maxlen: 24 103.56.47.0/24 maxlen: 24 103.79.240.0/24 maxlen: 24 103.79.241.0/24 maxlen: 24 103.79.242.0/24 maxlen: 24 103.79.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/tGadMNIQ5JB80oiL50uJpt08tsg.crl rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/tGadMNIQ5JB80oiL50uJpt08tsg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tGadMNIQ5JB80oiL50uJpt08tsg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:26:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2341 (0x925) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161A58, serialNumber=B4669D30D210E4907CD2888BE74B89A6DD3CB6C8 Validity Not Before: May 31 20:26:47 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=683b6607-a92e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a0:e0:e2:0a:3d:65:7d:b5:4a:78:73:68:b2: 43:5a:ec:a9:d4:a6:42:7a:cb:38:bc:7e:62:5a:7d: 67:cf:69:3f:68:80:69:f0:e2:48:c0:72:06:12:b8: 9b:3e:d4:97:ec:78:9f:7f:15:c0:18:99:e8:b8:8e: f6:50:06:a5:02:c3:55:06:bd:8d:74:ce:a0:0f:0f: f5:22:eb:b5:a4:5a:91:67:60:fa:43:9e:f6:63:f6: 58:df:8f:b1:b2:81:57:85:48:e6:9e:ce:32:09:de: d8:4c:7d:c7:52:ee:06:7c:5a:55:63:21:e2:3a:96: cd:45:7e:4f:e2:ce:b0:6a:55:76:ae:65:3d:03:4d: 95:48:3e:1a:9d:cf:bd:89:81:b3:33:8c:24:da:62: 96:a4:ab:8a:f3:a9:9b:05:14:65:3e:70:03:43:dc: e7:87:a1:50:ea:08:be:96:78:fc:a1:08:00:d1:2e: 14:a4:df:19:00:cb:aa:a2:e5:b5:45:06:45:1f:e9: ec:41:3e:e7:0c:49:60:12:52:1b:00:62:86:e5:5a: 0e:f7:61:2b:a0:a1:45:77:a4:cf:8a:e9:24:4b:68: 52:bb:d4:a2:19:09:09:db:cb:92:d9:14:e5:74:8b: 47:ad:77:4a:0b:47:98:68:0f:2b:89:fd:fc:89:35: 70:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:AE:6C:72:50:3C:A9:1C:35:39:A3:E3:2B:3C:43:99:28:3E:F1:78 X509v3 Authority Key Identifier: keyid:B4:66:9D:30:D2:10:E4:90:7C:D2:88:8B:E7:4B:89:A6:DD:3C:B6:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/tGadMNIQ5JB80oiL50uJpt08tsg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tGadMNIQ5JB80oiL50uJpt08tsg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.204.0/22 103.50.16.0/22 103.56.44.0/22 103.79.240.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:17:1a:37:6d:c5:22:63:fe:02:7f:6f:10:6b:51:d0:69:25: 19:1b:03:5d:57:dc:4a:b4:52:82:09:84:41:40:a1:46:35:e7: 23:84:45:3b:13:cb:bf:16:50:82:36:b8:af:5c:8e:fe:aa:f0: 1d:a1:e7:f6:ea:e0:81:ef:b6:55:d7:99:58:75:85:5a:b9:c1: 83:90:16:0d:02:77:47:c3:b9:22:10:e1:b4:f7:74:1e:ac:86: e3:40:37:eb:a3:6b:e6:af:e0:9f:12:61:0c:a4:bf:05:2e:49: 26:2a:01:cf:0b:5c:97:b5:d4:da:44:4f:0d:f5:98:17:f5:e3: b7:23:5e:86:f0:1b:35:38:16:a3:28:16:5d:2a:e2:53:f5:b2: e0:3c:86:c9:32:77:b9:59:03:b9:1c:95:a7:9b:61:cb:44:d8: 82:36:37:6f:17:14:82:f6:b9:9f:cc:aa:10:46:4a:dc:99:51: b2:7d:c1:d7:8d:f8:29:34:5a:86:59:d0:2a:fd:e0:a7:9c:47: 09:fd:c3:f1:bb:e6:9a:9e:76:4e:90:13:13:b8:de:38:c5:6a: 9d:1d:63:2f:22:c0:be:84:23:b6:d6:99:b4:98:c9:85:aa:11: 89:8a:51:cc:27:47:82:41:60:c1:3a:e6:ec:92:37:73:57:29: 26:95:cc:0a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICCSUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjFBNTgxMTAvBgNVBAUTKEI0NjY5RDMwRDIxMEU0OTA3Q0QyODg4QkU3NEI4OUE2 REQzQ0I2QzgwHhcNMjUwNTMxMjAyNjQ3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiNjYwNy1hOTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1KDg4go9ZX21SnhzaLJDWuyp1KZCess4vH5iWn1nz2k/aIBp8OJIwHIGErib PtSX7HiffxXAGJnouI72UAalAsNVBr2NdM6gDw/1Iuu1pFqRZ2D6Q572Y/ZY34+x soFXhUjmns4yCd7YTH3HUu4GfFpVYyHiOpbNRX5P4s6walV2rmU9A02VSD4anc+9 iYGzM4wk2mKWpKuK86mbBRRlPnADQ9znh6FQ6gi+lnj8oQgA0S4UpN8ZAMuqouW1 RQZFH+nsQT7nDElgElIbAGKG5VoO92EroKFFd6TPiukkS2hSu9SiGQkJ28uS2RTl dItHrXdKC0eYaA8rif38iTVw6wIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFGCubHJQ PKkcNTmj4ys8Q5koPvF4MB8GA1UdIwQYMBaAFLRmnTDSEOSQfNKIi+dLiabdPLbI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUE1OC9CMzg5MzA0RUE3 RUMxMUVBODA0ODU4NjRDNEY5QUUwMi90R2FkTU5JUTVKQjgwb2lMNTB1SnB0MDh0 c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RHYWRNTklRNUpCODBvaUw1MHVKcHQwOHRzZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjFBNTgvQjM4OTMwNEVBN0VDMTFFQTgwNDg1ODY0QzRGOUFFMDIvRDcxMjA1NThB N0VEMTFFQTk1QkVENTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAIr5swDBAJnMhADBAJnOCwDBAJnT/AwDQYJKoZIhvcNAQEL BQADggEBAJ8XGjdtxSJj/gJ/bxBrUdBpJRkbA11X3Eq0UoIJhEFAoUY15yOERTsT y78WUII2uK9cjv6q8B2h5/bq4IHvtlXXmVh1hVq5wYOQFg0Cd0fDuSIQ4bT3dB6s huNAN+uja+av4J8SYQykvwUuSSYqAc8LXJe11NpETw31mBf147cjXobwGzU4FqMo Fl0q4lP1suA8hskyd7lZA7kclaebYctE2II2N28XFIL2uZ/MqhBGStyZUbJ9wdeN +Ck0WoZZ0Cr94KecRwn9w/G75pqedk6QExO43jjFap0dYy8iwL6EI7bWmbSYyYWq EYmKUcwnR4JBYME65uySN3NXKSaVzAo= -----END CERTIFICATE-----Generated at Mon Jun 2 07:19:43 2025 by rpki-client