$ rpki-client -vvf rpki.apnic.net/member_repository/A9173060/A72586B003B111EB843A7756C4F9AE02/7FAEDE3A03B411EBBB548A5EC4F9AE02.roa File: 7FAEDE3A03B411EBBB548A5EC4F9AE02.roa (raw, json) Hash identifier: zYkuWCX1X2lloXdYhvISAPhidi7ivs3H5XjhpAN4fng= Subject key identifier: D1:C5:F2:9B:B2:4F:4F:A8:ED:D8:0C:1D:0C:B1:0E:7C:BC:B3:B9:5C Certificate issuer: /CN=A9173060/serialNumber=7FDF6218FA015D0A0074A8442451806A28F9DDF5 Certificate serial: 07AA Authority key identifier: 7F:DF:62:18:FA:01:5D:0A:00:74:A8:44:24:51:80:6A:28:F9:DD:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f99iGPoBXQoAdKhEJFGAaij53fU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9173060/A72586B003B111EB843A7756C4F9AE02/7FAEDE3A03B411EBBB548A5EC4F9AE02.roa Signing time: Mon 26 May 2025 21:19:52 +0000 ROA not before: Mon 26 May 2025 21:19:52 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 9288 IP address blocks: 103.90.212.0/22 maxlen: 22 103.90.212.0/24 maxlen: 24 103.90.213.0/24 maxlen: 24 103.90.214.0/24 maxlen: 24 103.90.215.0/24 maxlen: 24 123.253.0.0/22 maxlen: 22 123.253.0.0/24 maxlen: 24 123.253.1.0/24 maxlen: 24 123.253.2.0/24 maxlen: 24 123.253.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9173060/A72586B003B111EB843A7756C4F9AE02/f99iGPoBXQoAdKhEJFGAaij53fU.crl rsync://rpki.apnic.net/member_repository/A9173060/A72586B003B111EB843A7756C4F9AE02/f99iGPoBXQoAdKhEJFGAaij53fU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f99iGPoBXQoAdKhEJFGAaij53fU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 21:19:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1962 (0x7aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9173060, serialNumber=7FDF6218FA015D0A0074A8442451806A28F9DDF5 Validity Not Before: May 26 21:19:52 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6834daf8-fc25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1f:64:93:d2:f4:33:f5:b5:ab:4c:2e:f7:6d: 5f:17:2e:d2:05:df:5a:56:09:63:53:a4:a7:a0:21: 64:bc:8b:52:b5:eb:a9:b6:d2:9e:c1:43:23:e6:e4: 2f:fb:47:03:2e:a2:01:0b:7d:07:33:3e:9b:13:76: a5:6f:a9:82:29:83:ab:59:2e:fc:85:b9:c2:31:5b: 94:37:ee:f3:8c:6f:75:8e:a1:e7:0f:7e:1c:ac:62: ae:74:e1:47:86:04:56:10:c3:7c:6b:ec:5f:8d:6d: 9d:dd:b9:66:6a:23:21:af:27:7b:34:c3:60:01:97: 76:d1:de:1a:f4:05:07:76:c0:0e:38:08:7f:a4:f7: 36:c4:a6:c5:28:c5:f0:c3:3b:ab:d0:e8:75:29:6a: c8:3a:8c:16:df:42:54:19:c9:62:b1:4b:cc:ae:3c: 8b:78:af:92:2b:50:b3:bd:fb:73:1a:c8:b6:76:4d: 04:2c:7b:db:89:f7:22:3a:65:fd:66:da:b7:aa:b7: ab:c1:df:20:67:dd:2a:ce:c4:57:1f:a3:be:5a:a5: 72:38:cb:54:8a:d9:63:64:69:6f:5c:04:d3:8d:a7: f7:3c:8b:7b:87:d6:5c:ad:b9:59:9d:3c:bb:81:5c: 5c:25:cd:a2:e7:c0:4b:99:1d:b9:3b:05:d1:ba:19: 29:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:C5:F2:9B:B2:4F:4F:A8:ED:D8:0C:1D:0C:B1:0E:7C:BC:B3:B9:5C X509v3 Authority Key Identifier: keyid:7F:DF:62:18:FA:01:5D:0A:00:74:A8:44:24:51:80:6A:28:F9:DD:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9173060/A72586B003B111EB843A7756C4F9AE02/f99iGPoBXQoAdKhEJFGAaij53fU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f99iGPoBXQoAdKhEJFGAaij53fU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173060/A72586B003B111EB843A7756C4F9AE02/7FAEDE3A03B411EBBB548A5EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.90.212.0/22 123.253.0.0/22 Signature Algorithm: sha256WithRSAEncryption 02:be:1f:78:73:7f:9d:19:ae:a7:ae:89:76:fc:60:b3:b8:5c: a3:14:f1:3d:e0:61:19:8f:b1:2e:cf:ad:3f:4a:bd:ee:6d:5f: ff:de:58:e6:3d:2d:22:d6:58:c2:0a:d7:91:a1:50:45:3b:ff: ad:74:39:47:a3:1a:c5:66:18:5f:f4:34:22:21:ed:7a:fe:6d: 9e:e9:a9:d1:36:0d:f0:dd:5c:22:4f:c4:6a:10:cf:80:95:59: 04:8f:cc:2e:ab:12:a7:ef:14:3f:14:2e:62:06:c7:8b:0d:b6: 86:80:9a:2a:1a:5b:2c:e1:5c:4b:af:97:93:09:a4:0c:73:f7: 47:88:78:cf:87:a1:59:ee:4e:e4:23:2b:b9:c3:18:3a:69:37: 5b:6b:57:69:41:e3:d8:78:9e:e3:c3:38:15:5d:9d:51:5f:f3: f3:5f:15:80:cb:7b:47:10:c0:26:1a:9a:49:1b:fb:e0:53:2f: 2f:d7:af:2d:23:b8:32:02:1c:f9:a8:54:5b:bf:3b:b1:38:18: 00:a6:32:1a:17:72:55:7d:99:d2:bd:49:91:da:ab:f5:9a:5f: 6c:26:24:f1:43:74:74:a1:ce:99:33:08:7b:7b:5b:31:3d:fa: b1:1b:3d:a9:9f:0f:d9:02:3c:27:dc:5b:f8:bf:87:b1:9a:49: 63:9f:c3:36 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICB6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzMwNjAxMTAvBgNVBAUTKDdGREY2MjE4RkEwMTVEMEEwMDc0QTg0NDI0NTE4MDZB MjhGOURERjUwHhcNMjUwNTI2MjExOTUyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM0ZGFmOC1mYzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAth9kk9L0M/W1q0wu921fFy7SBd9aVgljU6SnoCFkvItSteupttKewUMj5uQv +0cDLqIBC30HMz6bE3alb6mCKYOrWS78hbnCMVuUN+7zjG91jqHnD34crGKudOFH hgRWEMN8a+xfjW2d3blmaiMhryd7NMNgAZd20d4a9AUHdsAOOAh/pPc2xKbFKMXw wzur0Oh1KWrIOowW30JUGclisUvMrjyLeK+SK1CzvftzGsi2dk0ELHvbifciOmX9 Ztq3qrerwd8gZ90qzsRXH6O+WqVyOMtUitljZGlvXATTjaf3PIt7h9ZcrblZnTy7 gVxcJc2i58BLmR25OwXRuhkp2QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNHF8puy T0+o7dgMHQyxDny8s7lcMB8GA1UdIwQYMBaAFH/fYhj6AV0KAHSoRCRRgGoo+d31 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MzA2MC9BNzI1ODZCMDAz QjExMUVCODQzQTc3NTZDNEY5QUUwMi9mOTlpR1BvQlhRb0FkS2hFSkZHQWFpajUz ZlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Y5OWlHUG9CWFFvQWRLaEVKRkdBYWlqNTNmVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzMwNjAvQTcyNTg2QjAwM0IxMTFFQjg0M0E3NzU2QzRGOUFFMDIvN0ZBRURFM0Ew M0I0MTFFQkJCNTQ4QTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnWtQDBAJ7/QAwDQYJKoZIhvcNAQELBQADggEBAAK+H3hz f50ZrqeuiXb8YLO4XKMU8T3gYRmPsS7PrT9Kve5tX//eWOY9LSLWWMIK15GhUEU7 /610OUejGsVmGF/0NCIh7Xr+bZ7pqdE2DfDdXCJPxGoQz4CVWQSPzC6rEqfvFD8U LmIGx4sNtoaAmioaWyzhXEuvl5MJpAxz90eIeM+HoVnuTuQjK7nDGDppN1trV2lB 49h4nuPDOBVdnVFf8/NfFYDLe0cQwCYamkkb++BTLy/Xry0juDICHPmoVFu/O7E4 GACmMhoXclV9mdK9SZHaq/WaX2wmJPFDdHShzpkzCHt7WzE9+rEbPamfD9kCPCfc W/i/h7GaSWOfwzY= -----END CERTIFICATE-----Generated at Mon Jun 2 06:04:06 2025 by rpki-client