$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa File: D13FCAEAA62E11EFBC284C42C4F9AE02.roa (raw, json) Hash identifier: U+eg0O88ONLYXPgk26s0IQpz+0WlVbCzu2Ev7c51XEs= Subject key identifier: 0F:14:A1:1E:D7:14:DC:A9:7F:06:1C:6F:9E:AA:2E:74:97:01:E3:B5 Certificate issuer: /CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004 Certificate serial: 01E7 Authority key identifier: 54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa Signing time: Sat 31 May 2025 03:50:58 +0000 ROA not before: Sat 31 May 2025 03:50:58 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 150436 IP address blocks: 101.47.0.0/18 maxlen: 24 101.47.64.0/20 maxlen: 24 101.47.80.0/20 maxlen: 23 101.47.80.0/21 maxlen: 24 101.47.88.0/22 maxlen: 24 101.47.92.0/23 maxlen: 24 101.47.95.0/24 maxlen: 24 101.47.96.0/21 maxlen: 24 101.47.128.0/18 maxlen: 24 101.47.253.0/24 maxlen: 24 150.5.128.0/17 maxlen: 24 202.52.224.0/21 maxlen: 24 2401:4c20::/40 maxlen: 44 2401:4c20:100::/40 maxlen: 40 2401:4c20:200::/40 maxlen: 44 2401:4c20:300::/40 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 03:19:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 487 (0x1e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B520, serialNumber=542B94D8625CF711964FD13741295D27AD7A9004 Validity Not Before: May 31 03:50:58 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=683a7ca2-f325 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:aa:87:2c:66:8c:4d:87:e4:d5:78:e0:ac:bf: 89:b4:32:d3:5b:9a:74:fb:45:5d:37:20:1b:c8:f4: c2:7e:a0:57:a2:42:06:96:69:9d:a8:97:d0:a2:6a: 4d:fc:b0:b5:46:6c:9a:12:c3:fd:5a:ca:af:cb:e1: 0b:51:d4:e6:0c:5f:38:48:99:e1:1f:6d:8b:75:b2: 6e:21:fd:50:a4:9f:38:80:5f:21:ab:83:6a:3f:ef: 29:c0:ac:56:93:0a:97:d3:22:f4:d2:4c:bd:94:2f: 5a:82:19:63:9b:46:a4:90:fa:03:7b:b8:80:0c:07: 88:05:0c:69:78:60:40:df:29:97:1d:e9:c0:d6:36: 1c:6a:29:c7:f8:10:b1:be:f6:5a:05:33:8d:45:05: f5:7f:43:19:55:2c:2d:42:f6:fd:fd:76:77:29:7c: 14:21:bb:cd:6b:c7:5f:af:af:83:4a:7b:14:7f:44: ef:a6:b7:0b:1f:09:1d:ae:b5:04:eb:9c:f1:e5:81: fb:14:2b:84:6a:48:a9:2e:ed:60:63:44:1c:26:b7: ab:f2:85:92:fd:1c:90:7e:65:0d:94:8c:af:6d:68: b8:f3:37:f5:39:00:3c:7b:ba:fb:26:84:20:8f:06: 3c:25:5f:a7:d7:e7:9b:67:8f:86:67:c2:49:29:f6: a9:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:14:A1:1E:D7:14:DC:A9:7F:06:1C:6F:9E:AA:2E:74:97:01:E3:B5 X509v3 Authority Key Identifier: keyid:54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 101.47.0.0-101.47.103.255 101.47.128.0/18 101.47.253.0/24 150.5.128.0/17 202.52.224.0/21 IPv6: 2401:4c20::/38 Signature Algorithm: sha256WithRSAEncryption ad:67:ac:b7:9f:e8:d5:3c:8a:0d:0b:8a:72:dd:0c:7c:09:c9: 90:5a:49:3f:eb:68:45:73:55:24:48:73:14:b6:cd:ef:92:b1: 11:f3:e0:ba:9d:8d:4b:d4:fc:c6:8c:ca:09:78:51:4e:0b:7f: e3:dc:b3:65:40:5d:2d:73:5e:11:7b:3f:03:3c:b3:a8:12:25: 58:e5:d4:78:f8:e4:e2:62:b0:46:65:3f:88:39:30:06:4d:a1: 85:b0:a1:22:0e:94:f1:12:be:2b:76:ff:48:c1:af:df:40:c1: 17:2a:27:56:66:c0:5a:1b:9d:07:0f:77:37:6e:e9:33:5f:b9: 64:a3:4d:14:49:3b:57:32:c7:40:20:6f:4b:21:cf:30:18:55: 6f:14:f8:58:72:a1:2a:fa:11:74:63:58:a5:70:54:a6:ec:44: 08:ec:a8:32:2b:1b:49:bd:17:e1:4e:57:0b:25:e4:6e:c5:44: 5e:11:dc:00:6e:f1:04:10:f5:e0:f3:c1:c8:8c:fb:e2:81:e4: 5c:32:91:84:14:85:24:dd:f4:a1:ff:8a:77:6a:ab:b9:96:a7: 0e:c3:12:6e:94:0b:ae:fa:e7:23:fd:3e:d2:0f:1a:7b:f9:72: ee:4b:4d:6a:39:e9:c0:fd:aa:33:28:e1:dc:2f:e7:d5:3b:27: c7:ad:3c:1c -----BEGIN CERTIFICATE----- MIIFoDCCBIigAwIBAgICAecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I1MjAxMTAvBgNVBAUTKDU0MkI5NEQ4NjI1Q0Y3MTE5NjRGRDEzNzQxMjk1RDI3 QUQ3QTkwMDQwHhcNMjUwNTMxMDM1MDU4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNhN2NhMi1mMzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs6qHLGaMTYfk1XjgrL+JtDLTW5p0+0VdNyAbyPTCfqBXokIGlmmdqJfQompN /LC1RmyaEsP9Wsqvy+ELUdTmDF84SJnhH22LdbJuIf1QpJ84gF8hq4NqP+8pwKxW kwqX0yL00ky9lC9aghljm0akkPoDe7iADAeIBQxpeGBA3ymXHenA1jYcainH+BCx vvZaBTONRQX1f0MZVSwtQvb9/XZ3KXwUIbvNa8dfr6+DSnsUf0TvprcLHwkdrrUE 65zx5YH7FCuEakipLu1gY0QcJrer8oWS/RyQfmUNlIyvbWi48zf1OQA8e7r7JoQg jwY8JV+n1+ebZ4+GZ8JJKfapsQIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFA8UoR7X FNypfwYcb56qLnSXAeO1MB8GA1UdIwQYMBaAFFQrlNhiXPcRlk/RN0EpXSetepAE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjUyMC8xNjFENEMwQUU0 Q0ExMUVEQTQxNEUyNTlDNEY5QUUwMi9WQ3VVMkdKYzl4R1dUOUUzUVNsZEo2MTZr QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZDdVUyR0pjOXhHV1Q5RTNRU2xkSjYxNmtBUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0I1MjAvMTYxRDRDMEFFNENBMTFFREE0MTRFMjU5QzRGOUFFMDIvRDEzRkNBRUFB NjJFMTFFRkJDMjg0QzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E PzA9MCsEAgABMCUwCwMDAGUvAwQDZS9gAwQGZS+AAwQAZS/9AwQHlgWAAwQDyjTg MA4EAgACMAgDBgIkAUwgADANBgkqhkiG9w0BAQsFAAOCAQEArWest5/o1TyKDQuK ct0MfAnJkFpJP+toRXNVJEhzFLbN75KxEfPgup2NS9T8xozKCXhRTgt/49yzZUBd LXNeEXs/AzyzqBIlWOXUePjk4mKwRmU/iDkwBk2hhbChIg6U8RK+K3b/SMGv30DB FyonVmbAWhudBw93N27pM1+5ZKNNFEk7VzLHQCBvSyHPMBhVbxT4WHKhKvoRdGNY pXBUpuxECOyoMisbSb0X4U5XCyXkbsVEXhHcAG7xBBD14PPByIz74oHkXDKRhBSF JN30of+Kd2qruZanDsMSbpQLrvrnI/0+0g8ae/ly7ktNajnpwP2qMyjh3C/n1Tsn x608HA== -----END CERTIFICATE-----Generated at Tue Jun 3 23:59:16 2025 by rpki-client