$ rpki-client -vvf rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/6996CEB84E7011EFA4A32D5CC4F9AE02.roa File: 6996CEB84E7011EFA4A32D5CC4F9AE02.roa (raw, json) Hash identifier: 06vkEMgrkkkWPxaN6n0p0hSzGNVGXFIfC5HD0mArdMk= Subject key identifier: 55:8B:4E:33:D1:A1:B2:8C:36:5F:45:DA:B5:88:5F:DF:80:5D:7F:33 Certificate issuer: /CN=A918AA78/serialNumber=09CFFE467F3B09C3D06F24919CFAC7E003E4BB75 Certificate serial: 1BC3 Authority key identifier: 09:CF:FE:46:7F:3B:09:C3:D0:6F:24:91:9C:FA:C7:E0:03:E4:BB:75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/6996CEB84E7011EFA4A32D5CC4F9AE02.roa Signing time: Thu 20 Feb 2025 16:53:56 +0000 ROA not before: Thu 20 Feb 2025 16:53:56 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 7342 IP address blocks: 103.87.108.0/24 maxlen: 24 103.87.109.0/24 maxlen: 24 103.87.110.0/24 maxlen: 24 103.87.111.0/24 maxlen: 24 203.144.58.0/24 maxlen: 24 203.144.59.0/24 maxlen: 24 203.144.61.0/24 maxlen: 24 2402:79c0:3::/48 maxlen: 48 2402:79c0:100::/48 maxlen: 48 2402:79c0:100:101::7/128 maxlen: 128 2402:79c0:101::/48 maxlen: 48 2402:79c0:102::/48 maxlen: 48 2402:79c0:103::/48 maxlen: 48 2402:79c0:104::/48 maxlen: 48 2402:79c0:105::/48 maxlen: 48 2402:79c0:106::/48 maxlen: 48 2402:79c0:107::/48 maxlen: 48 2402:79c0:108::/48 maxlen: 48 2402:79c0:109::/48 maxlen: 48 2402:79c0:10a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.crl rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Nov 2025 16:11:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7107 (0x1bc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918AA78, serialNumber=09CFFE467F3B09C3D06F24919CFAC7E003E4BB75 Validity Not Before: Feb 20 16:53:56 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67b75e23-e4df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:35:30:a3:1d:48:71:31:66:75:9c:9a:ca:7e: 88:43:d3:eb:d7:6a:03:cd:cb:64:f0:6f:d5:d2:6b: d7:0f:62:7c:f2:2f:c5:3a:0f:3d:0b:4d:ad:f7:67: 3b:5c:f2:d9:9c:c0:15:eb:eb:60:ba:2a:a8:6d:f4: 1b:fe:c8:b2:4e:3a:a7:f1:77:2b:dc:3e:e1:f4:9c: c5:5f:9d:1d:5a:35:ee:30:3c:27:22:3c:c2:b0:6f: 3a:ee:bb:1c:22:e9:2a:b7:b7:b5:02:6e:4a:a7:f6: c6:ac:bf:78:a1:f6:c9:0d:bc:1b:4f:31:71:05:7d: 3b:63:9c:83:2f:2b:5b:4b:28:21:5a:dd:7a:4c:bc: fe:67:de:c0:a5:cd:b1:c3:b7:9f:f6:88:0b:96:6a: 67:c7:3d:95:74:9e:ab:4f:a2:b7:86:3d:a1:26:bd: 4e:93:8e:2d:e3:e7:67:ed:dd:67:57:08:3c:e1:74: 8b:cf:62:4a:2a:93:53:6d:e7:1b:03:73:35:43:41: c2:77:ef:c1:35:3c:ee:fe:41:50:71:38:74:8d:cb: ba:db:d9:fa:ad:13:54:29:aa:57:69:65:2d:00:2f: 3a:e1:eb:e2:dd:88:92:40:8d:2d:a1:69:80:c5:83: 43:a4:6f:b1:2a:84:fe:dc:b7:b5:43:7e:8c:c3:38: ab:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:8B:4E:33:D1:A1:B2:8C:36:5F:45:DA:B5:88:5F:DF:80:5D:7F:33 X509v3 Authority Key Identifier: keyid:09:CF:FE:46:7F:3B:09:C3:D0:6F:24:91:9C:FA:C7:E0:03:E4:BB:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/6996CEB84E7011EFA4A32D5CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.87.108.0/22 203.144.58.0/23 203.144.61.0/24 IPv6: 2402:79c0:3::/48 2402:79c0:100::-2402:79c0:10a:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 2f:63:e7:f8:12:0d:f9:68:78:be:b6:66:7c:dd:02:47:82:5d: a6:fe:7f:56:29:6a:a2:f4:41:d8:49:fb:a8:90:fa:4b:a6:b7: 5c:57:2f:29:bb:84:1f:fe:cd:da:34:49:be:d7:9d:cf:cd:83: 83:64:1a:3b:71:23:1d:64:d8:67:44:63:95:b8:df:86:d0:a7: f6:1c:c2:d5:d8:3b:97:d6:b3:db:0f:7f:65:6b:58:b8:3b:51: 78:d8:54:e4:2e:02:ec:c1:04:75:54:e7:7f:31:26:0a:ed:0f: 36:7c:45:6f:a8:f3:c3:a5:a4:6e:20:f7:32:61:5c:a6:01:ff: f8:8c:46:91:e4:70:9f:ca:7b:85:d6:56:d8:19:b5:43:94:f2: cf:8e:1a:d5:ad:ee:f2:bc:b2:83:2a:4e:2e:3a:1f:8d:0f:a9: cb:5b:f3:6e:83:14:43:44:3a:3f:84:ac:f5:ba:89:e2:4c:96: 33:58:52:01:e0:bf:bf:0d:cb:a8:78:51:ac:12:d3:92:9d:25: 38:28:38:f8:9b:5b:b3:07:30:43:70:7d:c5:bd:eb:f2:30:bb: 19:0d:af:0e:3e:6d:09:de:fc:ee:02:57:67:11:a2:0c:73:29: 2d:66:e4:06:0f:be:92:a1:d3:43:88:0d:00:80:de:cf:f9:f5: 91:1d:45:a8 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgICG8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEFBNzgxMTAvBgNVBAUTKDA5Q0ZGRTQ2N0YzQjA5QzNEMDZGMjQ5MTlDRkFDN0Uw MDNFNEJCNzUwHhcNMjUwMjIwMTY1MzU2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2I3NWUyMy1lNGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5zUwox1IcTFmdZyayn6IQ9Pr12oDzctk8G/V0mvXD2J88i/FOg89C02t92c7 XPLZnMAV6+tguiqobfQb/siyTjqn8Xcr3D7h9JzFX50dWjXuMDwnIjzCsG867rsc Iukqt7e1Am5Kp/bGrL94ofbJDbwbTzFxBX07Y5yDLytbSyghWt16TLz+Z97Apc2x w7ef9ogLlmpnxz2VdJ6rT6K3hj2hJr1Ok44t4+dn7d1nVwg84XSLz2JKKpNTbecb A3M1Q0HCd+/BNTzu/kFQcTh0jcu629n6rRNUKapXaWUtAC864evi3YiSQI0toWmA xYNDpG+xKoT+3Le1Q36MwzirAwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFFWLTjPR obKMNl9F2rWIX9+AXX8zMB8GA1UdIwQYMBaAFAnP/kZ/OwnD0G8kkZz6x+AD5Lt1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUE3OC82OEQzMzQ5MEZE NjQxMUU2QTEwOTU0ODNDNEY5QUUwMi9DY18tUm44N0NjUFFieVNSblBySDRBUGt1 M1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NjXy1Sbjg3Q2NQUWJ5U1JuUHJINEFQa3UzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEFBNzgvNjhEMzM0OTBGRDY0MTFFNkExMDk1NDgzQzRGOUFFMDIvNjk5NkNFQjg0 RTcwMTFFRkE0QTMyRDVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E QDA+MBgEAgABMBIDBAJnV2wDBAHLkDoDBADLkD0wIgQCAAIwHAMHACQCecAAAzAR AwYAJAJ5wAEDBwAkAnnAAQowDQYJKoZIhvcNAQELBQADggEBAC9j5/gSDfloeL62 ZnzdAkeCXab+f1YpaqL0QdhJ+6iQ+kumt1xXLym7hB/+zdo0Sb7Xnc/Ng4NkGjtx Ix1k2GdEY5W434bQp/YcwtXYO5fWs9sPf2VrWLg7UXjYVOQuAuzBBHVU538xJgrt DzZ8RW+o88OlpG4g9zJhXKYB//iMRpHkcJ/Ke4XWVtgZtUOU8s+OGtWt7vK8soMq Ti46H40Pqctb826DFENEOj+ErPW6ieJMljNYUgHgv78Ny6h4UawS05KdJTgoOPib W7MHMENwfcW96/IwuxkNrw4+bQne/O4CV2cRogxzKS1m5AYPvpKh00OIDQCA3s/5 9ZEdRag= -----END CERTIFICATE-----Generated at Wed Oct 29 20:27:44 2025 by rpki-client