$ rpki-client -vvf rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/E71AB92A7F7D11EE8C183162C4F9AE02.roa File: E71AB92A7F7D11EE8C183162C4F9AE02.roa (raw, json) Hash identifier: Dsh7pIT1SQfv6ivkNmsm2ZCHRytBDFAmEgjeRNzC7do= Subject key identifier: 97:ED:72:31:E0:6C:F0:1D:26:C2:40:9F:B9:C0:AC:7B:C4:D4:D0:3B Certificate issuer: /CN=A919A7CA/serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Certificate serial: 0130 Authority key identifier: DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/E71AB92A7F7D11EE8C183162C4F9AE02.roa Signing time: Tue 03 Jun 2025 04:42:49 +0000 ROA not before: Tue 03 Jun 2025 04:42:49 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 149793 IP address blocks: 103.186.158.0/24 maxlen: 24 103.186.159.0/24 maxlen: 24 2400:72e0:9f00::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 04:42:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 304 (0x130) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A7CA, serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Validity Not Before: Jun 3 04:42:49 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=683e7d49-2bc1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:a7:ec:e1:93:c2:e9:d5:44:2e:8c:88:d1:35: ff:1f:be:b9:4b:32:2d:e5:61:03:c1:b8:af:20:f1: c7:0f:ac:89:56:a3:f1:83:35:15:fa:80:7b:15:cc: 39:b2:c7:f3:a0:6f:60:a8:b3:af:2a:d2:98:20:90: 47:10:03:5b:1f:c6:64:46:33:86:00:aa:dc:15:83: 47:22:7d:10:36:84:a7:68:00:77:e5:a8:77:ea:a1: fa:ca:72:0f:72:c8:ce:2f:d4:64:cc:b9:1b:90:ba: 3c:96:f5:65:92:f0:2b:6c:c3:ed:95:6e:d9:c8:08: 37:c1:3c:b7:46:21:bd:ec:61:0f:d0:ab:62:2b:92: 39:d3:2c:7c:ea:4a:c8:0d:05:9f:dc:16:52:1b:0e: 80:d2:9e:2d:ad:be:e2:22:e8:ee:ce:76:74:58:a2: 2a:3e:7c:c3:85:1b:b6:e5:26:01:e5:fb:dc:fe:d4: 09:3c:53:08:c0:22:e0:ea:40:e5:7e:e6:42:23:a1: 3b:fa:2c:c4:70:fd:41:37:de:83:8f:6a:63:05:a4: a6:20:cc:69:6c:c6:31:fe:f9:9b:af:40:f6:47:fb: 3c:5e:dc:49:61:0c:b0:e9:cc:9c:9a:26:4b:7f:a6: 60:d4:b7:61:ff:7f:5d:be:13:5a:6a:3b:9c:5a:68: 9b:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:ED:72:31:E0:6C:F0:1D:26:C2:40:9F:B9:C0:AC:7B:C4:D4:D0:3B X509v3 Authority Key Identifier: keyid:DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/E71AB92A7F7D11EE8C183162C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.186.158.0/23 IPv6: 2400:72e0:9f00::/40 Signature Algorithm: sha256WithRSAEncryption 41:de:3a:b0:2f:40:f1:6d:2d:38:90:1c:40:eb:11:4d:68:17: 4a:e8:35:9e:41:18:2d:06:e8:bc:ce:21:71:64:6a:9c:a2:db: 0f:66:ac:13:ce:44:0d:3b:af:e0:74:89:c9:d7:f7:ef:dc:7b: f7:5c:2c:ba:2b:fb:61:7d:58:44:7d:2b:17:89:92:30:c0:a6: 18:45:2d:aa:b3:d7:a6:fb:06:ef:34:73:37:57:0d:28:bc:ff: 24:85:ab:dc:46:60:13:63:65:86:2a:f7:18:d6:cf:47:7d:aa: 37:96:31:bc:dd:a3:24:69:b6:ee:8b:f6:96:4d:ff:6b:40:6d: 5a:46:c1:56:56:43:9d:66:f8:f3:c1:77:cf:ce:99:16:7e:37: 59:c6:81:f7:28:66:38:03:71:30:ec:ea:ec:a7:8d:17:c0:96: de:82:55:52:94:da:d7:ed:23:8f:78:cf:83:52:ac:dd:62:a6: 00:35:bb:f5:4b:0c:21:b7:05:a0:8e:c6:a7:d7:83:4f:9a:2d: b9:b7:80:a5:c8:c4:bc:11:a1:33:0b:61:f7:cc:1f:bc:70:6b: 9e:22:b7:0f:8a:9d:b3:fd:bf:dd:01:b1:f3:cb:10:08:cd:4f: ef:44:ae:d3:4e:cf:55:45:e7:01:fc:2b:dd:92:7d:13:8e:6e: 55:34:ee:b0 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgICATAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3Q0ExMTAvBgNVBAUTKERBMURCMkNEMzFGNDU0RjY5NTYxRDg2NjVEQzkzRUY4 MTJGMzk3QjAwHhcNMjUwNjAzMDQ0MjQ5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNlN2Q0OS0yYmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3afs4ZPC6dVELoyI0TX/H765SzIt5WEDwbivIPHHD6yJVqPxgzUV+oB7Fcw5 ssfzoG9gqLOvKtKYIJBHEANbH8ZkRjOGAKrcFYNHIn0QNoSnaAB35ah36qH6ynIP csjOL9RkzLkbkLo8lvVlkvArbMPtlW7ZyAg3wTy3RiG97GEP0KtiK5I50yx86krI DQWf3BZSGw6A0p4trb7iIujuznZ0WKIqPnzDhRu25SYB5fvc/tQJPFMIwCLg6kDl fuZCI6E7+izEcP1BN96Dj2pjBaSmIMxpbMYx/vmbr0D2R/s8XtxJYQyw6cycmiZL f6Zg1Ldh/39dvhNaajucWmibLwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJftcjHg bPAdJsJAn7nArHvE1NA7MB8GA1UdIwQYMBaAFNodss0x9FT2lWHYZl3JPvgS85ew MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTdDQS80Q0Y3RjE1ODdF QjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQYVZZZGhtWGNrLS1CTHps N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJoMnl6VEgwVlBhVllkaG1YY2stLUJMemw3QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUE3Q0EvNENGN0YxNTg3RUI3MTFFRTk2MjNFOTFBQzRGOUFFMDIvRTcxQUI5MkE3 RjdEMTFFRThDMTgzMTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLwYIKwYBBQUHAQcBAf8E IDAeMAwEAgABMAYDBAFnup4wDgQCAAIwCAMGACQAcuCfMA0GCSqGSIb3DQEBCwUA A4IBAQBB3jqwL0DxbS04kBxA6xFNaBdK6DWeQRgtBui8ziFxZGqcotsPZqwTzkQN O6/gdInJ1/fv3Hv3XCy6K/thfVhEfSsXiZIwwKYYRS2qs9em+wbvNHM3Vw0ovP8k havcRmATY2WGKvcY1s9Hfao3ljG83aMkabbui/aWTf9rQG1aRsFWVkOdZvjzwXfP zpkWfjdZxoH3KGY4A3Ew7Orsp40XwJbeglVSlNrX7SOPeM+DUqzdYqYANbv1Swwh twWgjsan14NPmi25t4ClyMS8EaEzC2H3zB+8cGueIrcPip2z/b/dAbHzyxAIzU/v RK7TTs9VRecB/Cvdkn0Tjm5VNO6w -----END CERTIFICATE-----Generated at Wed Jun 4 00:09:59 2025 by rpki-client