$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/3E0BA21CEBB211EEA93D9B14C4F9AE02.roa File: 3E0BA21CEBB211EEA93D9B14C4F9AE02.roa (raw, json) Hash identifier: VzDNl+e9c187NG+xNBhGjgSyuKcXiIbT9dvqTK6Jcdk= Subject key identifier: 5A:52:A8:0C:0B:20:27:1D:71:34:0F:EC:A6:49:CD:C3:79:DB:4E:A1 Certificate issuer: /CN=A91A7169/serialNumber=4042C2490D7DAFEC3320316ED5AA74E0BECAA9A9 Certificate serial: 012D Authority key identifier: 40:42:C2:49:0D:7D:AF:EC:33:20:31:6E:D5:AA:74:E0:BE:CA:A9:A9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QELCSQ19r-wzIDFu1ap04L7Kqak.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/3E0BA21CEBB211EEA93D9B14C4F9AE02.roa Signing time: Fri 27 Jun 2025 05:04:24 +0000 ROA not before: Fri 27 Jun 2025 05:04:24 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 16509 IP address blocks: 167.103.90.0/24 maxlen: 24 167.103.91.0/24 maxlen: 24 167.103.92.0/24 maxlen: 24 167.103.93.0/24 maxlen: 24 167.103.94.0/24 maxlen: 24 167.103.95.0/24 maxlen: 24 167.103.170.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/QELCSQ19r-wzIDFu1ap04L7Kqak.crl rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/QELCSQ19r-wzIDFu1ap04L7Kqak.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QELCSQ19r-wzIDFu1ap04L7Kqak.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 04:25:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 301 (0x12d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7169, serialNumber=4042C2490D7DAFEC3320316ED5AA74E0BECAA9A9 Validity Not Before: Jun 27 05:04:24 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=685e2658-756d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:aa:3d:a3:92:62:c7:20:73:97:fd:08:44:ff: 2b:70:14:2a:ea:52:9c:15:68:7d:2b:07:39:f0:67: 3b:2c:bd:64:be:9b:0e:dd:5d:f6:b2:9c:a2:1f:e6: 10:1b:2f:b1:9f:13:0a:d2:91:56:61:09:f6:11:d2: 9d:10:64:15:41:e6:96:00:6f:56:96:d6:33:63:b8: af:73:20:04:4c:16:c4:e1:40:46:cd:73:3c:9e:ea: 9a:b4:38:ea:75:79:c5:ff:52:e3:1a:4e:d3:55:02: bd:e5:dd:58:c5:69:72:f1:22:69:03:35:e2:3f:a6: d1:a5:bc:ce:30:36:56:55:cb:cc:07:77:4b:9f:dc: 0b:31:53:cc:12:d3:8a:32:5f:24:2c:78:06:99:22: a6:e2:fe:17:55:52:ba:02:3c:03:f6:1e:e5:1f:c1: 2a:98:04:b2:46:5f:7b:cf:39:64:80:6d:33:38:94: 5c:25:18:8a:ca:96:f6:15:d0:03:5c:4f:7b:6f:5c: de:ea:1a:e4:c1:9a:05:00:f6:0b:0f:e3:78:16:f3: 8c:95:39:c9:c5:17:a4:8e:6b:f5:8f:fc:5a:de:ad: 1e:89:a4:99:8a:4d:08:8e:ee:44:bd:8e:e2:27:10: 6f:9f:66:f5:a8:71:02:24:64:c2:f6:16:df:60:a2: d0:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:52:A8:0C:0B:20:27:1D:71:34:0F:EC:A6:49:CD:C3:79:DB:4E:A1 X509v3 Authority Key Identifier: keyid:40:42:C2:49:0D:7D:AF:EC:33:20:31:6E:D5:AA:74:E0:BE:CA:A9:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/QELCSQ19r-wzIDFu1ap04L7Kqak.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QELCSQ19r-wzIDFu1ap04L7Kqak.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/3E0BA21CEBB211EEA93D9B14C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 167.103.90.0-167.103.95.255 167.103.170.0/24 Signature Algorithm: sha256WithRSAEncryption b2:6d:72:53:84:9b:d7:7b:0a:a4:6a:52:d8:0b:74:17:aa:31: eb:76:c5:46:06:14:48:ea:00:0e:29:95:7c:dd:9a:62:ca:a6: ff:73:5e:cf:23:99:70:ee:ef:77:ec:eb:4b:a1:c5:14:65:24: 5a:25:ff:86:e0:a6:89:07:7f:be:53:65:86:98:21:99:d4:b1: 38:47:68:80:98:e2:2d:07:6c:ed:81:09:a6:c4:6e:09:71:59: 4c:ab:8c:b3:a4:3f:93:3a:46:a6:6e:6b:ce:03:b5:68:89:68: 11:d5:2b:8f:5c:84:85:3a:48:86:89:15:4e:29:f7:f3:04:70: ad:eb:e3:60:02:e1:b1:8c:69:37:b3:03:80:a6:c1:7a:60:3a: 25:26:b3:7e:ff:00:48:4b:04:fd:68:f6:ea:d7:60:e6:10:87: a2:96:dd:82:50:a6:04:fe:5c:12:7e:09:4e:e0:de:a8:68:39: f8:48:34:ce:87:c5:ea:5a:23:cc:63:d1:95:a4:18:1b:e7:22: 5b:a8:cf:58:bf:16:90:f0:64:45:2c:de:82:1d:d2:88:e0:8e: 21:c5:31:6a:26:ad:8d:d4:62:43:39:7d:f4:9f:ee:c7:5d:4b: dd:19:d7:ba:b9:59:53:4a:c3:db:70:97:a9:95:9b:8f:ec:e2: 59:2c:28:fe -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICAS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTcxNjkxMTAvBgNVBAUTKDQwNDJDMjQ5MEQ3REFGRUMzMzIwMzE2RUQ1QUE3NEUw QkVDQUE5QTkwHhcNMjUwNjI3MDUwNDI0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODVlMjY1OC03NTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvao9o5JixyBzl/0IRP8rcBQq6lKcFWh9Kwc58Gc7LL1kvpsO3V32spyiH+YQ Gy+xnxMK0pFWYQn2EdKdEGQVQeaWAG9WltYzY7ivcyAETBbE4UBGzXM8nuqatDjq dXnF/1LjGk7TVQK95d1YxWly8SJpAzXiP6bRpbzOMDZWVcvMB3dLn9wLMVPMEtOK Ml8kLHgGmSKm4v4XVVK6AjwD9h7lH8EqmASyRl97zzlkgG0zOJRcJRiKypb2FdAD XE97b1ze6hrkwZoFAPYLD+N4FvOMlTnJxRekjmv1j/xa3q0eiaSZik0Iju5EvY7i JxBvn2b1qHECJGTC9hbfYKLQlwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFFpSqAwL ICcdcTQP7KZJzcN5206hMB8GA1UdIwQYMBaAFEBCwkkNfa/sMyAxbtWqdOC+yqmp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzE2OS82MjMzREQzRUVC QUUxMUVFOEEwRUQ5NjRDNEY5QUUwMi9RRUxDU1ExOXItd3pJREZ1MWFwMDRMN0tx YWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1FFTENTUTE5ci13eklERnUxYXAwNEw3S3Fhay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTcxNjkvNjIzM0REM0VFQkFFMTFFRThBMEVEOTY0QzRGOUFFMDIvM0UwQkEyMUNF QkIyMTFFRUE5M0Q5QjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQwDAMEAadnWgMEBadnQAMEAKdnqjANBgkqhkiG9w0BAQsFAAOC AQEAsm1yU4Sb13sKpGpS2At0F6ox63bFRgYUSOoADimVfN2aYsqm/3NezyOZcO7v d+zrS6HFFGUkWiX/huCmiQd/vlNlhpghmdSxOEdogJjiLQds7YEJpsRuCXFZTKuM s6Q/kzpGpm5rzgO1aIloEdUrj1yEhTpIhokVTin38wRwrevjYALhsYxpN7MDgKbB emA6JSazfv8ASEsE/Wj26tdg5hCHopbdglCmBP5cEn4JTuDeqGg5+Eg0zofF6loj zGPRlaQYG+ciW6jPWL8WkPBkRSzegh3SiOCOIcUxaiatjdRiQzl99J/ux11L3RnX urlZU0rD23CXqZWbj+ziWSwo/g== -----END CERTIFICATE-----Generated at Tue Jul 1 01:24:00 2025 by rpki-client