$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7761/0E4B9168BD3411EB90E55428C4F9AE02/C9BA671C3A2611F0908A2B20C4F9AE02.roa File: C9BA671C3A2611F0908A2B20C4F9AE02.roa (raw, json) Hash identifier: hAsOFqLGhlXPlJQqq8o+TJ1lqU96PHU1fRQ8ll9kM1c= Subject key identifier: 32:6C:BA:0A:7E:5A:BB:BA:87:4E:93:4A:BC:F7:D4:4D:52:25:5D:69 Certificate issuer: /CN=A91A7761/serialNumber=51D5CC2D5E428FC955149F576211904F05BAF211 Certificate serial: 05FC Authority key identifier: 51:D5:CC:2D:5E:42:8F:C9:55:14:9F:57:62:11:90:4F:05:BA:F2:11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdXMLV5Cj8lVFJ9XYhGQTwW68hE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7761/0E4B9168BD3411EB90E55428C4F9AE02/C9BA671C3A2611F0908A2B20C4F9AE02.roa Signing time: Mon 26 May 2025 23:53:58 +0000 ROA not before: Mon 26 May 2025 23:53:58 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 147003 IP address blocks: 103.97.200.0/23 maxlen: 23 103.97.200.0/24 maxlen: 24 103.97.201.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7761/0E4B9168BD3411EB90E55428C4F9AE02/UdXMLV5Cj8lVFJ9XYhGQTwW68hE.crl rsync://rpki.apnic.net/member_repository/A91A7761/0E4B9168BD3411EB90E55428C4F9AE02/UdXMLV5Cj8lVFJ9XYhGQTwW68hE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdXMLV5Cj8lVFJ9XYhGQTwW68hE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 23:18:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1532 (0x5fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7761, serialNumber=51D5CC2D5E428FC955149F576211904F05BAF211 Validity Not Before: May 26 23:53:58 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6834ff16-f788 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:1d:11:93:da:64:a1:09:80:b8:1f:84:c2:c8: 3d:fd:84:20:77:f1:32:2a:4a:5c:99:ca:8c:d4:48: a5:7c:66:f2:f8:23:df:a4:76:99:ce:01:c8:58:e6: 76:61:ec:6f:9b:5c:7e:4c:4a:f7:69:64:03:88:21: 75:aa:22:30:98:63:07:eb:1b:aa:f9:0e:7e:99:46: d5:5f:2e:72:0c:30:7b:1d:35:f3:c7:92:d8:2c:f4: c7:36:54:6e:7a:f9:03:85:cb:6b:2f:e1:3b:d2:ca: a1:36:3c:9e:1a:2c:5b:2c:f7:95:36:b6:75:87:49: 35:8d:b6:37:9a:c8:f1:b8:60:8e:3e:86:d1:82:eb: b7:f3:32:21:bc:1a:46:0b:3f:79:a2:40:75:3a:20: 45:fb:e2:ac:38:ca:96:b6:f1:76:72:fe:6c:33:d6: 16:d8:da:1d:d6:70:d8:42:ed:a9:17:a3:68:23:61: 66:bb:42:81:b9:3c:e7:b0:90:18:76:3c:94:01:15: 70:a1:df:3f:12:73:8e:2a:b3:5b:6f:18:5b:68:a8: d7:03:47:e2:db:82:b9:ff:38:9f:55:3d:ab:8b:d0: 5a:bf:08:ec:37:ae:17:fc:84:df:4b:0e:e1:d0:44: 9c:3c:b3:8f:f5:1e:20:64:47:44:75:14:04:3e:06: 03:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:6C:BA:0A:7E:5A:BB:BA:87:4E:93:4A:BC:F7:D4:4D:52:25:5D:69 X509v3 Authority Key Identifier: keyid:51:D5:CC:2D:5E:42:8F:C9:55:14:9F:57:62:11:90:4F:05:BA:F2:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7761/0E4B9168BD3411EB90E55428C4F9AE02/UdXMLV5Cj8lVFJ9XYhGQTwW68hE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdXMLV5Cj8lVFJ9XYhGQTwW68hE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7761/0E4B9168BD3411EB90E55428C4F9AE02/C9BA671C3A2611F0908A2B20C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.97.200.0/23 Signature Algorithm: sha256WithRSAEncryption 9d:8f:b8:2d:2d:3a:2d:b2:9e:d9:4f:2b:e7:d5:d2:7b:65:a7: d0:cd:a4:a5:60:53:9e:1d:19:d9:2a:1f:cf:dd:10:6d:c8:87: e7:1f:ba:9b:20:0f:e8:09:ce:df:c0:dd:b6:7a:32:77:6e:b8: 11:96:0c:9d:33:99:d1:f9:39:59:97:90:ab:c2:d9:4d:a1:02: 42:74:cb:e8:47:8c:48:7f:7e:e4:b2:3e:5a:80:67:a4:49:3a: f9:a0:aa:f4:fb:79:bb:8c:cb:b4:67:fa:71:24:00:8c:d9:05: 23:76:8c:a6:cd:1e:3e:36:f2:b3:68:3c:5b:9b:a7:87:78:a8: 82:39:67:72:ad:ef:6e:31:d7:67:f9:9a:dc:ec:05:e1:af:ae: ce:59:e3:56:40:4a:ed:67:63:7e:f4:38:10:10:c0:db:f3:77: 8a:6a:a1:e5:9c:7d:29:7d:1a:0d:d9:24:e9:76:fe:d2:56:53: c2:29:98:f3:48:12:e9:8f:4c:31:6e:75:dd:f7:22:fc:10:c9: 2c:72:26:df:81:ac:f8:52:11:31:5b:3d:38:76:8b:cc:9b:25: bf:31:0e:4d:3d:e4:70:dc:f4:a0:f2:69:0f:a2:85:7f:c3:a7: 0c:4a:cf:01:82:22:53:99:d6:0b:77:42:40:f2:c7:2a:0e:0e: 94:12:5f:54 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTc3NjExMTAvBgNVBAUTKDUxRDVDQzJENUU0MjhGQzk1NTE0OUY1NzYyMTE5MDRG MDVCQUYyMTEwHhcNMjUwNTI2MjM1MzU4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM0ZmYxNi1mNzg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvB0Rk9pkoQmAuB+Ewsg9/YQgd/EyKkpcmcqM1EilfGby+CPfpHaZzgHIWOZ2 Yexvm1x+TEr3aWQDiCF1qiIwmGMH6xuq+Q5+mUbVXy5yDDB7HTXzx5LYLPTHNlRu evkDhctrL+E70sqhNjyeGixbLPeVNrZ1h0k1jbY3msjxuGCOPobRguu38zIhvBpG Cz95okB1OiBF++KsOMqWtvF2cv5sM9YW2Nod1nDYQu2pF6NoI2Fmu0KBuTznsJAY djyUARVwod8/EnOOKrNbbxhbaKjXA0fi24K5/zifVT2ri9BavwjsN64X/ITfSw7h 0EScPLOP9R4gZEdEdRQEPgYD+wIDAQABo4IClTCCApEwHQYDVR0OBBYEFDJsugp+ Wru6h06TSrz31E1SJV1pMB8GA1UdIwQYMBaAFFHVzC1eQo/JVRSfV2IRkE8FuvIR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzc2MS8wRTRCOTE2OEJE MzQxMUVCOTBFNTU0MjhDNEY5QUUwMi9VZFhNTFY1Q2o4bFZGSjlYWWhHUVR3VzY4 aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VkWE1MVjVDajhsVkZKOVhZaEdRVHdXNjhoRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTc3NjEvMEU0QjkxNjhCRDM0MTFFQjkwRTU1NDI4QzRGOUFFMDIvQzlCQTY3MUMz QTI2MTFGMDkwOEEyQjIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnYcgwDQYJKoZIhvcNAQELBQADggEBAJ2PuC0tOi2yntlP K+fV0ntlp9DNpKVgU54dGdkqH8/dEG3Ih+cfupsgD+gJzt/A3bZ6MnduuBGWDJ0z mdH5OVmXkKvC2U2hAkJ0y+hHjEh/fuSyPlqAZ6RJOvmgqvT7ebuMy7Rn+nEkAIzZ BSN2jKbNHj428rNoPFubp4d4qII5Z3Kt724x12f5mtzsBeGvrs5Z41ZASu1nY370 OBAQwNvzd4pqoeWcfSl9Gg3ZJOl2/tJWU8IpmPNIEumPTDFudd33IvwQySxyJt+B rPhSETFbPTh2i8ybJb8xDk095HDc9KDyaQ+ihX/DpwxKzwGCIlOZ1gt3QkDyxyoO DpQSX1Q= -----END CERTIFICATE-----Generated at Tue Jun 3 23:58:47 2025 by rpki-client