$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/3474AD64FAD311ED9CEE0E29C4F9AE02.roa File: 3474AD64FAD311ED9CEE0E29C4F9AE02.roa (raw, json) Hash identifier: bZ3DvcSU67WmMaGW0gpbOJ7oihqEunDO2oztcjKXnww= Subject key identifier: 5C:05:BA:02:80:C9:2D:DD:3C:96:5C:8D:AA:8D:4A:D1:63:1A:08:BA Certificate issuer: /CN=A91AF01C/serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Certificate serial: 018A Authority key identifier: 5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/3474AD64FAD311ED9CEE0E29C4F9AE02.roa Signing time: Sun 01 Jun 2025 04:00:24 +0000 ROA not before: Sun 01 Jun 2025 04:00:24 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 138611 IP address blocks: 103.206.16.0/23 maxlen: 23 103.206.16.0/24 maxlen: 24 103.206.17.0/24 maxlen: 24 2401:160::/32 maxlen: 32 2401:160::/46 maxlen: 46 2401:160::/48 maxlen: 48 2401:160:1::/48 maxlen: 48 2401:160:2::/48 maxlen: 48 2401:160:3::/48 maxlen: 48 2401:160:4::/46 maxlen: 46 2401:160:4::/48 maxlen: 48 2401:160:5::/48 maxlen: 48 2401:160:6::/48 maxlen: 48 2401:160:7::/48 maxlen: 48 2401:160:8::/48 maxlen: 48 2401:160:9::/48 maxlen: 48 2401:160:10::/48 maxlen: 48 2401:160:11::/48 maxlen: 48 2401:160:12::/48 maxlen: 48 2401:160:13::/48 maxlen: 48 2401:160:14::/48 maxlen: 48 2401:160:15::/48 maxlen: 48 2401:160:200::/42 maxlen: 42 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 04:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 394 (0x18a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF01C, serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Validity Not Before: Jun 1 04:00:24 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=683bd058-beca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:61:1c:4f:30:16:e6:06:d4:12:64:e3:70:27: a6:a0:ae:60:34:62:0a:fe:86:5c:b9:56:6a:9b:4d: 87:5b:ef:78:f2:81:4e:8e:af:61:8e:2b:bd:93:e0: ad:c8:38:c6:24:64:a6:19:89:c5:9a:a9:26:df:bc: 13:53:ca:01:f5:5d:95:6e:93:1d:24:dc:9a:56:35: 15:0a:46:88:d7:92:55:8d:ed:44:ca:18:ec:32:94: b5:50:4f:86:84:17:c1:ba:b3:79:7a:34:f3:9c:31: 01:8d:26:45:69:82:c2:d5:2b:b3:ec:b7:97:bf:1d: b0:73:8c:58:3b:cb:ea:54:60:7f:04:f4:1e:6e:18: 7b:da:8c:73:78:b3:52:eb:85:7c:39:97:e2:ab:90: ca:3a:f1:e9:a9:53:31:7b:a0:69:26:91:47:37:42: 88:59:a9:f2:a7:cd:36:02:63:d0:34:8a:4d:09:0c: 86:b8:8d:a4:dc:df:6c:39:de:4c:c3:14:d2:46:8d: 0f:46:9b:81:33:6a:3d:b0:af:85:3d:1f:4e:0f:53: 42:b3:e9:50:3e:1d:55:47:72:c1:a7:25:00:77:6d: 0a:e2:70:8a:d6:3d:75:32:ab:7d:ce:34:2d:34:40: 51:34:17:49:cc:df:0f:e7:dd:ae:54:2e:e8:40:11: 36:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:05:BA:02:80:C9:2D:DD:3C:96:5C:8D:AA:8D:4A:D1:63:1A:08:BA X509v3 Authority Key Identifier: keyid:5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/3474AD64FAD311ED9CEE0E29C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.206.16.0/23 IPv6: 2401:160::/32 Signature Algorithm: sha256WithRSAEncryption bd:b7:30:80:9f:e5:ee:48:49:d9:43:b4:f4:10:22:df:c5:c2: 5f:28:99:22:16:a7:05:22:98:1b:6f:18:71:99:d3:40:6c:c1: da:ea:83:e2:e0:1f:83:0c:bc:81:9e:f6:68:68:4d:6d:6a:2a: 83:3c:c6:6a:09:8b:e3:8d:1d:9a:05:b3:98:30:ec:4e:e8:8a: e2:5f:1b:e1:2d:bc:f9:e0:10:81:6d:fe:3b:73:d3:db:a9:94: 83:25:b6:f7:f9:08:6b:2b:13:79:a7:87:f2:91:93:e2:d1:4d: b0:88:a9:ab:24:14:c7:66:fb:d7:95:27:7e:d7:13:f6:48:8f: cf:1c:97:d2:3d:00:34:dc:9b:fb:ee:52:8e:cd:d3:4e:88:f4: 2c:83:f6:c2:14:ef:60:39:15:80:2b:b5:61:ed:d6:6b:80:b2: 0a:a7:47:df:76:f4:d6:46:e1:f7:b2:cf:3b:51:49:96:2a:98: d5:f9:8b:7d:1d:b3:a1:09:e5:8f:73:c0:3f:8a:13:35:47:9c: 7f:09:44:99:f4:eb:9c:9f:56:83:da:36:0f:1d:7d:f8:ea:ff: 26:ce:1d:34:91:c0:14:0a:84:9f:db:64:21:c4:8e:92:60:46: ce:04:39:7f:ab:5d:de:44:65:e7:c0:c6:07:f9:36:7b:60:2b: 4b:c3:4c:a2 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICAYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwMUMxMTAvBgNVBAUTKDVERDQ2ODVBMkU5NkIxNDE2RjdDRDMzNUNERUI0QUQx ODIyRjdERUIwHhcNMjUwNjAxMDQwMDI0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiZDA1OC1iZWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA22EcTzAW5gbUEmTjcCemoK5gNGIK/oZcuVZqm02HW+948oFOjq9hjiu9k+Ct yDjGJGSmGYnFmqkm37wTU8oB9V2VbpMdJNyaVjUVCkaI15JVje1EyhjsMpS1UE+G hBfBurN5ejTznDEBjSZFaYLC1Suz7LeXvx2wc4xYO8vqVGB/BPQebhh72oxzeLNS 64V8OZfiq5DKOvHpqVMxe6BpJpFHN0KIWanyp802AmPQNIpNCQyGuI2k3N9sOd5M wxTSRo0PRpuBM2o9sK+FPR9OD1NCs+lQPh1VR3LBpyUAd20K4nCK1j11Mqt9zjQt NEBRNBdJzN8P592uVC7oQBE2cwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFwFugKA yS3dPJZcjaqNStFjGgi6MB8GA1UdIwQYMBaAFF3UaFoulrFBb3zTNc3rStGCL33r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjAxQy9FNUQ5RTczNEZB Q0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NVRnZmTk0xemV0SzBZSXZm ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hkUm9XaTZXc1VGdmZOTTF6ZXRLMFlJdmZlcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUYwMUMvRTVEOUU3MzRGQUNCMTFFREI4Rjk3RDg1QzRGOUFFMDIvMzQ3NEFENjRG QUQzMTFFRDlDRUUwRTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnzhAwDQQCAAIwBwMFACQBAWAwDQYJKoZIhvcNAQELBQAD ggEBAL23MICf5e5ISdlDtPQQIt/Fwl8omSIWpwUimBtvGHGZ00Bswdrqg+LgH4MM vIGe9mhoTW1qKoM8xmoJi+ONHZoFs5gw7E7oiuJfG+EtvPngEIFt/jtz09uplIMl tvf5CGsrE3mnh/KRk+LRTbCIqaskFMdm+9eVJ37XE/ZIj88cl9I9ADTcm/vuUo7N 006I9CyD9sIU72A5FYArtWHt1muAsgqnR9929NZG4feyzztRSZYqmNX5i30ds6EJ 5Y9zwD+KEzVHnH8JRJn065yfVoPaNg8dffjq/ybOHTSRwBQKhJ/bZCHEjpJgRs4E OX+rXd5EZefAxgf5NntgK0vDTKI= -----END CERTIFICATE-----Generated at Mon Jun 2 06:32:09 2025 by rpki-client