$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/C33EB0EC7C4211EB933D233EC4F9AE02.roa File: C33EB0EC7C4211EB933D233EC4F9AE02.roa (raw, json) Hash identifier: V3s4r52s3OPKDLcYcdmKSn/0GHVPcogcj1iQaYzRFaU= Subject key identifier: 95:7D:00:5E:CE:66:55:EF:25:74:6E:D8:23:1D:20:84:44:8D:48:61 Certificate issuer: /CN=A91B3CA4/serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302 Certificate serial: 0856 Authority key identifier: B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/C33EB0EC7C4211EB933D233EC4F9AE02.roa Signing time: Thu 22 May 2025 20:57:58 +0000 ROA not before: Thu 22 May 2025 20:57:58 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 139039 IP address blocks: 103.138.212.0/23 maxlen: 23 103.138.212.0/24 maxlen: 24 103.138.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 20:56:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2134 (0x856) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B3CA4, serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302 Validity Not Before: May 22 20:57:58 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=682f8fd5-c4ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:12:d7:dc:fa:4c:72:f2:dc:da:26:7d:78:f3: 89:e9:27:8d:74:dc:f8:8e:8b:0b:aa:9c:e1:23:9c: a6:00:80:6e:22:bc:b9:45:1b:a3:02:e4:7d:aa:2d: 92:01:53:b6:45:30:df:05:a5:6e:1e:2a:16:5f:9e: 63:5b:7a:3e:df:b2:8d:8d:e7:81:1a:1f:fa:6b:f9: 63:d4:69:b3:bb:f1:fb:72:ee:88:c5:a0:80:44:7a: ca:eb:03:49:dc:3c:9a:73:70:4e:06:1a:d0:d9:04: 1b:16:01:b7:1f:ac:22:46:5c:16:06:90:e7:a3:60: 5d:90:85:2c:e9:a7:ca:65:17:bc:1f:3f:0d:31:6e: 7b:2a:a5:16:a2:29:97:83:5d:00:12:ee:a3:03:e1: 13:10:19:1e:4e:5a:04:1b:33:35:9f:f3:6f:3f:70: 64:cf:77:17:f2:d7:2b:6e:a2:4a:3e:1e:e7:7a:9a: be:a2:18:9d:3d:41:76:fc:ca:94:58:06:84:d1:0b: 38:ec:7a:43:26:a9:1c:a8:0c:52:4a:a3:60:a9:16: 24:9d:31:64:52:16:bc:ba:79:ae:da:ac:22:fb:a1: 05:34:70:84:44:15:44:b7:db:69:18:3c:95:8b:12: e7:b8:6f:bc:aa:da:ad:f2:d3:5c:f2:3f:35:14:a6: db:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:7D:00:5E:CE:66:55:EF:25:74:6E:D8:23:1D:20:84:44:8D:48:61 X509v3 Authority Key Identifier: keyid:B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/C33EB0EC7C4211EB933D233EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.212.0/23 Signature Algorithm: sha256WithRSAEncryption 7a:43:fa:a7:15:9b:07:2f:a0:54:dd:64:b9:9a:58:a6:57:bf: 4e:2d:aa:78:5e:91:d1:f2:cc:47:b0:ba:09:27:1f:b0:17:d8: 43:f5:d4:ed:6e:f5:25:b7:34:a4:ae:01:d3:b2:c5:c8:69:ce: 0b:43:d0:c5:6e:75:48:ca:00:30:c2:ad:20:ac:94:75:d7:e6: 27:e3:ee:a4:e9:79:2c:01:94:70:6f:79:6b:2f:84:d1:08:f8: d1:bd:8d:c3:de:9d:62:94:14:e0:18:68:9b:63:52:f9:f4:92: ac:17:d2:65:1d:7e:9e:0c:72:4c:2c:3c:c3:f6:b8:35:79:21: 2a:a4:3e:a5:9c:7a:ff:6f:05:23:ee:75:5a:59:47:16:e8:b1: 36:16:86:92:69:a0:be:90:a2:61:2f:9e:a6:32:60:7e:65:ca: 5c:2c:21:22:48:64:87:63:03:f8:50:07:5c:c6:8c:75:dd:84: b4:65:61:02:bf:ba:56:04:ca:62:7b:ac:20:5b:60:5b:2e:87: 3d:d2:bf:a6:cb:47:57:e5:ec:f3:b2:65:98:90:1a:54:42:a8: 33:79:0e:23:0b:92:44:0a:fa:33:02:0d:93:fc:a6:b7:3a:a0: 85:30:fd:67:43:b2:2e:d2:e0:5d:cf:92:a3:4a:02:67:39:6a: d6:b9:5c:1a -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjNDQTQxMTAvBgNVBAUTKEI1OEQyOUY3QjgxMDdGMTU4NUI1RkZFNzBDNTAyQzZD OEY1RDMzMDIwHhcNMjUwNTIyMjA1NzU4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJmOGZkNS1jNGFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3hLX3PpMcvLc2iZ9ePOJ6SeNdNz4josLqpzhI5ymAIBuIry5RRujAuR9qi2S AVO2RTDfBaVuHioWX55jW3o+37KNjeeBGh/6a/lj1Gmzu/H7cu6IxaCARHrK6wNJ 3Dyac3BOBhrQ2QQbFgG3H6wiRlwWBpDno2BdkIUs6afKZRe8Hz8NMW57KqUWoimX g10AEu6jA+ETEBkeTloEGzM1n/NvP3Bkz3cX8tcrbqJKPh7nepq+ohidPUF2/MqU WAaE0Qs47HpDJqkcqAxSSqNgqRYknTFkUha8unmu2qwi+6EFNHCERBVEt9tpGDyV ixLnuG+8qtqt8tNc8j81FKbbwwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJV9AF7O ZlXvJXRu2CMdIIREjUhhMB8GA1UdIwQYMBaAFLWNKfe4EH8VhbX/5wxQLGyPXTMC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0NBNC8xNUY2OEI1Q0NG MTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4V0Z0Zl9uREZBc2JJOWRN d0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RZMHA5N2dRZnhXRnRmX25ERkFzYkk5ZE13SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjNDQTQvMTVGNjhCNUNDRjE5MTFFQUFFRjYwQjFFQzRGOUFFMDIvQzMzRUIwRUM3 QzQyMTFFQjkzM0QyMzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnitQwDQYJKoZIhvcNAQELBQADggEBAHpD+qcVmwcvoFTd ZLmaWKZXv04tqnhekdHyzEewugknH7AX2EP11O1u9SW3NKSuAdOyxchpzgtD0MVu dUjKADDCrSCslHXX5ifj7qTpeSwBlHBveWsvhNEI+NG9jcPenWKUFOAYaJtjUvn0 kqwX0mUdfp4MckwsPMP2uDV5ISqkPqWcev9vBSPudVpZRxbosTYWhpJpoL6QomEv nqYyYH5lylwsISJIZIdjA/hQB1zGjHXdhLRlYQK/ulYEymJ7rCBbYFsuhz3Sv6bL R1fl7POyZZiQGlRCqDN5DiMLkkQK+jMCDZP8prc6oIUw/WdDsi7S4F3PkqNKAmc5 ata5XBo= -----END CERTIFICATE-----Generated at Tue Jun 3 23:44:10 2025 by rpki-client