$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa File: 6AB849742C9C11EBB49A3A32C4F9AE02.roa (raw, json) Hash identifier: XK1J3sG5Y6uxxPAsOuRgxOVjY2qXm+2yA9Wh+DZbGtw= Subject key identifier: DD:B1:86:79:0B:61:24:13:9B:24:1F:E7:EE:FE:F0:42:CA:82:EC:B7 Certificate issuer: /CN=A91B6F87/serialNumber=7A5474123C548817E25F3484CC26B60B0641BD69 Certificate serial: 0778 Authority key identifier: 7A:54:74:12:3C:54:88:17:E2:5F:34:84:CC:26:B6:0B:06:41:BD:69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa Signing time: Sat 31 May 2025 21:49:32 +0000 ROA not before: Sat 31 May 2025 21:49:32 +0000 ROA not after: Wed 01 Oct 2025 00:00:00 +0000 asID: 45178 IP address blocks: 103.28.132.0/22 maxlen: 24 103.112.164.0/22 maxlen: 22 103.112.164.0/24 maxlen: 24 103.112.165.0/24 maxlen: 24 103.112.166.0/24 maxlen: 24 111.125.152.0/21 maxlen: 21 111.125.152.0/22 maxlen: 22 111.125.152.0/23 maxlen: 23 111.125.152.0/24 maxlen: 24 111.125.153.0/24 maxlen: 24 111.125.154.0/24 maxlen: 24 111.125.155.0/24 maxlen: 24 111.125.156.0/24 maxlen: 24 111.125.157.0/24 maxlen: 24 111.125.158.0/24 maxlen: 24 111.125.159.0/24 maxlen: 24 116.206.188.0/24 maxlen: 24 116.206.189.0/24 maxlen: 24 116.206.190.0/24 maxlen: 24 203.174.27.0/24 maxlen: 24 2406:d100::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.crl rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 21:52:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1912 (0x778) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F87, serialNumber=7A5474123C548817E25F3484CC26B60B0641BD69 Validity Not Before: May 31 21:49:32 2025 GMT Not After : Oct 1 00:00:00 2025 GMT Subject: CN=683b796c-c001 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:d5:ec:18:9a:ec:79:d1:b3:db:3a:86:38:23: 84:b6:52:cf:a1:fb:8d:d2:d2:a7:cf:37:d1:f9:cb: 13:87:2c:a0:03:61:15:4b:ff:61:37:dc:2f:73:d7: fd:1b:4a:14:27:23:0d:b9:48:d2:d4:78:02:91:a1: ba:fd:12:e0:52:11:2c:35:da:ac:37:06:8f:5a:05: 66:d3:82:a7:0e:54:1e:3f:8f:8e:a7:fc:c4:ca:a1: 46:3f:7e:ca:60:d4:4a:e8:13:a2:d2:42:75:af:dc: 91:02:cd:b2:53:0b:3f:de:63:f8:a9:18:6a:86:dd: b1:b9:42:d6:c5:38:37:11:eb:d9:9c:f0:e8:7b:f9: d8:c3:a7:05:f6:73:09:1b:0e:09:e3:99:ce:36:aa: 0a:00:28:50:26:53:17:ec:d5:2a:d3:be:ca:cd:bd: bf:71:3a:bc:8b:ac:e1:c3:ce:95:dd:d9:9a:7d:9f: ad:a2:6e:75:4f:dd:c6:2b:1c:1b:40:c8:0b:6a:7b: 50:68:19:cb:ac:8c:1b:68:2e:bd:01:bc:2d:ee:d0: e0:1b:9a:d0:5e:37:28:ce:6a:72:42:88:47:b1:1c: 68:f6:4d:69:c3:65:17:1d:35:ea:65:ee:9e:fa:74: 12:82:fa:20:e0:98:98:90:b1:10:a1:b0:fd:5c:72: fe:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:B1:86:79:0B:61:24:13:9B:24:1F:E7:EE:FE:F0:42:CA:82:EC:B7 X509v3 Authority Key Identifier: keyid:7A:54:74:12:3C:54:88:17:E2:5F:34:84:CC:26:B6:0B:06:41:BD:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.28.132.0/22 103.112.164.0/22 111.125.152.0/21 116.206.188.0-116.206.190.255 203.174.27.0/24 IPv6: 2406:d100::/32 Signature Algorithm: sha256WithRSAEncryption 74:1a:22:dc:b9:cd:54:48:12:fd:1a:d5:04:35:76:a6:ab:28: 14:ef:c6:9e:eb:6f:c6:5a:ef:48:34:1c:16:1d:70:f0:8e:33: 11:19:b2:f2:3c:db:00:50:04:4f:76:21:6f:d0:27:4d:cf:af: 25:d2:85:a8:34:0f:a0:3a:ab:67:cb:b8:6c:dc:5c:34:5f:77: 5f:e3:04:cc:6a:37:d6:97:ac:3c:8a:96:9a:e3:d0:3d:0a:13: df:9a:56:13:ee:ef:05:86:c5:bf:0b:9b:0d:6e:36:e7:03:78: 33:7a:15:6b:44:4a:8a:99:e4:d9:0b:56:df:6c:b0:23:fe:b1: cc:f9:24:5c:7a:59:9a:78:5f:89:70:f4:ac:fa:e9:ac:a8:7a: b3:11:c7:93:63:91:de:95:91:a4:0d:fe:82:f0:b3:7a:33:79: 79:90:be:8f:92:d9:4b:0c:e3:80:52:6e:e8:69:db:a9:54:0c: d6:e2:63:68:80:ff:65:94:38:11:a1:0d:85:a5:e3:33:33:c9: fa:0a:4c:ba:9b:a7:35:5c:b9:11:9b:39:98:83:39:05:b4:e7: 6a:b6:87:d4:bf:85:91:b2:80:7d:e3:39:9b:7f:4b:0c:df:8e: 47:b6:28:0b:9e:0b:a0:6f:00:95:cf:a5:cc:81:5e:2b:37:ca: f1:17:b4:1c -----BEGIN CERTIFICATE----- MIIFoDCCBIigAwIBAgICB3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGODcxMTAvBgNVBAUTKDdBNTQ3NDEyM0M1NDg4MTdFMjVGMzQ4NENDMjZCNjBC MDY0MUJENjkwHhcNMjUwNTMxMjE0OTMyWhcNMjUxMDAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiNzk2Yy1jMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx9XsGJrsedGz2zqGOCOEtlLPofuN0tKnzzfR+csThyygA2EVS/9hN9wvc9f9 G0oUJyMNuUjS1HgCkaG6/RLgUhEsNdqsNwaPWgVm04KnDlQeP4+Op/zEyqFGP37K YNRK6BOi0kJ1r9yRAs2yUws/3mP4qRhqht2xuULWxTg3EevZnPDoe/nYw6cF9nMJ Gw4J45nONqoKAChQJlMX7NUq077Kzb2/cTq8i6zhw86V3dmafZ+tom51T93GKxwb QMgLantQaBnLrIwbaC69Abwt7tDgG5rQXjcozmpyQohHsRxo9k1pw2UXHTXqZe6e +nQSgvog4JiYkLEQobD9XHL+VQIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFN2xhnkL YSQTmyQf5+7+8ELKguy3MB8GA1UdIwQYMBaAFHpUdBI8VIgX4l80hMwmtgsGQb1p MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY4Ny9CMUNENzFGMDI2 ODgxMUVCQkU3QzY4MkJDNEY5QUUwMi9lbFIwRWp4VWlCZmlYelNFekNhMkN3WkJ2 V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VsUjBFanhVaUJmaVh6U0V6Q2EyQ3daQnZXay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGODcvQjFDRDcxRjAyNjg4MTFFQkJFN0M2ODJCQzRGOUFFMDIvNkFCODQ5NzQy QzlDMTFFQkI0OUEzQTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E PzA9MCwEAgABMCYDBAJnHIQDBAJncKQDBANvfZgwDAMEAnTOvAMEAHTOvgMEAMuu GzANBAIAAjAHAwUAJAbRADANBgkqhkiG9w0BAQsFAAOCAQEAdBoi3LnNVEgS/RrV BDV2pqsoFO/GnutvxlrvSDQcFh1w8I4zERmy8jzbAFAET3Yhb9AnTc+vJdKFqDQP oDqrZ8u4bNxcNF93X+MEzGo31pesPIqWmuPQPQoT35pWE+7vBYbFvwubDW425wN4 M3oVa0RKipnk2QtW32ywI/6xzPkkXHpZmnhfiXD0rPrprKh6sxHHk2OR3pWRpA3+ gvCzejN5eZC+j5LZSwzjgFJu6GnbqVQM1uJjaID/ZZQ4EaENhaXjMzPJ+gpMupun NVy5EZs5mIM5BbTnaraH1L+FkbKAfeM5m39LDN+OR7YoC54LoG8Alc+lzIFeKzfK 8Re0HA== -----END CERTIFICATE-----Generated at Wed Jun 4 00:16:36 2025 by rpki-client