$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/703918CC69EA11EE83318C50C4F9AE02.roa File: 703918CC69EA11EE83318C50C4F9AE02.roa (raw, json) Hash identifier: sl3iOiIpHmamaoTiyabLQSY+b6gx0pCXz/Ji33uFHt4= Subject key identifier: 92:2A:73:F3:F2:96:C9:A4:04:ED:DE:AB:CC:16:09:3C:7F:42:4B:E9 Certificate issuer: /CN=A91BA9CE/serialNumber=E9690BBB9F36C09D4C2ED4F66CF55DC35275FB72 Certificate serial: 0C8C Authority key identifier: E9:69:0B:BB:9F:36:C0:9D:4C:2E:D4:F6:6C:F5:5D:C3:52:75:FB:72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6WkLu582wJ1MLtT2bPVdw1J1-3I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/703918CC69EA11EE83318C50C4F9AE02.roa Signing time: Wed 04 Jun 2025 18:41:53 +0000 ROA not before: Wed 04 Jun 2025 18:41:53 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 138598 IP address blocks: 43.239.101.0/24 maxlen: 24 2406:f900:a::/48 maxlen: 48 2406:f900:b::/48 maxlen: 48 2406:f900:c::/48 maxlen: 48 2406:f900:d::/48 maxlen: 48 2406:f900:e::/48 maxlen: 48 2406:f900:f::/48 maxlen: 48 2406:f900:10::/48 maxlen: 48 2406:f900:11::/48 maxlen: 48 2406:f900:12::/48 maxlen: 48 2406:f900:13::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/6WkLu582wJ1MLtT2bPVdw1J1-3I.crl rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/6WkLu582wJ1MLtT2bPVdw1J1-3I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6WkLu582wJ1MLtT2bPVdw1J1-3I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 18:41:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3212 (0xc8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA9CE, serialNumber=E9690BBB9F36C09D4C2ED4F66CF55DC35275FB72 Validity Not Before: Jun 4 18:41:53 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68409370-e757 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b8:db:64:47:63:e7:82:48:a1:02:92:48:be: af:b6:22:7b:56:2a:9f:f9:2c:a0:e9:65:77:fe:d0: 84:95:1e:10:24:ea:fd:aa:99:44:d5:57:1d:15:00: 63:45:51:e2:8e:3d:78:0b:7e:13:4f:fe:26:49:14: 3e:f2:b0:22:c3:96:d8:1d:02:f3:02:a5:f2:57:52: 1d:0e:ff:e0:66:86:85:6f:8d:b4:d5:12:31:d2:76: 73:6f:ea:9e:d1:af:ce:b8:91:c8:fd:e5:01:24:f4: 78:9c:ac:06:18:88:9a:22:ec:d6:9c:83:4b:1f:80: 2b:bf:2d:cc:a9:30:1e:35:f0:9c:7e:ed:e4:83:81: bc:32:61:01:62:d9:8a:b8:cc:9a:7c:d7:5d:de:b2: 17:8c:b2:45:1b:81:3f:7a:14:b7:29:73:f4:f8:b2: 65:47:80:ff:c2:a0:cb:bc:16:0f:1b:65:3e:0c:2a: ea:31:40:f7:bd:0a:f4:0b:c1:d8:4b:4a:4a:4c:8c: d3:68:c8:09:36:ce:58:e6:31:b1:b7:5d:fa:63:83: 1f:c6:d7:fb:0e:41:0f:38:c7:18:79:b8:42:7d:df: 78:e3:f8:1e:1a:76:11:7d:5f:7b:88:89:30:6f:c4: 99:85:c9:21:b6:90:a8:e8:ea:bf:ae:ed:ca:e7:86: 6a:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:2A:73:F3:F2:96:C9:A4:04:ED:DE:AB:CC:16:09:3C:7F:42:4B:E9 X509v3 Authority Key Identifier: keyid:E9:69:0B:BB:9F:36:C0:9D:4C:2E:D4:F6:6C:F5:5D:C3:52:75:FB:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/6WkLu582wJ1MLtT2bPVdw1J1-3I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6WkLu582wJ1MLtT2bPVdw1J1-3I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/703918CC69EA11EE83318C50C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.101.0/24 IPv6: 2406:f900:a::-2406:f900:13:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 7f:5a:30:54:98:17:8e:07:ce:55:40:b5:d3:3b:31:fa:fb:3b: 20:b8:5a:8f:ee:27:a6:0d:02:4e:34:ad:93:ad:7e:9a:c0:6e: 58:57:9b:a1:bc:5b:18:84:ec:dd:8c:91:a5:de:5f:26:a8:14: 29:b9:5b:32:16:4d:cd:0e:ef:62:e0:1a:5b:86:d6:f5:49:77: 7d:ad:08:63:9b:40:ff:4e:4c:99:a1:20:7f:d5:85:cf:02:91: 7d:3a:5a:ef:c9:0f:5c:ca:1b:61:6e:a2:2d:03:a1:d7:c5:1e: 1d:3d:5f:d4:12:62:6a:b8:00:04:da:fe:14:2b:49:62:f0:d9: 97:36:ac:5c:8a:e1:cf:ac:02:61:5f:ee:51:7a:f0:f3:fb:ca: 28:44:ab:36:e8:32:4c:6f:61:6a:63:7e:0e:a4:4a:91:4d:e4: 8a:88:64:6c:0d:6e:26:15:45:4e:97:af:dd:e1:9d:44:b1:68: e0:5e:7a:92:b2:ca:dc:95:48:0d:34:38:b6:df:d7:e9:ce:26: ef:1c:9e:a3:73:9a:f3:c9:0d:eb:4d:35:43:60:df:2e:88:fe: 47:3e:35:70:3f:f7:87:92:0d:04:93:38:7a:00:ea:fe:76:59: 49:81:a3:e5:95:db:fa:35:3d:27:99:f9:9d:aa:fe:95:c2:dc: 76:a7:a2:69 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICDIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE5Q0UxMTAvBgNVBAUTKEU5NjkwQkJCOUYzNkMwOUQ0QzJFRDRGNjZDRjU1REMz NTI3NUZCNzIwHhcNMjUwNjA0MTg0MTUzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQwOTM3MC1lNzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxbjbZEdj54JIoQKSSL6vtiJ7Viqf+Syg6WV3/tCElR4QJOr9qplE1VcdFQBj RVHijj14C34TT/4mSRQ+8rAiw5bYHQLzAqXyV1IdDv/gZoaFb4201RIx0nZzb+qe 0a/OuJHI/eUBJPR4nKwGGIiaIuzWnINLH4Arvy3MqTAeNfCcfu3kg4G8MmEBYtmK uMyafNdd3rIXjLJFG4E/ehS3KXP0+LJlR4D/wqDLvBYPG2U+DCrqMUD3vQr0C8HY S0pKTIzTaMgJNs5Y5jGxt136Y4Mfxtf7DkEPOMcYebhCfd944/geGnYRfV97iIkw b8SZhckhtpCo6Oq/ru3K54ZqyQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFJIqc/Py lsmkBO3eq8wWCTx/QkvpMB8GA1UdIwQYMBaAFOlpC7ufNsCdTC7U9mz1XcNSdfty MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTlDRS81NEYxNURBNDAx MTExMUVBQkQ0RjBBNDlDNEY5QUUwMi82V2tMdTU4MndKMU1MdFQyYlBWZHcxSjEt M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZXa0x1NTgyd0oxTUx0VDJiUFZkdzFKMS0zSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkE5Q0UvNTRGMTVEQTQwMTExMTFFQUJENEYwQTQ5QzRGOUFFMDIvNzAzOTE4Q0M2 OUVBMTFFRTgzMzE4QzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMAwEAgABMAYDBAAr72UwGgQCAAIwFDASAwcBJAb5AAAKAwcCJAb5AAAQMA0G CSqGSIb3DQEBCwUAA4IBAQB/WjBUmBeOB85VQLXTOzH6+zsguFqP7iemDQJONK2T rX6awG5YV5uhvFsYhOzdjJGl3l8mqBQpuVsyFk3NDu9i4Bpbhtb1SXd9rQhjm0D/ TkyZoSB/1YXPApF9OlrvyQ9cyhthbqItA6HXxR4dPV/UEmJquAAE2v4UK0li8NmX NqxciuHPrAJhX+5RevDz+8ooRKs26DJMb2FqY34OpEqRTeSKiGRsDW4mFUVOl6/d 4Z1EsWjgXnqSssrclUgNNDi239fpzibvHJ6jc5rzyQ3rTTVDYN8uiP5HPjVwP/eH kg0Ekzh6AOr+dllJgaPlldv6NT0nmfmdqv6Vwtx2p6Jp -----END CERTIFICATE-----Generated at Thu Jun 5 19:22:11 2025 by rpki-client