$ rpki-client -vvf rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/8670D60E096611EF99F30750C4F9AE02.roa File: 8670D60E096611EF99F30750C4F9AE02.roa (raw, json) Hash identifier: 1SX+exlafqD/muPoPTH7ZXdQz7xMhj/ECorX6P7ID7g= Subject key identifier: 4D:D0:BB:DD:8A:F1:86:4F:54:A5:5C:09:A6:19:30:29:90:F9:93:8D Certificate issuer: /CN=A91C37DD/serialNumber=3FE3AE355A9277B91D73E2AC52F5387F095F189A Certificate serial: D8 Authority key identifier: 3F:E3:AE:35:5A:92:77:B9:1D:73:E2:AC:52:F5:38:7F:09:5F:18:9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-OuNVqSd7kdc-KsUvU4fwlfGJo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/8670D60E096611EF99F30750C4F9AE02.roa Signing time: Sun 01 Jun 2025 06:04:21 +0000 ROA not before: Sun 01 Jun 2025 06:04:21 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 152732 IP address blocks: 103.136.212.0/23 maxlen: 23 103.136.212.0/24 maxlen: 24 103.136.213.0/24 maxlen: 24 2401:9960::/32 maxlen: 32 2401:9960::/48 maxlen: 48 2401:9960:1::/48 maxlen: 48 2401:9960:2::/48 maxlen: 48 2401:9960:3::/48 maxlen: 48 2401:9960:4::/48 maxlen: 48 2401:9960:5::/48 maxlen: 48 2401:9960:6::/48 maxlen: 48 2401:9960:7::/48 maxlen: 48 2401:9960:8::/48 maxlen: 48 2401:9960:9::/48 maxlen: 48 2401:9960:10::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/P-OuNVqSd7kdc-KsUvU4fwlfGJo.crl rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/P-OuNVqSd7kdc-KsUvU4fwlfGJo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-OuNVqSd7kdc-KsUvU4fwlfGJo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 06:04:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 216 (0xd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C37DD, serialNumber=3FE3AE355A9277B91D73E2AC52F5387F095F189A Validity Not Before: Jun 1 06:04:21 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=683bed65-7b0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a6:62:cf:c7:51:98:8c:c3:69:a4:96:e1:0a: f1:a3:6d:1e:40:b5:17:8f:ad:1b:00:23:4c:5a:d6: a7:de:38:ea:bd:ac:bb:a1:8c:84:25:c8:90:fd:b2: de:53:86:d7:7a:8b:30:76:f5:9d:1e:b6:8c:d0:d8: c1:be:56:9d:80:ef:47:8c:01:b5:ee:71:06:75:4d: ae:02:b0:c6:07:f8:7d:b7:c8:c5:2f:f2:63:85:61: b4:6e:5c:13:e5:96:55:4d:bd:bb:e2:e2:03:40:f5: 11:42:6b:16:83:9f:75:a2:bb:f3:66:07:f7:9e:0a: f4:4c:68:e8:df:da:c6:40:4b:9b:4f:17:0f:63:12: 60:75:9c:97:40:0b:e3:13:ac:e9:6d:cc:d0:17:17: fa:88:fc:06:ae:ea:35:72:ad:6c:98:2a:0d:fc:06: 29:f9:83:e0:51:f6:c1:82:67:20:13:7c:a0:f6:45: d5:ba:38:ea:7c:ac:9a:73:e5:77:80:ec:da:05:df: 6f:75:7d:8c:fe:dd:07:80:dc:d7:ba:3a:0c:60:c5: 68:90:f2:ae:70:64:08:b0:56:e8:ee:a5:8d:5a:40: b4:2c:03:c9:08:e0:e2:9c:8b:a7:1f:fb:c8:6f:a5: 58:e0:f2:98:37:26:95:9a:4b:2a:b6:f7:3f:43:49: bb:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:D0:BB:DD:8A:F1:86:4F:54:A5:5C:09:A6:19:30:29:90:F9:93:8D X509v3 Authority Key Identifier: keyid:3F:E3:AE:35:5A:92:77:B9:1D:73:E2:AC:52:F5:38:7F:09:5F:18:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/P-OuNVqSd7kdc-KsUvU4fwlfGJo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P-OuNVqSd7kdc-KsUvU4fwlfGJo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C37DD/24855D80096511EFA4BCE87AC4F9AE02/8670D60E096611EF99F30750C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.136.212.0/23 IPv6: 2401:9960::/32 Signature Algorithm: sha256WithRSAEncryption 78:13:52:b9:67:48:1e:67:d7:f0:59:68:84:5b:9a:dd:c6:d9: f4:80:dd:4f:78:a6:6c:ba:92:bd:7a:2c:f4:5b:a6:52:51:6c: 55:e5:e0:a9:c8:b6:d2:a0:ac:3b:f2:0a:6e:35:e1:a8:58:66: 58:fb:87:0d:d8:95:3b:77:4c:df:59:86:78:75:45:87:38:01: 4d:75:7a:58:2b:d8:52:c3:c4:c0:5e:92:47:bd:a0:28:33:b3: 25:6d:33:e9:fa:b1:d3:ea:0d:6d:60:9a:e5:8f:c0:b8:b0:6b: 6d:ff:c3:a7:fe:95:8f:c6:5b:e2:16:35:e5:15:f2:13:55:81: 29:ed:c2:bb:c1:55:79:9b:03:b5:e3:a1:c2:68:40:b2:69:cb: 1d:fc:1e:ff:3b:26:2f:61:9c:ca:7c:81:14:dd:e5:a2:05:fb: c4:67:06:db:13:de:78:ad:10:07:41:10:bf:79:e9:fe:dd:10: f7:5d:7b:31:1a:2d:05:84:5d:41:3a:4e:c1:5f:63:a6:e3:97: b6:86:63:90:54:54:8a:bb:1e:12:1d:1a:72:28:e5:26:42:a5: 73:e9:71:00:df:77:1b:e7:1d:0a:58:f0:44:14:4f:5a:2e:2d: eb:ba:0a:d6:a9:76:d1:2d:00:a5:e1:5e:2e:a9:99:8a:7f:88: 58:05:10:81 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICANgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzM3REQxMTAvBgNVBAUTKDNGRTNBRTM1NUE5Mjc3QjkxRDczRTJBQzUyRjUzODdG MDk1RjE4OUEwHhcNMjUwNjAxMDYwNDIxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiZWQ2NS03YjBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuaZiz8dRmIzDaaSW4Qrxo20eQLUXj60bACNMWtan3jjqvay7oYyEJciQ/bLe U4bXeoswdvWdHraM0NjBvladgO9HjAG17nEGdU2uArDGB/h9t8jFL/JjhWG0blwT 5ZZVTb274uIDQPURQmsWg591orvzZgf3ngr0TGjo39rGQEubTxcPYxJgdZyXQAvj E6zpbczQFxf6iPwGruo1cq1smCoN/AYp+YPgUfbBgmcgE3yg9kXVujjqfKyac+V3 gOzaBd9vdX2M/t0HgNzXujoMYMVokPKucGQIsFbo7qWNWkC0LAPJCODinIunH/vI b6VY4PKYNyaVmksqtvc/Q0m7nwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFE3Qu92K 8YZPVKVcCaYZMCmQ+ZONMB8GA1UdIwQYMBaAFD/jrjVakne5HXPirFL1OH8JXxia MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzdERC8yNDg1NUQ4MDA5 NjUxMUVGQTRCQ0U4N0FDNEY5QUUwMi9QLU91TlZxU2Q3a2RjLUtzVXZVNGZ3bGZH Sm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AtT3VOVnFTZDdrZGMtS3NVdlU0ZndsZkdKby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzM3REQvMjQ4NTVEODAwOTY1MTFFRkE0QkNFODdBQzRGOUFFMDIvODY3MEQ2MEUw OTY2MTFFRjk5RjMwNzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFniNQwDQQCAAIwBwMFACQBmWAwDQYJKoZIhvcNAQELBQAD ggEBAHgTUrlnSB5n1/BZaIRbmt3G2fSA3U94pmy6kr16LPRbplJRbFXl4KnIttKg rDvyCm414ahYZlj7hw3YlTt3TN9Zhnh1RYc4AU11elgr2FLDxMBekke9oCgzsyVt M+n6sdPqDW1gmuWPwLiwa23/w6f+lY/GW+IWNeUV8hNVgSntwrvBVXmbA7XjocJo QLJpyx38Hv87Ji9hnMp8gRTd5aIF+8RnBtsT3nitEAdBEL956f7dEPddezEaLQWE XUE6TsFfY6bjl7aGY5BUVIq7HhIdGnIo5SZCpXPpcQDfdxvnHQpY8EQUT1ouLeu6 CtapdtEtAKXhXi6pmYp/iFgFEIE= -----END CERTIFICATE-----Generated at Mon Jun 2 07:17:08 2025 by rpki-client