$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa File: 61663178F88311EDB1DF555DC4F9AE02.roa (raw, json) Hash identifier: Hs65sLSKy0xl32E/CqZU6pbUw1OHGtFrgMZh2AD/QUA= Subject key identifier: 08:09:40:29:A4:97:28:64:52:76:EB:13:45:DB:B2:BB:56:C8:6C:01 Certificate issuer: /CN=A91CFA8E/serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Certificate serial: 01AA Authority key identifier: D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa Signing time: Sun 01 Jun 2025 04:00:16 +0000 ROA not before: Sun 01 Jun 2025 04:00:16 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 56309 IP address blocks: 43.229.148.0/22 maxlen: 24 43.249.32.0/23 maxlen: 24 103.13.28.0/22 maxlen: 24 103.40.118.0/23 maxlen: 24 103.99.11.0/24 maxlen: 24 103.107.52.0/22 maxlen: 24 103.117.148.0/22 maxlen: 24 117.18.124.0/22 maxlen: 24 199.21.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 04:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 426 (0x1aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFA8E, serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Validity Not Before: Jun 1 04:00:16 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=683bd04f-76d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:6d:83:e5:4e:f1:c3:2c:5f:56:02:ba:fb:a4: 1a:ec:7b:bc:37:b3:8d:97:cb:b9:4a:1e:aa:11:fd: 56:d1:7a:fa:ef:2c:75:be:c3:bb:72:b5:db:4d:d8: e7:2c:69:18:05:5d:7e:d5:03:5d:e1:2b:ba:cd:ef: 11:68:bc:01:76:37:d7:72:46:f4:39:dc:b8:3c:c5: 3e:e6:8f:63:c4:a2:e7:cd:a8:8b:2f:97:57:8e:f0: 74:53:db:19:77:74:ec:6d:7a:95:4d:01:03:45:f0: fd:a5:4d:6a:2f:34:11:e7:7d:45:90:4c:28:2f:1e: d5:b7:7a:04:9b:3e:39:b4:a3:a5:e5:dc:7f:68:dc: f3:d1:dc:8a:3e:d9:06:cb:3a:6c:6a:dd:13:63:ae: 56:0a:1a:e1:16:0b:7b:44:31:e3:ad:94:0a:23:c0: 6b:38:c2:fb:18:e8:e4:a8:c9:f9:6a:fd:f8:f6:1e: 2b:9c:2a:c3:15:b5:e9:8b:c9:2a:03:f8:38:1c:cf: 89:57:9f:be:81:14:38:97:37:1e:7f:37:68:03:be: 52:13:e5:83:09:41:05:90:d5:66:a6:4a:74:f1:c8: d0:13:59:90:28:1a:68:9b:35:37:75:37:21:1a:33: 75:b5:de:38:8e:90:2d:6a:65:3a:60:06:0c:bf:f9: 22:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:09:40:29:A4:97:28:64:52:76:EB:13:45:DB:B2:BB:56:C8:6C:01 X509v3 Authority Key Identifier: keyid:D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.148.0/22 43.249.32.0/23 103.13.28.0/22 103.40.118.0/23 103.99.11.0/24 103.107.52.0/22 103.117.148.0/22 117.18.124.0/22 199.21.172.0/22 Signature Algorithm: sha256WithRSAEncryption a2:30:6e:d8:c9:fa:36:63:11:71:11:ea:35:99:d7:e8:01:75: b7:4d:f3:ac:46:fe:ca:93:15:e8:42:46:71:2b:6a:0b:b8:e7: aa:51:36:68:08:5b:de:7f:9e:2e:df:4d:03:19:5b:35:20:93: d2:36:2f:94:9b:00:a0:ae:79:1f:50:58:50:c3:78:d8:06:a7: c3:40:a9:41:4d:3f:45:a8:fc:ba:9b:97:bb:66:43:e2:f9:d1: 00:d1:ed:dd:6f:cb:ad:d3:51:83:31:52:37:37:a7:e9:70:d6: da:36:5d:66:b6:90:fc:7e:59:88:5c:38:c4:a8:ac:8a:e9:c0: a6:cc:19:0d:26:6c:cf:20:2a:ba:4e:46:7b:2a:1b:d4:eb:f3: 09:f4:63:d9:fd:ca:be:1e:2b:50:30:d7:91:9c:6f:aa:ca:10: a1:59:3d:15:fb:4a:8d:3d:69:af:57:8d:ba:19:1b:5a:3a:17: 58:54:6d:95:d8:4a:18:ed:e9:23:b1:1a:5b:34:23:51:0b:c2: 56:2d:a9:34:1f:0d:60:70:47:bb:17:f4:b1:e0:67:fa:c4:eb: 78:2c:dc:5f:f1:77:03:c2:ab:53:53:cf:1b:fa:d1:dc:4f:54: ba:36:b3:9f:4a:b3:4a:62:63:79:ac:95:63:50:02:60:44:26: b0:19:57:aa -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgICAaowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBOEUxMTAvBgNVBAUTKEQ4ODBFRjI2NUI5NDBFMzFERkVEMUM0MkFFRjUxNDRC NjQ0MTM3MTcwHhcNMjUwNjAxMDQwMDE2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiZDA0Zi03NmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0m2D5U7xwyxfVgK6+6Qa7Hu8N7ONl8u5Sh6qEf1W0Xr67yx1vsO7crXbTdjn LGkYBV1+1QNd4Su6ze8RaLwBdjfXckb0Ody4PMU+5o9jxKLnzaiLL5dXjvB0U9sZ d3TsbXqVTQEDRfD9pU1qLzQR531FkEwoLx7Vt3oEmz45tKOl5dx/aNzz0dyKPtkG yzpsat0TY65WChrhFgt7RDHjrZQKI8BrOML7GOjkqMn5av349h4rnCrDFbXpi8kq A/g4HM+JV5++gRQ4lzcefzdoA75SE+WDCUEFkNVmpkp08cjQE1mQKBpomzU3dTch GjN1td44jpAtamU6YAYMv/kiuQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFAgJQCmk lyhkUnbrE0XbsrtWyGwBMB8GA1UdIwQYMBaAFNiA7yZblA4x3+0cQq71FEtkQTcX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkE4RS82MUJBRDhFMEY4 N0UxMUVEOTBEODQ0NUNDNEY5QUUwMi8ySUR2Smx1VURqSGY3UnhDcnZVVVMyUkJO eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJJRHZKbHVVRGpIZjdSeENydlVVUzJSQk54Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZBOEUvNjFCQUQ4RTBGODdFMTFFRDkwRDg0NDVDQzRGOUFFMDIvNjE2NjMxNzhG ODgzMTFFREIxREY1NTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E QDA+MDwEAgABMDYDBAIr5ZQDBAEr+SADBAJnDRwDBAFnKHYDBABnYwsDBAJnazQD BAJndZQDBAJ1EnwDBALHFawwDQYJKoZIhvcNAQELBQADggEBAKIwbtjJ+jZjEXER 6jWZ1+gBdbdN86xG/sqTFehCRnEragu456pRNmgIW95/ni7fTQMZWzUgk9I2L5Sb AKCueR9QWFDDeNgGp8NAqUFNP0Wo/Lqbl7tmQ+L50QDR7d1vy63TUYMxUjc3p+lw 1to2XWa2kPx+WYhcOMSorIrpwKbMGQ0mbM8gKrpORnsqG9Tr8wn0Y9n9yr4eK1Aw 15Gcb6rKEKFZPRX7So09aa9XjboZG1o6F1hUbZXYShjt6SOxGls0I1ELwlYtqTQf DWBwR7sX9LHgZ/rE63gs3F/xdwPCq1NTzxv60dxPVLo2s59Ks0piY3mslWNQAmBE JrAZV6o= -----END CERTIFICATE-----Generated at Mon Jun 2 07:17:48 2025 by rpki-client