$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6210/89090F44587111EAB37E090DC4F9AE02/B3F0AAB8587211EAA4D4870FC4F9AE02.roa File: B3F0AAB8587211EAA4D4870FC4F9AE02.roa (raw, json) Hash identifier: 7Rjkv9es3qmrpwGoh+nsTmGk0d+b2oIzwsuxat3h6cE= Subject key identifier: 42:6E:99:D2:68:63:64:09:6E:22:B4:89:84:BE:AD:5D:53:6B:78:32 Certificate issuer: /CN=A91D6210/serialNumber=8D48A0EE57E6647090C24B3D25FE5FCA6FA804E1 Certificate serial: 0A9E Authority key identifier: 8D:48:A0:EE:57:E6:64:70:90:C2:4B:3D:25:FE:5F:CA:6F:A8:04:E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jUig7lfmZHCQwks9Jf5fym-oBOE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D6210/89090F44587111EAB37E090DC4F9AE02/B3F0AAB8587211EAA4D4870FC4F9AE02.roa Signing time: Mon 26 May 2025 19:53:37 +0000 ROA not before: Mon 26 May 2025 19:53:36 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 136515 IP address blocks: 103.91.140.0/22 maxlen: 22 103.91.140.0/24 maxlen: 24 103.91.141.0/24 maxlen: 24 103.91.142.0/24 maxlen: 24 103.91.143.0/24 maxlen: 24 123.253.48.0/22 maxlen: 22 123.253.48.0/24 maxlen: 24 123.253.49.0/24 maxlen: 24 123.253.50.0/24 maxlen: 24 123.253.51.0/24 maxlen: 24 2401:740::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D6210/89090F44587111EAB37E090DC4F9AE02/jUig7lfmZHCQwks9Jf5fym-oBOE.crl rsync://rpki.apnic.net/member_repository/A91D6210/89090F44587111EAB37E090DC4F9AE02/jUig7lfmZHCQwks9Jf5fym-oBOE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jUig7lfmZHCQwks9Jf5fym-oBOE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Jun 2025 19:36:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2718 (0xa9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D6210, serialNumber=8D48A0EE57E6647090C24B3D25FE5FCA6FA804E1 Validity Not Before: May 26 19:53:36 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6834c6c0-9a16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:da:f1:cd:6b:14:15:37:60:70:60:3a:4d:9e: 2e:7f:0b:98:92:76:0b:1e:c8:4e:41:bf:be:d5:ee: e8:82:1c:fc:c5:c0:dc:0c:30:59:6c:89:fd:23:6c: dc:bd:80:7e:14:8e:1c:21:0c:23:d7:e0:83:a0:be: c7:c2:6e:0c:16:ec:ad:6f:10:7b:d2:3c:7d:0a:45: 30:7a:ad:10:f0:a3:b9:b2:ba:0b:67:fb:aa:a2:40: 4d:cf:cb:ab:29:b3:0b:4b:8d:d8:7e:a2:8f:57:d0: 22:a4:49:80:82:b3:d5:0c:2f:78:81:71:58:9e:bd: f4:a1:9c:49:78:9b:bf:c3:d8:bf:49:f6:6f:25:6d: 40:4a:8f:35:e3:dc:17:70:2d:4c:a1:dc:30:e7:b6: 6b:eb:7f:4c:99:5c:d3:e2:be:61:3e:b8:dc:e1:34: 31:b5:33:84:07:5b:2b:c9:3d:9b:b2:38:87:a7:af: f8:80:e6:64:cb:5e:94:7d:f4:f3:72:9d:32:62:34: c3:57:9b:17:f8:6a:b7:99:f3:55:3d:a2:e2:28:5d: c7:81:2b:4a:66:d6:52:41:f2:84:0b:63:75:ea:41: ba:5c:1e:65:0a:ee:cb:05:fb:24:04:54:c5:83:ba: 32:9d:77:21:7b:3d:c1:f7:8c:6b:a3:48:80:c7:06: 7b:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:6E:99:D2:68:63:64:09:6E:22:B4:89:84:BE:AD:5D:53:6B:78:32 X509v3 Authority Key Identifier: keyid:8D:48:A0:EE:57:E6:64:70:90:C2:4B:3D:25:FE:5F:CA:6F:A8:04:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D6210/89090F44587111EAB37E090DC4F9AE02/jUig7lfmZHCQwks9Jf5fym-oBOE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jUig7lfmZHCQwks9Jf5fym-oBOE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6210/89090F44587111EAB37E090DC4F9AE02/B3F0AAB8587211EAA4D4870FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.91.140.0/22 123.253.48.0/22 IPv6: 2401:740::/32 Signature Algorithm: sha256WithRSAEncryption 34:f5:d9:99:e5:5f:b4:cc:f4:bd:42:46:20:21:ca:29:dd:9c: 0c:85:56:4d:75:7f:16:e1:19:2f:4c:80:23:a9:fb:c8:c7:9f: d7:1f:2b:a8:28:96:c3:3e:b2:00:1c:9a:96:2a:bd:34:65:16: 64:d9:fa:da:67:e1:55:21:7c:81:21:c4:57:be:2c:54:97:31: fc:62:ed:66:78:02:8f:00:7c:27:53:eb:fd:2d:3e:77:67:83: 3e:25:e9:62:e2:d0:62:e3:5d:21:12:d3:4d:dc:ca:c0:95:34: 3c:0b:9c:74:c3:d0:52:6f:7a:23:25:be:db:f9:12:84:85:64: d7:ff:a3:fe:83:fe:72:40:89:c2:6e:66:52:6c:bf:d3:d7:9f: 9f:cc:01:65:12:6b:d9:16:d8:c2:46:f6:2b:ed:5c:ea:af:1f: 78:f9:58:15:bd:f0:e7:ed:77:97:ab:1f:36:d0:93:a9:4d:d7: 02:26:3a:a6:f9:e4:f0:b0:c0:be:ec:02:14:67:d7:a9:82:72: a2:15:a0:e9:9f:c9:66:7e:ea:af:74:b0:0a:87:25:e1:91:46: cb:bc:d3:c5:2e:a8:9a:f9:23:dd:0b:7c:e6:7f:5e:3b:a5:0d: 9d:22:ef:16:23:1f:c5:a4:23:03:8b:a0:45:9b:b3:47:70:22: b6:65:e4:73 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICCp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDYyMTAxMTAvBgNVBAUTKDhENDhBMEVFNTdFNjY0NzA5MEMyNEIzRDI1RkU1RkNB NkZBODA0RTEwHhcNMjUwNTI2MTk1MzM2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM0YzZjMC05YTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8drxzWsUFTdgcGA6TZ4ufwuYknYLHshOQb++1e7oghz8xcDcDDBZbIn9I2zc vYB+FI4cIQwj1+CDoL7Hwm4MFuytbxB70jx9CkUweq0Q8KO5sroLZ/uqokBNz8ur KbMLS43YfqKPV9AipEmAgrPVDC94gXFYnr30oZxJeJu/w9i/SfZvJW1ASo8149wX cC1Modww57Zr639MmVzT4r5hPrjc4TQxtTOEB1sryT2bsjiHp6/4gOZky16UffTz cp0yYjTDV5sX+Gq3mfNVPaLiKF3HgStKZtZSQfKEC2N16kG6XB5lCu7LBfskBFTF g7oynXchez3B94xro0iAxwZ7IQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEJumdJo Y2QJbiK0iYS+rV1Ta3gyMB8GA1UdIwQYMBaAFI1IoO5X5mRwkMJLPSX+X8pvqATh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjIxMC84OTA5MEY0NDU4 NzExMUVBQjM3RTA5MERDNEY5QUUwMi9qVWlnN2xmbVpIQ1F3a3M5SmY1ZnltLW9C T0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2pVaWc3bGZtWkhDUXdrczlKZjVmeW0tb0JPRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDYyMTAvODkwOTBGNDQ1ODcxMTFFQUIzN0UwOTBEQzRGOUFFMDIvQjNGMEFBQjg1 ODcyMTFFQUE0RDQ4NzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnW4wDBAJ7/TAwDQQCAAIwBwMFACQBB0AwDQYJKoZIhvcN AQELBQADggEBADT12ZnlX7TM9L1CRiAhyindnAyFVk11fxbhGS9MgCOp+8jHn9cf K6golsM+sgAcmpYqvTRlFmTZ+tpn4VUhfIEhxFe+LFSXMfxi7WZ4Ao8AfCdT6/0t Pndngz4l6WLi0GLjXSES003cysCVNDwLnHTD0FJveiMlvtv5EoSFZNf/o/6D/nJA icJuZlJsv9PXn5/MAWUSa9kW2MJG9ivtXOqvH3j5WBW98Oftd5erHzbQk6lN1wIm Oqb55PCwwL7sAhRn16mCcqIVoOmfyWZ+6q90sAqHJeGRRsu808UuqJr5I90LfOZ/ XjulDZ0i7xYjH8WkIwOLoEWbs0dwIrZl5HM= -----END CERTIFICATE-----Generated at Sun Jun 8 17:48:33 2025 by rpki-client