$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/67FF0960076911EF8569F157C4F9AE02.roa File: 67FF0960076911EF8569F157C4F9AE02.roa (raw, json) Hash identifier: QiY4AYjpAOfJUKdo2bWSjao/45XX+9doU5egkrwqJ78= Subject key identifier: 2A:12:7E:9E:5E:4E:20:AA:0A:6E:76:7D:68:DD:DF:44:9A:4A:E0:99 Certificate issuer: /CN=A91DA10A/serialNumber=49B5A46463E3A2B70A33446014EBF40E5C9EFE74 Certificate serial: 0817 Authority key identifier: 49:B5:A4:64:63:E3:A2:B7:0A:33:44:60:14:EB:F4:0E:5C:9E:FE:74 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/67FF0960076911EF8569F157C4F9AE02.roa Signing time: Mon 26 May 2025 21:19:15 +0000 ROA not before: Mon 26 May 2025 21:19:15 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 18254 IP address blocks: 103.213.244.0/23 maxlen: 23 103.213.245.0/24 maxlen: 24 103.213.246.0/23 maxlen: 23 103.213.246.0/24 maxlen: 24 103.213.247.0/24 maxlen: 24 144.48.4.0/23 maxlen: 24 144.48.6.0/23 maxlen: 23 144.48.6.0/24 maxlen: 24 144.48.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/SbWkZGPjorcKM0RgFOv0Dlye_nQ.crl rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/SbWkZGPjorcKM0RgFOv0Dlye_nQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 21:13:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2071 (0x817) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA10A, serialNumber=49B5A46463E3A2B70A33446014EBF40E5C9EFE74 Validity Not Before: May 26 21:19:15 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6834dad3-57bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ff:34:e6:88:d0:2f:1a:09:94:22:96:be:df: ac:cd:38:2f:42:dc:7f:9e:58:e0:ab:fb:7e:9b:30: ba:21:60:f0:ee:d5:f2:3c:26:3c:c8:ce:71:c7:99: ab:c3:c7:83:d6:14:27:76:72:bd:a5:0c:32:18:0c: f7:78:da:53:e2:3b:aa:ab:46:76:a9:f8:2e:9c:b0: 4a:58:5f:96:78:c8:30:df:bf:34:b0:e5:d5:4d:c0: 2b:92:6f:69:81:34:55:7b:a3:5c:70:b0:6d:6d:66: 7c:25:ad:0c:3b:b0:0a:27:6a:c6:13:7e:6f:00:a4: 4e:22:0a:bb:22:b1:b0:52:dc:9e:46:d6:ee:f9:f2: 81:92:26:6f:d8:f1:3f:e0:58:21:e8:9a:af:db:78: 0b:de:fa:29:e4:1c:7e:a5:0f:88:77:80:41:cf:17: 0a:56:b2:a7:47:9e:1a:ac:04:99:9a:99:5f:02:69: 7e:a0:b4:19:fc:28:45:3b:b1:27:e0:f2:c1:98:c6: 5b:b4:18:8f:34:f7:5f:8d:70:33:38:9e:07:a3:d0: b5:64:bf:be:d5:ec:50:40:7c:33:67:4d:79:d8:b5: ee:7b:e4:cc:72:a5:d0:82:0b:3c:01:67:5c:9a:cc: 6f:a5:fc:7b:e1:6b:0c:e9:37:17:d1:ff:f0:63:5c: e4:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:12:7E:9E:5E:4E:20:AA:0A:6E:76:7D:68:DD:DF:44:9A:4A:E0:99 X509v3 Authority Key Identifier: keyid:49:B5:A4:64:63:E3:A2:B7:0A:33:44:60:14:EB:F4:0E:5C:9E:FE:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/SbWkZGPjorcKM0RgFOv0Dlye_nQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/67FF0960076911EF8569F157C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.213.244.0/22 144.48.4.0/22 Signature Algorithm: sha256WithRSAEncryption 38:89:f4:e0:1a:e3:ce:56:56:32:98:2b:db:bf:49:16:39:bf: bd:9f:29:c2:ae:3d:00:68:e9:e4:1f:31:93:a9:22:87:b0:8d: e8:e0:45:20:77:71:6f:48:64:71:80:c2:50:03:7e:d9:2d:01: ca:6a:01:b4:cd:ce:4e:9e:03:32:82:65:51:da:54:7d:a1:3e: fc:d4:e5:ce:9f:da:db:28:f4:16:b1:da:7d:e0:c4:f6:c3:9e: 1c:e6:f2:95:2d:bf:59:6a:c0:72:3b:90:9b:b2:a8:ee:36:54: 39:3c:db:36:bc:95:5d:9c:19:da:7f:ae:aa:66:7c:66:00:40: 98:dc:a4:f5:a3:6f:c5:cb:23:ca:e8:d6:7d:36:62:db:68:c6: bf:82:3e:33:8a:57:b2:c8:fc:9d:5b:d7:82:12:bc:97:d4:04: 20:7a:32:d0:8d:7f:6f:6f:04:6a:96:cf:d7:28:08:b8:75:92: 61:f2:1d:f2:73:da:b8:a8:8b:94:24:bf:6a:72:cd:ff:a9:e6: ea:4b:67:8f:75:eb:43:c9:aa:13:c6:42:05:4d:95:ef:fc:f1: dc:31:aa:e3:94:0e:78:05:53:57:33:4c:9c:ce:fd:e3:0d:9e: f7:45:4b:74:3f:d2:5d:54:5f:4a:bc:1c:73:d9:cb:43:7c:e2: c3:fc:18:94 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REExMEExMTAvBgNVBAUTKDQ5QjVBNDY0NjNFM0EyQjcwQTMzNDQ2MDE0RUJGNDBF NUM5RUZFNzQwHhcNMjUwNTI2MjExOTE1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM0ZGFkMy01N2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwf805ojQLxoJlCKWvt+szTgvQtx/nljgq/t+mzC6IWDw7tXyPCY8yM5xx5mr w8eD1hQndnK9pQwyGAz3eNpT4juqq0Z2qfgunLBKWF+WeMgw3780sOXVTcArkm9p gTRVe6NccLBtbWZ8Ja0MO7AKJ2rGE35vAKROIgq7IrGwUtyeRtbu+fKBkiZv2PE/ 4Fgh6Jqv23gL3vop5Bx+pQ+Id4BBzxcKVrKnR54arASZmplfAml+oLQZ/ChFO7En 4PLBmMZbtBiPNPdfjXAzOJ4Ho9C1ZL++1exQQHwzZ0152LXue+TMcqXQggs8AWdc msxvpfx74WsM6TcX0f/wY1zkUwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCoSfp5e TiCqCm52fWjd30SaSuCZMB8GA1UdIwQYMBaAFEm1pGRj46K3CjNEYBTr9A5cnv50 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTEwQS9FMzQwMjA0Q0Yx ODcxMUVBQjk3MzRCMUNDNEY5QUUwMi9TYldrWkdQam9yY0tNMFJnRk92MERseWVf blEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NiV2taR1Bqb3JjS00wUmdGT3YwRGx5ZV9uUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REExMEEvRTM0MDIwNENGMTg3MTFFQUI5NzM0QjFDQzRGOUFFMDIvNjdGRjA5NjAw NzY5MTFFRjg1NjlGMTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJn1fQDBAKQMAQwDQYJKoZIhvcNAQELBQADggEBADiJ9OAa 485WVjKYK9u/SRY5v72fKcKuPQBo6eQfMZOpIoewjejgRSB3cW9IZHGAwlADftkt AcpqAbTNzk6eAzKCZVHaVH2hPvzU5c6f2tso9Bax2n3gxPbDnhzm8pUtv1lqwHI7 kJuyqO42VDk82za8lV2cGdp/rqpmfGYAQJjcpPWjb8XLI8ro1n02Yttoxr+CPjOK V7LI/J1b14ISvJfUBCB6MtCNf29vBGqWz9coCLh1kmHyHfJz2rioi5Qkv2pyzf+p 5upLZ49160PJqhPGQgVNle/88dwxquOUDngFU1czTJzO/eMNnvdFS3Q/0l1UX0q8 HHPZy0N84sP8GJQ= -----END CERTIFICATE-----Generated at Wed Jun 4 00:20:16 2025 by rpki-client