$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/20772F82207611E7AD8F8459C4F9AE02.roa File: 20772F82207611E7AD8F8459C4F9AE02.roa (raw, json) Hash identifier: ItkNWWq8nRtDa6uB2Q8iwUXsM5xJRUOh/lTQOL6uROM= Subject key identifier: 96:2D:9A:E3:81:73:D2:91:B6:78:AD:6A:7A:84:83:81:92:24:5C:F6 Certificate issuer: /CN=A91DC4E1/serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E Certificate serial: 1B4D Authority key identifier: DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/20772F82207611E7AD8F8459C4F9AE02.roa Signing time: Sun 04 May 2025 16:24:29 +0000 ROA not before: Sun 04 May 2025 16:24:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 136473 IP address blocks: 103.89.140.0/22 maxlen: 22 103.89.140.0/24 maxlen: 24 103.89.141.0/24 maxlen: 24 103.89.142.0/24 maxlen: 24 103.89.143.0/24 maxlen: 24 202.14.204.0/22 maxlen: 22 202.14.204.0/24 maxlen: 24 202.14.205.0/24 maxlen: 24 202.14.206.0/24 maxlen: 24 202.14.207.0/24 maxlen: 24 2400:f040::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 16:27:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6989 (0x1b4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC4E1, serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E Validity Not Before: May 4 16:24:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681794bd-4082 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:d1:b6:45:7b:be:81:3f:ad:7c:0c:16:67:25: 35:97:86:35:f9:05:e5:35:7a:d5:ab:ee:d8:63:89: 66:5a:2d:83:15:1e:ae:1e:4c:42:1c:86:f4:a7:4c: a5:70:c7:e5:98:9f:a1:9d:06:8c:94:a2:d1:87:21: 22:a6:f7:5e:26:71:d4:b7:de:9e:d3:68:7d:db:c6: 12:76:7e:4c:8e:69:59:2a:01:00:a8:b7:09:1e:4e: 2c:c3:ce:f6:18:a5:18:60:b8:25:5f:41:6d:96:a1: 17:7d:e2:81:8e:ad:d3:9c:bd:77:2e:20:70:94:34: 70:e8:54:26:a7:42:9f:2f:d4:96:1c:1d:f9:41:93: c1:ad:88:bf:63:0b:d5:a0:ab:6f:ae:13:62:f6:7c: 9e:3b:61:cf:d3:b9:a7:a9:42:76:af:95:ad:76:dd: 2c:69:8d:19:61:e8:d0:53:bd:d1:94:2f:71:79:dc: 0d:b6:d2:f8:b9:d5:9b:05:57:c9:b5:08:85:b9:63: 04:97:80:d3:90:f8:94:6b:d6:a6:d2:ba:26:a7:a8: af:3c:6f:f1:33:7a:61:19:4f:fa:f1:c9:5a:aa:3b: 2a:e8:16:36:ed:6e:70:00:81:e5:82:45:f2:de:db: 07:9a:bb:2f:8f:6b:29:f7:35:b7:1c:37:03:c5:1f: 86:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:2D:9A:E3:81:73:D2:91:B6:78:AD:6A:7A:84:83:81:92:24:5C:F6 X509v3 Authority Key Identifier: keyid:DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/20772F82207611E7AD8F8459C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.140.0/22 202.14.204.0/22 IPv6: 2400:f040::/32 Signature Algorithm: sha256WithRSAEncryption 8c:aa:8a:8a:b3:c0:df:7c:c1:8f:1e:8c:90:57:b9:b3:18:4c: a1:94:67:e9:8c:ee:c7:f9:ce:b3:8f:d7:e4:0e:6a:1f:8a:0e: 99:1c:60:bc:a5:a5:7c:69:33:d0:ae:04:b3:de:aa:83:2f:57: 4e:a6:7d:eb:c7:c9:02:5d:46:f1:f4:98:a1:9b:c7:cc:87:e7: 9c:53:c0:43:5e:4b:1a:fb:c3:3d:42:ea:8f:14:06:f6:60:5d: b0:cc:72:d6:9d:af:bd:7e:34:df:d0:b3:3f:c4:c2:d6:2d:ba: fa:bf:02:61:5e:91:42:63:7e:56:0d:63:7f:b7:f6:e1:96:90: 29:a9:8b:d7:d6:87:80:f3:83:38:15:5a:97:ce:61:4e:79:27: 80:ea:57:83:36:0c:87:06:5b:21:ec:08:6f:21:f6:f9:df:fc: 71:7d:1a:3d:c7:eb:d5:c4:37:53:a7:3b:06:3a:eb:3b:7b:6f: 4e:6f:ca:4b:47:48:dc:a4:04:8a:b2:29:5d:a1:6a:80:54:2c: 82:1c:ef:31:c5:00:c4:6c:f6:ab:0c:6c:db:a1:67:31:86:7b: d9:e1:ab:d7:d0:92:31:70:d5:31:e9:fd:ef:4c:b6:7c:ea:af: 30:1c:8d:83:f6:3d:50:54:a7:6f:99:82:e3:d7:0b:5d:aa:ac: 78:1e:05:54 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICG00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0RTExMTAvBgNVBAUTKERDMUIzOUI1NEY2MDg5MUFDNzc4QTkzMTZENzFCMEJF ODAwNjM5NkUwHhcNMjUwNTA0MTYyNDI5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE3OTRiZC00MDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6NG2RXu+gT+tfAwWZyU1l4Y1+QXlNXrVq+7YY4lmWi2DFR6uHkxCHIb0p0yl cMflmJ+hnQaMlKLRhyEipvdeJnHUt96e02h928YSdn5MjmlZKgEAqLcJHk4sw872 GKUYYLglX0FtlqEXfeKBjq3TnL13LiBwlDRw6FQmp0KfL9SWHB35QZPBrYi/YwvV oKtvrhNi9nyeO2HP07mnqUJ2r5Wtdt0saY0ZYejQU73RlC9xedwNttL4udWbBVfJ tQiFuWMEl4DTkPiUa9am0romp6ivPG/xM3phGU/68claqjsq6BY27W5wAIHlgkXy 3tsHmrsvj2sp9zW3HDcDxR+GkQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJYtmuOB c9KRtnitanqEg4GSJFz2MB8GA1UdIwQYMBaAFNwbObVPYIkax3ipMW1xsL6ABjlu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzRFMS8yMDA0RjE0NDE2 MDExMUU3QThBQzIyNURDNEY5QUUwMi8zQnM1dFU5Z2lSckhlS2t4YlhHd3ZvQUdP VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNCczV0VTlnaVJySGVLa3hiWEd3dm9BR09XNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REM0RTEvMjAwNEYxNDQxNjAxMTFFN0E4QUMyMjVEQzRGOUFFMDIvMjA3NzJGODIy MDc2MTFFN0FEOEY4NDU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnWYwDBALKDswwDQQCAAIwBwMFACQA8EAwDQYJKoZIhvcN AQELBQADggEBAIyqioqzwN98wY8ejJBXubMYTKGUZ+mM7sf5zrOP1+QOah+KDpkc YLylpXxpM9CuBLPeqoMvV06mfevHyQJdRvH0mKGbx8yH55xTwENeSxr7wz1C6o8U BvZgXbDMctadr71+NN/Qsz/EwtYtuvq/AmFekUJjflYNY3+39uGWkCmpi9fWh4Dz gzgVWpfOYU55J4DqV4M2DIcGWyHsCG8h9vnf/HF9Gj3H69XEN1OnOwY66zt7b05v yktHSNykBIqyKV2haoBULIIc7zHFAMRs9qsMbNuhZzGGe9nhq9fQkjFw1THp/e9M tnzqrzAcjYP2PVBUp2+ZguPXC12qrHgeBVQ= -----END CERTIFICATE-----Generated at Tue Jun 3 23:41:23 2025 by rpki-client