$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/D129428E25DF11E7AC03C03EC4F9AE02.roa File: D129428E25DF11E7AC03C03EC4F9AE02.roa (raw, json) Hash identifier: 26Hx4AkbPRTYM9L9rQHlirDpC55IRFhPxlOYhEhXmNA= Subject key identifier: F6:79:22:65:F9:AB:DB:1D:CC:F1:50:AB:87:0F:47:EB:20:D8:F4:DB Certificate issuer: /CN=A91DC4E1/serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E Certificate serial: 1B4E Authority key identifier: DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/D129428E25DF11E7AC03C03EC4F9AE02.roa Signing time: Sun 04 May 2025 16:24:30 +0000 ROA not before: Sun 04 May 2025 16:24:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 43181 IP address blocks: 103.89.140.0/22 maxlen: 22 103.89.140.0/24 maxlen: 24 103.89.141.0/24 maxlen: 24 103.89.142.0/24 maxlen: 24 103.89.143.0/24 maxlen: 24 202.14.204.0/22 maxlen: 22 202.14.204.0/24 maxlen: 24 202.14.205.0/24 maxlen: 24 202.14.206.0/24 maxlen: 24 202.14.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 16:15:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6990 (0x1b4e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC4E1, serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E Validity Not Before: May 4 16:24:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681794be-06b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:b1:ec:f0:fe:21:79:df:b3:e6:82:8a:64:c3: 03:6e:cc:d3:bc:e7:e2:43:72:e9:31:96:ee:07:c6: d7:4e:43:39:65:0b:7c:73:5a:8f:56:14:ff:c6:b2: 47:b2:f7:35:99:3e:f5:dc:47:72:a1:27:6a:c1:11: da:73:36:c1:9f:b2:b0:1d:9a:15:05:57:d0:e3:ef: 9c:99:f2:e6:75:83:de:b4:88:10:59:38:cf:3b:63: 12:4e:3b:c3:b5:14:ee:5f:3b:5c:a2:78:65:45:65: 51:ac:39:86:9f:db:74:fd:26:a8:a1:c2:51:2d:fe: 84:cd:98:bd:07:fe:97:80:8d:85:a7:19:72:1b:ff: 99:09:b5:18:06:ec:f1:bf:5d:e5:30:b5:48:c5:a6: fb:5c:8b:a9:b4:ff:43:ec:1b:e8:32:1d:43:ab:e7: 4c:ba:63:e9:f0:76:0d:2e:18:b3:91:e3:bd:b2:e5: ac:b7:c0:8a:54:0d:89:0c:b9:c2:fd:c8:90:6f:50: 22:9a:59:6f:44:b4:c1:fe:42:88:6e:2f:f7:a6:fe: c8:cb:6b:28:52:d5:29:78:6a:5d:e2:48:3c:ca:22: ec:43:27:10:0d:ba:b7:e8:10:5f:68:b5:05:43:d2: 98:39:70:c1:b5:4e:b3:c2:81:cc:47:c9:0b:c6:72: a6:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:79:22:65:F9:AB:DB:1D:CC:F1:50:AB:87:0F:47:EB:20:D8:F4:DB X509v3 Authority Key Identifier: keyid:DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/D129428E25DF11E7AC03C03EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.140.0/22 202.14.204.0/22 Signature Algorithm: sha256WithRSAEncryption 72:84:1b:24:de:9e:18:13:40:91:ad:fc:67:e7:ab:8a:e1:b7: df:43:07:20:76:6a:1b:a6:fb:0d:92:7e:78:81:39:87:cf:2c: 34:25:10:20:30:69:93:3f:b7:2b:f4:38:4e:8e:62:b4:fb:d1: 22:03:aa:d3:63:d5:a0:f7:6f:33:93:01:c0:54:c8:0e:a9:3f: d2:4f:02:91:b3:a9:de:5d:ab:e5:6c:df:d8:10:a9:33:70:10: 87:8c:c6:2d:6b:84:14:f1:70:1a:ba:ef:1f:81:01:36:27:c3: 72:88:86:94:35:ae:1a:f8:b8:99:61:7e:62:75:8c:1c:72:e4: 8f:7e:39:7b:a1:fc:20:a1:14:8c:90:ce:ec:70:37:ef:74:7b: 0e:99:e8:02:f5:8c:4e:3f:cc:50:9c:f5:ec:13:06:b7:ce:d1: 05:67:30:ae:18:e2:ea:4e:60:7a:8b:2a:23:9a:bb:c0:86:20: a4:c6:cc:99:8b:95:16:4e:55:f4:af:d2:40:a7:5a:b0:9f:c1: a5:61:87:42:26:ba:86:75:ad:b0:9c:a8:5e:8d:dd:36:92:eb: 14:61:a3:8b:4e:ad:7b:9e:b6:98:98:d1:c0:7b:3a:3f:f3:1a: ea:3f:63:94:f3:9d:c5:13:90:e4:64:b2:cb:d3:2a:97:c0:31: 8c:1b:b2:81 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICG04wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0RTExMTAvBgNVBAUTKERDMUIzOUI1NEY2MDg5MUFDNzc4QTkzMTZENzFCMEJF ODAwNjM5NkUwHhcNMjUwNTA0MTYyNDMwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE3OTRiZS0wNmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnbHs8P4hed+z5oKKZMMDbszTvOfiQ3LpMZbuB8bXTkM5ZQt8c1qPVhT/xrJH svc1mT713EdyoSdqwRHaczbBn7KwHZoVBVfQ4++cmfLmdYPetIgQWTjPO2MSTjvD tRTuXztconhlRWVRrDmGn9t0/SaoocJRLf6EzZi9B/6XgI2FpxlyG/+ZCbUYBuzx v13lMLVIxab7XIuptP9D7BvoMh1Dq+dMumPp8HYNLhizkeO9suWst8CKVA2JDLnC /ciQb1AimllvRLTB/kKIbi/3pv7Iy2soUtUpeGpd4kg8yiLsQycQDbq36BBfaLUF Q9KYOXDBtU6zwoHMR8kLxnKmbwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPZ5ImX5 q9sdzPFQq4cPR+sg2PTbMB8GA1UdIwQYMBaAFNwbObVPYIkax3ipMW1xsL6ABjlu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzRFMS8yMDA0RjE0NDE2 MDExMUU3QThBQzIyNURDNEY5QUUwMi8zQnM1dFU5Z2lSckhlS2t4YlhHd3ZvQUdP VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNCczV0VTlnaVJySGVLa3hiWEd3dm9BR09XNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REM0RTEvMjAwNEYxNDQxNjAxMTFFN0E4QUMyMjVEQzRGOUFFMDIvRDEyOTQyOEUy NURGMTFFN0FDMDNDMDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnWYwDBALKDswwDQYJKoZIhvcNAQELBQADggEBAHKEGyTe nhgTQJGt/Gfnq4rht99DByB2ahum+w2SfniBOYfPLDQlECAwaZM/tyv0OE6OYrT7 0SIDqtNj1aD3bzOTAcBUyA6pP9JPApGzqd5dq+Vs39gQqTNwEIeMxi1rhBTxcBq6 7x+BATYnw3KIhpQ1rhr4uJlhfmJ1jBxy5I9+OXuh/CChFIyQzuxwN+90ew6Z6AL1 jE4/zFCc9ewTBrfO0QVnMK4Y4upOYHqLKiOau8CGIKTGzJmLlRZOVfSv0kCnWrCf waVhh0ImuoZ1rbCcqF6N3TaS6xRho4tOrXuetpiY0cB7Oj/zGuo/Y5TzncUTkORk ssvTKpfAMYwbsoE= -----END CERTIFICATE-----Generated at Mon Jun 2 06:29:26 2025 by rpki-client