$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/A5B7D874091F11EFA6EDE141C4F9AE02.roa File: A5B7D874091F11EFA6EDE141C4F9AE02.roa (raw, json) Hash identifier: vN4eTkgE+NqzrGCF55MmLQiQ1U4uCoJcvi6VZO9X/KY= Subject key identifier: 00:D8:A2:F4:02:CB:4A:AF:5F:7E:A1:B1:5A:8D:2C:E7:19:06:8D:B4 Certificate issuer: /CN=A91E4668/serialNumber=3D0556D193BC92A21EA747F958C697A97EC5D5D6 Certificate serial: 0E7D Authority key identifier: 3D:05:56:D1:93:BC:92:A2:1E:A7:47:F9:58:C6:97:A9:7E:C5:D5:D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PQVW0ZO8kqIep0f5WMaXqX7F1dY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/A5B7D874091F11EFA6EDE141C4F9AE02.roa Signing time: Thu 22 May 2025 18:20:42 +0000 ROA not before: Thu 22 May 2025 18:20:42 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 136617 IP address blocks: 103.94.68.0/22 maxlen: 24 203.109.36.0/22 maxlen: 22 203.109.36.0/24 maxlen: 24 203.109.37.0/24 maxlen: 24 203.109.38.0/24 maxlen: 24 203.109.39.0/24 maxlen: 24 2401:35c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/PQVW0ZO8kqIep0f5WMaXqX7F1dY.crl rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/PQVW0ZO8kqIep0f5WMaXqX7F1dY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PQVW0ZO8kqIep0f5WMaXqX7F1dY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 17:46:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3709 (0xe7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4668, serialNumber=3D0556D193BC92A21EA747F958C697A97EC5D5D6 Validity Not Before: May 22 18:20:42 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=682f6afa-3f44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:90:25:3d:82:d5:57:8f:a6:bc:67:39:07:5a: ac:16:d6:3d:73:32:64:cf:93:5f:42:80:d1:bc:d5: d0:ef:59:8d:36:2f:a2:25:5a:c5:91:b6:14:89:b9: 61:d8:8c:86:11:2c:9d:87:c8:9c:d8:0b:80:a1:a8: 89:9d:df:3a:90:bb:f4:f8:24:6d:ea:3f:34:56:87: 67:d1:b3:28:f6:92:06:09:18:1f:a2:b3:c2:d2:c9: d2:2d:be:d9:89:e0:ad:a2:80:a0:90:10:64:63:60: 6d:83:cf:74:53:9c:f9:a1:94:29:a6:5b:8b:ab:16: 53:16:dc:30:1c:9e:76:96:a6:e6:b7:67:e5:19:e4: 01:af:61:22:11:aa:bb:07:02:5d:9b:04:8c:f9:32: 53:d6:00:f1:68:51:80:6d:23:5e:93:a3:8f:19:0b: 78:29:54:d5:93:58:02:15:77:d3:50:54:1e:39:16: d4:3d:e0:ac:39:bd:ad:2e:b0:bb:c7:5e:25:26:66: 4b:95:66:b5:30:f8:3f:30:1d:be:bb:e4:89:5c:d5: d2:88:a0:11:9d:48:06:12:eb:c6:dd:1d:93:b6:58: 4a:c4:52:56:0f:fe:9b:ec:f1:ae:a4:62:5b:07:ac: 52:e6:1f:bd:ae:eb:f3:60:c5:68:87:91:a3:ba:b2: 08:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:D8:A2:F4:02:CB:4A:AF:5F:7E:A1:B1:5A:8D:2C:E7:19:06:8D:B4 X509v3 Authority Key Identifier: keyid:3D:05:56:D1:93:BC:92:A2:1E:A7:47:F9:58:C6:97:A9:7E:C5:D5:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/PQVW0ZO8kqIep0f5WMaXqX7F1dY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PQVW0ZO8kqIep0f5WMaXqX7F1dY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4668/7C9009AC97F111E9A2E51981C4F9AE02/A5B7D874091F11EFA6EDE141C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.94.68.0/22 203.109.36.0/22 IPv6: 2401:35c0::/32 Signature Algorithm: sha256WithRSAEncryption 11:5f:1e:bf:45:0f:31:d7:3c:d7:82:03:b2:b6:1f:38:3c:52: 84:dd:cd:0e:c3:16:21:8e:7c:d5:38:78:52:45:3c:bc:cd:38: 09:c3:f3:c1:69:7c:b0:18:a7:ef:e6:49:d2:cb:6f:e3:1a:67: c6:5b:62:93:b3:f7:db:92:98:08:c6:2e:91:28:7b:fd:84:c0: 4f:3e:52:5b:d4:00:12:68:93:a4:af:40:08:99:a8:c3:2a:69: 36:38:4f:ce:b5:b6:e0:fe:cd:eb:11:b7:5e:0a:9f:a1:f9:a3: 72:cd:1e:f0:ed:47:85:95:63:f0:fc:13:bf:d7:47:9e:99:58: f9:00:51:70:c4:74:92:a2:e4:4b:1c:97:1d:33:8d:04:9d:ca: 08:19:74:84:96:47:22:8a:d0:43:81:51:73:bc:34:4c:5f:0e: 14:d0:cf:46:f2:dc:d1:29:2b:2f:0d:16:d9:05:f7:b0:b6:d9: df:87:4c:a0:7b:c6:d1:16:cc:25:99:a9:aa:70:4f:f0:a0:ec: 27:08:c3:2f:99:76:a8:ba:4b:10:cd:98:79:95:77:26:ee:dd: 1b:8d:d2:f0:9b:41:00:48:5c:ac:01:25:af:71:a9:91:50:5c: 58:9d:b9:57:d3:70:3f:d6:b5:94:d5:f2:cb:6a:d9:c5:69:8a: 46:1b:9f:d3 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDn0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQ2NjgxMTAvBgNVBAUTKDNEMDU1NkQxOTNCQzkyQTIxRUE3NDdGOTU4QzY5N0E5 N0VDNUQ1RDYwHhcNMjUwNTIyMTgyMDQyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJmNmFmYS0zZjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuJAlPYLVV4+mvGc5B1qsFtY9czJkz5NfQoDRvNXQ71mNNi+iJVrFkbYUiblh 2IyGESydh8ic2AuAoaiJnd86kLv0+CRt6j80Vodn0bMo9pIGCRgforPC0snSLb7Z ieCtooCgkBBkY2Btg890U5z5oZQppluLqxZTFtwwHJ52lqbmt2flGeQBr2EiEaq7 BwJdmwSM+TJT1gDxaFGAbSNek6OPGQt4KVTVk1gCFXfTUFQeORbUPeCsOb2tLrC7 x14lJmZLlWa1MPg/MB2+u+SJXNXSiKARnUgGEuvG3R2TtlhKxFJWD/6b7PGupGJb B6xS5h+9ruvzYMVoh5GjurIIkQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFADYovQC y0qvX36hsVqNLOcZBo20MB8GA1UdIwQYMBaAFD0FVtGTvJKiHqdH+VjGl6l+xdXW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDY2OC83QzkwMDlBQzk3 RjExMUU5QTJFNTE5ODFDNEY5QUUwMi9QUVZXMFpPOGtxSWVwMGY1V01hWHFYN0Yx ZFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BRVlcwWk84a3FJZXAwZjVXTWFYcVg3RjFkWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTQ2NjgvN0M5MDA5QUM5N0YxMTFFOUEyRTUxOTgxQzRGOUFFMDIvQTVCN0Q4NzQw OTFGMTFFRkE2RURFMTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnXkQDBALLbSQwDQQCAAIwBwMFACQBNcAwDQYJKoZIhvcN AQELBQADggEBABFfHr9FDzHXPNeCA7K2Hzg8UoTdzQ7DFiGOfNU4eFJFPLzNOAnD 88FpfLAYp+/mSdLLb+MaZ8ZbYpOz99uSmAjGLpEoe/2EwE8+UlvUABJok6SvQAiZ qMMqaTY4T861tuD+zesRt14Kn6H5o3LNHvDtR4WVY/D8E7/XR56ZWPkAUXDEdJKi 5Esclx0zjQSdyggZdISWRyKK0EOBUXO8NExfDhTQz0by3NEpKy8NFtkF97C22d+H TKB7xtEWzCWZqapwT/Cg7CcIwy+Zdqi6SxDNmHmVdybu3RuN0vCbQQBIXKwBJa9x qZFQXFiduVfTcD/WtZTV8stq2cVpikYbn9M= -----END CERTIFICATE-----Generated at Mon Jun 2 07:15:16 2025 by rpki-client