$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/4BA245C01F3711F0BFC63D0BC4F9AE02.roa File: 4BA245C01F3711F0BFC63D0BC4F9AE02.roa (raw, json) Hash identifier: S6UWCaduxR+lbz98yPRDyqlqJNdrgD9va4Ql8ns2n7I= Subject key identifier: 2D:31:9D:BF:95:34:58:47:D7:91:AE:B1:69:B8:9C:DA:56:0C:25:F8 Certificate issuer: /CN=A91E9467/serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845 Certificate serial: 0487 Authority key identifier: 52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/4BA245C01F3711F0BFC63D0BC4F9AE02.roa Signing time: Sun 01 Jun 2025 00:34:16 +0000 ROA not before: Sun 01 Jun 2025 00:34:15 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 136308 IP address blocks: 103.150.152.0/23 maxlen: 23 202.12.80.0/22 maxlen: 22 202.12.80.0/23 maxlen: 23 202.12.82.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 00:34:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1159 (0x487) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9467, serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845 Validity Not Before: Jun 1 00:34:15 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=683ba007-28d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:87:32:51:28:aa:75:4a:7d:4e:2f:3e:63:8d: 4d:ef:7a:6c:8a:0c:e9:bc:be:82:37:93:0d:bf:9a: 36:75:3c:ba:0f:43:39:6b:ce:1a:36:17:df:15:e0: 6a:27:b5:09:85:46:a3:fa:2c:dd:7f:63:2b:17:53: 3b:23:45:cc:be:e8:69:f6:2c:a4:97:af:cd:e0:8a: 5b:2e:ca:c2:43:17:73:6d:66:ae:83:ae:4b:a1:a0: 3a:23:46:9e:6d:d4:9e:a4:cc:5d:7d:96:28:3f:04: 5b:74:d4:96:72:7d:9c:40:e4:21:97:fb:ab:a6:a4: 0b:ca:be:98:3f:76:e3:78:ef:43:c1:6b:29:c7:27: 75:42:de:ca:3f:71:2d:a7:d7:db:57:bd:a6:f1:56: c6:d2:24:8b:34:14:24:ca:9c:23:df:19:80:e1:2e: 72:8a:17:28:fd:31:b0:25:0e:90:01:41:e7:d9:ae: c7:fb:16:44:c2:69:19:f0:5d:54:71:cf:37:cf:dd: ea:42:88:86:f5:89:38:55:3e:45:f0:5b:6d:04:d4: c1:ce:77:54:c4:ce:51:7d:05:c5:63:a7:ce:4b:a8: bf:af:0d:60:37:7d:3d:c5:66:14:cd:bc:55:70:88: 84:fe:7b:3f:85:39:94:ad:bd:c3:9b:07:02:e5:d2: 18:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:31:9D:BF:95:34:58:47:D7:91:AE:B1:69:B8:9C:DA:56:0C:25:F8 X509v3 Authority Key Identifier: keyid:52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/4BA245C01F3711F0BFC63D0BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.150.152.0/23 202.12.80.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:72:4d:86:7c:0c:9b:49:1c:d0:21:8d:59:1f:78:9a:15:4d: a2:78:09:ac:e8:fc:d3:28:32:ea:18:70:e6:7c:5e:39:19:0f: 8d:4c:fe:80:1b:fa:e9:4d:63:b7:6c:3b:20:89:80:a0:23:ff: b9:98:91:cf:4e:7e:f7:1b:bf:3f:58:a8:74:9b:99:a6:01:1b: 2a:1c:53:44:03:40:38:fc:f2:97:29:52:71:39:38:fd:18:f0: 61:25:04:44:bd:57:31:cb:ed:aa:e5:bb:3e:2e:61:5b:59:a2: 45:f4:0d:af:df:7b:6a:b1:d3:8b:5d:eb:73:43:ce:45:eb:c3: 73:28:4a:73:3e:d6:b6:37:a7:73:94:09:95:38:d6:91:20:40: f1:16:4a:74:86:27:e5:3c:a2:cc:25:fa:51:57:fd:ad:5a:85: e0:85:86:91:0b:a5:2f:bb:b9:73:c2:a9:5c:34:5c:f4:ee:c0: c9:11:66:60:e8:35:ae:fc:f1:0d:86:51:38:5c:51:5f:45:85: 26:0a:cd:33:22:ae:39:77:ec:93:f8:88:f7:f5:31:18:7b:63: d4:58:e3:ab:11:41:77:5b:35:da:3d:3b:4a:47:e7:cc:29:70: 32:45:2e:ea:b5:06:e7:41:d7:ba:40:43:27:ec:3e:77:4b:b7: ab:47:7b:24 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk0NjcxMTAvBgNVBAUTKDUyQkU5RERFOTU2OEZFNEFEQ0EwRjM0NUIzNjE3QTYz QzMwNzU4NDUwHhcNMjUwNjAxMDAzNDE1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiYTAwNy0yOGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxIcyUSiqdUp9Ti8+Y41N73psigzpvL6CN5MNv5o2dTy6D0M5a84aNhffFeBq J7UJhUaj+izdf2MrF1M7I0XMvuhp9iykl6/N4IpbLsrCQxdzbWaug65LoaA6I0ae bdSepMxdfZYoPwRbdNSWcn2cQOQhl/urpqQLyr6YP3bjeO9DwWspxyd1Qt7KP3Et p9fbV72m8VbG0iSLNBQkypwj3xmA4S5yihco/TGwJQ6QAUHn2a7H+xZEwmkZ8F1U cc83z93qQoiG9Yk4VT5F8FttBNTBzndUxM5RfQXFY6fOS6i/rw1gN309xWYUzbxV cIiE/ns/hTmUrb3DmwcC5dIYRwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC0xnb+V NFhH15GusWm4nNpWDCX4MB8GA1UdIwQYMBaAFFK+nd6VaP5K3KDzRbNhemPDB1hF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTQ2Ny83NzBCNEYxQTUy NkYxMUVDQkM1MEVCMTdDNEY5QUUwMi9VcjZkM3BWb19rcmNvUE5GczJGNlk4TUhX RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VyNmQzcFZvX2tyY29QTkZzMkY2WThNSFdFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk0NjcvNzcwQjRGMUE1MjZGMTFFQ0JDNTBFQjE3QzRGOUFFMDIvNEJBMjQ1QzAx RjM3MTFGMEJGQzYzRDBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAFnlpgDBALKDFAwDQYJKoZIhvcNAQELBQADggEBAGpyTYZ8 DJtJHNAhjVkfeJoVTaJ4Cazo/NMoMuoYcOZ8XjkZD41M/oAb+ulNY7dsOyCJgKAj /7mYkc9Ofvcbvz9YqHSbmaYBGyocU0QDQDj88pcpUnE5OP0Y8GElBES9VzHL7arl uz4uYVtZokX0Da/fe2qx04td63NDzkXrw3MoSnM+1rY3p3OUCZU41pEgQPEWSnSG J+U8oswl+lFX/a1aheCFhpELpS+7uXPCqVw0XPTuwMkRZmDoNa788Q2GUThcUV9F hSYKzTMirjl37JP4iPf1MRh7Y9RY46sRQXdbNdo9O0pH58wpcDJFLuq1BudB17pA QyfsPndLt6tHeyQ= -----END CERTIFICATE-----Generated at Mon Jun 2 07:08:50 2025 by rpki-client