$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/1004D41ED21D11E992825429C4F9AE02.roa File: 1004D41ED21D11E992825429C4F9AE02.roa (raw, json) Hash identifier: FAN1R0kTPo6CVZLPRUbNgZ570C6pJVmhGPN5h/j558A= Subject key identifier: 3B:AE:FC:67:7C:65:D2:44:86:74:E5:7A:82:62:3D:0F:58:40:B2:02 Certificate issuer: /CN=A91EB9C0/serialNumber=EFCF052D989292CEB10509129C8DE203D49F6804 Certificate serial: 0D4F Authority key identifier: EF:CF:05:2D:98:92:92:CE:B1:05:09:12:9C:8D:E2:03:D4:9F:68:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788FLZiSks6xBQkSnI3iA9SfaAQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/1004D41ED21D11E992825429C4F9AE02.roa Signing time: Thu 22 May 2025 18:21:28 +0000 ROA not before: Thu 22 May 2025 18:21:28 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 136379 IP address blocks: 103.138.192.0/24 maxlen: 24 103.138.193.0/24 maxlen: 24 2001:df0:5080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.crl rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788FLZiSks6xBQkSnI3iA9SfaAQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 17 Jun 2025 17:55:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3407 (0xd4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB9C0, serialNumber=EFCF052D989292CEB10509129C8DE203D49F6804 Validity Not Before: May 22 18:21:28 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=682f6b28-4597 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:9f:63:f6:bc:59:c7:30:14:f1:6a:2d:b8:4c: 3e:1c:d4:3c:f9:b1:cc:da:23:dd:9e:7f:7e:23:63: 84:77:64:bf:12:e6:25:ea:2e:87:87:0d:d3:b1:68: 6d:4e:6b:02:0b:ce:bf:0e:cf:4d:8c:9e:86:38:98: 3b:78:dc:13:35:b3:ed:c4:fe:2d:cf:8d:bb:a4:fa: c8:41:f9:6f:47:23:98:78:5c:c9:1c:e1:17:73:63: c1:75:0d:7a:44:be:11:d9:63:c0:04:fc:2f:e1:91: 8a:f2:0e:24:ad:aa:cb:b4:e3:41:bc:1d:b1:f1:6c: 5b:20:7d:b9:37:a3:60:69:c3:71:5d:5e:84:e3:99: 15:36:50:e5:ee:bb:cf:99:b5:2a:ba:cc:7a:0f:8a: b9:c9:03:92:7f:6c:5b:79:e7:cf:1e:5f:bd:37:64: 48:da:e7:6d:ad:06:3d:c7:64:de:0e:f6:1b:6d:58: b7:d6:08:f7:cc:f3:91:5a:19:b3:70:a5:3b:3b:fd: ff:0d:95:7a:04:79:9c:b9:ac:68:2b:2d:6d:7d:7e: 86:d6:ee:36:0d:fc:36:2b:6b:5a:9f:fd:cc:e1:ce: 09:23:a2:3d:8a:8f:2a:25:17:25:8c:f6:18:20:c3: 59:7e:ad:20:c3:bb:e3:67:b1:88:0a:8c:1c:64:7a: 98:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:AE:FC:67:7C:65:D2:44:86:74:E5:7A:82:62:3D:0F:58:40:B2:02 X509v3 Authority Key Identifier: keyid:EF:CF:05:2D:98:92:92:CE:B1:05:09:12:9C:8D:E2:03:D4:9F:68:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788FLZiSks6xBQkSnI3iA9SfaAQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/1004D41ED21D11E992825429C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.192.0/23 IPv6: 2001:df0:5080::/48 Signature Algorithm: sha256WithRSAEncryption 5e:1c:a8:64:78:3f:1f:96:67:0e:9e:fb:3f:f0:0d:0f:19:b1: e4:95:7b:c7:df:3e:d9:44:47:b6:a5:b5:d9:77:c6:c6:f5:95: ec:7b:3b:77:27:c0:68:2a:f6:b5:5e:e4:60:c2:92:10:84:60: 88:0d:a1:31:47:01:b3:ca:8e:a5:75:80:ed:a3:d9:83:d3:58: 7b:3f:42:52:b0:05:01:00:5c:3b:01:d7:aa:6b:f6:ed:1b:a0: 2b:28:ee:9d:c8:17:9b:78:53:68:6e:bb:4f:d8:3d:42:71:b8: a2:16:d9:93:47:e3:c9:1e:e6:43:95:9b:94:e6:1e:d8:58:c3: 0a:f7:47:63:76:6b:75:d8:8a:ca:87:49:89:1e:a6:af:cd:ba: 96:53:9d:ef:2b:19:50:82:d8:ac:c0:b4:2c:60:c7:20:bc:86: d7:64:7c:49:9e:2d:00:b3:d8:5c:b9:19:f6:8a:a4:2b:d1:3a: f3:f3:c2:73:e0:18:89:d5:4d:be:03:8f:d8:42:6d:62:5e:0a: 07:ba:f5:ea:78:4f:97:5e:0a:59:00:79:17:2b:4b:92:7f:bc: d4:27:32:cf:06:b9:16:a0:1e:03:f1:24:a7:2b:aa:73:2e:46: 66:82:82:2f:69:41:3a:ad:63:2d:eb:60:33:6b:b8:9c:8b:28: 5b:86:2d:f3 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICDU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI5QzAxMTAvBgNVBAUTKEVGQ0YwNTJEOTg5MjkyQ0VCMTA1MDkxMjlDOERFMjAz RDQ5RjY4MDQwHhcNMjUwNTIyMTgyMTI4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJmNmIyOC00NTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp59j9rxZxzAU8WotuEw+HNQ8+bHM2iPdnn9+I2OEd2S/EuYl6i6Hhw3TsWht TmsCC86/Ds9NjJ6GOJg7eNwTNbPtxP4tz427pPrIQflvRyOYeFzJHOEXc2PBdQ16 RL4R2WPABPwv4ZGK8g4krarLtONBvB2x8WxbIH25N6NgacNxXV6E45kVNlDl7rvP mbUqusx6D4q5yQOSf2xbeefPHl+9N2RI2udtrQY9x2TeDvYbbVi31gj3zPORWhmz cKU7O/3/DZV6BHmcuaxoKy1tfX6G1u42Dfw2K2tan/3M4c4JI6I9io8qJRcljPYY IMNZfq0gw7vjZ7GICowcZHqYtwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDuu/Gd8 ZdJEhnTleoJiPQ9YQLICMB8GA1UdIwQYMBaAFO/PBS2YkpLOsQUJEpyN4gPUn2gE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjlDMC9EMzY0RjBDQ0Qy MUExMUU5ODNGOUU1MjRDNEY5QUUwMi83ODhGTFppU2tzNnhCUWtTbkkzaUE5U2Zh QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzc4OEZMWmlTa3M2eEJRa1NuSTNpQTlTZmFBUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUI5QzAvRDM2NEYwQ0NEMjFBMTFFOTgzRjlFNTI0QzRGOUFFMDIvMTAwNEQ0MUVE MjFEMTFFOTkyODI1NDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnisAwDwQCAAIwCQMHACABDfBQgDANBgkqhkiG9w0BAQsF AAOCAQEAXhyoZHg/H5ZnDp77P/ANDxmx5JV7x98+2URHtqW12XfGxvWV7Hs7dyfA aCr2tV7kYMKSEIRgiA2hMUcBs8qOpXWA7aPZg9NYez9CUrAFAQBcOwHXqmv27Rug KyjuncgXm3hTaG67T9g9QnG4ohbZk0fjyR7mQ5WblOYe2FjDCvdHY3ZrddiKyodJ iR6mr826llOd7ysZUILYrMC0LGDHILyG12R8SZ4tALPYXLkZ9oqkK9E68/PCc+AY idVNvgOP2EJtYl4KB7r16nhPl14KWQB5FytLkn+81Ccyzwa5FqAeA/Ekpyuqcy5G ZoKCL2lBOq1jLetgM2u4nIsoW4Yt8w== -----END CERTIFICATE-----Generated at Wed Jun 11 10:08:04 2025 by rpki-client