$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/128651089A4C11EEBA49A012C4F9AE02.roa File: 128651089A4C11EEBA49A012C4F9AE02.roa (raw, json) Hash identifier: VmP7SNr/gbc8YQH8mhyiXgUhCSGimNKw35snjgd94pI= Subject key identifier: 4F:BE:A9:8F:1D:7B:E4:52:25:55:10:CD:EF:3E:AA:AA:53:1D:D3:2D Certificate issuer: /CN=A91F6BFA/serialNumber=AA62C79FE18439412C5B02CF4BEB54AB2EBBE188 Certificate serial: 0A7E Authority key identifier: AA:62:C7:9F:E1:84:39:41:2C:5B:02:CF:4B:EB:54:AB:2E:BB:E1:88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/128651089A4C11EEBA49A012C4F9AE02.roa Signing time: Thu 22 May 2025 20:05:20 +0000 ROA not before: Thu 22 May 2025 20:05:20 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 58470 IP address blocks: 103.149.32.0/24 maxlen: 24 103.149.33.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/qmLHn-GEOUEsWwLPS-tUqy674Yg.crl rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/qmLHn-GEOUEsWwLPS-tUqy674Yg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 19:36:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2686 (0xa7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F6BFA, serialNumber=AA62C79FE18439412C5B02CF4BEB54AB2EBBE188 Validity Not Before: May 22 20:05:20 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=682f8380-5632 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:53:9b:0a:4c:11:fc:d4:37:14:de:cb:e5:44: 85:06:5f:85:1c:2b:37:f1:b9:d5:d5:a6:43:5e:d4: 4f:24:70:ea:6f:52:f4:04:c5:bd:45:36:50:4e:db: 3c:f1:29:16:23:38:2a:f2:cd:5f:ea:56:73:ea:63: e7:36:be:c0:0b:4b:89:46:05:ef:e6:9a:3b:02:06: 9f:bd:7a:82:d8:53:f2:0e:0c:38:84:65:76:e9:65: d3:f4:e7:bc:30:2a:16:84:e7:c2:1a:45:56:79:c6: 1f:0b:0f:e4:24:a0:db:45:34:6e:1b:46:63:d7:cf: 04:b6:e0:92:d5:5a:10:cb:11:d5:ee:fc:89:51:4f: 80:b4:ce:9c:4d:ed:b8:ed:c2:8a:57:53:9b:a9:07: 6f:10:fc:f0:8f:7a:3c:e0:91:0a:2e:3c:25:7d:5f: be:78:25:f3:4a:ae:d1:9e:f2:32:75:f3:5c:86:a8: 54:80:e5:60:b6:16:16:42:88:e5:cd:34:69:6a:7c: d1:87:bf:a8:b3:3f:00:b6:0e:f0:8c:c9:ab:1d:78: c8:a3:59:25:09:aa:ac:83:2b:90:da:f5:da:b4:27: de:ca:15:8b:06:18:f6:df:8b:ff:28:25:3f:bc:a5: df:d2:31:24:c3:bb:d8:a9:c5:ee:5b:c7:e3:5d:a9: d2:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:BE:A9:8F:1D:7B:E4:52:25:55:10:CD:EF:3E:AA:AA:53:1D:D3:2D X509v3 Authority Key Identifier: keyid:AA:62:C7:9F:E1:84:39:41:2C:5B:02:CF:4B:EB:54:AB:2E:BB:E1:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/qmLHn-GEOUEsWwLPS-tUqy674Yg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/128651089A4C11EEBA49A012C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.149.32.0/23 Signature Algorithm: sha256WithRSAEncryption dc:10:aa:0c:3c:b6:2f:77:7e:56:ee:b4:7b:9f:f5:01:f9:55: d3:21:c5:f7:ea:53:e0:ac:bb:4f:1e:61:00:c8:5a:6f:2f:ee: b4:05:93:76:0a:75:63:43:3b:89:c1:ea:2b:43:79:d4:6f:07: 01:91:5f:ba:95:19:fa:45:fd:b3:b1:bd:5a:32:31:b9:aa:9a: f9:9b:df:1f:35:41:ce:12:3a:30:0d:12:cc:04:53:00:ba:4f: 33:4d:d1:a5:ee:77:3e:ab:80:b6:25:d0:31:08:9d:14:6f:24: ae:8d:14:30:b9:fe:68:dd:6b:66:47:7e:b9:35:23:a8:bd:0d: c7:bb:6f:f5:32:d2:ed:00:ed:1a:d1:e6:7b:07:c9:05:d6:73: f9:fd:b5:f1:1a:3e:8e:9d:f0:a9:78:fe:11:d9:bb:b9:cf:24: e0:39:ea:ac:77:14:78:13:d2:f5:3c:ce:59:d6:96:ef:96:f1: 12:32:90:a6:10:43:99:28:46:52:d6:ff:58:07:b2:4e:e7:23: 7e:ea:98:75:ac:c8:5d:3a:05:89:d1:fb:3e:e7:35:0c:98:5a: a6:93:90:e4:e4:19:98:fa:d5:1c:36:8c:a6:a2:64:70:f8:63: dd:d2:3f:c2:3d:41:0f:27:c6:a5:ea:6f:dc:47:3d:9b:f2:69: 92:95:7a:21 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjZCRkExMTAvBgNVBAUTKEFBNjJDNzlGRTE4NDM5NDEyQzVCMDJDRjRCRUI1NEFC MkVCQkUxODgwHhcNMjUwNTIyMjAwNTIwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJmODM4MC01NjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtFObCkwR/NQ3FN7L5USFBl+FHCs38bnV1aZDXtRPJHDqb1L0BMW9RTZQTts8 8SkWIzgq8s1f6lZz6mPnNr7AC0uJRgXv5po7AgafvXqC2FPyDgw4hGV26WXT9Oe8 MCoWhOfCGkVWecYfCw/kJKDbRTRuG0Zj188EtuCS1VoQyxHV7vyJUU+AtM6cTe24 7cKKV1ObqQdvEPzwj3o84JEKLjwlfV++eCXzSq7RnvIydfNchqhUgOVgthYWQojl zTRpanzRh7+osz8Atg7wjMmrHXjIo1klCaqsgyuQ2vXatCfeyhWLBhj234v/KCU/ vKXf0jEkw7vYqcXuW8fjXanSgwIDAQABo4IClTCCApEwHQYDVR0OBBYEFE++qY8d e+RSJVUQze8+qqpTHdMtMB8GA1UdIwQYMBaAFKpix5/hhDlBLFsCz0vrVKsuu+GI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkJGQS80MEQ0QjdFQzY2 MDMxMUVBOTlBRDRGNDZDNEY5QUUwMi9xbUxIbi1HRU9VRXNXd0xQUy10VXF5Njc0 WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FtTEhuLUdFT1VFc1d3TFBTLXRVcXk2NzRZZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjZCRkEvNDBENEI3RUM2NjAzMTFFQTk5QUQ0RjQ2QzRGOUFFMDIvMTI4NjUxMDg5 QTRDMTFFRUJBNDlBMDEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnlSAwDQYJKoZIhvcNAQELBQADggEBANwQqgw8ti93flbu tHuf9QH5VdMhxffqU+Csu08eYQDIWm8v7rQFk3YKdWNDO4nB6itDedRvBwGRX7qV GfpF/bOxvVoyMbmqmvmb3x81Qc4SOjANEswEUwC6TzNN0aXudz6rgLYl0DEInRRv JK6NFDC5/mjda2ZHfrk1I6i9Dce7b/Uy0u0A7RrR5nsHyQXWc/n9tfEaPo6d8Kl4 /hHZu7nPJOA56qx3FHgT0vU8zlnWlu+W8RIykKYQQ5koRlLW/1gHsk7nI37qmHWs yF06BYnR+z7nNQyYWqaTkOTkGZj61Rw2jKaiZHD4Y93SP8I9QQ8nxqXqb9xHPZvy aZKVeiE= -----END CERTIFICATE-----Generated at Thu Jun 5 19:21:52 2025 by rpki-client