$ rpki-client -vvf rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/F87AC94C35BB11EDB0314E29C4F9AE02.roa File: F87AC94C35BB11EDB0314E29C4F9AE02.roa (raw, json) Hash identifier: QQ2kSpkziq7c/OfdUjW7k6le4ABn54sNBVAUYS+VxSE= Subject key identifier: 5F:23:36:24:DF:44:14:EF:B9:3A:AA:4E:D0:A5:0D:F9:42:C6:BA:44 Certificate issuer: /CN=A91F71E8/serialNumber=B3D793790E114AC8F8DC82BAE33C1D92BDBDB5EB Certificate serial: 0849 Authority key identifier: B3:D7:93:79:0E:11:4A:C8:F8:DC:82:BA:E3:3C:1D:92:BD:BD:B5:EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s9eTeQ4RSsj43IK64zwdkr29tes.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/F87AC94C35BB11EDB0314E29C4F9AE02.roa Signing time: Wed 14 May 2025 17:39:14 +0000 ROA not before: Wed 14 May 2025 17:39:14 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 137498 IP address blocks: 103.110.216.0/22 maxlen: 22 103.110.216.0/24 maxlen: 24 103.110.217.0/24 maxlen: 24 103.110.218.0/24 maxlen: 24 103.110.219.0/24 maxlen: 24 2402:9040::/32 maxlen: 32 2402:9040::/36 maxlen: 36 2402:9040:1000::/36 maxlen: 36 2402:9040:2000::/36 maxlen: 36 2402:9040:3000::/36 maxlen: 36 2402:9040:4000::/36 maxlen: 36 2402:9040:5000::/36 maxlen: 36 2402:9040:6000::/36 maxlen: 36 2402:9040:7000::/36 maxlen: 36 2402:9040:8000::/36 maxlen: 36 2402:9040:9000::/36 maxlen: 36 2402:9040:a000::/36 maxlen: 36 2402:9040:b000::/36 maxlen: 36 2402:9040:c000::/36 maxlen: 36 2402:9040:d000::/36 maxlen: 36 2402:9040:e000::/36 maxlen: 36 2402:9040:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/s9eTeQ4RSsj43IK64zwdkr29tes.crl rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/s9eTeQ4RSsj43IK64zwdkr29tes.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s9eTeQ4RSsj43IK64zwdkr29tes.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 17:21:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2121 (0x849) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F71E8, serialNumber=B3D793790E114AC8F8DC82BAE33C1D92BDBDB5EB Validity Not Before: May 14 17:39:14 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6824d541-0e28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a9:68:ee:c3:d1:b0:0b:16:d6:f2:01:74:fc: 06:e1:53:34:9d:0e:40:8e:03:3f:88:25:9f:42:08: 7f:c0:0f:db:c5:79:35:21:c6:b2:78:fa:70:7d:56: 8a:b1:fe:e5:44:1e:0e:4d:d5:e3:91:8f:81:7e:a4: 72:76:38:ac:a9:45:8f:98:41:71:61:bf:80:f2:53: 14:4b:ae:af:22:42:ad:f6:42:8b:b5:76:6e:24:f2: a0:85:4a:85:13:8e:d3:b0:59:18:be:43:a0:08:b2: db:c6:fc:65:09:79:67:34:7c:6b:1b:c2:0e:30:d2: 2e:4e:33:42:9a:85:7c:c3:9e:ce:dd:68:a2:48:d3: ac:52:32:b7:fc:03:37:95:8b:18:f9:94:e4:fd:43: 71:3a:94:85:78:f7:5a:8b:c6:fc:6e:82:af:77:37: 5e:d2:f3:e1:d3:72:f9:47:a8:74:01:c2:e3:c1:10: aa:6a:0e:b9:aa:30:6a:18:fe:8f:9d:53:f7:dd:26: 2f:25:7b:43:f7:d5:dc:12:2f:87:04:60:e9:d9:db: 4f:49:ee:5f:32:7f:a5:06:82:ea:41:f0:d7:13:87: 64:eb:b7:64:1f:eb:2f:bb:f6:89:2b:eb:d3:86:71: 1b:f8:dd:b2:a2:55:f0:27:cd:a6:14:16:29:4d:3a: 86:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:23:36:24:DF:44:14:EF:B9:3A:AA:4E:D0:A5:0D:F9:42:C6:BA:44 X509v3 Authority Key Identifier: keyid:B3:D7:93:79:0E:11:4A:C8:F8:DC:82:BA:E3:3C:1D:92:BD:BD:B5:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/s9eTeQ4RSsj43IK64zwdkr29tes.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s9eTeQ4RSsj43IK64zwdkr29tes.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F71E8/62B787A0EEE411E89E665D4DC4F9AE02/F87AC94C35BB11EDB0314E29C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.110.216.0/22 IPv6: 2402:9040::/32 Signature Algorithm: sha256WithRSAEncryption a9:48:90:3b:a7:72:cd:46:94:e2:08:ca:6b:cd:a4:35:3b:78: c0:5f:f2:92:ed:fc:7e:3a:2f:34:24:ad:6c:da:f9:fd:f2:da: 8e:12:85:61:51:3f:37:dd:fb:48:14:ec:a1:d5:77:7d:cd:22: 1a:5d:c6:0c:14:24:04:07:84:37:8b:4a:3b:10:6b:04:ef:f4: b7:e0:73:b6:ed:e8:eb:b9:4c:dd:d2:d0:35:de:a3:03:24:9c: 46:8c:df:09:22:d7:89:b2:a1:1f:89:5f:0f:ca:f4:bc:10:9d: 60:a4:d6:1b:30:0e:39:dd:22:ad:6f:73:65:c4:01:89:50:47: b9:8b:be:07:50:cd:ae:8e:4f:a9:11:6b:9f:d2:4e:07:53:fd: 77:60:e6:dc:9a:b0:79:0e:b7:c4:37:03:4d:de:e5:f2:b8:c7: 94:54:1e:9a:5e:95:46:c7:cc:42:fd:c8:a0:24:f4:f6:4e:b8: 6f:44:18:1b:af:fe:d5:d7:6d:c1:1e:12:55:0f:ae:26:53:de: 0b:8c:09:be:d9:9e:62:1c:5c:04:d2:65:12:77:54:e5:17:26: 1c:f5:b0:ea:d1:0b:39:b3:14:55:3f:ea:5b:17:94:e3:14:fb: f8:b0:de:8c:dc:05:6c:ea:86:0c:e6:ce:42:fc:59:98:6a:1b: 05:ac:40:c4 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCEkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjcxRTgxMTAvBgNVBAUTKEIzRDc5Mzc5MEUxMTRBQzhGOERDODJCQUUzM0MxRDky QkRCREI1RUIwHhcNMjUwNTE0MTczOTE0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODI0ZDU0MS0wZTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvqlo7sPRsAsW1vIBdPwG4VM0nQ5AjgM/iCWfQgh/wA/bxXk1IcayePpwfVaK sf7lRB4OTdXjkY+BfqRydjisqUWPmEFxYb+A8lMUS66vIkKt9kKLtXZuJPKghUqF E47TsFkYvkOgCLLbxvxlCXlnNHxrG8IOMNIuTjNCmoV8w57O3WiiSNOsUjK3/AM3 lYsY+ZTk/UNxOpSFePdai8b8boKvdzde0vPh03L5R6h0AcLjwRCqag65qjBqGP6P nVP33SYvJXtD99XcEi+HBGDp2dtPSe5fMn+lBoLqQfDXE4dk67dkH+svu/aJK+vT hnEb+N2yolXwJ82mFBYpTTqGowIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFF8jNiTf RBTvuTqqTtClDflCxrpEMB8GA1UdIwQYMBaAFLPXk3kOEUrI+NyCuuM8HZK9vbXr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzFFOC82MkI3ODdBMEVF RTQxMUU4OUU2NjVENERDNEY5QUUwMi9zOWVUZVE0UlNzajQzSUs2NHp3ZGtyMjl0 ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3M5ZVRlUTRSU3NqNDNJSzY0endka3IyOXRlcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjcxRTgvNjJCNzg3QTBFRUU0MTFFODlFNjY1RDREQzRGOUFFMDIvRjg3QUM5NEMz NUJCMTFFREIwMzE0RTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnbtgwDQQCAAIwBwMFACQCkEAwDQYJKoZIhvcNAQELBQAD ggEBAKlIkDuncs1GlOIIymvNpDU7eMBf8pLt/H46LzQkrWza+f3y2o4ShWFRPzfd +0gU7KHVd33NIhpdxgwUJAQHhDeLSjsQawTv9Lfgc7bt6Ou5TN3S0DXeowMknEaM 3wki14myoR+JXw/K9LwQnWCk1hswDjndIq1vc2XEAYlQR7mLvgdQza6OT6kRa5/S TgdT/Xdg5tyasHkOt8Q3A03e5fK4x5RUHppelUbHzEL9yKAk9PZOuG9EGBuv/tXX bcEeElUPriZT3guMCb7ZnmIcXATSZRJ3VOUXJhz1sOrRCzmzFFU/6lsXlOMU+/iw 3ozcBWzqhgzmzkL8WZhqGwWsQMQ= -----END CERTIFICATE-----Generated at Wed Jun 4 00:05:04 2025 by rpki-client