$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/49CB8044609511E8BF4FB410C4F9AE02.roa File: 49CB8044609511E8BF4FB410C4F9AE02.roa (raw, json) Hash identifier: Mbdbpc3/wtRpTix5VC1xMy2eqJ1FLcHxKH2kFDSd6ik= Subject key identifier: 6E:9C:C8:F0:51:57:17:1A:22:84:9C:3C:94:B4:7F:55:7E:F5:B9:A0 Certificate issuer: /CN=A91FAA31/serialNumber=01402253F31BCACFFB73D685D700C9B6B741043C Certificate serial: 14AA Authority key identifier: 01:40:22:53:F3:1B:CA:CF:FB:73:D6:85:D7:00:C9:B6:B7:41:04:3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AUAiU_Mbys_7c9aF1wDJtrdBBDw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/49CB8044609511E8BF4FB410C4F9AE02.roa Signing time: Wed 28 May 2025 17:56:56 +0000 ROA not before: Wed 28 May 2025 17:56:56 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 38203 IP address blocks: 103.219.160.0/22 maxlen: 22 103.219.160.0/24 maxlen: 24 103.219.161.0/24 maxlen: 24 103.219.162.0/24 maxlen: 24 103.219.163.0/24 maxlen: 24 123.253.144.0/22 maxlen: 22 123.253.144.0/24 maxlen: 24 123.253.145.0/24 maxlen: 24 123.253.146.0/24 maxlen: 24 123.253.147.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/AUAiU_Mbys_7c9aF1wDJtrdBBDw.crl rsync://rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/AUAiU_Mbys_7c9aF1wDJtrdBBDw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AUAiU_Mbys_7c9aF1wDJtrdBBDw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 17:03:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5290 (0x14aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FAA31, serialNumber=01402253F31BCACFFB73D685D700C9B6B741043C Validity Not Before: May 28 17:56:56 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68374e68-da4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:9c:42:5c:56:5f:f7:8e:97:00:ca:6c:bf:73: 8f:94:f5:4c:cd:d8:e6:5b:ba:c4:90:b3:52:7e:f9: e3:73:42:2f:06:fe:1e:55:e5:13:99:22:7a:34:4d: a7:04:94:05:df:c3:0e:c4:1f:01:ed:9f:cd:e4:66: db:92:f6:8e:dc:ec:2e:30:62:ac:60:4c:de:05:42: e7:27:fe:e0:48:a6:26:ab:ef:b3:10:0a:20:85:cf: cb:35:f8:03:14:47:ff:d9:ac:0c:c1:d8:90:79:98: 9e:31:43:17:87:3f:d4:08:d8:6c:4e:9f:98:09:46: 80:79:a8:6b:a1:77:9e:ea:ae:1e:0f:06:0b:a1:38: 3f:81:26:f9:47:09:73:ae:a2:80:23:ea:e9:09:0e: 00:68:20:0a:9f:5f:43:31:d2:cf:7d:65:89:4d:e4: 48:df:29:44:45:25:45:d9:7b:85:cc:2e:b0:36:cf: be:f2:3b:99:93:bf:c4:ec:ee:88:50:56:79:00:5c: 84:9f:b4:fc:a4:69:43:45:41:40:a2:66:83:a6:84: f9:53:cd:2e:66:ad:c5:bd:17:4b:58:c9:fc:66:41: a9:ef:69:93:43:95:fb:a1:b2:0b:b7:7d:b0:0a:a2: 0a:6a:c3:72:12:26:35:7d:ac:bd:61:3a:58:20:d7: dd:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:9C:C8:F0:51:57:17:1A:22:84:9C:3C:94:B4:7F:55:7E:F5:B9:A0 X509v3 Authority Key Identifier: keyid:01:40:22:53:F3:1B:CA:CF:FB:73:D6:85:D7:00:C9:B6:B7:41:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/AUAiU_Mbys_7c9aF1wDJtrdBBDw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AUAiU_Mbys_7c9aF1wDJtrdBBDw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAA31/DD644878609411E8B56C1810C4F9AE02/49CB8044609511E8BF4FB410C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.219.160.0/22 123.253.144.0/22 Signature Algorithm: sha256WithRSAEncryption 65:a5:64:35:df:70:cb:42:9e:4c:8c:20:7b:ad:94:8c:aa:bb: be:75:60:35:04:c5:75:4d:86:43:00:f9:99:6d:3d:1f:01:db: b3:ab:67:4d:78:4e:10:c7:fb:3b:76:82:1c:29:58:1f:b6:df: 8b:79:d0:e6:b4:0e:14:d5:01:19:dc:30:b8:01:de:95:91:55: dd:fc:17:e2:8b:ea:93:01:70:f4:8f:f6:15:9f:89:05:2a:92: 35:5b:49:58:54:a1:ad:69:a1:c5:33:92:0b:d5:e2:43:46:9c: 0b:65:67:e9:07:95:13:61:b6:63:0a:94:d8:1a:4c:2c:87:36: 00:d1:08:40:d0:4c:82:e0:44:b7:3c:b0:39:77:0e:9b:c1:f2: d0:d8:72:c2:f3:e2:db:07:1b:11:90:52:4c:6a:a6:78:8f:8f: e6:cf:1e:b7:ad:48:b8:e2:13:ba:af:84:89:ed:bb:01:89:b5: 08:80:81:8a:e1:77:ae:eb:c4:c4:c3:ca:3d:1e:df:7b:c5:bc: 4c:8a:b2:89:56:12:43:45:6e:af:77:1b:76:8b:07:88:a7:bd: 52:f7:e9:71:fb:99:bd:d6:f6:38:77:99:ad:00:84:07:48:ce: 44:51:8d:99:58:c8:5d:1e:3d:10:2b:cb:de:03:7c:b8:f3:3f: 74:ae:94:db -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICFKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkFBMzExMTAvBgNVBAUTKDAxNDAyMjUzRjMxQkNBQ0ZGQjczRDY4NUQ3MDBDOUI2 Qjc0MTA0M0MwHhcNMjUwNTI4MTc1NjU2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM3NGU2OC1kYTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+ZxCXFZf946XAMpsv3OPlPVMzdjmW7rEkLNSfvnjc0IvBv4eVeUTmSJ6NE2n BJQF38MOxB8B7Z/N5GbbkvaO3OwuMGKsYEzeBULnJ/7gSKYmq++zEAoghc/LNfgD FEf/2awMwdiQeZieMUMXhz/UCNhsTp+YCUaAeahroXee6q4eDwYLoTg/gSb5Rwlz rqKAI+rpCQ4AaCAKn19DMdLPfWWJTeRI3ylERSVF2XuFzC6wNs++8juZk7/E7O6I UFZ5AFyEn7T8pGlDRUFAomaDpoT5U80uZq3FvRdLWMn8ZkGp72mTQ5X7obILt32w CqIKasNyEiY1fay9YTpYINfd9wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFG6cyPBR VxcaIoScPJS0f1V+9bmgMB8GA1UdIwQYMBaAFAFAIlPzG8rP+3PWhdcAyba3QQQ8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUEzMS9ERDY0NDg3ODYw OTQxMUU4QjU2QzE4MTBDNEY5QUUwMi9BVUFpVV9NYnlzXzdjOWFGMXdESnRyZEJC RHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FVQWlVX01ieXNfN2M5YUYxd0RKdHJkQkJEdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkFBMzEvREQ2NDQ4Nzg2MDk0MTFFOEI1NkMxODEwQzRGOUFFMDIvNDlDQjgwNDQ2 MDk1MTFFOEJGNEZCNDEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJn26ADBAJ7/ZAwDQYJKoZIhvcNAQELBQADggEBAGWlZDXf cMtCnkyMIHutlIyqu751YDUExXVNhkMA+ZltPR8B27OrZ014ThDH+zt2ghwpWB+2 34t50Oa0DhTVARncMLgB3pWRVd38F+KL6pMBcPSP9hWfiQUqkjVbSVhUoa1pocUz kgvV4kNGnAtlZ+kHlRNhtmMKlNgaTCyHNgDRCEDQTILgRLc8sDl3DpvB8tDYcsLz 4tsHGxGQUkxqpniPj+bPHretSLjiE7qvhIntuwGJtQiAgYrhd67rxMTDyj0e33vF vEyKsolWEkNFbq93G3aLB4invVL36XH7mb3W9jh3ma0AhAdIzkRRjZlYyF0ePRAr y94DfLjzP3SulNs= -----END CERTIFICATE-----Generated at Wed Jun 4 00:16:32 2025 by rpki-client