$ rpki-client -vvf rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa File: 98DD71780ECC11F0B8E48170C4F9AE02.roa (raw, json) Hash identifier: Hq759PuHcjxrqDO6XDqBKqYrfjX30gMufng1UMG6yPI= Subject key identifier: E9:1D:1E:B4:1C:D2:3B:AA:27:C4:FD:70:7B:DE:12:88:22:07:10:42 Certificate issuer: /CN=A91144C9/serialNumber=95745293C88A2726E10A57D58F42CC3169B7C922 Certificate serial: 40 Authority key identifier: 95:74:52:93:C8:8A:27:26:E1:0A:57:D5:8F:42:CC:31:69:B7:C9:22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa Signing time: Tue 24 Jun 2025 08:00:05 +0000 ROA not before: Tue 24 Jun 2025 08:00:05 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 10099 IP address blocks: 43.251.12.0/22 maxlen: 24 43.252.84.0/22 maxlen: 24 43.255.168.0/22 maxlen: 24 103.1.64.0/22 maxlen: 24 103.69.184.0/22 maxlen: 24 103.77.20.0/22 maxlen: 24 103.86.12.0/22 maxlen: 24 103.95.176.0/22 maxlen: 24 103.107.88.0/22 maxlen: 24 103.118.36.0/22 maxlen: 24 103.203.184.0/22 maxlen: 24 103.214.64.0/22 maxlen: 24 103.228.68.0/22 maxlen: 24 103.229.244.0/22 maxlen: 24 103.239.176.0/22 maxlen: 24 202.77.16.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.crl rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64 (0x40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91144C9, serialNumber=95745293C88A2726E10A57D58F42CC3169B7C922 Validity Not Before: Jun 24 08:00:05 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=685a5b04-e0d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:f3:99:cb:03:f8:d2:8c:d7:79:32:45:04:24: 02:ca:cd:61:6d:28:52:5b:c3:49:18:3d:f1:99:bf: b6:14:ac:51:b5:c1:58:86:94:43:19:dd:ac:20:4d: 4c:8c:ae:fb:3e:7c:d4:10:76:e2:bf:66:90:62:c8: 56:6b:aa:6b:8c:4a:0f:b8:fb:c3:01:3b:0a:9a:d7: 05:57:81:b5:f3:5a:0e:47:c5:ab:44:00:54:c2:22: 1a:b2:64:d9:36:a4:ff:98:be:4e:ac:66:8f:cd:ac: 07:b7:18:43:e6:c7:3d:23:79:6e:db:46:31:8d:e8: 5e:93:8f:e4:cb:9c:4e:ca:6c:28:5e:88:91:41:3c: 3d:01:17:53:44:31:0a:5b:16:44:12:03:6b:1b:40: 46:a0:5a:c3:53:8c:61:22:40:94:f3:4b:15:b2:bc: f0:6c:d3:24:6d:d9:9c:03:7b:b7:4d:7d:46:6e:3a: af:da:f6:6a:f9:c7:45:00:63:f6:c1:a7:99:a7:a1: f7:31:51:d1:1d:50:91:d3:6e:fe:61:f2:2e:b2:6e: d7:67:c1:82:78:0b:23:89:b4:e0:76:bb:f9:62:69: 8c:f6:ef:51:a4:34:67:e0:56:79:73:1a:94:62:45: 9c:68:05:e2:96:0b:9d:5f:0a:ea:aa:95:0c:e2:19: 4d:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:1D:1E:B4:1C:D2:3B:AA:27:C4:FD:70:7B:DE:12:88:22:07:10:42 X509v3 Authority Key Identifier: keyid:95:74:52:93:C8:8A:27:26:E1:0A:57:D5:8F:42:CC:31:69:B7:C9:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.251.12.0/22 43.252.84.0/22 43.255.168.0/22 103.1.64.0/22 103.69.184.0/22 103.77.20.0/22 103.86.12.0/22 103.95.176.0/22 103.107.88.0/22 103.118.36.0/22 103.203.184.0/22 103.214.64.0/22 103.228.68.0/22 103.229.244.0/22 103.239.176.0/22 202.77.16.0/21 Signature Algorithm: sha256WithRSAEncryption 15:28:fe:cf:12:48:cb:f4:81:b0:1b:a9:9f:04:93:9d:e4:63: 24:e2:da:fd:a6:58:3a:64:61:03:c7:f8:74:aa:5c:ac:e6:fa: fe:8f:ed:11:68:6a:11:c7:59:d7:10:97:4e:1d:22:dc:b1:a1: 1b:c3:6e:cb:56:a8:23:2b:1a:51:ca:5b:b5:06:de:2d:ee:b6: 05:99:b8:54:2a:40:ad:a6:ad:1a:8a:42:1b:86:74:08:ce:dd: 15:c9:36:d8:70:17:e7:96:c0:ee:f7:08:58:22:91:71:7f:25: 8b:a8:40:79:7d:0a:a1:f3:b5:45:4a:6c:d6:da:87:8f:04:7f: 61:0e:dc:98:ce:1e:5a:9e:ae:4b:8f:37:1e:9e:78:b4:d9:19: f1:1d:c6:45:32:91:44:04:61:49:7b:6a:4a:e2:b5:39:3a:f7: 61:51:b0:84:11:53:d6:81:e2:de:a6:e7:ad:87:81:5b:e5:13: 5a:93:67:73:af:7f:93:78:da:39:0b:fd:47:f7:12:0d:f2:35: 81:ac:dc:ae:c7:23:a2:ef:27:0d:17:e4:56:05:4f:46:d9:7f: 5a:0e:ff:9c:8a:dc:83:03:e9:f0:f0:23:55:ca:09:b2:59:5a: 8e:72:7d:f1:bd:1e:5b:10:10:6f:75:93:75:d5:04:03:a2:af: d0:14:32:7b -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIBQDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx NDRDOTExMC8GA1UEBRMoOTU3NDUyOTNDODhBMjcyNkUxMEE1N0Q1OEY0MkNDMzE2 OUI3QzkyMjAeFw0yNTA2MjQwODAwMDVaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NWE1YjA0LWUwZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDQ85nLA/jSjNd5MkUEJALKzWFtKFJbw0kYPfGZv7YUrFG1wViGlEMZ3awgTUyM rvs+fNQQduK/ZpBiyFZrqmuMSg+4+8MBOwqa1wVXgbXzWg5HxatEAFTCIhqyZNk2 pP+Yvk6sZo/NrAe3GEPmxz0jeW7bRjGN6F6Tj+TLnE7KbCheiJFBPD0BF1NEMQpb FkQSA2sbQEagWsNTjGEiQJTzSxWyvPBs0yRt2ZwDe7dNfUZuOq/a9mr5x0UAY/bB p5mnofcxUdEdUJHTbv5h8i6ybtdnwYJ4CyOJtOB2u/liaYz271GkNGfgVnlzGpRi RZxoBeKWC51fCuqqlQziGU25AgMBAAGjggLvMIIC6zAdBgNVHQ4EFgQU6R0etBzS O6onxP1we94SiCIHEEIwHwYDVR0jBBgwFoAUlXRSk8iKJybhClfVj0LMMWm3ySIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE0NEM5Lzg0MkY5ODk0MEVD OTExRjBBMjZGRjE0NEM0RjlBRTAyL2xYUlNrOGlLSnliaENsZlZqMExNTVdtM3lT SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbFhSU2s4aUtKeWJoQ2xmVmowTE1NV20zeVNJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NDRDOS84NDJGOTg5NDBFQzkxMUYwQTI2RkYxNDRDNEY5QUUwMi85OERENzE3ODBF Q0MxMUYwQjhFNDgxNzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDB5BggrBgEFBQcBBwEB/wRq MGgwZgQCAAEwYAMEAiv7DAMEAiv8VAMEAiv/qAMEAmcBQAMEAmdFuAMEAmdNFAME AmdWDAMEAmdfsAMEAmdrWAMEAmd2JAMEAmfLuAMEAmfWQAMEAmfkRAMEAmfl9AME AmfvsAMEA8pNEDANBgkqhkiG9w0BAQsFAAOCAQEAFSj+zxJIy/SBsBupnwSTneRj JOLa/aZYOmRhA8f4dKpcrOb6/o/tEWhqEcdZ1xCXTh0i3LGhG8Nuy1aoIysaUcpb tQbeLe62BZm4VCpAraatGopCG4Z0CM7dFck22HAX55bA7vcIWCKRcX8li6hAeX0K ofO1RUps1tqHjwR/YQ7cmM4eWp6uS483Hp54tNkZ8R3GRTKRRARhSXtqSuK1OTr3 YVGwhBFT1oHi3qbnrYeBW+UTWpNnc69/k3jaOQv9R/cSDfI1gazcrscjou8nDRfk VgVPRtl/Wg7/nIrcgwPp8PAjVcoJsllajnJ98b0eWxAQb3WTddUEA6Kv0BQyew== -----END CERTIFICATE-----Generated at Sat Jul 5 08:28:39 2025 by rpki-client