$ rpki-client -vvf rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/85613B4E8C8411EBB68DD829C4F9AE02.roa File: 85613B4E8C8411EBB68DD829C4F9AE02.roa (raw, json) Hash identifier: JUDELwHgPtKuVC+Zxi+8ziVhRWeVBos3PiAym1dLOsg= Subject key identifier: DA:44:D1:3A:4E:A7:EF:83:A2:81:2C:8C:83:AC:7F:EE:B9:40:22:23 Certificate issuer: /CN=A911CF44/serialNumber=40DD662B6F6E97B34D3B75A8007DE5388D927253 Certificate serial: 0657 Authority key identifier: 40:DD:66:2B:6F:6E:97:B3:4D:3B:75:A8:00:7D:E5:38:8D:92:72:53 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/85613B4E8C8411EBB68DD829C4F9AE02.roa Signing time: Thu 12 Jun 2025 22:22:00 +0000 ROA not before: Thu 12 Jun 2025 22:22:00 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 136733 IP address blocks: 103.94.224.0/24 maxlen: 24 103.94.225.0/24 maxlen: 24 103.94.226.0/24 maxlen: 24 103.94.227.0/24 maxlen: 24 150.107.168.0/24 maxlen: 24 150.107.169.0/24 maxlen: 24 150.107.170.0/24 maxlen: 24 150.107.171.0/24 maxlen: 24 2001:df1:8900::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.crl rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1623 (0x657) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CF44, serialNumber=40DD662B6F6E97B34D3B75A8007DE5388D927253 Validity Not Before: Jun 12 22:22:00 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=684b5308-0a97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ba:31:c8:af:a0:ef:b8:75:97:b5:94:b9:9a: 4d:98:04:fe:43:af:89:47:86:f6:c6:dd:69:b5:b9: 86:53:53:7b:92:60:c6:6c:82:09:e0:22:09:13:df: 21:23:a6:6d:22:35:7d:ac:6f:3d:aa:07:3f:d4:e1: 89:37:5f:50:10:58:a0:81:6a:4e:18:7c:02:ae:b2: 73:6c:95:27:da:0d:0c:11:4f:69:2e:48:8b:75:04: ac:f7:7f:9f:af:a0:1a:b1:58:7b:2d:1c:7b:89:e9: 4e:43:82:61:e5:47:5d:43:48:45:14:91:18:57:e3: 18:99:69:3f:4b:09:49:f4:f8:23:26:b5:c4:e6:05: f1:b9:ec:6e:bc:69:28:3e:c7:b0:79:a7:11:e1:39: 2b:d9:14:1b:06:35:7b:68:8e:02:30:f7:9a:68:8d: 26:00:1f:b1:c9:93:c2:2d:f7:08:e0:e1:2c:c0:b0: e2:9e:7c:dc:d5:7c:9a:11:f3:42:06:d4:3e:12:cc: eb:1c:0c:41:e2:1c:b9:45:69:14:68:6e:f7:fd:0d: a4:01:c0:b6:60:df:4a:46:4a:45:85:3f:0e:10:e2: 56:4c:4b:41:c0:d9:b4:c3:c0:2e:d4:a4:ea:55:dd: ae:7f:6c:3f:2b:e0:9f:f6:79:39:b6:01:a7:8d:1e: c0:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:44:D1:3A:4E:A7:EF:83:A2:81:2C:8C:83:AC:7F:EE:B9:40:22:23 X509v3 Authority Key Identifier: keyid:40:DD:66:2B:6F:6E:97:B3:4D:3B:75:A8:00:7D:E5:38:8D:92:72:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/85613B4E8C8411EBB68DD829C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.94.224.0/22 150.107.168.0/22 IPv6: 2001:df1:8900::/48 Signature Algorithm: sha256WithRSAEncryption a7:f2:66:79:ae:7c:f8:85:c8:93:5d:8a:3c:63:98:ef:25:d1: 11:1e:cc:c7:52:41:a0:15:5e:e1:0d:c7:87:1c:80:43:2a:66: 20:a9:a1:f2:3a:24:09:1d:f8:d4:1c:14:23:f9:be:56:d6:1b: 5d:e2:80:79:1c:c6:14:b0:96:27:41:0c:29:33:43:30:26:e9: f5:6e:87:90:aa:3f:53:fb:e7:25:ee:4d:23:4b:41:19:7d:c1: 5e:72:88:0e:ef:96:72:7b:ee:65:1e:bf:b5:9f:40:ce:0c:a6: b7:5e:05:63:25:95:52:3d:35:5a:1b:c3:0f:61:2b:78:a0:8d: 90:14:45:c3:c4:f3:c5:25:33:a1:33:d6:05:24:ad:1b:f2:f8: fe:73:fa:25:20:2d:bb:7b:d7:8e:d7:35:a4:a1:b9:95:71:64: c8:f9:16:b4:68:f8:79:be:e1:f1:a9:5d:e5:3d:73:c5:c2:75: 26:db:a9:ca:29:42:c8:29:15:47:5b:72:d9:c7:2a:1e:e6:00: b5:c8:d8:09:e1:3b:d5:0a:d9:80:1f:4b:de:4c:74:19:6c:48: 08:90:65:0f:f7:49:ae:2a:4c:6a:55:ee:79:37:78:24:03:59: ae:a9:d5:9a:7f:fc:fc:38:18:62:35:04:83:28:fa:98:b6:af: d1:f1:89:e6 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICBlcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNGNDQxMTAvBgNVBAUTKDQwREQ2NjJCNkY2RTk3QjM0RDNCNzVBODAwN0RFNTM4 OEQ5MjcyNTMwHhcNMjUwNjEyMjIyMjAwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODRiNTMwOC0wYTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw7oxyK+g77h1l7WUuZpNmAT+Q6+JR4b2xt1ptbmGU1N7kmDGbIIJ4CIJE98h I6ZtIjV9rG89qgc/1OGJN19QEFiggWpOGHwCrrJzbJUn2g0MEU9pLkiLdQSs93+f r6AasVh7LRx7ielOQ4Jh5UddQ0hFFJEYV+MYmWk/SwlJ9PgjJrXE5gXxuexuvGko PseweacR4Tkr2RQbBjV7aI4CMPeaaI0mAB+xyZPCLfcI4OEswLDinnzc1XyaEfNC BtQ+EszrHAxB4hy5RWkUaG73/Q2kAcC2YN9KRkpFhT8OEOJWTEtBwNm0w8Au1KTq Vd2uf2w/K+Cf9nk5tgGnjR7AowIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFNpE0TpO p++DooEsjIOsf+65QCIjMB8GA1UdIwQYMBaAFEDdZitvbpezTTt1qAB95TiNknJT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0Y0NC82Njc3QkVCNjhD ODMxMUVCODQ5RTYxMjlDNEY5QUUwMi9RTjFtSzI5dWw3Tk5PM1dvQUgzbE9JMlNj bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FOMW1LMjl1bDdOTk8zV29BSDNsT0kyU2NsTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUNGNDQvNjY3N0JFQjY4QzgzMTFFQjg0OUU2MTI5QzRGOUFFMDIvODU2MTNCNEU4 Qzg0MTFFQkI2OEREODI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBAJnXuADBAKWa6gwDwQCAAIwCQMHACABDfGJADANBgkqhkiG 9w0BAQsFAAOCAQEAp/Jmea58+IXIk12KPGOY7yXRER7Mx1JBoBVe4Q3HhxyAQypm IKmh8jokCR341BwUI/m+VtYbXeKAeRzGFLCWJ0EMKTNDMCbp9W6HkKo/U/vnJe5N I0tBGX3BXnKIDu+WcnvuZR6/tZ9Azgymt14FYyWVUj01WhvDD2EreKCNkBRFw8Tz xSUzoTPWBSStG/L4/nP6JSAtu3vXjtc1pKG5lXFkyPkWtGj4eb7h8ald5T1zxcJ1 JtupyilCyCkVR1ty2ccqHuYAtcjYCeE71QrZgB9L3kx0GWxICJBlD/dJripMalXu eTd4JANZrqnVmn/8/DgYYjUEgyj6mLav0fGJ5g== -----END CERTIFICATE-----Generated at Sat Jul 5 18:40:53 2025 by rpki-client