$ rpki-client -vvf rpki.apnic.net/member_repository/A912B017/DE75F2222A1311EE95D58A66C4F9AE02/1D11FFD4352D11EE9543B52FC4F9AE02.roa File: 1D11FFD4352D11EE9543B52FC4F9AE02.roa (raw, json) Hash identifier: T9bgb6w+YEKZ5F9ekCDjbubT5zB0ZkUsFds1ZxlsLrE= Subject key identifier: 9A:5A:FD:F4:27:E1:A6:69:2B:2B:D7:4F:7C:7D:DB:A3:DC:4A:13:D7 Certificate issuer: /CN=A912B017/serialNumber=D3D3D860F868C93ED10E2ED5A97A879454C84C16 Certificate serial: 017E Authority key identifier: D3:D3:D8:60:F8:68:C9:3E:D1:0E:2E:D5:A9:7A:87:94:54:C8:4C:16 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09PYYPhoyT7RDi7VqXqHlFTITBY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912B017/DE75F2222A1311EE95D58A66C4F9AE02/1D11FFD4352D11EE9543B52FC4F9AE02.roa Signing time: Thu 03 Jul 2025 04:08:38 +0000 ROA not before: Thu 03 Jul 2025 04:08:38 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 132366 IP address blocks: 103.242.8.0/24 maxlen: 24 2401:1d20::/48 maxlen: 48 2401:1d20:4::/48 maxlen: 48 2401:1d20:5::/48 maxlen: 48 2401:1d20:6::/48 maxlen: 48 2401:1d20:7::/48 maxlen: 48 2401:1d20:8::/48 maxlen: 48 2401:1d20:9::/48 maxlen: 48 2401:1d20:b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912B017/DE75F2222A1311EE95D58A66C4F9AE02/09PYYPhoyT7RDi7VqXqHlFTITBY.crl rsync://rpki.apnic.net/member_repository/A912B017/DE75F2222A1311EE95D58A66C4F9AE02/09PYYPhoyT7RDi7VqXqHlFTITBY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09PYYPhoyT7RDi7VqXqHlFTITBY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 382 (0x17e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912B017, serialNumber=D3D3D860F868C93ED10E2ED5A97A879454C84C16 Validity Not Before: Jul 3 04:08:38 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68660246-2ad7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:cc:54:5f:2d:f9:b0:c4:9c:cd:bf:8b:57:b6: 42:16:1d:d9:69:ea:44:67:46:4b:35:c9:ae:f3:a6: 87:5c:6b:67:10:32:80:b0:87:e4:50:60:e2:c5:73: 2c:be:40:07:4b:d5:04:d1:71:01:aa:f7:17:dc:1e: 6f:4a:40:12:6d:b6:2f:09:ca:d4:c6:42:5c:08:85: 6b:1c:83:17:8e:5b:b0:6e:73:6f:86:6e:c7:0e:df: a9:ed:92:50:b5:bc:c9:bc:2d:1b:1b:2a:32:b7:07: fd:7d:2a:d6:3d:91:56:ed:2e:d1:44:6b:45:0c:23: ff:57:3d:65:65:10:47:43:75:74:cc:cc:c0:4b:3a: c0:d1:7f:05:4b:3d:8b:68:a6:99:70:9e:ae:0c:c9: 85:46:a9:74:e4:74:3d:31:0a:fe:78:fe:39:b0:c7: 22:9f:c3:5e:d9:86:93:09:fa:dd:19:14:33:3b:8c: 6f:da:e4:38:b8:07:47:1e:be:1e:ad:13:c5:f9:de: db:a4:35:d7:1e:ca:ec:ad:08:35:6b:1b:1d:ce:4a: 99:c1:8e:36:5a:05:ca:e4:51:90:32:f4:b4:42:02: 4c:ec:d7:17:19:e8:8e:4b:be:38:46:6e:0f:bc:05: f7:74:96:56:6b:c6:98:2e:27:09:27:bb:11:e3:5b: 57:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:5A:FD:F4:27:E1:A6:69:2B:2B:D7:4F:7C:7D:DB:A3:DC:4A:13:D7 X509v3 Authority Key Identifier: keyid:D3:D3:D8:60:F8:68:C9:3E:D1:0E:2E:D5:A9:7A:87:94:54:C8:4C:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912B017/DE75F2222A1311EE95D58A66C4F9AE02/09PYYPhoyT7RDi7VqXqHlFTITBY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09PYYPhoyT7RDi7VqXqHlFTITBY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B017/DE75F2222A1311EE95D58A66C4F9AE02/1D11FFD4352D11EE9543B52FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.242.8.0/24 IPv6: 2401:1d20::/48 2401:1d20:4::-2401:1d20:9:ffff:ffff:ffff:ffff:ffff 2401:1d20:b::/48 Signature Algorithm: sha256WithRSAEncryption 74:5f:ad:6c:39:59:52:76:b5:3b:80:d4:82:66:06:80:79:e5: 0c:de:6d:7f:61:99:d9:d0:48:5e:45:53:64:98:f5:10:6c:ce: 63:25:2f:0a:fa:df:43:69:d9:94:2f:4f:c0:62:a3:3e:93:a7: 1b:d4:3f:98:03:d4:bd:05:9a:0c:da:40:7b:a4:b1:65:a2:e7: a4:4c:aa:5a:b4:c9:9f:f1:b1:ff:de:0f:6b:f3:99:89:49:1b: 51:98:d6:df:01:eb:50:7c:f8:c3:cc:89:0a:e0:49:23:cb:fc: ab:0b:60:de:06:33:40:f7:14:c1:d3:33:a9:c4:f4:ba:db:95: a6:68:ed:54:a6:73:a2:a4:70:0c:81:72:1b:df:00:65:b0:cb: 70:da:ae:3b:de:a8:8c:c1:68:83:d4:74:1f:a3:47:cd:4a:3f: c6:64:1e:f3:36:87:9e:e2:7a:93:f6:0f:d3:cb:cc:69:49:a2: e1:84:31:02:23:d5:37:0d:aa:bc:ff:e9:dd:98:a4:9d:5f:9f: fb:72:a3:48:d9:33:72:ad:e6:74:4a:b8:9c:55:3f:bd:b6:47: 3c:69:70:73:5b:2a:ea:5b:a6:dc:fc:e6:08:b0:4f:ca:f5:2c: 6c:f9:45:c1:5e:b4:2c:48:b6:25:1d:04:47:88:27:45:13:21: ca:1b:7a:0c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICAX4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkIwMTcxMTAvBgNVBAUTKEQzRDNEODYwRjg2OEM5M0VEMTBFMkVENUE5N0E4Nzk0 NTRDODRDMTYwHhcNMjUwNzAzMDQwODM4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY2MDI0Ni0yYWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwMxUXy35sMSczb+LV7ZCFh3ZaepEZ0ZLNcmu86aHXGtnEDKAsIfkUGDixXMs vkAHS9UE0XEBqvcX3B5vSkASbbYvCcrUxkJcCIVrHIMXjluwbnNvhm7HDt+p7ZJQ tbzJvC0bGyoytwf9fSrWPZFW7S7RRGtFDCP/Vz1lZRBHQ3V0zMzASzrA0X8FSz2L aKaZcJ6uDMmFRql05HQ9MQr+eP45sMcin8Ne2YaTCfrdGRQzO4xv2uQ4uAdHHr4e rRPF+d7bpDXXHsrsrQg1axsdzkqZwY42WgXK5FGQMvS0QgJM7NcXGeiOS744Rm4P vAX3dJZWa8aYLicJJ7sR41tXtwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFJpa/fQn 4aZpKyvXT3x926PcShPXMB8GA1UdIwQYMBaAFNPT2GD4aMk+0Q4u1al6h5RUyEwW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjAxNy9ERTc1RjIyMjJB MTMxMUVFOTVENThBNjZDNEY5QUUwMi8wOVBZWVBob3lUN1JEaTdWcVhxSGxGVElU QlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA5UFlZUGhveVQ3UkRpN1ZxWHFIbEZUSVRCWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkIwMTcvREU3NUYyMjIyQTEzMTFFRTk1RDU4QTY2QzRGOUFFMDIvMUQxMUZGRDQz NTJEMTFFRTk1NDNCNTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MAwEAgABMAYDBABn8ggwLAQCAAIwJgMHACQBHSAAADASAwcCJAEdIAAEAwcB JAEdIAAIAwcAJAEdIAALMA0GCSqGSIb3DQEBCwUAA4IBAQB0X61sOVlSdrU7gNSC ZgaAeeUM3m1/YZnZ0EheRVNkmPUQbM5jJS8K+t9DadmUL0/AYqM+k6cb1D+YA9S9 BZoM2kB7pLFlouekTKpatMmf8bH/3g9r85mJSRtRmNbfAetQfPjDzIkK4Ekjy/yr C2DeBjNA9xTB0zOpxPS625WmaO1UpnOipHAMgXIb3wBlsMtw2q473qiMwWiD1HQf o0fNSj/GZB7zNoee4nqT9g/Ty8xpSaLhhDECI9U3Daq8/+ndmKSdX5/7cqNI2TNy reZ0SricVT+9tkc8aXBzWyrqW6bc/OYIsE/K9Sxs+UXBXrQsSLYlHQRHiCdFEyHK G3oM -----END CERTIFICATE-----Generated at Thu Jul 3 14:59:51 2025 by rpki-client