$ rpki-client -vvf rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/B523DAE68C9211EABC682867C4F9AE02.roa File: B523DAE68C9211EABC682867C4F9AE02.roa (raw, json) Hash identifier: /Vmvob4Ba5JT6xBzlUxuOFxxM0jXE2HEf4/pjk43Tpk= Subject key identifier: 68:88:64:F2:2A:7C:32:7E:D9:98:78:7E:EB:FD:B6:55:2C:7A:44:B9 Certificate issuer: /CN=A9140EE2/serialNumber=475250E6A055478F4AC1EAF1ED32D5672C3CD1B3 Certificate serial: 0D2F Authority key identifier: 47:52:50:E6:A0:55:47:8F:4A:C1:EA:F1:ED:32:D5:67:2C:3C:D1:B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1JQ5qBVR49Kwerx7TLVZyw80bM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/B523DAE68C9211EABC682867C4F9AE02.roa Signing time: Fri 04 Jul 2025 18:27:49 +0000 ROA not before: Fri 04 Jul 2025 18:27:48 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 63991 IP address blocks: 103.58.144.0/23 maxlen: 24 103.127.62.0/23 maxlen: 24 2405:55c0::/32 maxlen: 32 2405:55c0::/48 maxlen: 48 2405:55c0:3c::/48 maxlen: 48 2405:55c0:3f::/48 maxlen: 48 2405:55c0:54::/48 maxlen: 48 2405:55c0:55::/48 maxlen: 48 2405:55c0:80::/48 maxlen: 48 2405:55c0:81::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/R1JQ5qBVR49Kwerx7TLVZyw80bM.crl rsync://rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/R1JQ5qBVR49Kwerx7TLVZyw80bM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1JQ5qBVR49Kwerx7TLVZyw80bM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3375 (0xd2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9140EE2, serialNumber=475250E6A055478F4AC1EAF1ED32D5672C3CD1B3 Validity Not Before: Jul 4 18:27:48 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68681d24-d7e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:6b:c8:3f:59:8b:58:83:8f:e2:04:4c:dc:7b: 5d:d4:7d:9a:a0:16:df:6b:f1:52:e2:2c:af:dd:78: cd:8e:21:d3:64:ab:77:66:ef:e0:9c:41:8e:94:52: 3e:54:79:a3:92:f5:84:8d:a5:61:f0:c2:99:23:25: c4:2f:54:4c:12:1c:bf:11:32:5e:9d:1c:50:9e:79: 0a:55:5a:b7:68:fb:c7:c4:62:87:ae:28:45:99:b0: e3:cc:8b:93:58:7b:fe:5c:45:37:17:b9:e7:55:53: 7c:0e:44:4c:39:6e:a0:34:16:12:49:a8:d5:01:6a: 8f:47:32:04:2b:bc:22:a1:70:a5:37:a1:15:d1:60: 44:b9:fd:a2:3a:f7:f9:cb:72:65:16:05:2d:8e:cb: c7:b6:a3:5b:eb:1b:0c:f9:5e:cc:e6:f8:4f:70:ea: 32:63:a3:a8:12:59:33:12:bf:cd:3f:70:ec:4f:7c: 66:15:38:af:3d:b0:41:d8:2b:84:4d:28:2c:64:8f: ac:62:7c:8e:47:a5:7f:d5:c2:c0:65:71:fe:7e:4f: c2:c8:89:5f:79:63:30:24:50:b6:a8:1b:7b:f6:a6: 28:28:d1:1d:bd:c3:81:5f:01:a6:f4:56:c3:f0:74: 12:85:21:59:6a:ba:6c:d8:3c:40:33:fe:94:90:0a: d3:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:88:64:F2:2A:7C:32:7E:D9:98:78:7E:EB:FD:B6:55:2C:7A:44:B9 X509v3 Authority Key Identifier: keyid:47:52:50:E6:A0:55:47:8F:4A:C1:EA:F1:ED:32:D5:67:2C:3C:D1:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/R1JQ5qBVR49Kwerx7TLVZyw80bM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1JQ5qBVR49Kwerx7TLVZyw80bM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140EE2/EA01D55ADF7311E9ABEBD43BC4F9AE02/B523DAE68C9211EABC682867C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.58.144.0/23 103.127.62.0/23 IPv6: 2405:55c0::/32 Signature Algorithm: sha256WithRSAEncryption 43:54:ed:10:3e:8c:b5:34:e3:be:e8:8b:7f:36:c9:4c:fe:c8: 5e:c0:4c:cc:4b:7d:5f:56:c2:94:d0:42:a4:12:94:60:0b:50: 42:3a:db:9f:29:6c:00:82:fd:a8:59:29:3a:6a:41:e2:2e:93: c9:b2:9c:ad:ea:9c:43:bd:55:3d:11:70:e1:89:d8:6a:48:54: d0:b7:a1:55:ce:9a:0b:b3:38:42:1a:b1:17:d2:fe:d2:87:1e: ca:d2:06:8f:1d:ff:96:7a:f4:de:36:17:45:5b:c6:d9:ac:a1: 1a:84:af:11:2e:ef:54:7f:d4:28:ab:f7:bc:09:5c:59:6f:a2: 47:fa:55:53:ea:c4:15:46:78:01:bc:90:84:21:33:35:12:fe: 9e:c7:cf:7d:73:78:ba:ae:c2:5b:f9:ba:df:c0:19:9d:19:74: 29:74:e3:e2:a2:9c:20:5e:8a:67:6d:98:cc:df:cc:04:e7:fb: 84:60:5a:1d:a2:af:94:f8:bc:1d:ef:7d:3e:c3:99:2c:90:ee: f3:b7:c1:7e:ff:a6:2f:bf:f3:3c:be:ef:ba:61:ba:e3:fd:ce: 47:02:f5:4e:64:fb:3f:9b:d8:fa:25:eb:18:81:f6:98:f2:10: fd:3e:c6:8a:11:f5:24:01:18:9c:47:2d:72:5c:69:04:3e:e2: aa:59:dd:9e -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDBFRTIxMTAvBgNVBAUTKDQ3NTI1MEU2QTA1NTQ3OEY0QUMxRUFGMUVEMzJENTY3 MkMzQ0QxQjMwHhcNMjUwNzA0MTgyNzQ4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY4MWQyNC1kN2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvmvIP1mLWIOP4gRM3Htd1H2aoBbfa/FS4iyv3XjNjiHTZKt3Zu/gnEGOlFI+ VHmjkvWEjaVh8MKZIyXEL1RMEhy/ETJenRxQnnkKVVq3aPvHxGKHrihFmbDjzIuT WHv+XEU3F7nnVVN8DkRMOW6gNBYSSajVAWqPRzIEK7wioXClN6EV0WBEuf2iOvf5 y3JlFgUtjsvHtqNb6xsM+V7M5vhPcOoyY6OoElkzEr/NP3DsT3xmFTivPbBB2CuE TSgsZI+sYnyOR6V/1cLAZXH+fk/CyIlfeWMwJFC2qBt79qYoKNEdvcOBXwGm9FbD 8HQShSFZarps2DxAM/6UkArTPQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGiIZPIq fDJ+2Zh4fuv9tlUsekS5MB8GA1UdIwQYMBaAFEdSUOagVUePSsHq8e0y1WcsPNGz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEVFMi9FQTAxRDU1QURG NzMxMUU5QUJFQkQ0M0JDNEY5QUUwMi9SMUpRNXFCVlI0OUt3ZXJ4N1RMVlp5dzgw Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IxSlE1cUJWUjQ5S3dlcng3VExWWnl3ODBiTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDBFRTIvRUEwMUQ1NUFERjczMTFFOUFCRUJENDNCQzRGOUFFMDIvQjUyM0RBRTY4 QzkyMTFFQUJDNjgyODY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAFnOpADBAFnfz4wDQQCAAIwBwMFACQFVcAwDQYJKoZIhvcN AQELBQADggEBAENU7RA+jLU0477oi382yUz+yF7ATMxLfV9WwpTQQqQSlGALUEI6 258pbACC/ahZKTpqQeIuk8mynK3qnEO9VT0RcOGJ2GpIVNC3oVXOmguzOEIasRfS /tKHHsrSBo8d/5Z69N42F0VbxtmsoRqErxEu71R/1Cir97wJXFlvokf6VVPqxBVG eAG8kIQhMzUS/p7Hz31zeLquwlv5ut/AGZ0ZdCl04+KinCBeimdtmMzfzATn+4Rg Wh2ir5T4vB3vfT7DmSyQ7vO3wX7/pi+/8zy+77phuuP9zkcC9U5k+z+b2Pol6xiB 9pjyEP0+xooR9SQBGJxHLXJcaQQ+4qpZ3Z4= -----END CERTIFICATE-----Generated at Sat Jul 5 05:08:01 2025 by rpki-client