$ rpki-client -vvf rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa File: 07FF4ABC5A1011EAA8B1B456C4F9AE02.roa (raw, json) Hash identifier: IUlp+gDqr57RNOajUBGFHWRBVgY+RKfJ4rWS/pMC4Tc= Subject key identifier: 4E:61:19:24:EB:73:7F:E2:60:1A:6B:87:41:F2:E0:98:82:01:AC:1B Certificate issuer: /CN=A9148B6A/serialNumber=A9712CCB7EEE024AEB88767B762E1093B140FF6E Certificate serial: 101A Authority key identifier: A9:71:2C:CB:7E:EE:02:4A:EB:88:76:7B:76:2E:10:93:B1:40:FF:6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa Signing time: Mon 30 Jun 2025 17:50:19 +0000 ROA not before: Mon 30 Jun 2025 17:50:19 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 132298 IP address blocks: 103.237.36.0/22 maxlen: 24 160.202.144.0/22 maxlen: 24 2401:e7c0::/32 maxlen: 36 2401:e7c0::/48 maxlen: 48 2401:e7c0:3::/48 maxlen: 48 2401:e7c0:4::/48 maxlen: 48 2401:e7c0:f00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.crl rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 17:39:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4122 (0x101a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148B6A, serialNumber=A9712CCB7EEE024AEB88767B762E1093B140FF6E Validity Not Before: Jun 30 17:50:19 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6862ce5a-c7c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:33:cb:63:36:36:c9:6e:9c:58:dd:75:2d:d0: 9e:85:74:e2:55:e3:4e:b4:b7:38:57:9a:9b:c8:99: a7:74:07:a7:30:7b:bb:32:c2:fc:60:5d:37:25:d8: 91:88:22:38:c3:a6:03:fc:65:a1:86:c6:c6:09:a3: b1:c3:1b:c1:99:b2:36:f1:26:ec:b4:fb:2a:c9:1a: ff:25:2d:2c:14:5f:85:ad:b8:78:63:d2:27:f7:5b: b5:c2:3e:d3:ec:c9:23:0d:26:a1:92:e4:c9:16:b6: 20:bf:9c:df:5f:3e:bd:82:86:52:39:a0:84:21:36: cb:5c:bf:b9:f4:de:f0:4d:d2:03:75:a7:5c:f3:6b: c2:47:f7:fd:91:f5:36:a0:a4:f4:fe:df:a3:0a:56: 5d:27:91:40:94:c5:aa:27:af:6b:4d:ce:e3:ba:1e: ba:6e:b7:a0:ee:ac:52:22:9f:14:90:61:36:65:44: 8f:9d:46:45:d5:cf:94:2d:80:9d:d9:1b:cd:4a:d5: 7a:73:df:24:04:08:a0:1b:a4:e9:90:b6:51:5f:80: f4:89:68:e3:dd:aa:ed:c5:29:4f:94:6a:19:81:2b: 57:89:46:25:37:e5:6f:c4:e9:a7:ec:72:f8:1e:64: 5c:c0:10:d5:84:d0:8f:f4:cc:fa:44:87:03:6b:9d: cf:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:61:19:24:EB:73:7F:E2:60:1A:6B:87:41:F2:E0:98:82:01:AC:1B X509v3 Authority Key Identifier: keyid:A9:71:2C:CB:7E:EE:02:4A:EB:88:76:7B:76:2E:10:93:B1:40:FF:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.237.36.0/22 160.202.144.0/22 IPv6: 2401:e7c0::/32 Signature Algorithm: sha256WithRSAEncryption 69:d1:0a:81:85:1f:26:8c:a8:f1:18:a7:27:be:09:8f:fc:a3: 03:98:73:85:31:f4:32:1b:81:0e:48:49:5b:66:98:0e:0b:fe: a0:56:78:3e:eb:1c:e1:7d:e9:12:a6:53:50:ea:3a:10:15:31: 0a:46:1e:a6:f6:28:47:a3:1b:61:aa:6e:d9:a9:67:6c:85:dc: 2e:a3:f9:48:2f:e1:90:9d:a6:18:65:9f:ae:b8:14:a4:19:6d: 3d:36:16:5e:19:d9:0e:b2:84:7e:e5:f5:74:a2:19:b3:b7:38: e6:88:53:f5:d0:c4:15:42:c0:cc:d5:85:b7:43:af:e0:89:d8: 1e:c1:94:eb:13:b5:8a:e6:0f:62:0b:29:b2:7a:5a:55:0f:04: 3d:da:8e:19:11:0f:44:81:57:8c:c5:3b:b8:fc:64:78:62:20: e1:42:95:10:ea:ce:19:cb:a2:b8:e9:72:1d:98:cc:2d:fe:94: b0:0a:15:bb:f1:b3:4c:c7:27:91:83:35:08:45:04:b1:7d:c8: 32:36:02:63:c7:b4:57:be:91:41:93:5c:74:df:70:20:49:90: 82:bf:fe:e3:63:e9:74:37:10:8d:d2:f1:ea:ee:30:9b:ae:01: 26:46:5e:97:65:7e:b1:db:1e:7c:71:e7:ff:4e:db:56:0b:40: 14:db:ea:84 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICEBowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhCNkExMTAvBgNVBAUTKEE5NzEyQ0NCN0VFRTAyNEFFQjg4NzY3Qjc2MkUxMDkz QjE0MEZGNkUwHhcNMjUwNjMwMTc1MDE5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODYyY2U1YS1jN2M5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAszPLYzY2yW6cWN11LdCehXTiVeNOtLc4V5qbyJmndAenMHu7MsL8YF03JdiR iCI4w6YD/GWhhsbGCaOxwxvBmbI28SbstPsqyRr/JS0sFF+Frbh4Y9In91u1wj7T 7MkjDSahkuTJFrYgv5zfXz69goZSOaCEITbLXL+59N7wTdIDdadc82vCR/f9kfU2 oKT0/t+jClZdJ5FAlMWqJ69rTc7juh66breg7qxSIp8UkGE2ZUSPnUZF1c+ULYCd 2RvNStV6c98kBAigG6TpkLZRX4D0iWjj3artxSlPlGoZgStXiUYlN+VvxOmn7HL4 HmRcwBDVhNCP9Mz6RIcDa53PBQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFE5hGSTr c3/iYBprh0Hy4JiCAawbMB8GA1UdIwQYMBaAFKlxLMt+7gJK64h2e3YuEJOxQP9u MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEI2QS8wODc1RjQ5NjRD NzQxMUU5OTc5MDBGNTVDNEY5QUUwMi9xWEVzeTM3dUFrcnJpSFo3ZGk0UWs3RkFf MjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FYRXN5Mzd1QWtycmlIWjdkaTRRazdGQV8yNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDhCNkEvMDg3NUY0OTY0Qzc0MTFFOTk3OTAwRjU1QzRGOUFFMDIvMDdGRjRBQkM1 QTEwMTFFQUE4QjFCNDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJn7SQDBAKgypAwDQQCAAIwBwMFACQB58AwDQYJKoZIhvcN AQELBQADggEBAGnRCoGFHyaMqPEYpye+CY/8owOYc4Ux9DIbgQ5ISVtmmA4L/qBW eD7rHOF96RKmU1DqOhAVMQpGHqb2KEejG2GqbtmpZ2yF3C6j+Ugv4ZCdphhln664 FKQZbT02Fl4Z2Q6yhH7l9XSiGbO3OOaIU/XQxBVCwMzVhbdDr+CJ2B7BlOsTtYrm D2ILKbJ6WlUPBD3ajhkRD0SBV4zFO7j8ZHhiIOFClRDqzhnLorjpch2YzC3+lLAK Fbvxs0zHJ5GDNQhFBLF9yDI2AmPHtFe+kUGTXHTfcCBJkIK//uNj6XQ3EI3S8eru MJuuASZGXpdlfrHbHnxx5/9O21YLQBTb6oQ= -----END CERTIFICATE-----Generated at Thu Jul 3 17:30:08 2025 by rpki-client