$ rpki-client -vvf rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/98152E6C480111EFB2976238C4F9AE02.roa File: 98152E6C480111EFB2976238C4F9AE02.roa (raw, json) Hash identifier: p8fvqZ7Alg5roEiASszoiJIP01rninX1g3Jc6iC5JJA= Subject key identifier: 29:A2:D3:9C:E6:DD:52:CB:4F:F5:CF:A2:C5:16:18:E9:C0:92:B6:B2 Certificate issuer: /CN=A91525A9/serialNumber=EBC3D7FCFB134F538FC19F98AD898C0F3F074F20 Certificate serial: 01CC Authority key identifier: EB:C3:D7:FC:FB:13:4F:53:8F:C1:9F:98:AD:89:8C:0F:3F:07:4F:20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/98152E6C480111EFB2976238C4F9AE02.roa Signing time: Wed 25 Jun 2025 02:50:25 +0000 ROA not before: Wed 25 Jun 2025 02:50:25 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 133955 IP address blocks: 103.235.4.0/24 maxlen: 24 103.235.5.0/24 maxlen: 24 103.235.6.0/24 maxlen: 24 103.235.7.0/24 maxlen: 24 150.129.208.0/24 maxlen: 24 150.129.209.0/24 maxlen: 24 150.129.210.0/24 maxlen: 24 150.129.211.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 460 (0x1cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91525A9, serialNumber=EBC3D7FCFB134F538FC19F98AD898C0F3F074F20 Validity Not Before: Jun 25 02:50:25 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=685b63f1-1a8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:39:5a:23:11:de:ae:61:87:ac:11:4f:15:39: 19:20:07:66:cd:c2:81:c6:82:6f:21:ff:54:5c:86: 16:27:7b:b3:29:6a:2e:a2:4a:cb:27:c7:d6:df:24: 90:a4:0f:d9:2b:3a:3b:b8:20:77:60:7b:de:5f:88: 39:0d:57:f2:ab:dc:d8:9a:46:85:32:3c:e8:47:b9: 29:f0:31:d3:94:60:93:73:69:61:80:91:25:d6:07: 75:df:02:b1:52:7f:33:ba:ca:0a:76:07:72:f6:3c: 9c:ef:82:07:4a:37:ad:96:d4:11:ec:80:14:f5:15: a4:f1:dd:91:38:dd:a5:f7:aa:42:8e:9d:ae:8c:26: 3f:ad:63:3d:ff:73:17:3a:e8:05:e7:26:7e:5d:78: 60:f6:5e:db:8a:f6:ec:5b:6d:06:b7:b1:7f:ff:10: b5:cd:8f:be:0b:41:dc:14:e5:db:ea:14:cd:93:bb: 07:7a:00:20:a2:2b:f8:6e:f6:6d:f9:16:99:d0:90: 05:d0:5e:bc:1d:a4:88:fd:b7:1f:ed:3f:0e:2d:6a: 13:0b:12:48:4f:a9:ff:0e:f8:25:c3:bf:e7:d0:7e: 5b:f7:3f:b8:c0:ba:d4:21:f3:28:6f:8c:05:05:5d: 96:1d:3e:e3:32:b6:a2:47:dc:27:61:d0:0b:17:bf: 4d:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:A2:D3:9C:E6:DD:52:CB:4F:F5:CF:A2:C5:16:18:E9:C0:92:B6:B2 X509v3 Authority Key Identifier: keyid:EB:C3:D7:FC:FB:13:4F:53:8F:C1:9F:98:AD:89:8C:0F:3F:07:4F:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/98152E6C480111EFB2976238C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.235.4.0/22 150.129.208.0/22 Signature Algorithm: sha256WithRSAEncryption 1b:31:66:15:8f:40:dc:58:b1:7a:37:13:32:83:a8:ab:50:09: 88:02:fb:e5:dd:14:a4:9f:02:74:e3:b6:d3:4c:06:e0:85:51: 39:71:09:99:bb:fa:a5:92:21:12:b2:bb:7a:bb:11:50:e8:37: 6f:8e:04:d6:32:6b:58:5a:4b:de:c3:5e:71:fb:41:ea:63:24: 8f:59:c6:d7:a8:af:ca:de:61:cb:fc:2d:c5:d3:64:6a:90:06: 39:56:23:0b:f6:15:4c:21:05:74:39:c8:fb:ee:bc:39:be:ed: 81:30:17:28:2a:2e:8d:57:5d:2d:ab:d5:31:26:6d:d4:94:18: 09:73:f1:c9:13:c1:d0:c4:fb:a9:f4:aa:aa:fe:d5:95:45:c6: ea:b2:58:1c:f1:88:45:d9:89:02:54:5d:aa:4f:1e:dd:f1:de: 94:82:3a:35:69:6e:84:9d:d2:be:48:ea:cd:d6:f3:86:35:7b: 6f:d2:70:10:9c:bc:bc:ab:19:63:f2:34:34:ff:70:2f:0e:61: ce:fe:ee:02:22:b7:b8:3b:cf:8a:75:59:96:4c:47:5c:c4:d3: 6a:15:bd:0a:4a:dc:31:66:20:4e:48:db:c7:2a:af:80:e5:fa: 24:21:0b:0b:af:b2:dd:74:c4:9b:6f:7d:22:fb:10:58:32:a7: 0f:f5:1d:03 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTI1QTkxMTAvBgNVBAUTKEVCQzNEN0ZDRkIxMzRGNTM4RkMxOUY5OEFEODk4QzBG M0YwNzRGMjAwHhcNMjUwNjI1MDI1MDI1WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODViNjNmMS0xYThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1zlaIxHermGHrBFPFTkZIAdmzcKBxoJvIf9UXIYWJ3uzKWouokrLJ8fW3ySQ pA/ZKzo7uCB3YHveX4g5DVfyq9zYmkaFMjzoR7kp8DHTlGCTc2lhgJEl1gd13wKx Un8zusoKdgdy9jyc74IHSjetltQR7IAU9RWk8d2RON2l96pCjp2ujCY/rWM9/3MX OugF5yZ+XXhg9l7bivbsW20Gt7F//xC1zY++C0HcFOXb6hTNk7sHegAgoiv4bvZt +RaZ0JAF0F68HaSI/bcf7T8OLWoTCxJIT6n/Dvglw7/n0H5b9z+4wLrUIfMob4wF BV2WHT7jMraiR9wnYdALF79NFQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCmi05zm 3VLLT/XPosUWGOnAkrayMB8GA1UdIwQYMBaAFOvD1/z7E09Tj8GfmK2JjA8/B08g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjVBOS8yNjE4ODQwRUIx NDMxMUVEODdEMDc2NzhDNEY5QUUwMi82OFBYX1BzVFQxT1B3Wi1ZclltTUR6OEhU eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzY4UFhfUHNUVDFPUHdaLVlyWW1NRHo4SFR5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTI1QTkvMjYxODg0MEVCMTQzMTFFRDg3RDA3Njc4QzRGOUFFMDIvOTgxNTJFNkM0 ODAxMTFFRkIyOTc2MjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJn6wQDBAKWgdAwDQYJKoZIhvcNAQELBQADggEBABsxZhWP QNxYsXo3EzKDqKtQCYgC++XdFKSfAnTjttNMBuCFUTlxCZm7+qWSIRKyu3q7EVDo N2+OBNYya1haS97DXnH7QepjJI9Zxteor8reYcv8LcXTZGqQBjlWIwv2FUwhBXQ5 yPvuvDm+7YEwFygqLo1XXS2r1TEmbdSUGAlz8ckTwdDE+6n0qqr+1ZVFxuqyWBzx iEXZiQJUXapPHt3x3pSCOjVpboSd0r5I6s3W84Y1e2/ScBCcvLyrGWPyNDT/cC8O Yc7+7gIit7g7z4p1WZZMR1zE02oVvQpK3DFmIE5I28cqr4Dl+iQhCwuvst10xJtv fSL7EFgypw/1HQM= -----END CERTIFICATE-----Generated at Sat Jul 5 15:05:30 2025 by rpki-client