$ rpki-client -vvf rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/72603CD6D28811EAB7D79A47C4F9AE02.roa File: 72603CD6D28811EAB7D79A47C4F9AE02.roa (raw, json) Hash identifier: iVfJEeg3Wgdof0gIfzSRbq9faDNqlEFVPNcvpNlnmRA= Subject key identifier: C3:90:62:EB:B1:96:34:92:32:3D:39:32:97:AF:CB:77:C7:9E:1D:33 Certificate issuer: /CN=A915D3E8/serialNumber=24BFA36352F84F1A8FA469DEB0E836E8035AE466 Certificate serial: 0841 Authority key identifier: 24:BF:A3:63:52:F8:4F:1A:8F:A4:69:DE:B0:E8:36:E8:03:5A:E4:66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JL-jY1L4TxqPpGnesOg26ANa5GY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/72603CD6D28811EAB7D79A47C4F9AE02.roa Signing time: Fri 20 Jun 2025 10:03:07 +0000 ROA not before: Fri 20 Jun 2025 10:03:07 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 55781 IP address blocks: 103.71.132.0/24 maxlen: 24 103.231.54.0/24 maxlen: 24 202.68.209.0/24 maxlen: 24 202.68.210.0/24 maxlen: 24 202.68.211.0/24 maxlen: 24 202.68.220.0/24 maxlen: 24 202.68.222.0/24 maxlen: 24 202.68.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/JL-jY1L4TxqPpGnesOg26ANa5GY.crl rsync://rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/JL-jY1L4TxqPpGnesOg26ANa5GY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JL-jY1L4TxqPpGnesOg26ANa5GY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 21:02:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2113 (0x841) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D3E8, serialNumber=24BFA36352F84F1A8FA469DEB0E836E8035AE466 Validity Not Before: Jun 20 10:03:07 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=685531db-549f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:fa:b7:56:45:73:91:d2:49:af:44:84:60:b1: 27:43:56:48:93:53:65:7d:2a:2b:8b:04:e9:0f:ac: ad:df:68:d7:8e:d2:4d:20:44:89:94:ab:a7:0e:81: db:c7:9e:c2:9b:4d:67:a3:8d:82:9d:00:7b:94:cb: 72:6c:ad:8c:6e:9d:0e:a5:95:41:b1:d2:1d:ea:80: e6:8d:ae:ef:5f:71:f6:62:f1:bd:ef:47:c8:b0:0b: 3c:50:08:ab:54:30:5a:bb:2e:dc:ab:94:1b:52:a4: ee:a8:eb:2c:c6:85:09:fb:9d:e9:3a:01:b1:a6:d9: bf:54:d8:08:5c:af:52:b3:f2:d2:27:dc:22:2e:49: 7f:48:16:fc:d0:f9:e8:d3:d8:dc:44:a3:a8:77:00: b8:64:8a:ca:5d:82:ce:34:42:d3:a3:ec:5c:c9:92: 67:68:53:b7:ad:47:ed:8d:cd:aa:1f:42:82:73:1d: 99:73:45:c8:08:5e:7d:f0:52:b0:5d:dc:5b:3c:63: 97:f3:82:01:e5:fd:a9:e8:85:2a:26:38:45:67:f2: 4d:a0:ea:9c:52:11:c9:42:65:70:32:5e:ab:44:60: 64:b9:64:6e:a9:c2:a1:ff:4f:57:dd:05:99:54:5a: eb:02:3a:2f:6e:a8:f9:83:d6:03:c2:29:47:43:38: 58:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:90:62:EB:B1:96:34:92:32:3D:39:32:97:AF:CB:77:C7:9E:1D:33 X509v3 Authority Key Identifier: keyid:24:BF:A3:63:52:F8:4F:1A:8F:A4:69:DE:B0:E8:36:E8:03:5A:E4:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/JL-jY1L4TxqPpGnesOg26ANa5GY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JL-jY1L4TxqPpGnesOg26ANa5GY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D3E8/3F1F0DDAD28711EA9E73E646C4F9AE02/72603CD6D28811EAB7D79A47C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.71.132.0/24 103.231.54.0/24 202.68.209.0-202.68.211.255 202.68.220.0/24 202.68.222.0/23 Signature Algorithm: sha256WithRSAEncryption 50:69:9a:00:0c:e9:25:e4:b0:5f:9c:9e:6c:54:d0:83:9f:76: f9:87:73:ec:07:d7:85:f1:4e:e3:f7:0a:d6:8a:5e:9f:19:ea: 3e:a4:11:0e:1a:d0:76:9b:8e:31:7e:9a:91:4b:bf:72:f1:d9: 71:f7:7d:58:4e:ee:2f:23:c6:a6:95:5f:a5:1a:0c:84:57:f9: b0:1f:a0:75:da:72:f6:97:c9:cc:03:69:a1:f6:ca:ea:28:f4: 44:b4:1e:32:8a:5a:db:57:65:3e:a6:58:7a:6d:38:0f:b7:8e: 35:f5:86:06:14:c9:22:27:b2:4c:0f:cc:f7:f9:c9:f8:3b:a4: 1e:a0:87:df:df:c1:03:07:a3:df:8e:c1:62:c0:4e:20:00:cd: 95:70:d2:ef:53:01:04:07:8a:c3:ec:7f:04:84:d1:ae:a2:9e: d4:cd:ae:39:b9:01:77:87:39:13:3e:85:30:0b:d2:57:8e:40: 13:9b:fc:b4:3e:28:50:92:a2:11:a8:0c:2f:07:04:0d:09:2e: c1:b4:a2:f6:e1:d5:47:c7:94:2e:07:07:1e:be:22:ea:0b:18: d3:05:d1:b9:1f:76:37:c5:10:e6:13:d4:03:18:41:e3:38:e0: 38:c2:d9:26:28:0d:a5:28:61:a6:65:ca:fd:01:a2:80:6a:6d: f2:e8:af:b8 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICCEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQzRTgxMTAvBgNVBAUTKDI0QkZBMzYzNTJGODRGMUE4RkE0NjlERUIwRTgzNkU4 MDM1QUU0NjYwHhcNMjUwNjIwMTAwMzA3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02ODU1MzFkYi01NDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu/q3VkVzkdJJr0SEYLEnQ1ZIk1NlfSoriwTpD6yt32jXjtJNIESJlKunDoHb x57Cm01no42CnQB7lMtybK2Mbp0OpZVBsdId6oDmja7vX3H2YvG970fIsAs8UAir VDBauy7cq5QbUqTuqOssxoUJ+53pOgGxptm/VNgIXK9Ss/LSJ9wiLkl/SBb80Pno 09jcRKOodwC4ZIrKXYLONELTo+xcyZJnaFO3rUftjc2qH0KCcx2Zc0XICF598FKw XdxbPGOX84IB5f2p6IUqJjhFZ/JNoOqcUhHJQmVwMl6rRGBkuWRuqcKh/09X3QWZ VFrrAjovbqj5g9YDwilHQzhYIwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFMOQYuux ljSSMj05Mpevy3fHnh0zMB8GA1UdIwQYMBaAFCS/o2NS+E8aj6Rp3rDoNugDWuRm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDNFOC8zRjFGMEREQUQy ODcxMUVBOUU3M0U2NDZDNEY5QUUwMi9KTC1qWTFMNFR4cVBwR25lc09nMjZBTmE1 R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pMLWpZMUw0VHhxUHBHbmVzT2cyNkFOYTVHWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQzRTgvM0YxRjBEREFEMjg3MTFFQTlFNzNFNjQ2QzRGOUFFMDIvNzI2MDNDRDZE Mjg4MTFFQUI3RDc5QTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBABnR4QDBABn5zYwDAMEAMpE0QMEAspE0AMEAMpE3AMEAcpE 3jANBgkqhkiG9w0BAQsFAAOCAQEAUGmaAAzpJeSwX5yebFTQg592+Ydz7AfXhfFO 4/cK1openxnqPqQRDhrQdpuOMX6akUu/cvHZcfd9WE7uLyPGppVfpRoMhFf5sB+g ddpy9pfJzANpofbK6ij0RLQeMopa21dlPqZYem04D7eONfWGBhTJIieyTA/M9/nJ +DukHqCH39/BAwej347BYsBOIADNlXDS71MBBAeKw+x/BITRrqKe1M2uObkBd4c5 Ez6FMAvSV45AE5v8tD4oUJKiEagMLwcEDQkuwbSi9uHVR8eULgcHHr4i6gsY0wXR uR92N8UQ5hPUAxhB4zjgOMLZJigNpShhpmXK/QGigGpt8uivuA== -----END CERTIFICATE-----Generated at Thu Jul 3 17:18:23 2025 by rpki-client