$ rpki-client -vvf rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/CD1F0EC07D4D11EBAE81AF83C4F9AE02.roa File: CD1F0EC07D4D11EBAE81AF83C4F9AE02.roa (raw, json) Hash identifier: Tn4IiKC/ehOcHKqem3Io6ZVpsXPRVKGONn1yIt6QObo= Subject key identifier: 2F:ED:CF:56:46:87:57:EC:79:59:51:8B:59:D7:82:73:A5:46:51:71 Certificate issuer: /CN=A91673ED/serialNumber=393566F441786D958D8A79118E8EF56FC872E5C5 Certificate serial: 067A Authority key identifier: 39:35:66:F4:41:78:6D:95:8D:8A:79:11:8E:8E:F5:6F:C8:72:E5:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OTVm9EF4bZWNinkRjo71b8hy5cU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/CD1F0EC07D4D11EBAE81AF83C4F9AE02.roa Signing time: Thu 22 May 2025 22:22:27 +0000 ROA not before: Thu 22 May 2025 22:22:27 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 56186 IP address blocks: 43.245.240.0/22 maxlen: 23 103.13.8.0/22 maxlen: 22 202.3.80.0/21 maxlen: 21 202.92.216.0/21 maxlen: 21 202.92.222.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.crl rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OTVm9EF4bZWNinkRjo71b8hy5cU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 22:37:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1658 (0x67a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91673ED, serialNumber=393566F441786D958D8A79118E8EF56FC872E5C5 Validity Not Before: May 22 22:22:27 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=682fa3a3-195a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f2:4d:29:4f:86:1b:b9:f0:10:b5:93:8e:54: 89:d3:7e:35:c7:8b:43:4a:5f:62:f8:85:8f:a3:4a: 43:c2:a7:1e:ec:f8:aa:76:9a:f1:1d:84:b0:d2:4c: 05:57:84:6a:45:0e:0a:16:85:90:b9:0f:c8:2d:e6: 32:92:07:ca:05:fb:ac:4c:49:4f:59:13:0a:ee:5c: 80:23:21:d6:e6:77:46:55:7f:c9:eb:69:37:fb:e4: a1:84:af:78:b7:a5:d5:84:75:32:5e:a9:b4:03:f8: da:6b:36:4e:58:6c:ae:5b:31:39:44:99:85:99:52: 8c:d3:15:13:72:bd:f9:7a:93:92:15:7a:8d:cb:35: 59:18:78:71:ed:46:4f:1e:1d:da:81:9d:0c:fc:28: 17:bb:80:b3:6f:0c:a6:10:a4:e3:21:3d:a5:95:ff: 2e:75:e3:ae:31:f6:55:56:21:e1:a7:da:42:b6:1b: 6a:fc:39:26:1b:08:08:2e:f2:09:99:86:f7:8f:dc: 60:72:46:5f:7b:66:68:71:37:1b:fd:c6:d0:c3:49: 1a:1f:a9:13:11:2b:70:06:12:ad:da:91:7d:c0:44: 0c:5d:25:4d:5a:6f:c8:25:dc:5a:83:db:08:2a:c4: 66:5d:64:7b:3b:aa:c4:58:f5:bc:19:43:0d:8f:f0: 6a:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:ED:CF:56:46:87:57:EC:79:59:51:8B:59:D7:82:73:A5:46:51:71 X509v3 Authority Key Identifier: keyid:39:35:66:F4:41:78:6D:95:8D:8A:79:11:8E:8E:F5:6F:C8:72:E5:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/OTVm9EF4bZWNinkRjo71b8hy5cU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OTVm9EF4bZWNinkRjo71b8hy5cU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91673ED/4D8FA20E7D4911EBA165737BC4F9AE02/CD1F0EC07D4D11EBAE81AF83C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.240.0/22 103.13.8.0/22 202.3.80.0/21 202.92.216.0/21 Signature Algorithm: sha256WithRSAEncryption 72:83:b3:1a:1c:c9:77:fa:99:ae:55:a0:22:41:71:1c:bd:85: 32:ff:4c:46:97:7a:5f:50:fa:b9:21:da:85:68:17:e4:62:fb: ae:e4:01:70:51:99:92:15:36:94:c9:1a:1c:24:e6:00:e2:5c: fd:51:98:7d:88:a3:ab:89:61:af:3c:53:7c:d5:a4:2d:27:17: 07:2d:82:2d:49:d4:e3:3f:13:82:8c:06:47:31:9b:7e:34:ca: a5:5b:64:57:e3:25:a5:42:33:6c:43:f5:ae:a0:ee:7f:bd:53: 67:0f:a6:5c:54:f9:1d:10:e9:2d:33:81:7f:74:34:3c:69:2d: 7e:72:4e:b6:27:aa:54:db:93:f9:58:e5:f6:85:54:08:91:b0: 72:b0:09:8a:97:24:14:8e:ff:01:b9:37:80:bf:51:35:87:8f: c8:73:55:fa:56:53:df:8e:81:aa:46:26:ea:aa:4c:e3:99:e4: a4:79:11:a1:5e:cd:50:f5:0b:4f:09:22:62:8d:19:82:30:38: 31:aa:8a:c2:99:90:b2:24:7c:5d:69:b7:f9:49:fa:8c:1c:9a: 57:a2:a5:29:65:a7:b6:59:63:ce:51:a3:41:a1:9d:47:36:49: 0c:e2:bb:e9:83:82:a8:5e:ed:21:95:06:71:e1:16:3e:be:c7: 70:c1:ff:9b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICBnowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjczRUQxMTAvBgNVBAUTKDM5MzU2NkY0NDE3ODZEOTU4RDhBNzkxMThFOEVGNTZG Qzg3MkU1QzUwHhcNMjUwNTIyMjIyMjI3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJmYTNhMy0xOTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsvJNKU+GG7nwELWTjlSJ0341x4tDSl9i+IWPo0pDwqce7PiqdprxHYSw0kwF V4RqRQ4KFoWQuQ/ILeYykgfKBfusTElPWRMK7lyAIyHW5ndGVX/J62k3++ShhK94 t6XVhHUyXqm0A/jaazZOWGyuWzE5RJmFmVKM0xUTcr35epOSFXqNyzVZGHhx7UZP Hh3agZ0M/CgXu4CzbwymEKTjIT2llf8udeOuMfZVViHhp9pCthtq/DkmGwgILvIJ mYb3j9xgckZfe2ZocTcb/cbQw0kaH6kTEStwBhKt2pF9wEQMXSVNWm/IJdxag9sI KsRmXWR7O6rEWPW8GUMNj/BqIQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFC/tz1ZG h1fseVlRi1nXgnOlRlFxMB8GA1UdIwQYMBaAFDk1ZvRBeG2VjYp5EY6O9W/IcuXF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NzNFRC80RDhGQTIwRTdE NDkxMUVCQTE2NTczN0JDNEY5QUUwMi9PVFZtOUVGNGJaV05pbmtSam83MWI4aHk1 Y1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09UVm05RUY0YlpXTmlua1JqbzcxYjhoeTVjVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjczRUQvNEQ4RkEyMEU3RDQ5MTFFQkExNjU3MzdCQzRGOUFFMDIvQ0QxRjBFQzA3 RDREMTFFQkFFODFBRjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAIr9fADBAJnDQgDBAPKA1ADBAPKXNgwDQYJKoZIhvcNAQEL BQADggEBAHKDsxocyXf6ma5VoCJBcRy9hTL/TEaXel9Q+rkh2oVoF+Ri+67kAXBR mZIVNpTJGhwk5gDiXP1RmH2Io6uJYa88U3zVpC0nFwctgi1J1OM/E4KMBkcxm340 yqVbZFfjJaVCM2xD9a6g7n+9U2cPplxU+R0Q6S0zgX90NDxpLX5yTrYnqlTbk/lY 5faFVAiRsHKwCYqXJBSO/wG5N4C/UTWHj8hzVfpWU9+OgapGJuqqTOOZ5KR5EaFe zVD1C08JImKNGYIwODGqisKZkLIkfF1pt/lJ+owcmleipSllp7ZZY85Ro0GhnUc2 SQziu+mDgqhe7SGVBnHhFj6+x3DB/5s= -----END CERTIFICATE-----Generated at Wed Jul 2 21:30:31 2025 by rpki-client