$ rpki-client -vvf rpki.apnic.net/member_repository/A9168B4A/0ADB17C0800A11E89B483E7CC4F9AE02/98A0F2BE450611F093EC3A65C4F9AE02.roa File: 98A0F2BE450611F093EC3A65C4F9AE02.roa (raw, json) Hash identifier: f5/gUCwqOpMCK4GYyGqiPv2/oXpTQJ2o+a2iDQx14Ko= Subject key identifier: D6:4C:E7:AA:F0:B5:90:33:A3:09:C1:8A:6E:CF:22:74:EA:5A:C2:AC Certificate issuer: /CN=A9168B4A/serialNumber=AF02511F7C80DFC0E8ED506F6630F67BD6400E09 Certificate serial: 143B Authority key identifier: AF:02:51:1F:7C:80:DF:C0:E8:ED:50:6F:66:30:F6:7B:D6:40:0E:09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rwJRH3yA38Do7VBvZjD2e9ZADgk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9168B4A/0ADB17C0800A11E89B483E7CC4F9AE02/98A0F2BE450611F093EC3A65C4F9AE02.roa Signing time: Wed 02 Jul 2025 17:25:32 +0000 ROA not before: Wed 02 Jul 2025 17:25:32 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 40779 IP address blocks: 103.106.188.0/22 maxlen: 24 103.116.244.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9168B4A/0ADB17C0800A11E89B483E7CC4F9AE02/rwJRH3yA38Do7VBvZjD2e9ZADgk.crl rsync://rpki.apnic.net/member_repository/A9168B4A/0ADB17C0800A11E89B483E7CC4F9AE02/rwJRH3yA38Do7VBvZjD2e9ZADgk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rwJRH3yA38Do7VBvZjD2e9ZADgk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 17:25:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5179 (0x143b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9168B4A, serialNumber=AF02511F7C80DFC0E8ED506F6630F67BD6400E09 Validity Not Before: Jul 2 17:25:32 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68656b8c-3f77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:f8:32:8f:bf:be:29:6b:1d:49:2d:d3:7c:8d: f9:25:0f:9d:25:b8:e0:c1:9f:8c:51:d5:ae:1a:81: ee:f1:31:ab:fd:c4:02:78:32:49:00:dc:b1:79:75: 24:6c:d5:5d:be:5d:19:eb:a8:e5:34:8f:ed:68:41: 1c:99:95:59:f1:b9:90:cb:9c:ce:62:2f:d2:b3:9f: 9f:1e:dc:9d:fc:22:ef:36:ed:2f:2d:a0:0f:a5:42: dc:99:74:f5:c0:5c:b1:ef:94:40:21:b1:e9:94:b9: dd:b9:81:ef:4b:71:3a:fa:ba:63:92:74:42:1e:37: b8:4d:04:9b:55:fc:42:b6:4d:d4:03:ff:89:f5:ba: 54:f1:10:04:c8:b8:9c:c5:d4:ec:86:11:55:66:46: b9:46:5b:86:52:2f:74:9a:37:2e:9e:22:a6:32:54: 21:56:41:bc:86:4b:30:45:50:78:c7:b7:5c:d9:20: b1:06:b2:bc:00:57:6b:88:1f:26:11:9d:14:0c:89: 43:ab:11:9e:54:dc:81:37:e0:7e:29:93:fd:ac:41: da:df:48:10:11:39:de:e4:a2:79:dd:9a:a7:7e:08: 17:7e:45:6b:db:79:d6:de:84:63:59:6e:49:a5:ef: c5:b8:a8:fd:cd:3d:68:ac:f1:53:02:59:d4:c7:33: 9b:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:4C:E7:AA:F0:B5:90:33:A3:09:C1:8A:6E:CF:22:74:EA:5A:C2:AC X509v3 Authority Key Identifier: keyid:AF:02:51:1F:7C:80:DF:C0:E8:ED:50:6F:66:30:F6:7B:D6:40:0E:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9168B4A/0ADB17C0800A11E89B483E7CC4F9AE02/rwJRH3yA38Do7VBvZjD2e9ZADgk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rwJRH3yA38Do7VBvZjD2e9ZADgk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168B4A/0ADB17C0800A11E89B483E7CC4F9AE02/98A0F2BE450611F093EC3A65C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.106.188.0/22 103.116.244.0/22 Signature Algorithm: sha256WithRSAEncryption 89:14:3a:92:94:06:0d:10:76:81:92:39:20:d6:81:e1:81:18: d3:82:7d:75:e8:82:f4:8e:fd:80:50:64:a7:a3:1d:f9:0b:cb: 47:be:6a:df:12:c8:7a:88:30:ff:50:15:06:82:6b:26:1c:79: 93:00:82:f9:8f:29:85:25:43:83:3f:9f:11:18:1f:a9:02:d6: 07:a7:b0:c9:ef:97:b9:16:54:bc:d4:52:a8:f5:74:ed:83:dc: fa:eb:2e:88:5c:d8:55:25:bd:e2:c9:a5:e8:98:db:3c:ad:43: 74:2a:1e:97:5e:1d:ac:f2:49:00:45:a4:29:38:93:2b:11:b3: 2a:43:64:ec:46:8a:10:8a:cc:9d:dc:dd:ff:ed:e1:51:b1:d9: 28:dc:94:43:7a:79:25:86:48:4c:22:79:95:78:01:75:7c:73: 84:eb:96:a1:1a:d0:b2:63:c9:eb:41:13:72:38:93:2d:69:c2: 35:a9:41:fd:6e:2a:dd:4a:a0:b0:ff:ed:90:32:0d:8e:be:b4: bc:64:bc:40:cc:3d:34:ba:58:c8:75:5f:53:9d:0a:57:d1:eb: ab:e6:ed:6a:e8:c3:5e:4a:a5:07:5a:a6:c9:d1:ef:47:47:5b: 32:75:87:e8:1a:1e:d5:53:50:fa:01:89:a0:36:b7:8d:cb:a2: d0:20:8e:3f -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICFDswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjhCNEExMTAvBgNVBAUTKEFGMDI1MTFGN0M4MERGQzBFOEVENTA2RjY2MzBGNjdC RDY0MDBFMDkwHhcNMjUwNzAyMTcyNTMyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY1NmI4Yy0zZjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAufgyj7++KWsdSS3TfI35JQ+dJbjgwZ+MUdWuGoHu8TGr/cQCeDJJANyxeXUk bNVdvl0Z66jlNI/taEEcmZVZ8bmQy5zOYi/Ss5+fHtyd/CLvNu0vLaAPpULcmXT1 wFyx75RAIbHplLnduYHvS3E6+rpjknRCHje4TQSbVfxCtk3UA/+J9bpU8RAEyLic xdTshhFVZka5RluGUi90mjcuniKmMlQhVkG8hkswRVB4x7dc2SCxBrK8AFdriB8m EZ0UDIlDqxGeVNyBN+B+KZP9rEHa30gQETne5KJ53ZqnfggXfkVr23nW3oRjWW5J pe/FuKj9zT1orPFTAlnUxzOb2QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNZM56rw tZAzownBim7PInTqWsKsMB8GA1UdIwQYMBaAFK8CUR98gN/A6O1Qb2Yw9nvWQA4J MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OEI0QS8wQURCMTdDMDgw MEExMUU4OUI0ODNFN0NDNEY5QUUwMi9yd0pSSDN5QTM4RG83VkJ2WmpEMmU5WkFE Z2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3J3SlJIM3lBMzhEbzdWQnZaakQyZTlaQURnay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjhCNEEvMEFEQjE3QzA4MDBBMTFFODlCNDgzRTdDQzRGOUFFMDIvOThBMEYyQkU0 NTA2MTFGMDkzRUMzQTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnarwDBAJndPQwDQYJKoZIhvcNAQELBQADggEBAIkUOpKU Bg0QdoGSOSDWgeGBGNOCfXXogvSO/YBQZKejHfkLy0e+at8SyHqIMP9QFQaCayYc eZMAgvmPKYUlQ4M/nxEYH6kC1gensMnvl7kWVLzUUqj1dO2D3PrrLohc2FUlveLJ peiY2zytQ3QqHpdeHazySQBFpCk4kysRsypDZOxGihCKzJ3c3f/t4VGx2SjclEN6 eSWGSEwieZV4AXV8c4TrlqEa0LJjyetBE3I4ky1pwjWpQf1uKt1KoLD/7ZAyDY6+ tLxkvEDMPTS6WMh1X1OdClfR66vm7Wrow15KpQdapsnR70dHWzJ1h+gaHtVTUPoB iaA2t43LotAgjj8= -----END CERTIFICATE-----Generated at Thu Jul 3 00:33:14 2025 by rpki-client