$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6289DC0452A811F08D69FB63C4F9AE02.roa File: 6289DC0452A811F08D69FB63C4F9AE02.roa (raw, json) Hash identifier: sp9IYpFweC1yMeQwKbqyuVyOlySCgp1EtVwqB4gt4sI= Subject key identifier: 69:DF:59:2C:1E:89:31:03:9C:FC:25:90:C1:DF:EC:AD:BC:C8:94:5F Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206 Certificate serial: 38FB Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6289DC0452A811F08D69FB63C4F9AE02.roa Signing time: Thu 26 Jun 2025 16:13:27 +0000 ROA not before: Thu 26 Jun 2025 16:13:27 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 0 IP address blocks: 111.88.96.0/19 maxlen: 24 111.88.128.0/21 maxlen: 24 111.88.140.0/22 maxlen: 24 111.88.160.0/21 maxlen: 24 111.88.172.0/22 maxlen: 24 111.88.176.0/21 maxlen: 24 111.88.192.0/19 maxlen: 24 111.88.224.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 14:34:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14587 (0x38fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C83B, serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206 Validity Not Before: Jun 26 16:13:27 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=685d71a7-da09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:00:3d:b0:37:27:4a:bc:6f:fd:60:86:b8:7a: 8c:f3:b2:43:ac:3c:cf:8b:64:fb:8e:e5:2b:a2:a5: 16:26:e0:88:59:1a:89:e6:4e:be:b1:63:98:01:9d: ce:01:57:5b:e3:15:8e:b4:1f:bd:1c:85:f1:ab:45: e4:6c:f1:d9:07:db:69:61:69:0f:ba:fa:cf:f9:cd: 93:91:44:ce:d4:64:a9:43:ee:b9:46:e6:c5:ba:10: e2:6a:96:72:5d:ac:35:0a:e9:c0:ad:23:9b:e2:81: 1c:5e:74:f1:7b:77:16:3c:c1:01:dc:5b:d4:cb:78: db:f0:8f:08:e2:31:3f:1d:3b:ce:80:18:f5:aa:b3: 49:68:cc:6f:fc:2f:58:04:c5:07:2e:c3:53:f2:82: a4:d3:e2:c3:f9:d0:47:1c:1d:1b:36:e1:73:de:55: 9e:00:19:d6:c6:23:b5:12:7f:55:0f:a5:34:b7:9f: b1:82:5a:62:07:ba:77:fc:21:9a:e4:3d:51:86:18: 50:9e:5e:13:94:f2:e8:11:4d:1d:34:15:03:b2:8c: cd:93:90:97:9c:28:3f:9c:c3:69:6f:8a:6f:10:8b: 39:d9:14:49:2e:54:24:2f:14:3b:ab:44:5b:fe:b2: d1:f7:16:1c:d5:0b:ca:03:b7:e4:f4:5b:4a:a1:33: a3:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:DF:59:2C:1E:89:31:03:9C:FC:25:90:C1:DF:EC:AD:BC:C8:94:5F X509v3 Authority Key Identifier: keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6289DC0452A811F08D69FB63C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 111.88.96.0-111.88.135.255 111.88.140.0/22 111.88.160.0/21 111.88.172.0-111.88.183.255 111.88.192.0-111.88.231.255 Signature Algorithm: sha256WithRSAEncryption 5c:13:2a:f8:6b:bb:94:17:a9:19:15:9b:a8:19:bb:ac:52:f6: 24:a2:19:af:d4:17:cc:27:e4:13:58:bd:0f:e0:67:67:47:c1: 48:63:3e:55:2d:1b:be:93:21:5f:60:50:46:87:4d:ce:55:c6: 44:db:55:15:67:8b:75:2e:ec:9c:06:12:24:01:83:6c:9f:bb: 51:fd:99:dd:99:b3:fb:af:b3:6b:a2:f6:84:a4:b8:cd:dd:30: 6c:60:84:52:74:ef:01:4c:4f:bd:84:84:c8:66:6f:76:33:4f: 40:1f:bc:a8:84:77:9f:f8:96:68:64:fd:1d:e6:c1:83:ca:65: 81:94:64:9d:bc:65:db:7a:65:a7:e6:ce:82:e3:fc:d7:d4:03: d1:b7:e1:a7:a4:57:10:d5:99:bb:20:58:d0:12:84:71:40:2e: 7a:61:96:8b:e5:2a:72:b9:d6:1e:62:ea:6a:aa:6a:98:9d:9a: e1:1a:a3:32:ea:38:68:bd:09:cf:c7:87:5e:d6:8d:e5:52:0a: de:b8:7a:93:00:9b:88:c2:e0:7e:13:8e:2a:99:ff:9b:66:f3: f0:82:18:95:fe:74:7b:c8:e9:28:75:b2:52:39:1a:93:15:f7: 5c:73:0b:76:9b:33:01:6d:18:4b:bd:40:6d:ad:08:12:a2:74: 7f:ac:4b:d0 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgICOPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE RDIxRkUyMDYwHhcNMjUwNjI2MTYxMzI3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODVkNzFhNy1kYTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtAA9sDcnSrxv/WCGuHqM87JDrDzPi2T7juUroqUWJuCIWRqJ5k6+sWOYAZ3O AVdb4xWOtB+9HIXxq0XkbPHZB9tpYWkPuvrP+c2TkUTO1GSpQ+65RubFuhDiapZy Xaw1CunArSOb4oEcXnTxe3cWPMEB3FvUy3jb8I8I4jE/HTvOgBj1qrNJaMxv/C9Y BMUHLsNT8oKk0+LD+dBHHB0bNuFz3lWeABnWxiO1En9VD6U0t5+xglpiB7p3/CGa 5D1RhhhQnl4TlPLoEU0dNBUDsozNk5CXnCg/nMNpb4pvEIs52RRJLlQkLxQ7q0Rb /rLR9xYc1QvKA7fk9FtKoTOjrwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFGnfWSwe iTEDnPwlkMHf7K28yJRfMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0 Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvNjI4OURDMDQ1 MkE4MTFGMDhENjlGQjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E QDA+MDwEAgABMDYwDAMEBW9YYAMEA29YgAMEAm9YjAMEA29YoDAMAwQCb1isAwQD b1iwMAwDBAZvWMADBANvWOAwDQYJKoZIhvcNAQELBQADggEBAFwTKvhru5QXqRkV m6gZu6xS9iSiGa/UF8wn5BNYvQ/gZ2dHwUhjPlUtG76TIV9gUEaHTc5VxkTbVRVn i3Uu7JwGEiQBg2yfu1H9md2Zs/uvs2ui9oSkuM3dMGxghFJ07wFMT72EhMhmb3Yz T0AfvKiEd5/4lmhk/R3mwYPKZYGUZJ28Zdt6ZafmzoLj/NfUA9G34aekVxDVmbsg WNAShHFALnphlovlKnK51h5i6mqqapidmuEaozLqOGi9Cc/Hh17WjeVSCt64epMA m4jC4H4TjiqZ/5tm8/CCGJX+dHvI6Sh1slI5GpMV91xzC3abMwFtGEu9QG2tCBKi dH+sS9A= -----END CERTIFICATE-----Generated at Tue Jul 1 20:25:31 2025 by rpki-client