$ rpki-client -vvf rpki.apnic.net/member_repository/A917C4E2/9879242612A911EBB0B65F7AC4F9AE02/AB9A3F46135211EB83A5A869C4F9AE02.roa File: AB9A3F46135211EB83A5A869C4F9AE02.roa (raw, json) Hash identifier: yvnjwOTgzgeBoIFWnP+qrRUckU6QqKEjOZnd2PgnU28= Subject key identifier: 4F:BD:2A:3C:9A:5B:69:E3:E1:0C:A3:36:5F:C4:26:12:B0:02:3F:DF Certificate issuer: /CN=A917C4E2/serialNumber=8C9968A09400F322F49598E27511FCE1B8F88BF5 Certificate serial: 078F Authority key identifier: 8C:99:68:A0:94:00:F3:22:F4:95:98:E2:75:11:FC:E1:B8:F8:8B:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jJlooJQA8yL0lZjidRH84bj4i_U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C4E2/9879242612A911EBB0B65F7AC4F9AE02/AB9A3F46135211EB83A5A869C4F9AE02.roa Signing time: Wed 18 Jun 2025 21:49:03 +0000 ROA not before: Wed 18 Jun 2025 21:49:03 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 135356 IP address blocks: 45.251.108.0/24 maxlen: 24 45.251.109.0/24 maxlen: 24 45.251.110.0/24 maxlen: 24 45.251.111.0/24 maxlen: 24 103.220.76.0/24 maxlen: 24 103.220.77.0/24 maxlen: 24 103.220.78.0/24 maxlen: 24 103.220.79.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C4E2/9879242612A911EBB0B65F7AC4F9AE02/jJlooJQA8yL0lZjidRH84bj4i_U.crl rsync://rpki.apnic.net/member_repository/A917C4E2/9879242612A911EBB0B65F7AC4F9AE02/jJlooJQA8yL0lZjidRH84bj4i_U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jJlooJQA8yL0lZjidRH84bj4i_U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 21:40:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1935 (0x78f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C4E2, serialNumber=8C9968A09400F322F49598E27511FCE1B8F88BF5 Validity Not Before: Jun 18 21:49:03 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6853344f-b551 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:62:9f:d5:7a:ed:d8:4c:8a:eb:86:01:3e:a2: f8:03:ec:69:b0:c8:4b:ba:3e:2c:29:29:07:98:0d: 03:36:63:83:ff:61:b7:15:0c:9c:27:f7:a3:41:0f: d9:06:19:99:43:b5:44:e6:f1:83:de:fe:b0:11:7e: b1:04:51:54:76:72:3c:25:a4:77:b3:76:ca:14:f6: e7:96:93:d7:3d:c4:3e:bc:2d:7a:70:f9:da:00:b3: 3c:f5:ec:ea:05:a6:8c:5d:d2:a0:d5:4a:29:99:41: 35:24:a9:42:5f:53:d8:a6:3b:b3:c2:14:0b:4a:2e: 6a:04:66:e0:b6:0b:29:1c:b8:1d:c8:2e:17:6e:27: 2a:98:61:37:11:1e:09:c6:e5:fe:b5:2a:5f:58:8d: bb:02:c4:33:09:62:ae:91:75:b1:04:2b:ae:91:e3: 2d:69:16:c3:94:a8:d2:f1:41:31:d4:00:0d:ef:60: 99:9c:d5:6b:56:80:9f:87:e4:a5:83:8a:85:0d:17: a4:d5:ad:f5:02:67:8d:ac:78:ae:18:a3:55:85:92: 84:04:b3:ab:66:f0:c2:6c:df:27:36:18:6b:f9:6e: 9b:50:85:05:f3:12:71:0b:dd:83:84:e8:3f:28:c0: d5:58:29:e2:d2:45:53:aa:1a:17:73:55:17:cd:e0: fb:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:BD:2A:3C:9A:5B:69:E3:E1:0C:A3:36:5F:C4:26:12:B0:02:3F:DF X509v3 Authority Key Identifier: keyid:8C:99:68:A0:94:00:F3:22:F4:95:98:E2:75:11:FC:E1:B8:F8:8B:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C4E2/9879242612A911EBB0B65F7AC4F9AE02/jJlooJQA8yL0lZjidRH84bj4i_U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jJlooJQA8yL0lZjidRH84bj4i_U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C4E2/9879242612A911EBB0B65F7AC4F9AE02/AB9A3F46135211EB83A5A869C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.251.108.0/22 103.220.76.0/22 Signature Algorithm: sha256WithRSAEncryption 47:a9:8f:8c:7b:50:d8:f3:0e:ef:a3:4a:8b:e1:42:29:60:b8: 02:8d:e9:6c:1b:6b:10:d4:41:0c:5a:39:47:06:5f:b2:5c:d4: 9a:fe:2f:70:9b:50:d3:df:7b:ec:49:90:3b:f9:36:aa:e7:c1: 7b:37:8b:d8:76:56:59:4a:0e:d2:58:26:ea:cf:01:45:fe:77: 32:f5:58:76:d9:1e:20:c0:16:6d:37:59:6c:85:54:3c:cb:5a: 7f:ad:62:14:d4:cb:a2:06:22:49:84:5d:1e:58:a5:ef:9d:91: 58:dc:c7:c1:99:d0:f9:d0:fb:bb:1c:c7:6f:d6:e0:fb:ef:6d: 17:14:cb:67:c5:69:b8:ae:76:9b:27:27:cc:ee:fb:e7:c5:76: a7:91:fe:5d:18:a6:7f:19:b8:7b:2a:8e:0e:9d:c4:ec:31:1b: 14:09:9a:d5:08:58:f6:8e:bc:ff:b0:c9:9e:f0:76:39:40:5b: dc:06:c8:ef:5b:e3:bf:92:54:7e:a3:db:9d:ef:a4:65:d3:16: 64:39:ca:6e:4f:e8:be:d3:73:7e:e1:e7:0f:77:8f:6e:88:2f: c1:5a:90:91:85:fe:55:e4:93:03:c1:92:6f:e9:c3:44:27:00: 68:51:46:e3:ef:93:01:da:bc:d5:9a:05:92:8b:90:2a:21:9e: ae:6d:98:d6 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICB48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M0RTIxMTAvBgNVBAUTKDhDOTk2OEEwOTQwMEYzMjJGNDk1OThFMjc1MTFGQ0Ux QjhGODhCRjUwHhcNMjUwNjE4MjE0OTAzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODUzMzQ0Zi1iNTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArGKf1Xrt2EyK64YBPqL4A+xpsMhLuj4sKSkHmA0DNmOD/2G3FQycJ/ejQQ/Z BhmZQ7VE5vGD3v6wEX6xBFFUdnI8JaR3s3bKFPbnlpPXPcQ+vC16cPnaALM89ezq BaaMXdKg1UopmUE1JKlCX1PYpjuzwhQLSi5qBGbgtgspHLgdyC4XbicqmGE3ER4J xuX+tSpfWI27AsQzCWKukXWxBCuukeMtaRbDlKjS8UEx1AAN72CZnNVrVoCfh+Sl g4qFDRek1a31AmeNrHiuGKNVhZKEBLOrZvDCbN8nNhhr+W6bUIUF8xJxC92DhOg/ KMDVWCni0kVTqhoXc1UXzeD7FQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFE+9Kjya W2nj4QyjNl/EJhKwAj/fMB8GA1UdIwQYMBaAFIyZaKCUAPMi9JWY4nUR/OG4+Iv1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzRFMi85ODc5MjQyNjEy QTkxMUVCQjBCNjVGN0FDNEY5QUUwMi9qSmxvb0pRQTh5TDBsWmppZFJIODRiajRp X1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2pKbG9vSlFBOHlMMGxaamlkUkg4NGJqNGlfVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0M0RTIvOTg3OTI0MjYxMkE5MTFFQkIwQjY1RjdBQzRGOUFFMDIvQUI5QTNGNDYx MzUyMTFFQjgzQTVBODY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIt+2wDBAJn3EwwDQYJKoZIhvcNAQELBQADggEBAEepj4x7 UNjzDu+jSovhQilguAKN6WwbaxDUQQxaOUcGX7Jc1Jr+L3CbUNPfe+xJkDv5Nqrn wXs3i9h2VllKDtJYJurPAUX+dzL1WHbZHiDAFm03WWyFVDzLWn+tYhTUy6IGIkmE XR5Ype+dkVjcx8GZ0PnQ+7scx2/W4PvvbRcUy2fFabiudpsnJ8zu++fFdqeR/l0Y pn8ZuHsqjg6dxOwxGxQJmtUIWPaOvP+wyZ7wdjlAW9wGyO9b47+SVH6j253vpGXT FmQ5ym5P6L7Tc37h5w93j26IL8FakJGF/lXkkwPBkm/pw0QnAGhRRuPvkwHavNWa BZKLkCohnq5tmNY= -----END CERTIFICATE-----Generated at Fri Jul 4 00:52:00 2025 by rpki-client