$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/708DE4A87AB011E8B7AB0E53C4F9AE02.roa File: 708DE4A87AB011E8B7AB0E53C4F9AE02.roa (raw, json) Hash identifier: 4Q+SEdvBQGfYmmHeFRyy/2R/EHACTjORm2A/+Pw5UxE= Subject key identifier: B3:FF:0B:E7:39:77:4E:99:1E:EB:0A:19:75:A9:90:A9:7D:17:C6:5C Certificate issuer: /CN=A917D9FC/serialNumber=7A6E30210642CF4FBB4173F352748E1EA5C2C7C3 Certificate serial: 1829 Authority key identifier: 7A:6E:30:21:06:42:CF:4F:BB:41:73:F3:52:74:8E:1E:A5:C2:C7:C3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/em4wIQZCz0-7QXPzUnSOHqXCx8M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/708DE4A87AB011E8B7AB0E53C4F9AE02.roa Signing time: Wed 30 Apr 2025 16:55:09 +0000 ROA not before: Wed 30 Apr 2025 16:55:09 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 134137 IP address blocks: 103.55.0.0/24 maxlen: 24 103.55.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/em4wIQZCz0-7QXPzUnSOHqXCx8M.crl rsync://rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/em4wIQZCz0-7QXPzUnSOHqXCx8M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/em4wIQZCz0-7QXPzUnSOHqXCx8M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 16:29:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6185 (0x1829) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D9FC, serialNumber=7A6E30210642CF4FBB4173F352748E1EA5C2C7C3 Validity Not Before: Apr 30 16:55:09 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681255ed-35b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f4:52:6c:9e:af:ad:7d:fb:cb:da:60:bb:71: 36:65:a3:81:39:71:23:ff:fe:d5:32:de:97:7a:26: 5f:0a:bd:77:c7:70:4d:f6:0f:e4:db:7f:cc:94:f4: 5e:9d:89:f0:91:bb:c2:ca:45:0c:0e:43:aa:7d:fa: 0f:3b:0f:dc:0e:28:64:3c:98:ff:2b:a8:d6:8e:36: 2b:2a:fd:ad:f7:97:72:66:96:3a:19:ca:4d:dc:d7: 20:66:4a:c8:3f:88:a0:93:9e:3a:3b:2f:45:82:9a: 58:b5:29:6b:43:e6:b9:2b:31:5f:60:74:fb:24:1c: cf:94:f7:da:18:d6:c2:38:77:44:51:3a:9a:47:e9: 23:d5:cf:3c:05:41:f8:4b:69:bb:fe:9d:80:cc:da: e1:5f:b6:d5:34:86:5e:f6:33:04:a8:0d:45:09:bc: f1:99:c4:38:11:4a:c0:55:66:53:c4:e5:f3:aa:83: 9b:af:d6:0e:35:48:c1:e8:1d:4d:31:36:93:50:ef: 47:da:c9:a9:cf:c5:90:37:8a:b0:4e:2f:ad:a6:6b: a6:1c:41:2a:20:04:88:20:7c:d7:d9:97:17:42:07: 95:61:02:1c:a1:e2:02:ef:e6:db:99:38:ff:61:55: e7:3d:9f:05:ed:4b:7c:55:14:bc:89:55:d4:59:f6: f6:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:FF:0B:E7:39:77:4E:99:1E:EB:0A:19:75:A9:90:A9:7D:17:C6:5C X509v3 Authority Key Identifier: keyid:7A:6E:30:21:06:42:CF:4F:BB:41:73:F3:52:74:8E:1E:A5:C2:C7:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/em4wIQZCz0-7QXPzUnSOHqXCx8M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/em4wIQZCz0-7QXPzUnSOHqXCx8M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9FC/C6B034AAB89911E7B269B850C4F9AE02/708DE4A87AB011E8B7AB0E53C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.55.0.0/24 103.55.3.0/24 Signature Algorithm: sha256WithRSAEncryption 92:ee:f7:0c:a9:ae:53:88:b0:b0:c0:aa:b5:dc:97:62:9f:2d: 73:74:1f:66:c5:59:d2:42:b8:a6:5e:bc:1e:64:74:72:11:42: cd:5b:b7:63:0d:21:ea:1d:58:72:ee:7e:a7:1e:d1:66:81:4e: 21:fb:85:cb:17:8d:78:ea:f0:13:98:d4:62:18:fc:4f:dc:1b: 67:37:93:cf:df:0c:a3:b4:11:34:f9:ef:8f:92:50:30:a3:29: 49:12:57:62:71:16:5f:ec:58:c2:32:f1:3d:cf:53:fc:36:4b: fd:ce:47:b5:d7:e2:3b:dc:c3:a9:65:39:ca:94:1f:a6:7c:db: b8:31:ec:7e:ce:08:23:c5:f6:d7:86:92:81:4f:f9:28:30:ab: f9:d0:4d:17:f3:db:7e:9a:5d:09:03:60:97:95:f2:82:cb:56: dd:4a:3e:c0:2d:f8:0a:ef:35:2f:b4:70:42:ef:88:89:69:31: e8:5b:17:cc:30:e5:16:f8:a3:3b:89:46:3f:fd:c1:e4:b9:b0: 99:41:ee:ef:ba:ad:53:7a:34:58:ba:36:bd:bf:e9:3f:16:23: 2f:aa:29:90:01:d3:52:84:0f:40:e2:7d:c9:3e:cd:71:71:e6: 57:9a:ac:16:8c:46:2e:24:d4:ed:b4:30:7d:ea:c2:6b:2d:26: 66:ec:5f:52 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICGCkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q5RkMxMTAvBgNVBAUTKDdBNkUzMDIxMDY0MkNGNEZCQjQxNzNGMzUyNzQ4RTFF QTVDMkM3QzMwHhcNMjUwNDMwMTY1NTA5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODEyNTVlZC0zNWI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArvRSbJ6vrX37y9pgu3E2ZaOBOXEj//7VMt6XeiZfCr13x3BN9g/k23/MlPRe nYnwkbvCykUMDkOqffoPOw/cDihkPJj/K6jWjjYrKv2t95dyZpY6GcpN3NcgZkrI P4igk546Oy9FgppYtSlrQ+a5KzFfYHT7JBzPlPfaGNbCOHdEUTqaR+kj1c88BUH4 S2m7/p2AzNrhX7bVNIZe9jMEqA1FCbzxmcQ4EUrAVWZTxOXzqoObr9YONUjB6B1N MTaTUO9H2smpz8WQN4qwTi+tpmumHEEqIASIIHzX2ZcXQgeVYQIcoeIC7+bbmTj/ YVXnPZ8F7Ut8VRS8iVXUWfb2eQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLP/C+c5 d06ZHusKGXWpkKl9F8ZcMB8GA1UdIwQYMBaAFHpuMCEGQs9Pu0Fz81J0jh6lwsfD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlGQy9DNkIwMzRBQUI4 OTkxMUU3QjI2OUI4NTBDNEY5QUUwMi9lbTR3SVFaQ3owLTdRWFB6VW5TT0hxWEN4 OE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VtNHdJUVpDejAtN1FYUHpVblNPSHFYQ3g4TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0Q5RkMvQzZCMDM0QUFCODk5MTFFN0IyNjlCODUwQzRGOUFFMDIvNzA4REU0QTg3 QUIwMTFFOEI3QUIwRTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBABnNwADBABnNwMwDQYJKoZIhvcNAQELBQADggEBAJLu9wyp rlOIsLDAqrXcl2KfLXN0H2bFWdJCuKZevB5kdHIRQs1bt2MNIeodWHLufqce0WaB TiH7hcsXjXjq8BOY1GIY/E/cG2c3k8/fDKO0ETT574+SUDCjKUkSV2JxFl/sWMIy 8T3PU/w2S/3OR7XX4jvcw6llOcqUH6Z827gx7H7OCCPF9teGkoFP+Sgwq/nQTRfz 236aXQkDYJeV8oLLVt1KPsAt+ArvNS+0cELviIlpMehbF8ww5Rb4ozuJRj/9weS5 sJlB7u+6rVN6NFi6Nr2/6T8WIy+qKZAB01KED0Difck+zXFx5learBaMRi4k1O20 MH3qwmstJmbsX1I= -----END CERTIFICATE-----Generated at Tue May 13 11:13:28 2025 by rpki-client