$ rpki-client -vvf rpki.apnic.net/member_repository/A91A91A2/8971309C7B1211EAA9210F60C4F9AE02/10238C387B1411EA8C690465C4F9AE02.roa File: 10238C387B1411EA8C690465C4F9AE02.roa (raw, json) Hash identifier: HX1z061ITJ/Mm5axSNQ3ySg9hGI3PSjhgq8jl6nzC3A= Subject key identifier: E4:DB:35:AF:17:C7:A0:8F:C0:69:30:1C:07:E3:97:BB:AA:21:8E:EE Certificate issuer: /CN=A91A91A2/serialNumber=6E926BCE619E4F500ABFA424FDB0764D258CAB53 Certificate serial: 09E5 Authority key identifier: 6E:92:6B:CE:61:9E:4F:50:0A:BF:A4:24:FD:B0:76:4D:25:8C:AB:53 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bpJrzmGeT1AKv6Qk_bB2TSWMq1M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A91A2/8971309C7B1211EAA9210F60C4F9AE02/10238C387B1411EA8C690465C4F9AE02.roa Signing time: Wed 30 Apr 2025 19:58:45 +0000 ROA not before: Wed 30 Apr 2025 19:58:45 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 136477 IP address blocks: 103.89.156.0/22 maxlen: 24 2400:f0c0::/32 maxlen: 36 2400:f0c0:1::/48 maxlen: 48 2400:f0c0:2::/48 maxlen: 48 2400:f0c0:3::/48 maxlen: 48 2400:f0c0:4::/48 maxlen: 48 2400:f0c0:5::/48 maxlen: 48 2400:f0c0:6::/48 maxlen: 48 2400:f0c0:7::/48 maxlen: 48 2400:f0c0:8::/48 maxlen: 48 2400:f0c0:9::/48 maxlen: 48 2400:f0c0:fce::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A91A2/8971309C7B1211EAA9210F60C4F9AE02/bpJrzmGeT1AKv6Qk_bB2TSWMq1M.crl rsync://rpki.apnic.net/member_repository/A91A91A2/8971309C7B1211EAA9210F60C4F9AE02/bpJrzmGeT1AKv6Qk_bB2TSWMq1M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bpJrzmGeT1AKv6Qk_bB2TSWMq1M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 20:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2533 (0x9e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A91A2, serialNumber=6E926BCE619E4F500ABFA424FDB0764D258CAB53 Validity Not Before: Apr 30 19:58:45 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681280f5-f995 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:57:ac:e3:83:15:75:f4:51:c8:e4:2c:7d:40: f8:9c:f1:f2:f3:6b:58:a5:7a:8f:19:69:75:47:dd: c1:cc:64:12:9e:ba:68:66:eb:05:37:99:39:3f:86: 16:c8:ce:36:e4:7f:92:96:a7:96:19:00:2c:41:d7: 80:db:fe:ca:0f:dc:9c:a8:0c:50:0d:ba:8c:a9:4d: 9d:b7:82:27:6b:6b:7c:81:f8:45:52:e0:89:2e:f0: d4:1a:84:79:b2:3f:b7:33:24:58:2c:67:f6:fa:f9: 8a:53:40:ed:87:43:b8:60:31:93:24:75:a9:c2:e1: ae:5c:15:d9:37:3b:96:7a:5e:35:11:c5:a5:dd:6e: c3:b0:87:75:ee:5f:23:79:2d:f9:62:af:0c:ae:2c: 8d:b9:e6:94:16:f9:c2:74:f3:55:ce:23:38:a3:dc: 2d:8e:1b:a5:b9:79:4a:13:87:e4:d1:aa:77:29:80: 8b:e9:37:a5:5c:fd:6b:47:cf:69:5d:54:69:33:1f: 4d:d4:bf:39:d4:d7:e6:61:c3:d4:09:ac:3c:f8:12: 24:2f:4d:a6:31:80:7c:fc:cc:fc:44:5e:f5:9a:fe: 25:b6:9b:85:13:de:ee:0f:96:ca:e3:09:e9:d2:0e: f6:31:e7:1f:d6:3d:7d:8c:ee:ea:25:b0:1a:4f:6b: e6:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:DB:35:AF:17:C7:A0:8F:C0:69:30:1C:07:E3:97:BB:AA:21:8E:EE X509v3 Authority Key Identifier: keyid:6E:92:6B:CE:61:9E:4F:50:0A:BF:A4:24:FD:B0:76:4D:25:8C:AB:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A91A2/8971309C7B1211EAA9210F60C4F9AE02/bpJrzmGeT1AKv6Qk_bB2TSWMq1M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bpJrzmGeT1AKv6Qk_bB2TSWMq1M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A91A2/8971309C7B1211EAA9210F60C4F9AE02/10238C387B1411EA8C690465C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.156.0/22 IPv6: 2400:f0c0::/32 Signature Algorithm: sha256WithRSAEncryption 08:1d:06:72:2b:a0:18:11:e7:fa:12:a5:c6:8f:af:51:e4:e4: 8a:70:f7:d0:45:72:88:ad:a7:f0:00:72:7c:a9:cc:1d:81:82: d8:ef:5c:6e:f2:65:4f:6a:b1:16:32:e0:ae:77:d2:71:f6:66: 1d:b9:6b:91:f5:ba:35:d0:07:d5:0b:d5:86:ac:39:31:5c:5b: 3a:0a:ed:03:3f:a7:89:aa:11:21:f1:3e:b0:f4:eb:71:2d:d5: 8e:33:aa:bf:61:66:83:c4:1e:77:2f:2b:cd:46:6c:04:19:41: 64:93:f7:6f:05:4e:1e:7b:af:aa:88:71:44:8e:25:1e:e7:ab: 43:e6:30:04:39:f4:0f:8d:63:4a:fb:44:ae:e1:15:a9:7c:1e: 2d:ee:b1:c0:5a:fc:ee:92:a3:2e:04:73:69:38:1f:ea:4c:80: 5e:b5:a7:11:5e:07:21:59:9e:5e:97:69:b2:a1:e5:2b:59:f6: 5b:5b:1d:88:6c:f0:b9:40:a5:81:30:c0:84:bc:b3:9b:4d:c6: e5:f0:3e:1a:b8:e9:8a:06:f1:ef:f3:ce:6b:89:1d:88:f2:ce: d3:92:3a:0a:2d:9c:bc:55:93:a3:0e:6f:96:cf:32:79:fc:38: e3:1e:d1:8f:d5:76:6f:c0:b2:a7:b4:11:fd:bf:7c:1a:d0:8b: 71:9a:90:68 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTkxQTIxMTAvBgNVBAUTKDZFOTI2QkNFNjE5RTRGNTAwQUJGQTQyNEZEQjA3NjRE MjU4Q0FCNTMwHhcNMjUwNDMwMTk1ODQ1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODEyODBmNS1mOTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3Fes44MVdfRRyOQsfUD4nPHy82tYpXqPGWl1R93BzGQSnrpoZusFN5k5P4YW yM425H+SlqeWGQAsQdeA2/7KD9ycqAxQDbqMqU2dt4Ina2t8gfhFUuCJLvDUGoR5 sj+3MyRYLGf2+vmKU0Dth0O4YDGTJHWpwuGuXBXZNzuWel41EcWl3W7DsId17l8j eS35Yq8MriyNueaUFvnCdPNVziM4o9wtjhuluXlKE4fk0ap3KYCL6TelXP1rR89p XVRpMx9N1L851NfmYcPUCaw8+BIkL02mMYB8/Mz8RF71mv4ltpuFE97uD5bK4wnp 0g72Mecf1j19jO7qJbAaT2vmeQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOTbNa8X x6CPwGkwHAfjl7uqIY7uMB8GA1UdIwQYMBaAFG6Sa85hnk9QCr+kJP2wdk0ljKtT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOTFBMi84OTcxMzA5QzdC MTIxMUVBQTkyMTBGNjBDNEY5QUUwMi9icEpyem1HZVQxQUt2NlFrX2JCMlRTV01x MU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JwSnJ6bUdlVDFBS3Y2UWtfYkIyVFNXTXExTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTkxQTIvODk3MTMwOUM3QjEyMTFFQUE5MjEwRjYwQzRGOUFFMDIvMTAyMzhDMzg3 QjE0MTFFQThDNjkwNDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnWZwwDQQCAAIwBwMFACQA8MAwDQYJKoZIhvcNAQELBQAD ggEBAAgdBnIroBgR5/oSpcaPr1Hk5Ipw99BFcoitp/AAcnypzB2BgtjvXG7yZU9q sRYy4K530nH2Zh25a5H1ujXQB9UL1YasOTFcWzoK7QM/p4mqESHxPrD063Et1Y4z qr9hZoPEHncvK81GbAQZQWST928FTh57r6qIcUSOJR7nq0PmMAQ59A+NY0r7RK7h Fal8Hi3uscBa/O6Soy4Ec2k4H+pMgF61pxFeByFZnl6XabKh5StZ9ltbHYhs8LlA pYEwwIS8s5tNxuXwPhq46YoG8e/zzmuJHYjyztOSOgotnLxVk6MOb5bPMnn8OOMe 0Y/Vdm/Asqe0Ef2/fBrQi3GakGg= -----END CERTIFICATE-----Generated at Thu May 15 06:49:43 2025 by rpki-client