$ rpki-client -vvf rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/E86E188A795F11EFBF3B491CC4F9AE02.roa File: E86E188A795F11EFBF3B491CC4F9AE02.roa (raw, json) Hash identifier: 3uSmKvJAQmWq5xc18G4fpgYNjVJ7fApH5/+N2ORrUb0= Subject key identifier: 6D:DF:A4:30:EC:2B:1B:87:8D:A0:55:9F:44:63:84:4C:1D:25:3E:6D Certificate issuer: /CN=A91B01C7/serialNumber=E8DF8D5E4C84DA87D729A73C1C4E8611381AB2C1 Certificate serial: 2A43 Authority key identifier: E8:DF:8D:5E:4C:84:DA:87:D7:29:A7:3C:1C:4E:86:11:38:1A:B2:C1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/E86E188A795F11EFBF3B491CC4F9AE02.roa Signing time: Wed 02 Jul 2025 15:52:42 +0000 ROA not before: Wed 02 Jul 2025 15:52:42 +0000 ROA not after: Thu 30 Oct 2025 00:00:00 +0000 asID: 58601 IP address blocks: 103.9.112.0/22 maxlen: 22 103.9.112.0/24 maxlen: 24 103.9.113.0/24 maxlen: 24 103.9.114.0/24 maxlen: 24 103.9.115.0/24 maxlen: 24 2403:e100::/32 maxlen: 32 2403:e100:1000::/48 maxlen: 48 2403:e100:1000:4::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/6N-NXkyE2ofXKac8HE6GETgassE.crl rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/6N-NXkyE2ofXKac8HE6GETgassE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 15:52:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10819 (0x2a43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B01C7, serialNumber=E8DF8D5E4C84DA87D729A73C1C4E8611381AB2C1 Validity Not Before: Jul 2 15:52:42 2025 GMT Not After : Oct 30 00:00:00 2025 GMT Subject: CN=686555ca-9e7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:56:23:86:d2:4b:61:ce:70:9d:22:f6:24:ce: 6c:3d:9f:91:a8:b0:92:38:d2:7f:3f:d1:de:f5:27: 79:cc:72:26:01:4b:8a:a9:16:f3:0c:c7:1a:5d:b8: a8:25:4c:56:f0:70:2c:6a:19:e8:c8:a0:91:4c:71: 26:82:ce:43:a7:29:3f:df:59:2f:27:a7:ed:50:70: 07:fe:6b:1d:ec:f5:15:38:4d:d3:a6:cc:3c:10:1a: 1b:71:e1:08:c7:de:bf:b3:36:5e:5e:8d:e8:f6:ff: f1:a9:7a:1b:ab:e4:0d:6f:9f:26:3c:15:de:9f:7c: c4:7d:14:48:1b:a4:a0:8e:43:62:6e:50:bb:28:24: 79:40:3b:d8:23:8b:9d:6e:ba:cb:71:e7:ee:aa:c1: 63:d2:9c:2f:86:7d:17:71:5c:9e:dc:40:18:c0:1c: 9c:cd:8a:14:9a:fd:fc:cb:5a:00:7a:83:13:0b:2b: 6c:c9:69:e9:e0:41:6f:f9:cf:f6:73:b9:ac:44:e6: e8:8c:96:3d:43:b6:37:f7:7d:9a:57:fa:3b:9b:9f: 04:51:65:88:1f:03:43:22:33:09:1c:5f:9d:94:22: dd:84:13:1b:3c:a4:fe:b3:ea:22:62:8e:a2:fd:ed: 76:ab:97:f4:83:ea:78:a8:c6:4a:13:25:cb:21:d9: 97:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:DF:A4:30:EC:2B:1B:87:8D:A0:55:9F:44:63:84:4C:1D:25:3E:6D X509v3 Authority Key Identifier: keyid:E8:DF:8D:5E:4C:84:DA:87:D7:29:A7:3C:1C:4E:86:11:38:1A:B2:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/6N-NXkyE2ofXKac8HE6GETgassE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/E86E188A795F11EFBF3B491CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.9.112.0/22 IPv6: 2403:e100::/32 Signature Algorithm: sha256WithRSAEncryption a5:84:dc:56:13:2a:13:81:bc:32:9a:ea:bb:7b:52:6b:57:7a: 5e:a0:90:0d:bf:49:a8:4b:1c:06:3b:76:0c:37:16:16:94:6d: bb:c0:14:91:60:10:eb:5d:6b:2a:50:ec:8a:36:99:e5:67:c6: f6:cf:db:2e:68:9d:df:af:f0:a4:d8:e7:56:a8:f0:13:8e:31: 47:64:a6:6e:d1:ab:b2:da:46:60:09:47:fb:0f:0e:27:9b:3e: f6:ea:b1:bb:4d:07:9e:70:17:67:30:bc:10:a5:3c:27:5d:ae: 86:8e:46:a1:76:32:96:82:ba:64:19:82:11:9c:da:22:cf:b9: 04:7d:4b:35:f2:84:f5:99:3d:93:88:a7:7b:79:28:f4:3d:ac: 0b:0f:ef:eb:ab:bb:e1:97:49:6f:9a:b1:81:df:12:58:67:c6: 86:38:d6:21:50:07:10:9b:b3:1d:d5:55:91:88:42:d0:54:56: 8e:49:fd:1a:30:0a:a4:a1:64:b0:c6:5d:ac:a0:4c:2d:00:70: 46:0d:35:59:fb:db:22:85:d6:13:34:fc:78:2b:a1:5a:64:94: 81:14:02:43:33:39:9f:94:f6:8f:2e:5e:bf:01:48:87:a8:91: 0f:47:38:10:ea:d6:51:3a:0c:d8:d3:1f:9f:eb:ca:d9:20:33: e7:3d:d1:3d -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICKkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjAxQzcxMTAvBgNVBAUTKEU4REY4RDVFNEM4NERBODdENzI5QTczQzFDNEU4NjEx MzgxQUIyQzEwHhcNMjUwNzAyMTU1MjQyWhcNMjUxMDMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY1NTVjYS05ZTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtlYjhtJLYc5wnSL2JM5sPZ+RqLCSONJ/P9He9Sd5zHImAUuKqRbzDMcaXbio JUxW8HAsahnoyKCRTHEmgs5Dpyk/31kvJ6ftUHAH/msd7PUVOE3Tpsw8EBobceEI x96/szZeXo3o9v/xqXobq+QNb58mPBXen3zEfRRIG6SgjkNiblC7KCR5QDvYI4ud brrLcefuqsFj0pwvhn0XcVye3EAYwByczYoUmv38y1oAeoMTCytsyWnp4EFv+c/2 c7msRObojJY9Q7Y3932aV/o7m58EUWWIHwNDIjMJHF+dlCLdhBMbPKT+s+oiYo6i /e12q5f0g+p4qMZKEyXLIdmXTwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFG3fpDDs KxuHjaBVn0RjhEwdJT5tMB8GA1UdIwQYMBaAFOjfjV5MhNqH1ymnPBxOhhE4GrLB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDFDNy85N0NGMjBGQTMz MjMxMUU0QTZFNzQ5MTFDNEY5QUUwMi82Ti1OWGt5RTJvZlhLYWM4SEU2R0VUZ2Fz c0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZOLU5Ya3lFMm9mWEthYzhIRTZHRVRnYXNzRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjAxQzcvOTdDRjIwRkEzMzIzMTFFNEE2RTc0OTExQzRGOUFFMDIvRTg2RTE4OEE3 OTVGMTFFRkJGM0I0OTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnCXAwDQQCAAIwBwMFACQD4QAwDQYJKoZIhvcNAQELBQAD ggEBAKWE3FYTKhOBvDKa6rt7UmtXel6gkA2/SahLHAY7dgw3FhaUbbvAFJFgEOtd aypQ7Io2meVnxvbP2y5ond+v8KTY51ao8BOOMUdkpm7Rq7LaRmAJR/sPDiebPvbq sbtNB55wF2cwvBClPCddroaORqF2MpaCumQZghGc2iLPuQR9SzXyhPWZPZOIp3t5 KPQ9rAsP7+uru+GXSW+asYHfElhnxoY41iFQBxCbsx3VVZGIQtBUVo5J/RowCqSh ZLDGXaygTC0AcEYNNVn72yKF1hM0/HgroVpklIEUAkMzOZ+U9o8uXr8BSIeokQ9H OBDq1lE6DNjTH5/rytkgM+c90T0= -----END CERTIFICATE-----Generated at Thu Jul 3 13:30:14 2025 by rpki-client