$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/CB8AA43A4D9B11EFB201E984C4F9AE02.roa File: CB8AA43A4D9B11EFB201E984C4F9AE02.roa (raw, json) Hash identifier: IBTL0V7J1tBYqG7NDXusQxEwJubmZUah6ZmQZ+9P3Us= Subject key identifier: C7:93:4E:9E:C1:A5:DD:8B:65:AE:23:65:85:13:B3:24:89:44:5B:3C Certificate issuer: /CN=A91B1018/serialNumber=AFD0955A7DD7F9B0EC2A44A11D937207C2754A63 Certificate serial: 03FC Authority key identifier: AF:D0:95:5A:7D:D7:F9:B0:EC:2A:44:A1:1D:93:72:07:C2:75:4A:63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9CVWn3X-bDsKkShHZNyB8J1SmM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/CB8AA43A4D9B11EFB201E984C4F9AE02.roa Signing time: Mon 23 Jun 2025 16:36:42 +0000 ROA not before: Mon 23 Jun 2025 16:36:42 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 149513 IP address blocks: 103.181.164.0/23 maxlen: 23 103.181.164.0/24 maxlen: 24 103.181.165.0/24 maxlen: 24 2400:5a60::/48 maxlen: 48 2400:5a60:3::/48 maxlen: 48 2400:5a60:4::/48 maxlen: 48 2400:5a60:5::/48 maxlen: 48 2400:5a60:6::/48 maxlen: 48 2400:5a60:7::/48 maxlen: 48 2400:5a60:8::/48 maxlen: 48 2400:5a60:9::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/r9CVWn3X-bDsKkShHZNyB8J1SmM.crl rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/r9CVWn3X-bDsKkShHZNyB8J1SmM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9CVWn3X-bDsKkShHZNyB8J1SmM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 01:11:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1020 (0x3fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1018, serialNumber=AFD0955A7DD7F9B0EC2A44A11D937207C2754A63 Validity Not Before: Jun 23 16:36:42 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=6859829a-5334 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:de:a6:a3:e4:ac:31:0d:51:bf:ae:07:6b:41: 5e:0a:46:e9:98:1b:9b:82:57:23:de:d4:8c:53:10: 40:e0:c5:a0:89:d9:49:f7:64:61:9c:23:2e:a2:6c: c1:ca:99:11:c1:55:56:03:d7:6e:ae:50:78:44:d3: e3:46:b4:28:de:2f:52:c5:43:0b:13:ce:1f:74:ef: 0a:fc:43:8f:55:83:e1:06:c2:1a:47:cc:d4:f9:1c: 50:c6:b7:15:16:da:4b:e8:24:18:c6:b6:21:a2:5d: 22:9b:d6:12:8d:89:80:e3:80:54:4e:ee:d8:7f:f3: 44:e3:e2:e7:b3:b8:4f:c9:40:5a:b2:46:d1:21:46: 64:e1:8c:05:87:eb:7b:40:54:29:ba:8e:45:c4:56: a5:84:d5:fb:bb:4b:00:1e:b8:79:b7:6a:e3:ea:70: 17:34:49:5d:41:04:56:6b:2b:10:ff:e4:b1:a1:3f: 92:36:c9:01:b8:4b:e0:2b:e0:fd:93:16:3b:d3:31: b8:9f:77:16:6d:8a:3d:9b:91:da:c1:7d:c4:fb:2a: ba:ef:95:70:7d:21:df:ae:76:30:4f:ee:74:b5:f6: 60:b5:2a:d3:5d:b4:e7:78:97:7e:79:36:3c:0e:e9: 78:82:da:6b:22:1c:40:20:b1:c0:ff:60:cd:11:81: bf:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:93:4E:9E:C1:A5:DD:8B:65:AE:23:65:85:13:B3:24:89:44:5B:3C X509v3 Authority Key Identifier: keyid:AF:D0:95:5A:7D:D7:F9:B0:EC:2A:44:A1:1D:93:72:07:C2:75:4A:63 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/r9CVWn3X-bDsKkShHZNyB8J1SmM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r9CVWn3X-bDsKkShHZNyB8J1SmM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1018/8836FA608D4C11EC988AE85DC4F9AE02/CB8AA43A4D9B11EFB201E984C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.181.164.0/23 IPv6: 2400:5a60::/48 2400:5a60:3::-2400:5a60:9:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 78:f2:d2:7d:81:3b:9c:41:7a:0b:8d:35:9b:b5:92:8f:92:d5: 7d:df:3c:27:81:76:72:5f:e3:e8:2a:a1:2d:dd:34:96:54:b3: 63:57:6f:00:f5:f0:66:9c:6a:95:84:9c:9a:50:0f:65:49:5e: c8:ff:f9:b2:a3:95:af:13:bc:19:38:80:ce:87:1b:89:fb:02: 2a:f5:4c:d4:5e:6e:57:d8:c4:78:ba:fe:3f:52:64:a8:77:bd: 76:35:53:04:e8:a0:cf:70:3d:e5:33:7d:e6:0a:d4:49:0f:10: b2:3f:3c:75:51:aa:c3:a0:ae:6c:72:26:e7:91:6d:b7:4f:93: 08:37:5c:3d:97:dd:0c:c4:fb:52:5a:30:2e:fb:59:e9:b1:23: 9f:83:58:21:50:7a:59:d0:06:83:dd:1a:0e:58:6b:57:5d:ef: 73:f9:b0:2b:6c:7b:a3:6c:21:74:64:d7:13:1c:e8:30:d2:dd: 8c:70:8c:c2:e5:cd:71:04:70:4f:cb:fa:a7:aa:2c:da:bf:64: 63:dc:e2:2e:98:26:9f:56:b6:fa:a7:c8:5c:91:fe:b2:d1:a9: 88:98:df:25:77:ff:31:38:9c:79:f4:ae:3c:14:c7:56:8a:62: de:f0:5a:d5:5b:bd:42:9b:a1:30:92:29:53:40:bf:4d:21:8a: 19:73:a8:30 -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICA/wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjEwMTgxMTAvBgNVBAUTKEFGRDA5NTVBN0REN0Y5QjBFQzJBNDRBMTFEOTM3MjA3 QzI3NTRBNjMwHhcNMjUwNjIzMTYzNjQyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02ODU5ODI5YS01MzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwd6mo+SsMQ1Rv64Ha0FeCkbpmBubglcj3tSMUxBA4MWgidlJ92RhnCMuomzB ypkRwVVWA9durlB4RNPjRrQo3i9SxUMLE84fdO8K/EOPVYPhBsIaR8zU+RxQxrcV FtpL6CQYxrYhol0im9YSjYmA44BUTu7Yf/NE4+Lns7hPyUBaskbRIUZk4YwFh+t7 QFQpuo5FxFalhNX7u0sAHrh5t2rj6nAXNEldQQRWaysQ/+SxoT+SNskBuEvgK+D9 kxY70zG4n3cWbYo9m5HawX3E+yq675VwfSHfrnYwT+50tfZgtSrTXbTneJd+eTY8 Dul4gtprIhxAILHA/2DNEYG/gQIDAQABo4ICujCCArYwHQYDVR0OBBYEFMeTTp7B pd2LZa4jZYUTsySJRFs8MB8GA1UdIwQYMBaAFK/QlVp91/mw7CpEoR2TcgfCdUpj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTAxOC84ODM2RkE2MDhE NEMxMUVDOTg4QUU4NURDNEY5QUUwMi9yOUNWV24zWC1iRHNLa1NoSFpOeUI4SjFT bU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3I5Q1ZXbjNYLWJEc0trU2hIWk55QjhKMVNtTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjEwMTgvODgzNkZBNjA4RDRDMTFFQzk4OEFFODVEQzRGOUFFMDIvQ0I4QUE0M0E0 RDlCMTFFRkIyMDFFOTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMAwEAgABMAYDBAFntaQwIwQCAAIwHQMHACQAWmAAADASAwcAJABaYAADAwcB JABaYAAIMA0GCSqGSIb3DQEBCwUAA4IBAQB48tJ9gTucQXoLjTWbtZKPktV93zwn gXZyX+PoKqEt3TSWVLNjV28A9fBmnGqVhJyaUA9lSV7I//myo5WvE7wZOIDOhxuJ +wIq9UzUXm5X2MR4uv4/UmSod712NVME6KDPcD3lM33mCtRJDxCyPzx1UarDoK5s cibnkW23T5MIN1w9l90MxPtSWjAu+1npsSOfg1ghUHpZ0AaD3RoOWGtXXe9z+bAr bHujbCF0ZNcTHOgw0t2McIzC5c1xBHBPy/qnqizav2Rj3OIumCafVrb6p8hckf6y 0amImN8ld/8xOJx59K48FMdWimLe8FrVW71Cm6EwkilTQL9NIYoZc6gw -----END CERTIFICATE-----Generated at Thu Jul 3 01:16:47 2025 by rpki-client