$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3B4C/DC9DE28E8C5011EFA067C815C4F9AE02/B8D1F4E8501411F09C0FE83FC4F9AE02.roa File: B8D1F4E8501411F09C0FE83FC4F9AE02.roa (raw, json) Hash identifier: DTme312dtWhjs1JFg94y153qtB+lMbeMxpbcIu8vIlA= Subject key identifier: 85:D0:E3:DA:44:FF:C3:58:33:73:10:E1:49:1F:E6:1D:94:34:E6:38 Certificate issuer: /CN=A91B3B4C/serialNumber=B63DFD686CE0A90076E4F5FF428685F63FB08EDD Certificate serial: 93 Authority key identifier: B6:3D:FD:68:6C:E0:A9:00:76:E4:F5:FF:42:86:85:F6:3F:B0:8E:DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tj39aGzgqQB25PX_QoaF9j-wjt0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B3B4C/DC9DE28E8C5011EFA067C815C4F9AE02/B8D1F4E8501411F09C0FE83FC4F9AE02.roa Signing time: Mon 23 Jun 2025 09:30:38 +0000 ROA not before: Mon 23 Jun 2025 09:30:38 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 395886 IP address blocks: 103.110.220.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B3B4C/DC9DE28E8C5011EFA067C815C4F9AE02/tj39aGzgqQB25PX_QoaF9j-wjt0.crl rsync://rpki.apnic.net/member_repository/A91B3B4C/DC9DE28E8C5011EFA067C815C4F9AE02/tj39aGzgqQB25PX_QoaF9j-wjt0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tj39aGzgqQB25PX_QoaF9j-wjt0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 07:19:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 147 (0x93) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B3B4C, serialNumber=B63DFD686CE0A90076E4F5FF428685F63FB08EDD Validity Not Before: Jun 23 09:30:38 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=68591ebe-a81a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:50:ac:03:41:7e:b4:d4:f6:e6:5b:69:bf:de: 5b:34:ac:22:cc:85:f8:16:fb:be:1f:b9:87:66:c5: da:93:8f:90:f4:57:13:88:d0:8c:4f:e2:52:46:de: 07:c2:fa:5b:58:b7:3f:ec:68:4c:53:84:c4:17:32: a0:95:ce:f8:35:2b:c0:be:b0:f6:88:8a:61:75:9a: 1e:f9:0b:88:4b:e3:36:d9:4a:71:1c:a7:c0:e7:8e: bf:82:e0:10:95:c8:89:6c:da:49:1d:e6:a5:a7:df: 1c:fd:19:c0:16:d6:3a:f1:b5:4f:88:f2:42:60:31: 41:0a:c5:4e:3a:cf:ec:a6:bb:54:78:7a:e9:68:e8: ce:7a:8c:db:e3:61:9b:97:6e:f2:79:2e:31:17:65: 98:a4:24:22:73:a2:d7:4e:f2:61:6d:f4:ee:55:b3: 5b:ed:b5:ce:8a:26:13:ec:c4:62:24:c5:71:4c:72: e5:90:83:1c:ad:3e:66:ee:1d:ba:83:39:9e:92:b9: b3:68:5f:93:83:31:0d:1b:ce:65:d1:62:ef:26:80: 48:23:e7:30:80:21:3d:70:af:ee:90:24:f5:e0:a1: a1:8b:3e:ed:e6:9a:42:2e:8f:fc:19:84:0e:2b:db: ca:9e:14:0f:44:84:77:1b:70:2c:da:d2:3c:22:c2: e2:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:D0:E3:DA:44:FF:C3:58:33:73:10:E1:49:1F:E6:1D:94:34:E6:38 X509v3 Authority Key Identifier: keyid:B6:3D:FD:68:6C:E0:A9:00:76:E4:F5:FF:42:86:85:F6:3F:B0:8E:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B3B4C/DC9DE28E8C5011EFA067C815C4F9AE02/tj39aGzgqQB25PX_QoaF9j-wjt0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tj39aGzgqQB25PX_QoaF9j-wjt0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3B4C/DC9DE28E8C5011EFA067C815C4F9AE02/B8D1F4E8501411F09C0FE83FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.110.220.0/23 Signature Algorithm: sha256WithRSAEncryption 1c:dc:f0:34:9c:6d:ef:74:5e:cc:27:37:ef:f7:eb:27:fb:dc: 5c:4c:4d:c5:85:7e:b1:1c:cb:e8:ae:b4:de:41:2c:c2:ba:cc: 7d:88:a3:72:21:03:38:ad:fd:6f:43:4d:a7:b1:f2:38:52:fc: 67:35:18:3e:c1:7d:23:bb:12:99:eb:ce:0d:90:f5:bb:40:43: fb:db:67:33:8f:f6:51:b3:e6:29:ae:9e:46:2b:8b:6c:6b:b4: c0:f7:9d:2f:ac:da:92:83:e8:16:83:db:2b:d5:a9:c6:09:8e: 50:65:f4:54:75:d3:a1:3f:d4:f0:96:a4:ff:a9:f8:02:b1:fd: ee:e3:40:ee:d8:b8:6f:6b:eb:5d:b0:6d:ba:af:27:28:4a:25: 89:47:b5:29:81:ad:d0:6c:b5:74:29:eb:b7:80:09:88:d5:60: b4:81:ae:6e:b5:86:1d:38:66:be:c2:14:d5:7e:10:1d:f7:e4: fa:36:6d:a5:73:83:14:28:b6:91:46:10:e6:02:56:12:e0:43: 56:09:29:a1:c3:1b:60:f7:5c:c3:99:d4:51:2b:2f:0e:d0:ea: 80:24:7a:5c:a6:c3:2f:cf:3d:b3:14:4c:58:48:0a:fd:27:9d: c3:2a:0e:b8:10:ed:bd:eb:59:9a:2c:33:43:ea:03:0b:f1:95: a7:df:1d:45 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAJMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjNCNEMxMTAvBgNVBAUTKEI2M0RGRDY4NkNFMEE5MDA3NkU0RjVGRjQyODY4NUY2 M0ZCMDhFREQwHhcNMjUwNjIzMDkzMDM4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODU5MWViZS1hODFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyFCsA0F+tNT25ltpv95bNKwizIX4Fvu+H7mHZsXak4+Q9FcTiNCMT+JSRt4H wvpbWLc/7GhMU4TEFzKglc74NSvAvrD2iIphdZoe+QuIS+M22UpxHKfA546/guAQ lciJbNpJHealp98c/RnAFtY68bVPiPJCYDFBCsVOOs/sprtUeHrpaOjOeozb42Gb l27yeS4xF2WYpCQic6LXTvJhbfTuVbNb7bXOiiYT7MRiJMVxTHLlkIMcrT5m7h26 gzmekrmzaF+TgzENG85l0WLvJoBII+cwgCE9cK/ukCT14KGhiz7t5ppCLo/8GYQO K9vKnhQPRIR3G3As2tI8IsLifwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIXQ49pE /8NYM3MQ4Ukf5h2UNOY4MB8GA1UdIwQYMBaAFLY9/Whs4KkAduT1/0KGhfY/sI7d MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0I0Qy9EQzlERTI4RThD NTAxMUVGQTA2N0M4MTVDNEY5QUUwMi90ajM5YUd6Z3FRQjI1UFhfUW9hRjlqLXdq dDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RqMzlhR3pncVFCMjVQWF9Rb2FGOWotd2p0MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjNCNEMvREM5REUyOEU4QzUwMTFFRkEwNjdDODE1QzRGOUFFMDIvQjhEMUY0RTg1 MDE0MTFGMDlDMEZFODNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnbtwwDQYJKoZIhvcNAQELBQADggEBABzc8DScbe90Xswn N+/36yf73FxMTcWFfrEcy+iutN5BLMK6zH2Io3IhAzit/W9DTaex8jhS/Gc1GD7B fSO7Epnrzg2Q9btAQ/vbZzOP9lGz5imunkYri2xrtMD3nS+s2pKD6BaD2yvVqcYJ jlBl9FR106E/1PCWpP+p+AKx/e7jQO7YuG9r612wbbqvJyhKJYlHtSmBrdBstXQp 67eACYjVYLSBrm61hh04Zr7CFNV+EB335Po2baVzgxQotpFGEOYCVhLgQ1YJKaHD G2D3XMOZ1FErLw7Q6oAkelymwy/PPbMUTFhICv0nncMqDrgQ7b3rWZosM0PqAwvx laffHUU= -----END CERTIFICATE-----Generated at Tue Jul 1 16:51:10 2025 by rpki-client