$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6066/648A8832FB6411EFBC9B3529C4F9AE02/CB16EA82FB6411EF90E1E429C4F9AE02.roa File: CB16EA82FB6411EF90E1E429C4F9AE02.roa (raw, json) Hash identifier: 0M63JvIdFfuu35AAppLF2AY+BsaEXFTD4uLQ+gUHRuM= Subject key identifier: FE:84:3A:0E:EE:C6:EB:51:5E:C2:B0:37:BE:0A:B6:91:A2:D3:46:73 Certificate issuer: /CN=A91B6066/serialNumber=1D4EC4253313B62C4844916B85DC0FFE4B07D508 Certificate serial: 25 Authority key identifier: 1D:4E:C4:25:33:13:B6:2C:48:44:91:6B:85:DC:0F:FE:4B:07:D5:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HU7EJTMTtixIRJFrhdwP_ksH1Qg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6066/648A8832FB6411EFBC9B3529C4F9AE02/CB16EA82FB6411EF90E1E429C4F9AE02.roa Signing time: Fri 09 May 2025 07:01:12 +0000 ROA not before: Fri 09 May 2025 07:01:12 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 135357 IP address blocks: 103.234.96.0/22 maxlen: 22 103.234.96.0/24 maxlen: 24 103.234.97.0/24 maxlen: 24 103.234.98.0/24 maxlen: 24 103.234.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6066/648A8832FB6411EFBC9B3529C4F9AE02/HU7EJTMTtixIRJFrhdwP_ksH1Qg.crl rsync://rpki.apnic.net/member_repository/A91B6066/648A8832FB6411EFBC9B3529C4F9AE02/HU7EJTMTtixIRJFrhdwP_ksH1Qg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HU7EJTMTtixIRJFrhdwP_ksH1Qg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 07:07:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37 (0x25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6066, serialNumber=1D4EC4253313B62C4844916B85DC0FFE4B07D508 Validity Not Before: May 9 07:01:12 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=681da838-5505 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:cc:59:94:d9:6d:9d:f0:9c:f8:a3:95:c7:f1: 40:4e:97:4e:0b:97:9d:3c:25:7d:94:9c:73:ec:33: 90:e8:17:12:11:32:2b:bb:32:d1:8a:de:cd:63:e3: 11:d3:33:62:82:74:dd:e3:fc:55:26:33:f0:f7:0d: 93:8b:e8:81:38:82:cc:91:d2:63:d7:f0:aa:a5:f7: 30:f7:d4:e2:21:81:ff:70:32:3c:1b:34:0a:80:0c: 2a:4c:3c:b3:d2:87:7c:15:d4:fa:ba:fb:e7:88:79: 78:d7:b5:ad:da:a8:c0:1c:be:bb:99:bf:5b:f2:a9: 9b:ac:03:b1:29:ef:36:df:3d:4c:cc:eb:3c:93:df: 06:91:14:f5:64:c4:93:f5:ec:db:9d:02:75:ee:33: 4f:b2:76:99:8f:8a:f8:1d:93:08:6b:3d:93:d7:0f: 52:9b:7c:44:44:4f:c6:f3:d5:2e:3c:d2:4c:69:a7: d5:a8:20:1b:f4:f2:90:6c:73:41:2d:7f:10:5d:bd: c2:c7:a8:ba:e6:8b:69:e6:22:fc:fb:36:68:12:d8: b1:08:20:e4:07:2b:a7:c2:bc:4e:2c:67:00:28:68: b8:b2:40:4c:87:31:16:70:1b:96:3e:03:30:20:5f: 0e:30:2b:16:3c:97:59:d8:59:96:dd:75:1e:f7:80: f2:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:84:3A:0E:EE:C6:EB:51:5E:C2:B0:37:BE:0A:B6:91:A2:D3:46:73 X509v3 Authority Key Identifier: keyid:1D:4E:C4:25:33:13:B6:2C:48:44:91:6B:85:DC:0F:FE:4B:07:D5:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6066/648A8832FB6411EFBC9B3529C4F9AE02/HU7EJTMTtixIRJFrhdwP_ksH1Qg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HU7EJTMTtixIRJFrhdwP_ksH1Qg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6066/648A8832FB6411EFBC9B3529C4F9AE02/CB16EA82FB6411EF90E1E429C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.234.96.0/22 Signature Algorithm: sha256WithRSAEncryption 17:fa:51:2f:de:09:a7:d8:6b:31:64:90:de:55:dd:99:3d:07: 61:c2:10:a9:f2:8d:a5:26:52:5b:1b:3a:8f:eb:e3:ec:0c:a2: 3c:65:01:13:24:14:39:63:00:f7:97:d4:27:19:c6:3a:ce:bb: e7:53:64:05:ba:e2:d1:6c:9b:ca:54:b3:3d:cd:6f:9b:1d:de: da:8d:d1:17:ff:63:81:cc:35:f2:cc:22:00:b8:9c:72:f4:f9: 4f:dc:70:b7:68:3f:54:35:3d:60:74:45:9f:39:37:f4:e0:be: 3c:a1:c7:2b:6b:0a:42:be:81:c5:63:0e:ed:7b:28:b0:28:38: 82:fa:f6:3e:d9:b6:46:48:a6:f2:19:c4:b7:ca:8b:27:6e:37: c0:54:1f:af:14:71:16:f1:cd:70:ec:d8:dc:05:9e:91:ba:93: c1:da:f5:88:1e:fd:e1:3d:72:7f:cb:62:e3:05:71:ff:37:db: 10:13:69:a2:98:08:7a:3f:fe:49:97:c3:e3:bf:75:cc:b3:45: 88:06:ee:12:c4:2d:9c:a7:89:97:d9:3c:7c:cd:6a:6e:4f:86: 68:4c:fe:6f:ce:28:2a:d7:a1:1a:16:c5:24:8c:75:c4:b9:cc: ea:0e:96:15:54:28:86:66:d1:48:8c:05:e6:ce:90:81:a6:d9: 07:01:5e:74 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NjA2NjExMC8GA1UEBRMoMUQ0RUM0MjUzMzEzQjYyQzQ4NDQ5MTZCODVEQzBGRkU0 QjA3RDUwODAeFw0yNTA1MDkwNzAxMTJaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MWRhODM4LTU1MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzzFmU2W2d8Jz4o5XH8UBOl04Ll508JX2UnHPsM5DoFxIRMiu7MtGK3s1j4xHT M2KCdN3j/FUmM/D3DZOL6IE4gsyR0mPX8Kql9zD31OIhgf9wMjwbNAqADCpMPLPS h3wV1Pq6++eIeXjXta3aqMAcvruZv1vyqZusA7Ep7zbfPUzM6zyT3waRFPVkxJP1 7NudAnXuM0+ydpmPivgdkwhrPZPXD1KbfERET8bz1S480kxpp9WoIBv08pBsc0Et fxBdvcLHqLrmi2nmIvz7NmgS2LEIIOQHK6fCvE4sZwAoaLiyQEyHMRZwG5Y+AzAg Xw4wKxY8l1nYWZbddR73gPILAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU/oQ6Du7G 61FewrA3vgq2kaLTRnMwHwYDVR0jBBgwFoAUHU7EJTMTtixIRJFrhdwP/ksH1Qgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2MDY2LzY0OEE4ODMyRkI2 NDExRUZCQzlCMzUyOUM0RjlBRTAyL0hVN0VKVE1UdGl4SVJKRnJoZHdQX2tzSDFR Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSFU3RUpUTVR0aXhJUkpGcmhkd1Bfa3NIMVFnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NjA2Ni82NDhBODgzMkZCNjQxMUVGQkM5QjM1MjlDNEY5QUUwMi9DQjE2RUE4MkZC NjQxMUVGOTBFMUU0MjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAmfqYDANBgkqhkiG9w0BAQsFAAOCAQEAF/pRL94Jp9hrMWSQ 3lXdmT0HYcIQqfKNpSZSWxs6j+vj7AyiPGUBEyQUOWMA95fUJxnGOs6751NkBbri 0WybylSzPc1vmx3e2o3RF/9jgcw18swiALiccvT5T9xwt2g/VDU9YHRFnzk39OC+ PKHHK2sKQr6BxWMO7XsosCg4gvr2Ptm2Rkim8hnEt8qLJ243wFQfrxRxFvHNcOzY 3AWekbqTwdr1iB794T1yf8ti4wVx/zfbEBNpopgIej/+SZfD4791zLNFiAbuEsQt nKeJl9k8fM1qbk+GaEz+b84oKtehGhbFJIx1xLnM6g6WFVQohmbRSIwF5s6QgabZ BwFedA== -----END CERTIFICATE-----Generated at Sat May 17 01:47:18 2025 by rpki-client