$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa File: 6AB849742C9C11EBB49A3A32C4F9AE02.roa (raw, json) Hash identifier: d4sd7UZZo9a+uPHZX7tMr/i70JRLudIGa9+mnphuZB4= Subject key identifier: 26:24:F1:DC:E1:70:D0:DE:40:DD:A5:71:0D:79:38:46:E0:56:11:D0 Certificate issuer: /CN=A91B6F87/serialNumber=7A5474123C548817E25F3484CC26B60B0641BD69 Certificate serial: 0785 Authority key identifier: 7A:54:74:12:3C:54:88:17:E2:5F:34:84:CC:26:B6:0B:06:41:BD:69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa Signing time: Fri 20 Jun 2025 22:09:50 +0000 ROA not before: Fri 20 Jun 2025 22:09:50 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 45178 IP address blocks: 103.28.132.0/22 maxlen: 24 103.112.164.0/22 maxlen: 22 103.112.164.0/24 maxlen: 24 103.112.165.0/24 maxlen: 24 103.112.166.0/24 maxlen: 24 111.125.152.0/21 maxlen: 21 111.125.152.0/22 maxlen: 22 111.125.152.0/23 maxlen: 23 111.125.152.0/24 maxlen: 24 111.125.153.0/24 maxlen: 24 111.125.154.0/24 maxlen: 24 111.125.155.0/24 maxlen: 24 111.125.156.0/24 maxlen: 24 111.125.157.0/24 maxlen: 24 111.125.158.0/24 maxlen: 24 111.125.159.0/24 maxlen: 24 116.206.188.0/24 maxlen: 24 116.206.189.0/24 maxlen: 24 116.206.190.0/24 maxlen: 24 203.174.27.0/24 maxlen: 24 2406:d100::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.crl rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 21:52:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1925 (0x785) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F87, serialNumber=7A5474123C548817E25F3484CC26B60B0641BD69 Validity Not Before: Jun 20 22:09:50 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6855dc2e-db48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:85:54:d5:2b:3a:11:4e:dd:fd:43:bc:c7:5e: d2:aa:5d:f7:c5:b5:aa:b0:30:90:3b:b0:57:4f:a0: ac:2d:55:de:fc:d6:9c:dd:49:d6:e3:18:cf:c4:c6: 0c:b9:b7:f8:9c:bd:6b:83:59:dd:3f:96:10:0b:59: 4a:c7:24:04:b7:d1:44:f5:49:a6:bc:1b:90:5b:a1: eb:35:0c:16:b7:ac:92:d6:72:04:1c:53:d5:e8:f9: be:84:f5:0a:a1:cf:1d:08:94:46:51:f8:81:5e:1e: ee:ce:4a:f5:51:28:a2:5f:d9:40:00:b0:33:46:c1: f5:f6:35:a1:85:5a:06:60:cf:60:e5:03:d3:ac:e1: 97:38:b4:09:7b:8c:25:2d:4c:8e:49:13:e7:b0:fa: 67:4b:d8:5f:07:39:f9:f6:4e:db:86:96:66:87:8d: 46:b8:3e:03:ea:0e:e0:c9:b4:c0:5e:22:78:87:7e: 51:b0:6a:f9:2f:f6:a4:86:86:88:90:74:91:03:2f: d0:72:7c:a3:d9:8e:b1:c3:2a:c2:76:c0:53:e6:3f: 14:fa:70:1c:de:51:5e:19:7e:08:26:7d:8f:a6:cb: 2e:d0:a2:22:32:a6:5d:3e:fc:7f:10:c0:e1:10:ce: aa:f7:d1:f3:b7:50:3e:66:b3:f6:82:1c:c5:78:8b: 81:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:24:F1:DC:E1:70:D0:DE:40:DD:A5:71:0D:79:38:46:E0:56:11:D0 X509v3 Authority Key Identifier: keyid:7A:54:74:12:3C:54:88:17:E2:5F:34:84:CC:26:B6:0B:06:41:BD:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/elR0EjxUiBfiXzSEzCa2CwZBvWk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/elR0EjxUiBfiXzSEzCa2CwZBvWk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F87/B1CD71F0268811EBBE7C682BC4F9AE02/6AB849742C9C11EBB49A3A32C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.28.132.0/22 103.112.164.0/22 111.125.152.0/21 116.206.188.0-116.206.190.255 203.174.27.0/24 IPv6: 2406:d100::/32 Signature Algorithm: sha256WithRSAEncryption 2d:f0:3b:7f:32:6d:28:53:32:5f:37:a5:44:29:78:14:c1:c5: 86:de:5e:95:5d:56:68:58:f6:08:48:85:2f:92:0e:d8:b4:27: d7:ac:4f:b2:eb:c0:b1:9b:8e:a8:b1:6d:4a:c9:20:40:51:11: 4e:c4:5c:8c:7c:1f:58:32:e8:18:b2:4f:a4:f2:40:6d:89:af: cb:90:ca:55:cc:78:bd:aa:8b:fb:5a:da:af:8f:76:89:90:6b: a1:8f:37:65:f7:9d:de:fc:47:84:fe:e8:fe:89:cb:8a:6a:ef: 69:a6:24:df:88:fc:a5:9b:55:89:67:e8:bc:7d:fa:a6:25:5e: 31:2e:b5:38:09:99:eb:b2:d0:3d:31:28:08:2c:1d:a6:63:2e: 1d:a1:e8:c9:ff:31:53:6b:8b:49:85:bd:d8:b5:ef:bb:bc:4a: 85:63:27:d4:7f:fb:db:ac:f3:67:e2:6e:0d:2a:6e:26:d4:95: 7f:0a:de:a3:c3:2a:5b:62:92:5a:32:f4:96:3b:61:1b:0a:75: 59:15:94:9f:c9:ab:a2:d8:ed:00:a3:10:03:cf:26:43:ff:7d: 78:44:3a:8c:2c:5d:c0:66:ff:eb:0e:a0:8b:26:67:7a:32:76: ef:18:f0:6b:d5:69:1a:9f:57:46:59:5d:51:fb:06:55:f5:15: 28:3d:74:09 -----BEGIN CERTIFICATE----- MIIFoDCCBIigAwIBAgICB4UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGODcxMTAvBgNVBAUTKDdBNTQ3NDEyM0M1NDg4MTdFMjVGMzQ4NENDMjZCNjBC MDY0MUJENjkwHhcNMjUwNjIwMjIwOTUwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODU1ZGMyZS1kYjQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw4VU1Ss6EU7d/UO8x17Sql33xbWqsDCQO7BXT6CsLVXe/Nac3UnW4xjPxMYM ubf4nL1rg1ndP5YQC1lKxyQEt9FE9UmmvBuQW6HrNQwWt6yS1nIEHFPV6Pm+hPUK oc8dCJRGUfiBXh7uzkr1USiiX9lAALAzRsH19jWhhVoGYM9g5QPTrOGXOLQJe4wl LUyOSRPnsPpnS9hfBzn59k7bhpZmh41GuD4D6g7gybTAXiJ4h35RsGr5L/akhoaI kHSRAy/Qcnyj2Y6xwyrCdsBT5j8U+nAc3lFeGX4IJn2Ppssu0KIiMqZdPvx/EMDh EM6q99Hzt1A+ZrP2ghzFeIuBYwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFCYk8dzh cNDeQN2lcQ15OEbgVhHQMB8GA1UdIwQYMBaAFHpUdBI8VIgX4l80hMwmtgsGQb1p MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY4Ny9CMUNENzFGMDI2 ODgxMUVCQkU3QzY4MkJDNEY5QUUwMi9lbFIwRWp4VWlCZmlYelNFekNhMkN3WkJ2 V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VsUjBFanhVaUJmaVh6U0V6Q2EyQ3daQnZXay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZGODcvQjFDRDcxRjAyNjg4MTFFQkJFN0M2ODJCQzRGOUFFMDIvNkFCODQ5NzQy QzlDMTFFQkI0OUEzQTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E PzA9MCwEAgABMCYDBAJnHIQDBAJncKQDBANvfZgwDAMEAnTOvAMEAHTOvgMEAMuu GzANBAIAAjAHAwUAJAbRADANBgkqhkiG9w0BAQsFAAOCAQEALfA7fzJtKFMyXzel RCl4FMHFht5elV1WaFj2CEiFL5IO2LQn16xPsuvAsZuOqLFtSskgQFERTsRcjHwf WDLoGLJPpPJAbYmvy5DKVcx4vaqL+1rar492iZBroY83Zfed3vxHhP7o/onLimrv aaYk34j8pZtViWfovH36piVeMS61OAmZ67LQPTEoCCwdpmMuHaHoyf8xU2uLSYW9 2LXvu7xKhWMn1H/726zzZ+JuDSpuJtSVfwreo8MqW2KSWjL0ljthGwp1WRWUn8mr otjtAKMQA88mQ/99eEQ6jCxdwGb/6w6giyZnejJ27xjwa9VpGp9XRlldUfsGVfUV KD10CQ== -----END CERTIFICATE-----Generated at Fri Jul 4 08:03:10 2025 by rpki-client