$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/2D81FF3680BB11EC8FD7663DC4F9AE02.roa File: 2D81FF3680BB11EC8FD7663DC4F9AE02.roa (raw, json) Hash identifier: YsWk/M3tlCQqb5avIWlSapMoZjsImuHwJehmfE0kgKc= Subject key identifier: 62:D0:D7:60:42:4B:63:9E:CA:8A:0B:5D:C8:FF:59:95:FA:E9:1F:39 Certificate issuer: /CN=A91CE4A1/serialNumber=15473EFB3C5AE8A0C47647B7E0FDE5886B6B1FA3 Certificate serial: 040D Authority key identifier: 15:47:3E:FB:3C:5A:E8:A0:C4:76:47:B7:E0:FD:E5:88:6B:6B:1F:A3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUc--zxa6KDEdke34P3liGtrH6M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/2D81FF3680BB11EC8FD7663DC4F9AE02.roa Signing time: Tue 01 Jul 2025 01:06:12 +0000 ROA not before: Tue 01 Jul 2025 01:06:12 +0000 ROA not after: Thu 30 Oct 2025 00:00:00 +0000 asID: 139029 IP address blocks: 103.138.172.0/23 maxlen: 23 103.138.172.0/24 maxlen: 24 103.138.173.0/24 maxlen: 24 2406:6fc0::/32 maxlen: 32 2406:6fc0::/48 maxlen: 48 2406:6fc0:1::/48 maxlen: 48 2406:6fc0:2::/48 maxlen: 48 2406:6fc0:3::/48 maxlen: 48 2406:6fc0:4::/48 maxlen: 48 2406:6fc0:5::/48 maxlen: 48 2406:6fc0:6::/48 maxlen: 48 2406:6fc0:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/FUc--zxa6KDEdke34P3liGtrH6M.crl rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/FUc--zxa6KDEdke34P3liGtrH6M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUc--zxa6KDEdke34P3liGtrH6M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 00:50:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1037 (0x40d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE4A1, serialNumber=15473EFB3C5AE8A0C47647B7E0FDE5886B6B1FA3 Validity Not Before: Jul 1 01:06:12 2025 GMT Not After : Oct 30 00:00:00 2025 GMT Subject: CN=68633483-a0db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2f:9a:2b:71:e5:51:b2:06:50:63:61:45:2d: 1f:a8:a6:a7:9d:c2:8b:b2:f6:54:b4:bc:52:6c:91: 2f:d2:a6:32:f3:d5:be:41:f3:6d:df:69:f9:1f:62: 1d:06:69:6e:c4:91:6e:e0:09:31:86:c8:f1:53:a2: ec:8c:5a:b0:7f:c9:4c:6f:26:67:63:04:57:0a:a9: b8:7f:cc:f6:ad:67:53:f4:7f:a5:59:82:80:a3:c1: 55:50:89:f8:4c:19:39:89:11:16:04:34:de:cc:c8: 58:5b:a1:6f:1c:30:5d:54:22:38:3a:ab:8d:4c:d0: 45:75:9d:da:73:c4:30:60:4d:22:42:ef:6c:54:0a: 29:6f:f1:92:df:cd:de:6b:18:7e:a8:11:ad:13:ce: 39:52:6a:46:41:63:15:66:b5:a8:bc:60:0d:5d:b9: 26:61:8c:75:59:1d:99:1f:31:c0:fe:00:cf:a7:35: 34:7b:eb:0b:a1:a8:ae:b0:d4:b5:38:2b:71:7f:c9: ee:b3:50:c4:c3:87:37:67:05:40:ce:49:ca:eb:55: be:42:91:f6:85:d2:bb:33:a3:3f:db:c2:c8:37:58: 53:1e:d5:a5:d4:62:e4:45:14:6c:b6:78:c0:e5:9a: 5a:54:48:9e:43:e9:b2:ea:7e:d8:ea:72:37:42:d7: 88:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:D0:D7:60:42:4B:63:9E:CA:8A:0B:5D:C8:FF:59:95:FA:E9:1F:39 X509v3 Authority Key Identifier: keyid:15:47:3E:FB:3C:5A:E8:A0:C4:76:47:B7:E0:FD:E5:88:6B:6B:1F:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/FUc--zxa6KDEdke34P3liGtrH6M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUc--zxa6KDEdke34P3liGtrH6M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/2D81FF3680BB11EC8FD7663DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.172.0/23 IPv6: 2406:6fc0::/32 Signature Algorithm: sha256WithRSAEncryption a7:2d:df:9a:bb:68:97:ce:f8:aa:ce:27:19:db:3b:82:6b:2c: de:ce:f0:b6:69:e3:e5:ad:07:6c:e9:75:15:cd:47:c6:be:b6: b3:7a:d4:df:5c:37:22:42:55:8e:cc:da:15:8f:89:46:b8:24: 0a:ac:6a:f9:49:4b:dd:4c:04:4b:88:78:75:76:b6:82:ad:7b: f1:46:01:6c:49:59:f9:d3:72:35:10:57:9c:9f:26:3b:f7:d7: ca:d0:68:bb:4a:ee:cc:7a:cf:15:ba:0c:5f:b1:ad:c1:75:cd: ef:37:fa:93:19:a6:0f:d3:ec:d6:b0:86:b2:26:a3:26:53:80: 43:31:c2:d6:1e:b0:f2:4b:50:98:81:5a:3d:e8:23:53:38:93: 13:40:f6:53:6d:0e:f3:14:5d:63:c6:13:85:2d:eb:ff:1c:09: b5:74:96:39:7f:ce:e4:4c:72:f8:95:f5:65:26:19:55:41:4a: 39:d4:9b:14:50:bf:32:e4:a6:09:47:c1:77:f2:3b:42:60:e6: e5:29:a3:0f:0b:2e:a5:be:73:4e:2e:4e:b8:c8:4d:25:95:57: 43:c7:41:02:27:aa:ef:65:54:6b:4a:00:6e:f4:78:13:b5:01: c7:80:80:88:f1:3c:fe:ef:51:9d:00:32:d9:e6:ee:81:73:ef: 4c:d9:19:a9 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBA0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U0QTExMTAvBgNVBAUTKDE1NDczRUZCM0M1QUU4QTBDNDc2NDdCN0UwRkRFNTg4 NkI2QjFGQTMwHhcNMjUwNzAxMDEwNjEyWhcNMjUxMDMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODYzMzQ4My1hMGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsS+aK3HlUbIGUGNhRS0fqKanncKLsvZUtLxSbJEv0qYy89W+QfNt32n5H2Id BmluxJFu4AkxhsjxU6LsjFqwf8lMbyZnYwRXCqm4f8z2rWdT9H+lWYKAo8FVUIn4 TBk5iREWBDTezMhYW6FvHDBdVCI4OquNTNBFdZ3ac8QwYE0iQu9sVAopb/GS383e axh+qBGtE845UmpGQWMVZrWovGANXbkmYYx1WR2ZHzHA/gDPpzU0e+sLoaiusNS1 OCtxf8nus1DEw4c3ZwVAzknK61W+QpH2hdK7M6M/28LIN1hTHtWl1GLkRRRstnjA 5ZpaVEieQ+my6n7Y6nI3QteIxQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGLQ12BC S2OeyooLXcj/WZX66R85MB8GA1UdIwQYMBaAFBVHPvs8WuigxHZHt+D95Yhrax+j MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTRBMS84NUZBMENFODgw QjcxMUVDOUZFQjJDNjdDNEY5QUUwMi9GVWMtLXp4YTZLREVka2UzNFAzbGlHdHJI Nk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZVYy0tenhhNktERWRrZTM0UDNsaUd0ckg2TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0U0QTEvODVGQTBDRTg4MEI3MTFFQzlGRUIyQzY3QzRGOUFFMDIvMkQ4MUZGMzY4 MEJCMTFFQzhGRDc2NjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFniqwwDQQCAAIwBwMFACQGb8AwDQYJKoZIhvcNAQELBQAD ggEBAKct35q7aJfO+KrOJxnbO4JrLN7O8LZp4+WtB2zpdRXNR8a+trN61N9cNyJC VY7M2hWPiUa4JAqsavlJS91MBEuIeHV2toKte/FGAWxJWfnTcjUQV5yfJjv318rQ aLtK7sx6zxW6DF+xrcF1ze83+pMZpg/T7NawhrImoyZTgEMxwtYesPJLUJiBWj3o I1M4kxNA9lNtDvMUXWPGE4Ut6/8cCbV0ljl/zuRMcviV9WUmGVVBSjnUmxRQvzLk pglHwXfyO0Jg5uUpow8LLqW+c04uTrjITSWVV0PHQQInqu9lVGtKAG70eBO1AceA gIjxPP7vUZ0AMtnm7oFz70zZGak= -----END CERTIFICATE-----Generated at Thu Jul 3 06:53:14 2025 by rpki-client