$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/804EBE76E89811EC8CDD1B61C4F9AE02.roa File: 804EBE76E89811EC8CDD1B61C4F9AE02.roa (raw, json) Hash identifier: 5AqFvgOp5LjdGxzS5FdfdkmklTxf6ffgUJ9yB6JJGsQ= Subject key identifier: 72:A5:F3:AA:4B:4A:03:36:C4:01:0A:76:1D:43:B3:CD:77:09:99:A9 Certificate issuer: /CN=A91F8A41/serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14 Certificate serial: 0712 Authority key identifier: CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/804EBE76E89811EC8CDD1B61C4F9AE02.roa Signing time: Sat 10 May 2025 22:22:19 +0000 ROA not before: Sat 10 May 2025 22:22:19 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 132395 IP address blocks: 103.20.24.0/22 maxlen: 22 103.42.208.0/22 maxlen: 24 202.152.68.0/24 maxlen: 24 202.152.76.0/22 maxlen: 22 202.152.76.0/24 maxlen: 24 202.152.77.0/24 maxlen: 24 202.152.78.0/24 maxlen: 24 202.152.79.0/24 maxlen: 24 202.152.88.0/22 maxlen: 22 202.160.32.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 22:46:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1810 (0x712) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8A41, serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14 Validity Not Before: May 10 22:22:19 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681fd19a-f7c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:44:91:66:02:f0:89:74:77:fb:3c:d2:8c:3b: c7:af:30:48:3c:03:63:04:d3:79:15:01:8a:74:3f: 46:8e:0c:ae:c8:6d:36:74:f5:2e:fc:67:8a:b6:37: d2:ff:f5:90:47:2a:bc:2d:40:ef:0e:a7:0f:0b:f4: c6:1f:bd:4d:68:ba:61:1f:80:dd:7a:18:b9:84:05: 1a:fa:f0:7c:8e:c6:61:e6:d6:bd:1f:18:36:42:31: 7c:4c:db:c7:03:b4:8b:9a:68:96:0b:44:d2:df:8c: fc:8b:d3:13:f5:ab:ea:b5:16:4c:ab:32:91:7f:cb: 06:da:ef:5c:9c:19:e2:0f:1d:83:22:95:55:c1:e4: 04:f8:ff:e8:b4:ee:ce:5c:17:4f:ba:7c:b7:ce:51: 27:98:c0:d9:41:d2:e2:53:a3:1f:d9:c5:57:51:f1: e4:b5:74:be:26:8a:7b:75:1a:ad:22:f3:cd:39:4c: 06:0b:05:1c:45:1c:03:79:3f:e0:35:fc:c3:15:61: bf:46:15:67:1f:9b:eb:0f:f9:95:f2:30:93:1b:a2: 8d:dc:b9:ff:9e:f5:99:43:57:b1:7f:9b:5b:8e:48: 6a:bb:3b:49:87:d7:5d:48:48:62:8e:d9:aa:42:f5: 1c:ab:81:19:54:a6:bf:e0:c7:85:e3:1f:87:5b:38: 8b:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:A5:F3:AA:4B:4A:03:36:C4:01:0A:76:1D:43:B3:CD:77:09:99:A9 X509v3 Authority Key Identifier: keyid:CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/804EBE76E89811EC8CDD1B61C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.20.24.0/22 103.42.208.0/22 202.152.68.0/24 202.152.76.0/22 202.152.88.0/22 202.160.32.0/20 Signature Algorithm: sha256WithRSAEncryption 3c:0e:20:3a:20:ef:32:26:99:68:a4:63:eb:78:11:f7:8b:7b: 8f:c9:34:9b:1b:22:87:cb:fd:45:d2:c0:92:d3:9a:81:ad:8c: 2d:80:2d:88:c5:9d:f6:7b:c0:5f:84:00:27:96:af:fc:10:e3: 4a:5a:38:7b:7e:e4:4e:83:61:cc:ac:9b:57:7c:9c:a6:1c:24: a7:5e:6b:11:87:4f:ca:38:75:25:e1:f6:05:a0:0d:51:bc:2d: 38:15:b2:39:f0:96:66:18:49:7a:29:75:fc:e1:ed:c1:53:0a: 73:2f:6b:77:3f:f4:a4:03:59:a2:83:9a:2a:33:5f:2c:96:3f: a3:8f:09:a1:57:a1:8b:1c:a5:3c:d0:fa:fb:ae:1e:10:f4:5d: 2d:09:b7:38:f8:cd:3b:f8:6b:eb:79:b5:29:75:93:cf:a2:19: 25:43:ee:73:a5:36:a2:f8:fe:b1:2a:37:11:6d:65:71:51:6c: 39:2c:7c:4e:38:e8:92:79:2f:5b:8e:9e:ee:13:6a:83:94:e8: d4:63:28:fe:34:f5:fc:12:8b:e9:c1:8f:4c:53:2b:32:68:64: b8:f9:e5:f3:7b:a2:35:6d:86:15:1b:db:be:d1:69:4a:82:76: c7:f2:9c:a1:53:71:29:a9:da:15:be:2a:26:22:2c:21:d9:1c: 26:1c:73:fd -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICBxIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhBNDExMTAvBgNVBAUTKENERkVERjJENDExQzg0QzM2REMzQkI2QTAyRkRGMUFD NTBCNUJBMTQwHhcNMjUwNTEwMjIyMjE5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFmZDE5YS1mN2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyESRZgLwiXR3+zzSjDvHrzBIPANjBNN5FQGKdD9GjgyuyG02dPUu/GeKtjfS //WQRyq8LUDvDqcPC/TGH71NaLphH4Ddehi5hAUa+vB8jsZh5ta9Hxg2QjF8TNvH A7SLmmiWC0TS34z8i9MT9avqtRZMqzKRf8sG2u9cnBniDx2DIpVVweQE+P/otO7O XBdPuny3zlEnmMDZQdLiU6Mf2cVXUfHktXS+Jop7dRqtIvPNOUwGCwUcRRwDeT/g NfzDFWG/RhVnH5vrD/mV8jCTG6KN3Ln/nvWZQ1exf5tbjkhquztJh9ddSEhijtmq QvUcq4EZVKa/4MeF4x+HWziLBwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFHKl86pL SgM2xAEKdh1Ds813CZmpMB8GA1UdIwQYMBaAFM3+3y1BHITDbcO7agL98axQtboU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEE0MS81NTQxNDBERTg3 QkMxMUVCQjNDMDgyNzJDNEY5QUUwMi96ZjdmTFVFY2hNTnR3N3RxQXYzeHJGQzF1 aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pmN2ZMVUVjaE1OdHc3dHFBdjN4ckZDMXVoUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjhBNDEvNTU0MTQwREU4N0JDMTFFQkIzQzA4MjcyQzRGOUFFMDIvODA0RUJFNzZF ODk4MTFFQzhDREQxQjYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAJnFBgDBAJnKtADBADKmEQDBALKmEwDBALKmFgDBATKoCAw DQYJKoZIhvcNAQELBQADggEBADwOIDog7zImmWikY+t4EfeLe4/JNJsbIofL/UXS wJLTmoGtjC2ALYjFnfZ7wF+EACeWr/wQ40paOHt+5E6DYcysm1d8nKYcJKdeaxGH T8o4dSXh9gWgDVG8LTgVsjnwlmYYSXopdfzh7cFTCnMva3c/9KQDWaKDmiozXyyW P6OPCaFXoYscpTzQ+vuuHhD0XS0Jtzj4zTv4a+t5tSl1k8+iGSVD7nOlNqL4/rEq NxFtZXFRbDksfE446JJ5L1uOnu4TaoOU6NRjKP409fwSi+nBj0xTKzJoZLj55fN7 ojVthhUb277RaUqCdsfynKFTcSmp2hW+KiYiLCHZHCYcc/0= -----END CERTIFICATE-----Generated at Thu Jul 3 14:57:01 2025 by rpki-client