$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/5C61E59E342911F09B7E033FC4F9AE02.roa File: 5C61E59E342911F09B7E033FC4F9AE02.roa (raw, json) Hash identifier: daPM14StaLBSEpKpLWzwl0jfYPLnAS0ot/OLcvdSgSU= Subject key identifier: 87:3F:92:01:58:A1:77:52:AE:7D:BE:A0:BD:91:38:4E:87:34:C2:36 Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93 Certificate serial: 2895 Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/5C61E59E342911F09B7E033FC4F9AE02.roa Signing time: Sat 26 Jul 2025 15:54:20 +0000 ROA not before: Sat 26 Jul 2025 15:54:20 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 7489 IP address blocks: 27.100.36.0/23 maxlen: 24 45.124.64.0/22 maxlen: 24 103.192.176.0/22 maxlen: 24 103.196.20.0/23 maxlen: 24 103.217.252.0/22 maxlen: 22 103.217.253.0/24 maxlen: 24 2402:9e80::/48 maxlen: 48 2402:9e80:1::/48 maxlen: 48 2402:9e80:5::/48 maxlen: 48 2402:9e80:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10389 (0x2895) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C28D, serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93 Validity Not Before: Jul 26 15:54:20 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=6884fa2c-099a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:15:0b:d2:a3:68:16:95:6a:ad:16:5a:46:d3: b6:25:18:d6:61:d8:e6:a7:c1:85:ea:aa:e8:cd:94: 00:5b:dc:30:f6:b6:eb:fd:d2:6f:47:83:02:df:01: c0:a6:ed:d1:50:52:6e:8c:03:8e:f9:ce:45:c6:9f: 6b:fa:4d:50:ba:a3:38:4b:9a:0c:fa:8d:c0:7c:38: 50:27:ab:7c:e3:22:49:39:96:20:14:4f:1b:f7:7e: 7d:d4:d4:85:2d:1a:39:5d:f3:8e:32:90:f1:d8:83: 6a:65:6a:05:5c:5b:4c:48:ee:cb:1a:e7:f3:15:67: b7:0a:2c:55:b7:94:ab:68:39:ee:ed:54:cd:a7:59: 56:4f:89:57:ec:fc:fa:84:83:45:53:cb:26:33:31: 65:0c:34:63:f8:70:97:d9:b9:9f:5d:97:5e:54:63: 73:b2:b1:5c:db:f3:27:6c:15:81:aa:c5:17:85:a6: fe:3a:25:26:5e:61:4f:5e:ce:52:a5:e7:06:ca:a2: 0a:93:f1:32:c2:3b:a7:54:e1:ad:4a:2b:3f:9b:ed: 99:6b:05:9e:92:0c:d5:a5:5e:87:f3:2e:68:cb:f8: 85:c4:67:0a:fb:dc:e2:bb:80:70:09:cc:9e:4f:04: 0a:c0:98:dc:f0:4c:fc:79:18:ef:96:9b:ee:f2:47: 5e:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:3F:92:01:58:A1:77:52:AE:7D:BE:A0:BD:91:38:4E:87:34:C2:36 X509v3 Authority Key Identifier: keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/5C61E59E342911F09B7E033FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.100.36.0/23 45.124.64.0/22 103.192.176.0/22 103.196.20.0/23 103.217.252.0/22 IPv6: 2402:9e80::/47 2402:9e80:5::/48 2402:9e80:a::/48 Signature Algorithm: sha256WithRSAEncryption b0:ef:6b:13:ae:fa:b2:e4:3d:c3:3f:5e:f3:c1:ac:db:4f:50: e8:60:71:6c:eb:bd:17:fe:be:b4:50:fa:ed:6f:33:1c:6c:7f: b1:6c:dc:3d:3e:71:c1:e8:a8:49:fd:34:ac:c2:57:bc:2b:23: 61:23:fc:ed:60:a7:6d:39:d2:56:ff:38:a0:23:fd:ed:25:ba: 58:c7:eb:d3:93:23:a4:9c:33:6e:ca:c4:8d:30:5f:a1:0e:8b: 24:e0:22:74:99:d7:71:c5:65:dd:7f:ca:ee:07:b9:b8:e1:de: 04:bb:2d:50:42:76:84:fb:86:6f:57:f5:ef:d2:45:4d:c9:1a: 88:0c:d9:fe:ff:97:89:e3:e5:4c:6a:57:5f:4c:77:da:60:96: cd:c0:a3:79:0e:c5:3b:a3:cd:1e:69:7a:cc:5e:04:07:d3:5e: d4:57:c0:ce:ff:28:68:a7:ad:e5:99:02:dd:f2:aa:da:4f:aa: cf:66:b0:ff:56:9f:ca:9a:1d:dc:e6:55:48:ab:2a:35:d9:ba: cf:8e:09:cc:8b:cb:a8:0b:e8:e8:c8:68:76:ac:c2:62:c4:58: a8:57:e5:a6:0d:53:93:09:2b:16:05:67:2d:1b:ce:97:2e:c6: 9e:9a:90:5e:0c:94:b0:14:b6:4c:d1:a7:54:5c:8f:f1:ab:96: 42:e8:c4:11 -----BEGIN CERTIFICATE----- MIIFrDCCBJSgAwIBAgICKJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw ODYzRDNEOTMwHhcNMjUwNzI2MTU1NDIwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODg0ZmEyYy0wOTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyxUL0qNoFpVqrRZaRtO2JRjWYdjmp8GF6qrozZQAW9ww9rbr/dJvR4MC3wHA pu3RUFJujAOO+c5Fxp9r+k1QuqM4S5oM+o3AfDhQJ6t84yJJOZYgFE8b93591NSF LRo5XfOOMpDx2INqZWoFXFtMSO7LGufzFWe3CixVt5SraDnu7VTNp1lWT4lX7Pz6 hINFU8smMzFlDDRj+HCX2bmfXZdeVGNzsrFc2/MnbBWBqsUXhab+OiUmXmFPXs5S pecGyqIKk/EywjunVOGtSis/m+2ZawWekgzVpV6H8y5oy/iFxGcK+9ziu4BwCcye TwQKwJjc8Ez8eRjvlpvu8kdeywIDAQABo4IC0DCCAswwHQYDVR0OBBYEFIc/kgFY oXdSrn2+oL2ROE6HNMI2MB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvNUM2MUU1OUUz NDI5MTFGMDlCN0UwMzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWgYIKwYBBQUHAQcBAf8E SzBJMCQEAgABMB4DBAEbZCQDBAItfEADBAJnwLADBAFnxBQDBAJn2fwwIQQCAAIw GwMHASQCnoAAAAMHACQCnoAABQMHACQCnoAACjANBgkqhkiG9w0BAQsFAAOCAQEA sO9rE676suQ9wz9e88Gs209Q6GBxbOu9F/6+tFD67W8zHGx/sWzcPT5xweioSf00 rMJXvCsjYSP87WCnbTnSVv84oCP97SW6WMfr05MjpJwzbsrEjTBfoQ6LJOAidJnX ccVl3X/K7ge5uOHeBLstUEJ2hPuGb1f179JFTckaiAzZ/v+XiePlTGpXX0x32mCW zcCjeQ7FO6PNHml6zF4EB9Ne1FfAzv8oaKet5ZkC3fKq2k+qz2aw/1afypod3OZV SKsqNdm6z44JzIvLqAvo6MhodqzCYsRYqFflpg1TkwkrFgVnLRvOly7GnpqQXgyU sBS2TNGnVFyP8auWQujEEQ== -----END CERTIFICATE-----Generated at Sat Aug 9 10:36:35 2025 by rpki-client