$ rpki-client -vvf rpki.apnic.net/member_repository/A912D5C1/B07DCB44FFCC11E9A5E79784C4F9AE02/D7F98876520B11EE8B85DB63C4F9AE02.roa File: D7F98876520B11EE8B85DB63C4F9AE02.roa (raw, json) Hash identifier: PKoIMzmjFW6opIpuPpXxT7JTsKk8w7rWTXfvOheNJEQ= Subject key identifier: 50:6D:4A:64:A0:F1:73:D3:44:64:CB:4E:1D:19:74:50:D7:B6:5C:14 Certificate issuer: /CN=A912D5C1/serialNumber=E82D10D2DA1C98BF68CA4C6491B90FFD0FAB3394 Certificate serial: 0C81 Authority key identifier: E8:2D:10:D2:DA:1C:98:BF:68:CA:4C:64:91:B9:0F:FD:0F:AB:33:94 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6C0Q0tocmL9oykxkkbkP_Q-rM5Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912D5C1/B07DCB44FFCC11E9A5E79784C4F9AE02/D7F98876520B11EE8B85DB63C4F9AE02.roa Signing time: Sat 24 May 2025 18:42:12 +0000 ROA not before: Sat 24 May 2025 18:42:12 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 139033 IP address blocks: 103.138.182.0/23 maxlen: 23 103.138.182.0/24 maxlen: 24 103.138.183.0/24 maxlen: 24 2404:d240::/32 maxlen: 36 2404:d240::/37 maxlen: 37 2404:d240:800::/37 maxlen: 37 2404:d240:1000::/37 maxlen: 37 2404:d240:1800::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912D5C1/B07DCB44FFCC11E9A5E79784C4F9AE02/6C0Q0tocmL9oykxkkbkP_Q-rM5Q.crl rsync://rpki.apnic.net/member_repository/A912D5C1/B07DCB44FFCC11E9A5E79784C4F9AE02/6C0Q0tocmL9oykxkkbkP_Q-rM5Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6C0Q0tocmL9oykxkkbkP_Q-rM5Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Jun 2025 18:14:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3201 (0xc81) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912D5C1, serialNumber=E82D10D2DA1C98BF68CA4C6491B90FFD0FAB3394 Validity Not Before: May 24 18:42:12 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68321303-182c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:7c:5f:61:6e:bb:44:50:ec:ec:bd:cc:01:03: c9:9e:fe:a0:3f:0a:0d:46:9d:74:e8:78:7d:87:84: 61:90:cc:36:5a:04:f3:0c:5c:ab:ac:3f:95:46:33: 1e:8b:c8:79:31:d0:20:5b:50:c4:1a:be:fe:18:36: 46:73:76:2a:98:58:46:7c:46:a7:02:d3:9f:a8:d6: 5b:58:fc:b0:48:83:de:e4:e0:97:b9:0b:65:a6:22: db:72:e8:d7:3e:9d:98:3d:e5:4f:9d:ba:d1:4f:99: 03:36:ce:79:c4:7f:dd:10:89:64:86:db:fc:84:b3: 73:f3:14:5c:ff:1f:ec:52:95:0b:75:fc:ad:b3:6c: 60:5e:1e:a1:a7:19:7f:55:ee:64:6e:44:0a:00:53: d9:91:a1:b8:4d:d7:42:fa:dd:64:dc:8c:52:4e:a4: 90:2b:af:3b:51:89:9f:ef:be:43:a5:76:7d:99:d0: 42:bd:0c:e8:64:c3:f2:b8:6d:ec:bb:ff:94:53:be: 27:f6:0f:e6:76:f7:cd:dc:e1:03:8e:b1:23:0b:46: 30:3e:6e:ea:40:01:a6:15:fd:76:f5:5e:a9:4a:e6: 7e:ff:95:66:2b:74:bf:54:0f:55:d2:7d:14:14:75: ed:0f:34:2a:6d:cc:cf:94:2f:d0:1b:98:33:6d:ad: af:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:6D:4A:64:A0:F1:73:D3:44:64:CB:4E:1D:19:74:50:D7:B6:5C:14 X509v3 Authority Key Identifier: keyid:E8:2D:10:D2:DA:1C:98:BF:68:CA:4C:64:91:B9:0F:FD:0F:AB:33:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912D5C1/B07DCB44FFCC11E9A5E79784C4F9AE02/6C0Q0tocmL9oykxkkbkP_Q-rM5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6C0Q0tocmL9oykxkkbkP_Q-rM5Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D5C1/B07DCB44FFCC11E9A5E79784C4F9AE02/D7F98876520B11EE8B85DB63C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.182.0/23 IPv6: 2404:d240::/32 Signature Algorithm: sha256WithRSAEncryption 4b:9b:39:12:f8:a3:94:eb:97:ae:5c:eb:ae:4b:58:71:84:70: 42:91:2f:7a:81:5b:f5:c0:78:ee:25:82:a8:d3:48:d4:ae:3d: 32:72:d5:2e:c2:00:69:1c:f6:82:88:97:19:7d:cd:f5:61:3c: 0f:f1:fb:d0:56:e5:9e:56:da:91:b7:69:46:e2:40:63:ff:e5: 42:7f:3b:50:67:c7:67:4c:bd:82:0d:e8:6a:09:46:e7:fb:6c: 79:30:f4:8d:64:86:c0:12:55:f8:69:a4:14:a8:a3:bc:f6:b2: 09:94:05:ee:36:f6:25:a7:fa:dc:84:e1:d0:d7:b8:b2:b6:dc: a0:3e:5f:5c:8e:2e:e9:f8:e0:07:fc:e0:c2:4a:a9:f8:2c:76: b2:0a:33:ab:e3:d6:03:97:b7:cc:49:2a:66:09:8e:a3:3b:e0: 02:d1:99:e9:d5:61:b8:7f:21:35:ec:08:96:87:67:9f:c1:47: ba:8e:b7:91:a2:2f:0a:52:e8:2b:ea:31:21:92:05:53:2e:2f: 4d:6e:8a:08:53:40:65:1a:31:19:36:73:bf:e7:39:06:a3:4a: 1c:f2:c3:7c:c6:2f:4f:73:65:bf:1c:5d:b7:4a:09:a2:9f:d4: 05:4e:0e:8b:8a:7e:e1:a7:31:fb:8d:d8:50:06:ba:81:3e:2c: 4b:bc:b1:07 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICDIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkQ1QzExMTAvBgNVBAUTKEU4MkQxMEQyREExQzk4QkY2OENBNEM2NDkxQjkwRkZE MEZBQjMzOTQwHhcNMjUwNTI0MTg0MjEyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODMyMTMwMy0xODJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsXxfYW67RFDs7L3MAQPJnv6gPwoNRp106Hh9h4RhkMw2WgTzDFyrrD+VRjMe i8h5MdAgW1DEGr7+GDZGc3YqmFhGfEanAtOfqNZbWPywSIPe5OCXuQtlpiLbcujX Pp2YPeVPnbrRT5kDNs55xH/dEIlkhtv8hLNz8xRc/x/sUpULdfyts2xgXh6hpxl/ Ve5kbkQKAFPZkaG4TddC+t1k3IxSTqSQK687UYmf775DpXZ9mdBCvQzoZMPyuG3s u/+UU74n9g/mdvfN3OEDjrEjC0YwPm7qQAGmFf129V6pSuZ+/5VmK3S/VA9V0n0U FHXtDzQqbczPlC/QG5gzba2viwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFBtSmSg 8XPTRGTLTh0ZdFDXtlwUMB8GA1UdIwQYMBaAFOgtENLaHJi/aMpMZJG5D/0PqzOU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRDVDMS9CMDdEQ0I0NEZG Q0MxMUU5QTVFNzk3ODRDNEY5QUUwMi82QzBRMHRvY21MOW95a3hra2JrUF9RLXJN NVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZDMFEwdG9jbUw5b3lreGtrYmtQX1Etck01US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkQ1QzEvQjA3RENCNDRGRkNDMTFFOUE1RTc5Nzg0QzRGOUFFMDIvRDdGOTg4NzY1 MjBCMTFFRThCODVEQjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnirYwDQQCAAIwBwMFACQE0kAwDQYJKoZIhvcNAQELBQAD ggEBAEubORL4o5Trl65c665LWHGEcEKRL3qBW/XAeO4lgqjTSNSuPTJy1S7CAGkc 9oKIlxl9zfVhPA/x+9BW5Z5W2pG3aUbiQGP/5UJ/O1Bnx2dMvYIN6GoJRuf7bHkw 9I1khsASVfhppBSoo7z2sgmUBe429iWn+tyE4dDXuLK23KA+X1yOLun44Af84MJK qfgsdrIKM6vj1gOXt8xJKmYJjqM74ALRmenVYbh/ITXsCJaHZ5/BR7qOt5GiLwpS 6CvqMSGSBVMuL01uighTQGUaMRk2c7/nOQajShzyw3zGL09zZb8cXbdKCaKf1AVO DouKfuGnMfuN2FAGuoE+LEu8sQc= -----END CERTIFICATE-----Generated at Sat Jun 21 12:36:08 2025 by rpki-client