$ rpki-client -vvf rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/33534662AF4511E9B648CE6AC4F9AE02.roa File: 33534662AF4511E9B648CE6AC4F9AE02.roa (raw, json) Hash identifier: kbrsBWLPmTs2n5OoEUQRcNgIkU1aEuNqMVThcieEjvY= Subject key identifier: 3D:CE:A9:23:A7:C2:3F:87:2B:DB:F7:74:03:66:85:BC:86:56:77:E0 Certificate issuer: /CN=A9140F6E/serialNumber=EC0C482B2D97C28C896FAECD51F50E9B16257441 Certificate serial: 0E24 Authority key identifier: EC:0C:48:2B:2D:97:C2:8C:89:6F:AE:CD:51:F5:0E:9B:16:25:74:41 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AxIKy2XwoyJb67NUfUOmxYldEE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/33534662AF4511E9B648CE6AC4F9AE02.roa Signing time: Sat 02 Aug 2025 18:27:45 +0000 ROA not before: Sat 02 Aug 2025 18:27:45 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 135582 IP address blocks: 103.66.222.0/23 maxlen: 23 103.66.222.0/24 maxlen: 24 103.66.223.0/24 maxlen: 24 103.100.136.0/23 maxlen: 23 103.100.136.0/24 maxlen: 24 103.100.137.0/24 maxlen: 24 2402:61c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/7AxIKy2XwoyJb67NUfUOmxYldEE.crl rsync://rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/7AxIKy2XwoyJb67NUfUOmxYldEE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AxIKy2XwoyJb67NUfUOmxYldEE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3620 (0xe24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9140F6E, serialNumber=EC0C482B2D97C28C896FAECD51F50E9B16257441 Validity Not Before: Aug 2 18:27:45 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=688e58a1-7e51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:60:cb:d0:62:bb:c6:bb:01:d7:9d:04:d9:da: bf:66:54:a2:55:47:bd:f1:4b:68:1a:15:1f:6b:25: 28:ee:93:27:56:bc:aa:bb:d2:9d:13:be:89:62:99: 03:4f:12:5d:15:0b:39:c6:f8:e2:0d:75:9e:2b:2a: 4d:5c:5f:16:de:83:73:38:87:bd:80:6f:99:a8:6a: ce:83:65:9c:78:f2:da:ce:cf:7b:6b:60:52:f6:93: 5c:68:95:db:50:65:74:cd:b8:0a:df:35:ed:9a:01: d4:b8:34:81:33:d6:46:57:99:53:38:01:97:b4:ae: a4:5a:ca:11:ef:98:7e:43:2c:37:0b:ef:01:af:50: f7:e6:08:5f:b8:d6:9b:68:78:0d:01:c4:a4:ec:e5: 53:bf:fe:66:96:07:b0:d3:47:c3:24:58:56:dd:f0: bd:a0:2f:96:e9:c8:8e:7d:62:ef:46:99:00:b1:24: c4:15:e9:e3:a0:cb:a0:3e:ff:19:18:0d:95:09:6c: dd:71:50:4a:cd:93:d6:14:f7:19:bf:67:f0:5e:d1: 61:dc:a5:17:cd:5b:8d:f4:6b:53:0c:ec:dd:b0:e7: 46:b3:a7:8f:a1:26:25:3c:fb:52:e2:5a:80:c2:94: 75:24:52:f4:03:2d:e5:32:62:83:69:fe:19:0c:ec: 55:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:CE:A9:23:A7:C2:3F:87:2B:DB:F7:74:03:66:85:BC:86:56:77:E0 X509v3 Authority Key Identifier: keyid:EC:0C:48:2B:2D:97:C2:8C:89:6F:AE:CD:51:F5:0E:9B:16:25:74:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/7AxIKy2XwoyJb67NUfUOmxYldEE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AxIKy2XwoyJb67NUfUOmxYldEE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140F6E/D0E82DE0AF4311E9B3DFEE68C4F9AE02/33534662AF4511E9B648CE6AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.66.222.0/23 103.100.136.0/23 IPv6: 2402:61c0::/32 Signature Algorithm: sha256WithRSAEncryption 69:b3:86:74:16:04:f3:f4:4a:5c:8c:cb:a1:45:89:62:05:ab: c6:af:3f:96:91:07:a7:6c:1b:ba:d5:31:40:5f:3e:e4:51:61: e0:0e:0c:af:91:65:8c:cb:b8:1d:ac:94:84:94:10:37:ea:60: e7:f7:64:9f:8c:1d:60:24:f3:68:1b:86:ad:4f:2e:14:7b:ad: 9f:29:52:8f:6b:ef:a1:74:44:2d:1b:1f:89:bf:8b:38:ee:67: f0:23:ff:27:3d:a7:fe:94:fb:4b:cb:10:57:58:0d:42:84:eb: 02:1c:7d:23:e0:e2:1b:a2:5b:db:b5:d3:7d:24:94:23:21:13: 65:de:16:4f:e9:ac:ef:a0:b9:a3:f5:ed:88:a8:67:4f:93:13: f7:29:7d:8a:1c:41:fa:cf:74:00:af:63:3b:e4:e7:d4:f1:14: 19:03:4b:d7:79:e5:8f:50:b8:e9:f3:f6:76:aa:48:3c:f8:1a: b2:88:bb:06:78:46:b6:e7:3a:60:85:92:52:45:56:ba:4e:ec: 59:8a:e1:39:2b:5b:3c:74:fd:20:66:69:bb:15:6c:f5:9e:01: cc:c8:87:ce:33:17:a9:4b:8e:2b:7a:3d:56:05:a1:65:af:6c: 8a:94:ed:6d:06:45:66:e6:62:5a:5c:1d:06:1b:63:b1:39:3b: 98:4a:ed:7b -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDBGNkUxMTAvBgNVBAUTKEVDMEM0ODJCMkQ5N0MyOEM4OTZGQUVDRDUxRjUwRTlC MTYyNTc0NDEwHhcNMjUwODAyMTgyNzQ1WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhlNThhMS03ZTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA12DL0GK7xrsB150E2dq/ZlSiVUe98UtoGhUfayUo7pMnVryqu9KdE76JYpkD TxJdFQs5xvjiDXWeKypNXF8W3oNzOIe9gG+ZqGrOg2WcePLazs97a2BS9pNcaJXb UGV0zbgK3zXtmgHUuDSBM9ZGV5lTOAGXtK6kWsoR75h+Qyw3C+8Br1D35ghfuNab aHgNAcSk7OVTv/5mlgew00fDJFhW3fC9oC+W6ciOfWLvRpkAsSTEFenjoMugPv8Z GA2VCWzdcVBKzZPWFPcZv2fwXtFh3KUXzVuN9GtTDOzdsOdGs6ePoSYlPPtS4lqA wpR1JFL0Ay3lMmKDaf4ZDOxVXwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFD3OqSOn wj+HK9v3dANmhbyGVnfgMB8GA1UdIwQYMBaAFOwMSCstl8KMiW+uzVH1DpsWJXRB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEY2RS9EMEU4MkRFMEFG NDMxMUU5QjNERkVFNjhDNEY5QUUwMi83QXhJS3kyWHdveUpiNjdOVWZVT214WWxk RUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdBeElLeTJYd295SmI2N05VZlVPbXhZbGRFRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDBGNkUvRDBFODJERTBBRjQzMTFFOUIzREZFRTY4QzRGOUFFMDIvMzM1MzQ2NjJB RjQ1MTFFOUI2NDhDRTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAFnQt4DBAFnZIgwDQQCAAIwBwMFACQCYcAwDQYJKoZIhvcN AQELBQADggEBAGmzhnQWBPP0SlyMy6FFiWIFq8avP5aRB6dsG7rVMUBfPuRRYeAO DK+RZYzLuB2slISUEDfqYOf3ZJ+MHWAk82gbhq1PLhR7rZ8pUo9r76F0RC0bH4m/ izjuZ/Aj/yc9p/6U+0vLEFdYDUKE6wIcfSPg4huiW9u1030klCMhE2XeFk/prO+g uaP17YioZ0+TE/cpfYocQfrPdACvYzvk59TxFBkDS9d55Y9QuOnz9naqSDz4GrKI uwZ4RrbnOmCFklJFVrpO7FmK4TkrWzx0/SBmabsVbPWeAczIh84zF6lLjit6PVYF oWWvbIqU7W0GRWbmYlpcHQYbY7E5O5hK7Xs= -----END CERTIFICATE-----Generated at Sun Aug 10 18:56:24 2025 by rpki-client