$ rpki-client -vvf rpki.apnic.net/member_repository/A914573E/6768978EA5A411EB98C3290FC4F9AE02/B67E0BB4A5A511EB94C0DE0FC4F9AE02.roa File: B67E0BB4A5A511EB94C0DE0FC4F9AE02.roa (raw, json) Hash identifier: abFPv422MLo42yfuvK6GPVX4x/zkpsuvBFUhQvjbtGQ= Subject key identifier: BC:AC:E7:71:0D:28:A8:50:61:3C:E5:69:A0:7B:D8:3B:4E:03:D2:70 Certificate issuer: /CN=A914573E/serialNumber=DA57A24207047008D73A65D68224A47B9A03DAAA Certificate serial: 05FE Authority key identifier: DA:57:A2:42:07:04:70:08:D7:3A:65:D6:82:24:A4:7B:9A:03:DA:AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2leiQgcEcAjXOmXWgiSke5oD2qo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914573E/6768978EA5A411EB98C3290FC4F9AE02/B67E0BB4A5A511EB94C0DE0FC4F9AE02.roa Signing time: Fri 18 Apr 2025 23:23:28 +0000 ROA not before: Fri 18 Apr 2025 23:23:28 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 142060 IP address blocks: 103.166.74.0/23 maxlen: 23 103.166.74.0/24 maxlen: 24 103.166.75.0/24 maxlen: 24 2001:df6:8280::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914573E/6768978EA5A411EB98C3290FC4F9AE02/2leiQgcEcAjXOmXWgiSke5oD2qo.crl rsync://rpki.apnic.net/member_repository/A914573E/6768978EA5A411EB98C3290FC4F9AE02/2leiQgcEcAjXOmXWgiSke5oD2qo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2leiQgcEcAjXOmXWgiSke5oD2qo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 22:37:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1534 (0x5fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914573E, serialNumber=DA57A24207047008D73A65D68224A47B9A03DAAA Validity Not Before: Apr 18 23:23:28 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6802def0-8f6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c6:36:46:97:12:63:6b:a8:ba:01:88:cf:1e: 62:cf:c5:3f:8b:a0:2a:b5:67:bd:d3:6c:54:df:84: 2f:45:d7:65:3c:5e:a2:51:09:50:3e:1a:66:33:76: 73:b7:39:ba:ff:6e:6b:98:4a:b5:61:bb:24:d7:4a: 02:78:98:1f:2f:75:fe:c2:b1:f3:de:a2:c4:4d:4a: ff:da:e5:f4:df:60:1b:ee:62:35:7c:68:d3:fc:fe: 03:31:02:23:58:25:b5:10:46:8b:7e:ed:58:e0:62: ab:3f:c2:9c:49:12:ca:d5:de:30:ea:12:11:23:a4: f4:fb:c0:0b:6f:e3:d4:bc:5e:ca:7c:c6:0f:a1:49: 67:71:f8:68:0e:26:47:9d:35:40:7c:92:b7:58:f7: 2d:2c:52:2d:48:35:ae:96:0d:f9:f9:61:20:31:00: e5:76:e6:a0:8a:af:60:ce:81:de:4f:e7:65:7d:bf: 5b:a5:fd:f7:b0:68:ca:36:2b:c4:a9:86:58:01:ec: cd:59:10:62:e9:97:66:dc:80:c8:e2:c3:b4:b8:11: 3b:64:5f:ec:bb:51:8c:09:0a:9d:af:05:68:29:c9: 66:e3:97:2a:e2:85:11:cf:60:06:37:c2:37:14:a7: d5:dd:a4:6a:58:09:7a:b3:45:73:f0:df:d3:14:f1: d5:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:AC:E7:71:0D:28:A8:50:61:3C:E5:69:A0:7B:D8:3B:4E:03:D2:70 X509v3 Authority Key Identifier: keyid:DA:57:A2:42:07:04:70:08:D7:3A:65:D6:82:24:A4:7B:9A:03:DA:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914573E/6768978EA5A411EB98C3290FC4F9AE02/2leiQgcEcAjXOmXWgiSke5oD2qo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2leiQgcEcAjXOmXWgiSke5oD2qo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914573E/6768978EA5A411EB98C3290FC4F9AE02/B67E0BB4A5A511EB94C0DE0FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.166.74.0/23 IPv6: 2001:df6:8280::/48 Signature Algorithm: sha256WithRSAEncryption a2:ef:78:14:4c:06:6b:72:d7:1a:f6:30:e5:97:59:61:2b:76: 92:67:1c:cb:18:25:fd:de:5c:23:29:ee:78:8a:b5:4f:2e:67: 68:24:36:2d:61:f0:fa:5b:3e:ef:13:f7:bb:ea:73:03:74:b5: c6:19:35:a4:c1:c2:18:f8:08:f5:06:cb:71:90:a7:67:b2:7c: 82:a4:18:e4:3b:6a:7d:d3:7f:1d:a2:b4:6e:4c:7e:7e:69:78: 59:f1:41:e5:42:1a:29:9c:1f:eb:a3:8d:ed:ad:90:5a:72:47: 88:99:d2:14:18:60:54:6e:ec:a0:aa:b4:2b:5c:c9:3f:7b:dc: 0b:2f:82:a4:8f:64:b6:36:3b:1f:86:7e:e8:76:94:7f:7b:9a: c9:c2:87:f5:ac:a8:e1:2f:d2:e6:30:44:a5:b0:4f:da:e7:c2: c5:9d:6b:f4:6a:db:3d:b5:56:7a:cd:93:8f:8a:77:db:5e:ec: f1:aa:54:af:02:16:6b:79:6f:6a:06:46:e9:c5:28:1f:c0:58: e4:41:51:16:7a:fb:6b:57:7e:bb:41:17:e3:fd:d2:ca:4a:bf: a6:2b:fb:b1:35:57:84:e7:9c:16:09:bc:b8:be:b6:1a:23:3f: 1b:7e:51:84:26:8b:51:b9:58:b8:44:a7:88:31:ae:1f:49:0d: 39:9f:c1:c9 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU3M0UxMTAvBgNVBAUTKERBNTdBMjQyMDcwNDcwMDhENzNBNjVENjgyMjRBNDdC OUEwM0RBQUEwHhcNMjUwNDE4MjMyMzI4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODAyZGVmMC04ZjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAscY2RpcSY2uougGIzx5iz8U/i6AqtWe902xU34QvRddlPF6iUQlQPhpmM3Zz tzm6/25rmEq1Ybsk10oCeJgfL3X+wrHz3qLETUr/2uX032Ab7mI1fGjT/P4DMQIj WCW1EEaLfu1Y4GKrP8KcSRLK1d4w6hIRI6T0+8ALb+PUvF7KfMYPoUlncfhoDiZH nTVAfJK3WPctLFItSDWulg35+WEgMQDlduagiq9gzoHeT+dlfb9bpf33sGjKNivE qYZYAezNWRBi6Zdm3IDI4sO0uBE7ZF/su1GMCQqdrwVoKclm45cq4oURz2AGN8I3 FKfV3aRqWAl6s0Vz8N/TFPHVjQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLys53EN KKhQYTzlaaB72DtOA9JwMB8GA1UdIwQYMBaAFNpXokIHBHAI1zpl1oIkpHuaA9qq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTczRS82NzY4OTc4RUE1 QTQxMUVCOThDMzI5MEZDNEY5QUUwMi8ybGVpUWdjRWNBalhPbVhXZ2lTa2U1b0Qy cW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJsZWlRZ2NFY0FqWE9tWFdnaVNrZTVvRDJxby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDU3M0UvNjc2ODk3OEVBNUE0MTFFQjk4QzMyOTBGQzRGOUFFMDIvQjY3RTBCQjRB NUE1MTFFQjk0QzBERTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnpkowDwQCAAIwCQMHACABDfaCgDANBgkqhkiG9w0BAQsF AAOCAQEAou94FEwGa3LXGvYw5ZdZYSt2kmccyxgl/d5cIynueIq1Ty5naCQ2LWHw +ls+7xP3u+pzA3S1xhk1pMHCGPgI9QbLcZCnZ7J8gqQY5DtqfdN/HaK0bkx+fml4 WfFB5UIaKZwf66ON7a2QWnJHiJnSFBhgVG7soKq0K1zJP3vcCy+CpI9ktjY7H4Z+ 6HaUf3uaycKH9ayo4S/S5jBEpbBP2ufCxZ1r9GrbPbVWes2Tj4p3217s8apUrwIW a3lvagZG6cUoH8BY5EFRFnr7a1d+u0EX4/3Sykq/piv7sTVXhOecFgm8uL62GiM/ G35RhCaLUblYuESniDGuH0kNOZ/ByQ== -----END CERTIFICATE-----Generated at Tue Nov 4 19:04:09 2025 by rpki-client