$ rpki-client -vvf rpki.apnic.net/member_repository/A91479A7/8BA963D443F511EE9A8E4E16C4F9AE02/7EF0B0AC4D9B11EEB019A31FC4F9AE02.roa File: 7EF0B0AC4D9B11EEB019A31FC4F9AE02.roa (raw, json) Hash identifier: uvZ2Q94gPhmYQwiI4YLVYozC9g+L2KL5OS58nY+uLv0= Subject key identifier: 30:BA:EF:F0:76:1C:49:1F:72:DF:97:61:20:28:62:B1:0F:33:F4:F6 Certificate issuer: /CN=A91479A7/serialNumber=2F2477EBBE56B0D7A0AD44C2717DB5FE080DCAE8 Certificate serial: 01A5 Authority key identifier: 2F:24:77:EB:BE:56:B0:D7:A0:AD:44:C2:71:7D:B5:FE:08:0D:CA:E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LyR3675WsNegrUTCcX21_ggNyug.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91479A7/8BA963D443F511EE9A8E4E16C4F9AE02/7EF0B0AC4D9B11EEB019A31FC4F9AE02.roa Signing time: Wed 30 Jul 2025 07:02:40 +0000 ROA not before: Wed 30 Jul 2025 07:02:40 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 142036 IP address blocks: 103.114.160.0/24 maxlen: 24 103.114.161.0/24 maxlen: 24 103.114.162.0/24 maxlen: 24 103.114.163.0/24 maxlen: 24 103.124.104.0/24 maxlen: 24 103.124.105.0/24 maxlen: 24 103.124.106.0/24 maxlen: 24 103.124.107.0/24 maxlen: 24 2402:d0c0:10::/48 maxlen: 48 2402:d0c0:11::/48 maxlen: 48 2402:d0c0:12::/48 maxlen: 48 2402:d0c0:13::/48 maxlen: 48 2402:d0c0:14::/48 maxlen: 48 2402:d0c0:15::/48 maxlen: 48 2402:d0c0:16::/48 maxlen: 48 2402:d0c0:17::/48 maxlen: 48 2402:d0c0:18::/48 maxlen: 48 2402:d0c0:19::/48 maxlen: 48 2402:d0c0:20::/48 maxlen: 48 2402:d0c0:21::/48 maxlen: 48 2402:d0c0:22::/48 maxlen: 48 2402:d0c0:23::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91479A7/8BA963D443F511EE9A8E4E16C4F9AE02/LyR3675WsNegrUTCcX21_ggNyug.crl rsync://rpki.apnic.net/member_repository/A91479A7/8BA963D443F511EE9A8E4E16C4F9AE02/LyR3675WsNegrUTCcX21_ggNyug.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LyR3675WsNegrUTCcX21_ggNyug.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 421 (0x1a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91479A7, serialNumber=2F2477EBBE56B0D7A0AD44C2717DB5FE080DCAE8 Validity Not Before: Jul 30 07:02:40 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6889c38f-818c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:ce:7b:df:58:4f:0b:01:99:f5:ad:0d:d1:c8: b2:98:37:db:aa:97:36:e3:bc:3b:94:54:00:64:84: e3:5d:9b:c0:c0:a2:23:61:1b:ec:da:fa:7d:bb:1a: 3f:c1:e8:d7:40:dc:c0:1e:d7:cc:82:ab:3a:2e:9f: 6f:f2:c1:85:04:77:1f:65:f1:37:31:fa:38:05:ba: 4b:0b:3f:a6:38:b3:6a:ab:8f:a4:54:b6:a0:ec:59: cb:e3:06:eb:59:38:89:f9:3f:01:99:04:af:fb:5d: 5d:90:cc:0e:85:74:fb:13:c0:64:34:49:ca:e2:b7: 58:f1:bd:95:41:a1:cb:47:bc:9c:60:10:91:c6:e8: 0b:61:3c:36:dc:72:58:19:01:51:2d:f4:43:6a:55: be:97:c2:2c:ff:e7:bd:a1:ee:ad:62:71:8d:50:b7: 2a:9c:82:d8:67:a7:3a:34:24:f1:a5:39:60:a7:1c: 5a:1a:83:03:ef:55:30:67:a0:d3:2e:af:45:03:d1: 7d:60:64:bf:33:f3:6b:3a:a3:5e:f9:cb:c8:34:50: 35:b3:a1:4c:43:6c:3b:d9:4e:21:e0:b5:93:70:de: 12:6d:cc:62:dc:01:b2:39:e6:93:93:cb:5d:1c:76: 86:8c:ba:79:7e:66:c7:ab:9c:3a:df:13:5a:c0:6c: 15:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:BA:EF:F0:76:1C:49:1F:72:DF:97:61:20:28:62:B1:0F:33:F4:F6 X509v3 Authority Key Identifier: keyid:2F:24:77:EB:BE:56:B0:D7:A0:AD:44:C2:71:7D:B5:FE:08:0D:CA:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91479A7/8BA963D443F511EE9A8E4E16C4F9AE02/LyR3675WsNegrUTCcX21_ggNyug.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LyR3675WsNegrUTCcX21_ggNyug.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91479A7/8BA963D443F511EE9A8E4E16C4F9AE02/7EF0B0AC4D9B11EEB019A31FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.114.160.0/22 103.124.104.0/22 IPv6: 2402:d0c0:10::-2402:d0c0:19:ffff:ffff:ffff:ffff:ffff 2402:d0c0:20::/46 Signature Algorithm: sha256WithRSAEncryption 05:75:9d:02:ed:f2:5f:98:f7:ba:59:31:21:bb:30:a8:24:f6: 19:b7:d8:31:9e:60:a7:fd:de:0a:4a:e4:47:bc:32:c2:ef:b1: 5e:77:c6:37:3e:e6:eb:dc:8b:bf:f5:9d:eb:32:3a:a9:2d:ed: 1f:6d:fc:cd:85:c9:8c:0a:34:0b:28:1f:76:36:15:ea:ad:ee: b9:7a:68:4b:8c:bf:79:78:73:21:96:b8:e4:9b:89:e4:51:83: 79:9b:e8:a3:70:70:02:9f:7f:4a:59:d0:83:7c:32:c7:23:c2: 32:0a:4b:07:0f:f1:60:c6:65:87:fa:ec:29:51:de:e4:ad:f5: c0:9e:23:4d:d1:3e:f3:f1:76:d9:45:ab:ba:ad:c3:c3:9d:0b: 91:37:49:44:05:9b:56:62:16:9a:eb:7f:d6:47:3f:e9:74:3e: 1e:dd:b3:a1:d0:bb:11:53:55:73:61:49:80:74:9f:54:e5:0b: ab:91:b2:1b:5e:9c:7a:aa:71:d3:4c:97:d5:8f:36:f6:bb:81: 9b:f2:15:4a:08:cf:ac:ec:87:cd:51:56:7d:d0:1e:4f:d9:0e: 55:28:16:37:a8:cb:fb:41:fa:46:2c:c4:db:e6:38:86:09:d7: d5:94:ea:98:ff:9a:ae:5f:2f:86:1a:dd:f5:8e:2b:13:88:93: 5f:ec:db:7c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgICAaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc5QTcxMTAvBgNVBAUTKDJGMjQ3N0VCQkU1NkIwRDdBMEFENDRDMjcxN0RCNUZF MDgwRENBRTgwHhcNMjUwNzMwMDcwMjQwWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODg5YzM4Zi04MThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqs5731hPCwGZ9a0N0ciymDfbqpc247w7lFQAZITjXZvAwKIjYRvs2vp9uxo/ wejXQNzAHtfMgqs6Lp9v8sGFBHcfZfE3Mfo4BbpLCz+mOLNqq4+kVLag7FnL4wbr WTiJ+T8BmQSv+11dkMwOhXT7E8BkNEnK4rdY8b2VQaHLR7ycYBCRxugLYTw23HJY GQFRLfRDalW+l8Is/+e9oe6tYnGNULcqnILYZ6c6NCTxpTlgpxxaGoMD71UwZ6DT Lq9FA9F9YGS/M/NrOqNe+cvINFA1s6FMQ2w72U4h4LWTcN4Sbcxi3AGyOeaTk8td HHaGjLp5fmbHq5w63xNawGwVRQIDAQABo4ICwDCCArwwHQYDVR0OBBYEFDC67/B2 HEkfct+XYSAoYrEPM/T2MB8GA1UdIwQYMBaAFC8kd+u+VrDXoK1EwnF9tf4IDcro MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzlBNy84QkE5NjNENDQz RjUxMUVFOUE4RTRFMTZDNEY5QUUwMi9MeVIzNjc1V3NOZWdyVVRDY1gyMV9nZ055 dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0x5UjM2NzVXc05lZ3JVVENjWDIxX2dnTnl1Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDc5QTcvOEJBOTYzRDQ0M0Y1MTFFRTlBOEU0RTE2QzRGOUFFMDIvN0VGMEIwQUM0 RDlCMTFFRUIwMTlBMzFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E OzA5MBIEAgABMAwDBAJncqADBAJnfGgwIwQCAAIwHTASAwcEJALQwAAQAwcBJALQ wAAYAwcCJALQwAAgMA0GCSqGSIb3DQEBCwUAA4IBAQAFdZ0C7fJfmPe6WTEhuzCo JPYZt9gxnmCn/d4KSuRHvDLC77Fed8Y3Pubr3Iu/9Z3rMjqpLe0fbfzNhcmMCjQL KB92NhXqre65emhLjL95eHMhlrjkm4nkUYN5m+ijcHACn39KWdCDfDLHI8IyCksH D/FgxmWH+uwpUd7krfXAniNN0T7z8XbZRau6rcPDnQuRN0lEBZtWYhaa63/WRz/p dD4e3bOh0LsRU1VzYUmAdJ9U5QurkbIbXpx6qnHTTJfVjzb2u4Gb8hVKCM+s7IfN UVZ90B5P2Q5VKBY3qMv7QfpGLMTb5jiGCdfVlOqY/5quXy+GGt31jisTiJNf7Nt8 -----END CERTIFICATE-----Generated at Sun Aug 10 10:34:12 2025 by rpki-client