$ rpki-client -vvf rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4D12993446CC11F08EB9471AC4F9AE02.roa File: 4D12993446CC11F08EB9471AC4F9AE02.roa (raw, json) Hash identifier: vbJhtFwjv9AiVVu2dZyRBj8FMJ3ESi6HyljVMBZDFwA= Subject key identifier: A3:D5:6C:B4:FE:99:B5:E3:DE:9A:81:50:6F:29:BF:FA:80:61:EB:56 Certificate issuer: /CN=A91590E3/serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52 Certificate serial: 18F9 Authority key identifier: BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4D12993446CC11F08EB9471AC4F9AE02.roa Signing time: Wed 11 Jun 2025 13:59:33 +0000 ROA not before: Wed 11 Jun 2025 13:59:33 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 136948 IP address blocks: 103.99.249.0/24 maxlen: 24 103.99.250.0/24 maxlen: 24 103.99.251.0/24 maxlen: 24 2401:b640::/32 maxlen: 32 2401:b640::/48 maxlen: 48 2401:b640:1::/48 maxlen: 48 2401:b640:2::/48 maxlen: 48 2401:b640:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 16:30:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6393 (0x18f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91590E3, serialNumber=BB976A598E5ECB05E37FAC00A5B7888E57F51C52 Validity Not Before: Jun 11 13:59:33 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=68498bc5-42af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ff:9b:ec:49:b1:61:e7:45:3b:ca:02:e0:7b: dc:0a:3e:ae:e9:69:29:4b:25:64:32:42:08:f4:26: e0:d6:ab:b0:d0:d0:57:03:d0:9d:ec:10:e5:36:cb: 45:a9:ed:ae:76:04:13:d3:01:71:24:1a:a5:e6:cc: 7b:b8:44:d5:57:29:86:cc:3c:84:e3:86:86:e3:8e: 55:43:1f:9d:f6:30:ac:3f:70:06:3f:e7:19:73:f9: 9d:e6:66:3a:0b:8a:3b:04:3f:2f:ed:1b:24:ef:1d: 4b:63:fe:35:d9:26:ba:f5:94:89:3b:83:48:be:75: 3d:4e:40:75:0e:57:3e:6d:70:c3:b3:88:0d:a0:35: e2:a6:37:89:31:11:8b:6e:61:2b:45:5d:92:13:fd: b0:61:ce:31:3b:48:be:0e:94:aa:2f:36:fd:ee:76: 44:a5:27:02:61:1a:bd:f9:6f:0a:9f:93:eb:bc:a6: 8c:c2:13:29:aa:f5:80:ba:71:ae:43:29:aa:28:1b: e9:1e:43:55:96:0e:c2:e6:3d:96:b2:00:d2:42:13: 24:85:a1:9a:31:62:61:02:4e:15:72:c4:af:99:0d: 55:c3:ff:7d:4c:bd:ed:96:2d:3d:8e:ab:8d:f2:f1: 6a:d5:44:5a:35:0a:18:5b:64:2d:23:23:3c:fc:80: 32:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:D5:6C:B4:FE:99:B5:E3:DE:9A:81:50:6F:29:BF:FA:80:61:EB:56 X509v3 Authority Key Identifier: keyid:BB:97:6A:59:8E:5E:CB:05:E3:7F:AC:00:A5:B7:88:8E:57:F5:1C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/u5dqWY5eywXjf6wApbeIjlf1HFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u5dqWY5eywXjf6wApbeIjlf1HFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91590E3/DA18B1849A4911E79A9F3030C4F9AE02/4D12993446CC11F08EB9471AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.249.0-103.99.251.255 IPv6: 2401:b640::/32 Signature Algorithm: sha256WithRSAEncryption 6e:64:dc:55:16:ff:0d:30:86:85:ef:6f:6c:71:38:6b:5b:aa: a5:69:57:73:79:6a:ea:cf:7d:6e:5f:e2:ca:9d:a6:95:09:89: e0:84:c0:13:42:d5:a9:5f:98:ab:80:0c:9f:58:fd:34:55:87: ae:80:9e:47:a7:c5:bf:94:4c:3b:51:8d:2d:c6:60:eb:8c:4c: 93:ce:45:e4:4f:c7:6b:0e:33:01:57:1f:fb:05:9f:e3:79:5a: 5b:86:73:af:31:ba:a5:52:1e:db:98:a9:31:9d:c2:6e:3e:f6: 5e:2f:14:3a:1e:5b:b1:f5:18:d6:a4:d8:02:f5:2f:5c:3e:33: fc:9d:18:82:c7:87:b5:09:da:e9:27:6d:f5:52:e0:f5:e1:ae: 7d:0e:51:94:5e:b4:56:e5:91:41:58:83:74:c8:85:a6:89:fa: 84:8c:1b:f0:07:fa:08:a7:1a:d5:86:eb:05:b7:1c:48:a1:6d: 52:c5:ea:1f:88:80:b1:6f:a6:63:74:fc:d7:3a:45:0f:d3:ac: 25:9f:64:01:67:1f:68:5e:a1:91:78:7e:14:8a:8d:00:42:85: 18:f6:a0:c7:1d:8b:87:f6:be:24:5a:54:73:d3:d9:25:51:de: 3c:99:49:1e:cc:d3:0a:78:dd:ab:04:0e:7c:f0:2b:26:d3:e5: 31:24:76:94 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICGPkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTkwRTMxMTAvBgNVBAUTKEJCOTc2QTU5OEU1RUNCMDVFMzdGQUMwMEE1Qjc4ODhF NTdGNTFDNTIwHhcNMjUwNjExMTM1OTMzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQ5OGJjNS00MmFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxP+b7EmxYedFO8oC4HvcCj6u6WkpSyVkMkII9Cbg1quw0NBXA9Cd7BDlNstF qe2udgQT0wFxJBql5sx7uETVVymGzDyE44aG445VQx+d9jCsP3AGP+cZc/md5mY6 C4o7BD8v7Rsk7x1LY/412Sa69ZSJO4NIvnU9TkB1Dlc+bXDDs4gNoDXipjeJMRGL bmErRV2SE/2wYc4xO0i+DpSqLzb97nZEpScCYRq9+W8Kn5PrvKaMwhMpqvWAunGu QymqKBvpHkNVlg7C5j2WsgDSQhMkhaGaMWJhAk4VcsSvmQ1Vw/99TL3tli09jquN 8vFq1URaNQoYW2QtIyM8/IAytQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFKPVbLT+ mbXj3pqBUG8pv/qAYetWMB8GA1UdIwQYMBaAFLuXalmOXssF43+sAKW3iI5X9RxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTBFMy9EQTE4QjE4NDlB NDkxMUU3OUE5RjMwMzBDNEY5QUUwMi91NWRxV1k1ZXl3WGpmNndBcGJlSWpsZjFI RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3U1ZHFXWTVleXdYamY2d0FwYmVJamxmMUhGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTkwRTMvREExOEIxODQ5QTQ5MTFFNzlBOUYzMDMwQzRGOUFFMDIvNEQxMjk5MzQ0 NkNDMTFGMDhFQjk0NzFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBQEAgABMA4wDAMEAGdj+QMEAmdj+DANBAIAAjAHAwUAJAG2QDANBgkqhkiG 9w0BAQsFAAOCAQEAbmTcVRb/DTCGhe9vbHE4a1uqpWlXc3lq6s99bl/iyp2mlQmJ 4ITAE0LVqV+Yq4AMn1j9NFWHroCeR6fFv5RMO1GNLcZg64xMk85F5E/Haw4zAVcf +wWf43laW4ZzrzG6pVIe25ipMZ3Cbj72Xi8UOh5bsfUY1qTYAvUvXD4z/J0YgseH tQna6Sdt9VLg9eGufQ5RlF60VuWRQViDdMiFpon6hIwb8Af6CKca1YbrBbccSKFt UsXqH4iAsW+mY3T81zpFD9OsJZ9kAWcfaF6hkXh+FIqNAEKFGPagxx2Lh/a+JFpU c9PZJVHePJlJHszTCnjdqwQOfPArJtPlMSR2lA== -----END CERTIFICATE-----Generated at Thu Jun 19 02:40:17 2025 by rpki-client