$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa File: D13FCAEAA62E11EFBC284C42C4F9AE02.roa (raw, json) Hash identifier: K8NnxbaCBJETQFsMtKq3Bzg51wGMgmnozQ6OqtNXVto= Subject key identifier: 1C:F1:55:E9:46:A6:25:30:5E:F5:F5:3F:E7:34:F2:CE:FE:00:E9:E9 Certificate issuer: /CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004 Certificate serial: 01F0 Authority key identifier: 54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa Signing time: Mon 09 Jun 2025 09:04:32 +0000 ROA not before: Mon 09 Jun 2025 09:04:32 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 150436 IP address blocks: 101.47.0.0/18 maxlen: 24 101.47.64.0/20 maxlen: 24 101.47.80.0/20 maxlen: 23 101.47.80.0/21 maxlen: 24 101.47.88.0/22 maxlen: 24 101.47.92.0/23 maxlen: 24 101.47.95.0/24 maxlen: 24 101.47.96.0/21 maxlen: 24 101.47.128.0/18 maxlen: 24 101.47.253.0/24 maxlen: 24 150.5.128.0/17 maxlen: 24 163.7.0.0/17 maxlen: 24 163.7.160.0/19 maxlen: 24 163.7.192.0/18 maxlen: 24 202.52.224.0/21 maxlen: 24 2401:4c20::/40 maxlen: 44 2401:4c20:100::/40 maxlen: 40 2401:4c20:200::/40 maxlen: 44 2401:4c20:300::/40 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Jun 2025 02:52:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 496 (0x1f0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B520, serialNumber=542B94D8625CF711964FD13741295D27AD7A9004 Validity Not Before: Jun 9 09:04:32 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6846a39f-e568 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:79:4f:08:8b:b6:f1:fa:d2:fd:dd:a9:2b:95: 80:95:33:bd:6e:7f:dc:0f:2a:16:a3:8b:be:78:d5: 27:6a:2a:ec:85:99:3d:32:96:20:b6:d7:4d:2c:14: 97:64:ac:78:79:b3:01:d2:c2:f5:c9:09:32:42:16: 95:c4:f4:a5:a8:88:4a:64:d8:44:35:19:9e:11:30: ce:b9:25:23:87:af:d2:d4:36:05:29:8e:b1:ee:d4: a0:93:37:ab:9b:39:e1:20:75:34:ff:63:9f:33:9c: d2:bc:c7:54:79:47:5d:ed:57:84:80:56:58:d1:20: c8:ea:57:fb:6e:c6:65:89:e5:b6:ce:2e:7f:4d:ec: 89:9e:27:ef:82:2b:46:70:43:ab:03:7b:1f:f2:17: 46:1e:da:f9:de:14:bf:88:c8:f7:70:8f:b1:c9:a9: a0:56:19:55:99:3d:dd:4a:2a:41:3b:79:21:c1:6f: 2e:2c:8d:46:9a:c6:9f:be:f0:89:f0:67:e8:9f:90: 85:cf:21:3c:28:6f:f3:c9:cc:b4:64:40:04:f5:65: 68:6b:34:89:f2:e4:d0:08:c8:da:23:fb:d1:0d:e9: f0:7c:f8:6d:50:62:e1:62:21:33:75:07:1d:ed:9b: 66:aa:ef:dd:6b:42:1f:20:1b:d1:c2:31:d3:1e:93: 12:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:F1:55:E9:46:A6:25:30:5E:F5:F5:3F:E7:34:F2:CE:FE:00:E9:E9 X509v3 Authority Key Identifier: keyid:54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 101.47.0.0-101.47.103.255 101.47.128.0/18 101.47.253.0/24 150.5.128.0/17 163.7.0.0/17 163.7.160.0-163.7.255.255 202.52.224.0/21 IPv6: 2401:4c20::/38 Signature Algorithm: sha256WithRSAEncryption 71:7a:6b:00:4b:b3:a4:73:a0:91:27:d2:9a:04:c5:89:a0:d5: 88:69:ee:6c:72:a5:d3:11:33:ab:ca:63:5d:08:8c:36:dd:77: 4b:46:96:5a:ca:b3:7a:f4:6e:c8:70:fb:fc:bc:27:f9:6b:e9: 7a:33:10:17:af:20:42:00:f9:9b:b8:39:63:8d:ad:30:4d:b0: 13:14:60:1e:8c:47:9b:93:b9:73:c9:17:da:14:26:80:eb:ee: d4:c6:9e:5b:02:d8:f3:67:8a:97:53:39:0e:a8:d6:a7:bf:fd: ff:bf:f5:42:7d:f1:3c:f6:29:f3:a9:69:1e:1e:b2:5f:e0:10: 38:c6:24:c5:de:c1:30:fa:73:fb:e1:52:79:e9:ea:66:fe:48: 54:ac:f3:8b:19:df:1c:e3:c1:59:ba:8f:31:c4:3f:e3:24:31: 93:f5:bb:32:df:68:27:fc:14:53:cd:bb:d2:52:08:fe:30:86: 86:fd:ca:3c:eb:6c:2c:f5:8b:05:40:42:8f:36:23:55:40:49: 20:ca:4b:cb:ba:9d:4d:2b:31:af:4b:87:17:e2:06:a6:fa:f6: 66:c2:e0:02:83:1a:e3:1e:cd:2c:4f:80:56:14:7b:28:b1:34: 9e:68:fd:4a:dd:5b:e8:75:f7:26:55:64:03:f0:9c:a0:b6:76: a9:f0:4b:6c -----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgICAfAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I1MjAxMTAvBgNVBAUTKDU0MkI5NEQ4NjI1Q0Y3MTE5NjRGRDEzNzQxMjk1RDI3 QUQ3QTkwMDQwHhcNMjUwNjA5MDkwNDMyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQ2YTM5Zi1lNTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwXlPCIu28frS/d2pK5WAlTO9bn/cDyoWo4u+eNUnairshZk9MpYgttdNLBSX ZKx4ebMB0sL1yQkyQhaVxPSlqIhKZNhENRmeETDOuSUjh6/S1DYFKY6x7tSgkzer mznhIHU0/2OfM5zSvMdUeUdd7VeEgFZY0SDI6lf7bsZlieW2zi5/TeyJnifvgitG cEOrA3sf8hdGHtr53hS/iMj3cI+xyamgVhlVmT3dSipBO3khwW8uLI1GmsafvvCJ 8Gfon5CFzyE8KG/zycy0ZEAE9WVoazSJ8uTQCMjaI/vRDenwfPhtUGLhYiEzdQcd 7Ztmqu/da0IfIBvRwjHTHpMSLwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFBzxVelG piUwXvX1P+c08s7+AOnpMB8GA1UdIwQYMBaAFFQrlNhiXPcRlk/RN0EpXSetepAE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjUyMC8xNjFENEMwQUU0 Q0ExMUVEQTQxNEUyNTlDNEY5QUUwMi9WQ3VVMkdKYzl4R1dUOUUzUVNsZEo2MTZr QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZDdVUyR0pjOXhHV1Q5RTNRU2xkSjYxNmtBUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0I1MjAvMTYxRDRDMEFFNENBMTFFREE0MTRFMjU5QzRGOUFFMDIvRDEzRkNBRUFB NjJFMTFFRkJDMjg0QzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E UjBQMD4EAgABMDgwCwMDAGUvAwQDZS9gAwQGZS+AAwQAZS/9AwQHlgWAAwQHowcA MAsDBAWjB6ADAwOjAAMEA8o04DAOBAIAAjAIAwYCJAFMIAAwDQYJKoZIhvcNAQEL BQADggEBAHF6awBLs6RzoJEn0poExYmg1Yhp7mxypdMRM6vKY10IjDbdd0tGllrK s3r0bshw+/y8J/lr6XozEBevIEIA+Zu4OWONrTBNsBMUYB6MR5uTuXPJF9oUJoDr 7tTGnlsC2PNnipdTOQ6o1qe//f+/9UJ98Tz2KfOpaR4esl/gEDjGJMXewTD6c/vh Unnp6mb+SFSs84sZ3xzjwVm6jzHEP+MkMZP1uzLfaCf8FFPNu9JSCP4whob9yjzr bCz1iwVAQo82I1VASSDKS8u6nU0rMa9LhxfiBqb69mbC4AKDGuMezSxPgFYUeyix NJ5o/UrdW+h19yZVZAPwnKC2dqnwS2w= -----END CERTIFICATE-----Generated at Fri Jun 20 13:51:59 2025 by rpki-client