$ rpki-client -vvf rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/D7A207C2F33611EAA449F44CC4F9AE02.roa File: D7A207C2F33611EAA449F44CC4F9AE02.roa (raw, json) Hash identifier: /kcNu2DzvPjb/K+Cuz9Luoiid37N2ZQdhRNxbuzcd2Q= Subject key identifier: 17:86:FD:FE:F3:5D:B1:A5:70:DB:26:0A:48:EF:4B:9E:45:0C:C4:D2 Certificate issuer: /CN=A917DB52/serialNumber=693B71A5B5DA6054DF7F9C0D379CF520C1C8F291 Certificate serial: 07DF Authority key identifier: 69:3B:71:A5:B5:DA:60:54:DF:7F:9C:0D:37:9C:F5:20:C1:C8:F2:91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aTtxpbXaYFTff5wNN5z1IMHI8pE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/D7A207C2F33611EAA449F44CC4F9AE02.roa Signing time: Sat 31 May 2025 21:48:14 +0000 ROA not before: Sat 31 May 2025 21:48:14 +0000 ROA not after: Wed 01 Oct 2025 00:00:00 +0000 asID: 136481 IP address blocks: 103.89.168.0/22 maxlen: 22 103.89.168.0/24 maxlen: 24 103.89.169.0/24 maxlen: 24 103.89.170.0/23 maxlen: 24 163.53.236.0/22 maxlen: 22 163.53.236.0/24 maxlen: 24 163.53.237.0/24 maxlen: 24 163.53.238.0/24 maxlen: 24 163.53.239.0/24 maxlen: 24 2400:ab20::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/aTtxpbXaYFTff5wNN5z1IMHI8pE.crl rsync://rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/aTtxpbXaYFTff5wNN5z1IMHI8pE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aTtxpbXaYFTff5wNN5z1IMHI8pE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 20:54:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2015 (0x7df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DB52, serialNumber=693B71A5B5DA6054DF7F9C0D379CF520C1C8F291 Validity Not Before: May 31 21:48:14 2025 GMT Not After : Oct 1 00:00:00 2025 GMT Subject: CN=683b791e-dbb5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:df:0d:b0:68:b3:e4:65:09:bd:3b:34:d1:5b: 41:66:a1:78:2d:61:6b:bf:b4:39:f8:d4:28:dc:e7: f0:7d:b6:e7:79:0b:d3:39:8c:71:66:62:50:23:ae: 26:ea:c1:2a:c4:fa:a2:df:8f:f8:b5:73:94:f1:51: da:e0:53:95:97:57:c8:96:9b:dd:7d:1d:44:65:f6: 31:64:3b:38:ef:7c:3b:47:e4:60:c1:1e:91:d6:b9: 70:6b:82:d7:fc:1f:05:8f:2c:81:e6:25:c5:34:b7: 0f:ed:01:7b:82:3b:14:e4:96:0c:a6:d8:6f:70:d5: a3:2c:3e:b6:97:f1:39:94:67:7c:e0:4c:1f:78:2b: 72:b0:ef:13:2c:64:62:90:a1:bd:c1:3c:62:51:7a: 94:3b:7e:5c:b9:4e:c5:85:35:78:11:90:57:ea:60: 14:78:f5:35:57:63:94:b8:4c:ba:6a:99:d2:98:82: 0d:8d:06:55:17:0a:2f:74:b8:f7:0d:fd:15:44:e2: 81:68:e7:9e:07:2a:c5:09:e3:ba:18:66:e8:e2:40: 73:4c:94:e2:da:21:b0:fe:9a:1a:60:e0:d0:9f:0c: d1:09:d8:f0:9d:02:22:8c:3b:f8:87:15:94:e9:6b: af:e9:12:bd:25:b0:b4:f8:42:8f:b5:46:08:03:65: 40:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:86:FD:FE:F3:5D:B1:A5:70:DB:26:0A:48:EF:4B:9E:45:0C:C4:D2 X509v3 Authority Key Identifier: keyid:69:3B:71:A5:B5:DA:60:54:DF:7F:9C:0D:37:9C:F5:20:C1:C8:F2:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/aTtxpbXaYFTff5wNN5z1IMHI8pE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aTtxpbXaYFTff5wNN5z1IMHI8pE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/D7A207C2F33611EAA449F44CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.168.0/22 163.53.236.0/22 IPv6: 2400:ab20::/32 Signature Algorithm: sha256WithRSAEncryption 03:ae:67:4f:6a:49:75:23:e6:89:b5:ad:f7:36:94:14:19:98: 2b:fa:33:5d:d8:fb:75:79:1b:c5:94:13:ef:43:c3:7a:90:50: 05:cd:79:bc:76:c1:f1:a9:c6:df:f5:46:25:17:2c:19:5a:8b: 27:66:ec:a2:ec:86:9e:02:2d:6e:59:8a:04:2f:39:9e:dd:4a: 9b:ea:fe:c7:a5:07:ce:63:a1:8c:8c:39:7d:57:7c:94:51:37: 07:cb:99:0c:14:3d:66:9b:ce:fc:ea:41:b5:d1:1c:73:0e:38: 47:cd:05:75:17:e8:08:f6:f3:91:2a:85:5c:a1:20:8a:05:3a: d2:86:5c:b4:e1:15:42:0d:33:37:5d:73:8f:f8:b9:42:43:78: 09:18:fa:28:72:7f:a6:45:25:d9:d7:7d:08:6d:5e:5d:93:a2: 9e:3c:9d:ce:53:79:23:32:b2:20:b3:60:12:f6:22:bd:8f:60: 23:b9:b1:e7:bb:7c:f7:cf:78:43:c0:b1:47:35:ad:e4:16:ba: f3:10:3b:64:6a:57:87:1d:f5:41:ed:44:46:d3:69:20:b8:17: 3a:cb:6d:83:95:cb:e6:dc:92:59:c5:5d:85:e0:b0:ad:ce:8f: 52:21:22:1f:0b:96:5f:eb:3c:5a:63:73:5a:33:84:2b:bf:4a: 59:c8:51:b6 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICB98wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RCNTIxMTAvBgNVBAUTKDY5M0I3MUE1QjVEQTYwNTRERjdGOUMwRDM3OUNGNTIw QzFDOEYyOTEwHhcNMjUwNTMxMjE0ODE0WhcNMjUxMDAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNiNzkxZS1kYmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq98NsGiz5GUJvTs00VtBZqF4LWFrv7Q5+NQo3OfwfbbneQvTOYxxZmJQI64m 6sEqxPqi34/4tXOU8VHa4FOVl1fIlpvdfR1EZfYxZDs473w7R+RgwR6R1rlwa4LX /B8FjyyB5iXFNLcP7QF7gjsU5JYMpthvcNWjLD62l/E5lGd84EwfeCtysO8TLGRi kKG9wTxiUXqUO35cuU7FhTV4EZBX6mAUePU1V2OUuEy6apnSmIINjQZVFwovdLj3 Df0VROKBaOeeByrFCeO6GGbo4kBzTJTi2iGw/poaYODQnwzRCdjwnQIijDv4hxWU 6Wuv6RK9JbC0+EKPtUYIA2VAlwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBeG/f7z XbGlcNsmCkjvS55FDMTSMB8GA1UdIwQYMBaAFGk7caW12mBU33+cDTec9SDByPKR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REI1Mi80NUY1NTZCRUYy ODAxMUVBODcxQkFENkFDNEY5QUUwMi9hVHR4cGJYYVlGVGZmNXdOTjV6MUlNSEk4 cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FUdHhwYlhhWUZUZmY1d05ONXoxSU1ISThwRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0RCNTIvNDVGNTU2QkVGMjgwMTFFQTg3MUJBRDZBQzRGOUFFMDIvRDdBMjA3QzJG MzM2MTFFQUE0NDlGNDRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnWagDBAKjNewwDQQCAAIwBwMFACQAqyAwDQYJKoZIhvcN AQELBQADggEBAAOuZ09qSXUj5om1rfc2lBQZmCv6M13Y+3V5G8WUE+9Dw3qQUAXN ebx2wfGpxt/1RiUXLBlaiydm7KLshp4CLW5ZigQvOZ7dSpvq/selB85joYyMOX1X fJRRNwfLmQwUPWabzvzqQbXRHHMOOEfNBXUX6Aj285EqhVyhIIoFOtKGXLThFUIN Mzddc4/4uUJDeAkY+ihyf6ZFJdnXfQhtXl2Top48nc5TeSMysiCzYBL2Ir2PYCO5 see7fPfPeEPAsUc1reQWuvMQO2RqV4cd9UHtREbTaSC4FzrLbYOVy+bcklnFXYXg sK3Oj1IhIh8Lll/rPFpjc1ozhCu/SlnIUbY= -----END CERTIFICATE-----Generated at Fri Jun 20 20:54:20 2025 by rpki-client