$ rpki-client -vvf rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/B0425744D7E211ECBD1D447FC4F9AE02.roa File: B0425744D7E211ECBD1D447FC4F9AE02.roa (raw, json) Hash identifier: nI2mes5dRsY5gxAtJEqVpbIPBNFLYn8zfLGTNpoGo54= Subject key identifier: EC:9C:5E:0F:66:6B:8B:E1:29:72:EF:9D:67:D7:6C:FB:7A:A2:DF:B9 Certificate issuer: /CN=A91941E9/serialNumber=05AD3E4AA1961BA7ECBE02935725C25CD26BD6BC Certificate serial: 07E6 Authority key identifier: 05:AD:3E:4A:A1:96:1B:A7:EC:BE:02:93:57:25:C2:5C:D2:6B:D6:BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/B0425744D7E211ECBD1D447FC4F9AE02.roa Signing time: Sat 02 Aug 2025 21:33:02 +0000 ROA not before: Sat 02 Aug 2025 21:33:02 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 2519 IP address blocks: 43.231.220.0/22 maxlen: 22 43.251.48.0/22 maxlen: 22 103.3.28.0/22 maxlen: 22 103.8.240.0/22 maxlen: 22 103.20.156.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.crl rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2022 (0x7e6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91941E9, serialNumber=05AD3E4AA1961BA7ECBE02935725C25CD26BD6BC Validity Not Before: Aug 2 21:33:02 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=688e840e-0625 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:a6:26:13:e9:62:8f:4a:c4:45:44:cc:3e:69: 6b:a8:28:58:4f:c6:d8:0a:56:c4:af:bf:ed:97:29: 2f:f2:54:bf:27:13:a8:87:41:19:ba:72:a5:f2:b0: 00:15:51:c9:ed:e2:c3:51:26:7b:29:fa:12:02:4f: cf:00:a5:63:10:3e:47:21:3b:5e:5c:1c:bb:59:48: 12:fb:c3:d6:37:f3:11:61:c5:a0:32:15:f5:a2:f5: 75:44:11:18:3d:ac:ea:bf:30:1f:f5:95:a6:08:d3: fd:96:3b:a4:b4:86:58:1f:67:af:6b:32:09:24:38: 58:70:15:26:23:0f:d1:61:5a:c4:c1:42:d0:83:e8: fb:0f:35:f5:11:30:6a:af:23:59:a0:b1:4a:e1:9c: 3b:0f:7b:85:9d:13:4c:4d:9f:4d:9c:61:62:ad:a9: 38:01:0f:fe:bb:a4:25:b1:2b:a1:f9:bb:70:4b:74: 23:97:b9:92:c8:a1:76:7e:58:8c:35:94:31:72:01: 97:e7:c9:82:ac:96:69:18:ec:4c:b1:9f:9f:0d:fe: 5a:07:63:36:7a:de:e9:67:47:c4:51:aa:a5:b0:e0: 77:4c:ac:13:7e:e8:74:07:d3:9b:c6:ae:a9:fb:9b: ff:e2:63:2b:2c:3c:86:8b:f7:4e:85:5b:93:28:6b: ce:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:9C:5E:0F:66:6B:8B:E1:29:72:EF:9D:67:D7:6C:FB:7A:A2:DF:B9 X509v3 Authority Key Identifier: keyid:05:AD:3E:4A:A1:96:1B:A7:EC:BE:02:93:57:25:C2:5C:D2:6B:D6:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/B0425744D7E211ECBD1D447FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.231.220.0/22 43.251.48.0/22 103.3.28.0/22 103.8.240.0/22 103.20.156.0/22 Signature Algorithm: sha256WithRSAEncryption 7c:4c:19:7f:fa:8c:f2:90:3b:2e:45:c5:bc:1c:78:cb:fc:c5: 9c:6b:c0:9b:aa:5e:a6:ef:e0:68:b1:7b:4a:60:c9:cf:a4:23: b6:e8:6a:ca:31:c1:98:8a:eb:07:d0:11:85:34:67:e7:c1:0b: 4b:bc:7d:4e:16:f7:4e:f2:cd:e2:59:9d:86:ff:1c:83:9b:cd: bf:2f:1f:bf:d1:1e:00:fe:10:a5:1d:e3:c1:b2:c7:dd:e4:aa: e4:b6:3c:20:df:3c:d3:4e:fd:3d:47:ea:a1:b7:28:c2:c1:93: 57:1d:97:7f:14:77:85:ba:bf:e5:d4:bb:7f:37:b7:51:38:27: 58:25:d2:b5:dc:8c:73:ae:33:f1:cd:1c:13:68:95:51:e6:7c: 3f:d3:bd:a6:93:00:6f:9a:a6:2c:93:a9:02:01:cf:c8:1b:12: 59:d5:9f:4d:8b:cd:57:95:0f:81:6a:f9:6a:a7:17:64:c6:67: bd:23:6f:25:94:04:84:66:c9:09:1e:eb:e1:22:cf:e7:c2:b1: a6:5e:3a:8b:93:54:fe:7a:d2:9e:0a:76:52:f8:15:d5:9b:f7: 3a:36:03:16:b1:b0:e3:98:6d:58:52:53:6a:b5:7b:cd:bc:a5: 49:9f:c4:89:55:3a:31:03:83:d3:62:a0:e7:8b:66:f4:ef:65: 46:71:09:0a -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICB+YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQxRTkxMTAvBgNVBAUTKDA1QUQzRTRBQTE5NjFCQTdFQ0JFMDI5MzU3MjVDMjVD RDI2QkQ2QkMwHhcNMjUwODAyMjEzMzAyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhlODQwZS0wNjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxKYmE+lij0rERUTMPmlrqChYT8bYClbEr7/tlykv8lS/JxOoh0EZunKl8rAA FVHJ7eLDUSZ7KfoSAk/PAKVjED5HITteXBy7WUgS+8PWN/MRYcWgMhX1ovV1RBEY PazqvzAf9ZWmCNP9ljuktIZYH2evazIJJDhYcBUmIw/RYVrEwULQg+j7DzX1ETBq ryNZoLFK4Zw7D3uFnRNMTZ9NnGFirak4AQ/+u6QlsSuh+btwS3Qjl7mSyKF2fliM NZQxcgGX58mCrJZpGOxMsZ+fDf5aB2M2et7pZ0fEUaqlsOB3TKwTfuh0B9Obxq6p +5v/4mMrLDyGi/dOhVuTKGvOlQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFOycXg9m a4vhKXLvnWfXbPt6ot+5MB8GA1UdIwQYMBaAFAWtPkqhlhun7L4Ck1clwlzSa9a8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDFFOS9EQUQ4RkI4MDA3 OTAxMUVCQkI5OEMwNzZDNEY5QUUwMi9CYTAtU3FHV0c2ZnN2Z0tUVnlYQ1hOSnIx cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JhMC1TcUdXRzZmc3ZnS1RWeVhDWE5KcjFydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTQxRTkvREFEOEZCODAwNzkwMTFFQkJCOThDMDc2QzRGOUFFMDIvQjA0MjU3NDRE N0UyMTFFQ0JEMUQ0NDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAIr59wDBAIr+zADBAJnAxwDBAJnCPADBAJnFJwwDQYJKoZI hvcNAQELBQADggEBAHxMGX/6jPKQOy5FxbwceMv8xZxrwJuqXqbv4Gixe0pgyc+k I7boasoxwZiK6wfQEYU0Z+fBC0u8fU4W907yzeJZnYb/HIObzb8vH7/RHgD+EKUd 48Gyx93kquS2PCDfPNNO/T1H6qG3KMLBk1cdl38Ud4W6v+XUu383t1E4J1gl0rXc jHOuM/HNHBNolVHmfD/TvaaTAG+apiyTqQIBz8gbElnVn02LzVeVD4Fq+WqnF2TG Z70jbyWUBIRmyQke6+Eiz+fCsaZeOouTVP560p4KdlL4FdWb9zo2AxaxsOOYbVhS U2q1e828pUmfxIlVOjEDg9NioOeLZvTvZUZxCQo= -----END CERTIFICATE-----Generated at Mon Aug 11 04:18:09 2025 by rpki-client