$ rpki-client -vvf rpki.apnic.net/member_repository/A91977B8/0AB07404E1F011EE901A6085C4F9AE02/B35DF2B8FBA211EEA8D1C351C4F9AE02.roa File: B35DF2B8FBA211EEA8D1C351C4F9AE02.roa (raw, json) Hash identifier: zfwutZduKqp+OFtvgPQ9BbGwso4D1FrRlH6RE6jDpUM= Subject key identifier: CE:69:82:42:1D:1F:39:15:2D:A4:93:81:BC:91:C3:29:9B:62:19:F2 Certificate issuer: /CN=A91977B8/serialNumber=6BA99ED6391A67CCA610E565F453EB0912514F0E Certificate serial: FC Authority key identifier: 6B:A9:9E:D6:39:1A:67:CC:A6:10:E5:65:F4:53:EB:09:12:51:4F:0E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a6me1jkaZ8ymEOVl9FPrCRJRTw4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91977B8/0AB07404E1F011EE901A6085C4F9AE02/B35DF2B8FBA211EEA8D1C351C4F9AE02.roa Signing time: Fri 13 Jun 2025 04:34:49 +0000 ROA not before: Fri 13 Jun 2025 04:34:49 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 135338 IP address blocks: 103.225.28.0/23 maxlen: 24 2001:df2:95c0::/48 maxlen: 48 2401:a060::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91977B8/0AB07404E1F011EE901A6085C4F9AE02/a6me1jkaZ8ymEOVl9FPrCRJRTw4.crl rsync://rpki.apnic.net/member_repository/A91977B8/0AB07404E1F011EE901A6085C4F9AE02/a6me1jkaZ8ymEOVl9FPrCRJRTw4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a6me1jkaZ8ymEOVl9FPrCRJRTw4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 04:30:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 252 (0xfc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91977B8, serialNumber=6BA99ED6391A67CCA610E565F453EB0912514F0E Validity Not Before: Jun 13 04:34:49 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=684baa69-f9cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:3c:67:33:b9:b0:bb:eb:79:0a:c0:9a:d9:16: 7a:4c:a5:87:37:3b:8b:cd:76:fa:4c:49:65:7f:10: 81:f1:8b:ac:58:7c:f0:61:4f:81:40:fa:df:e0:9a: 42:32:aa:24:b3:fe:0a:d9:17:09:49:81:2f:50:ff: f0:73:6a:56:3c:c2:c3:66:ea:10:46:35:30:63:07: 8d:d6:e3:ca:68:45:07:4c:96:4b:0d:c8:d4:c0:a0: b2:b4:2a:f4:5c:08:16:2b:89:35:e7:7e:3d:e7:07: 01:6e:70:bc:b0:97:3b:3f:c8:83:79:5d:1a:7e:8e: ff:6d:a7:45:66:55:8b:b5:c4:70:cf:fd:a7:6f:ec: 50:56:60:f1:1b:dd:fc:e6:b4:c9:b4:84:37:a4:83: 74:c3:1c:41:df:99:cd:d1:6d:5c:98:21:aa:63:f8: 08:bd:ef:6f:c7:45:41:7c:54:c1:52:6c:95:5d:7d: 6c:d6:90:ee:1e:bb:bb:c7:b7:d7:8d:04:e2:48:b2: 06:79:a2:97:cc:0f:d1:12:3f:89:1d:31:85:9b:2f: 7f:ad:b2:29:61:a2:a4:ef:12:4c:ab:c9:de:ce:50: 16:01:cf:bd:a3:d2:cb:ae:76:7e:fd:2c:47:bb:93: f8:53:7c:c7:e2:8d:e4:4f:d0:67:46:e2:e5:ae:8a: 77:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:69:82:42:1D:1F:39:15:2D:A4:93:81:BC:91:C3:29:9B:62:19:F2 X509v3 Authority Key Identifier: keyid:6B:A9:9E:D6:39:1A:67:CC:A6:10:E5:65:F4:53:EB:09:12:51:4F:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91977B8/0AB07404E1F011EE901A6085C4F9AE02/a6me1jkaZ8ymEOVl9FPrCRJRTw4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a6me1jkaZ8ymEOVl9FPrCRJRTw4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91977B8/0AB07404E1F011EE901A6085C4F9AE02/B35DF2B8FBA211EEA8D1C351C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.225.28.0/23 IPv6: 2001:df2:95c0::/48 2401:a060::/32 Signature Algorithm: sha256WithRSAEncryption 7d:7d:b3:47:1a:5f:05:a7:e5:ec:9c:49:ce:8f:6f:e5:67:31: 76:80:3d:c2:5f:ce:5f:f1:bb:d8:24:c5:4b:6c:3e:5c:3a:1d: eb:1b:a3:7e:91:b3:7c:4a:bd:25:bc:a6:33:82:01:71:5e:7a: d3:69:5e:2b:77:07:d5:11:d0:cb:7b:fe:7c:2b:39:14:95:6e: ce:6e:62:b8:db:fe:8a:c7:29:88:44:c8:fc:fb:1f:68:51:86: b5:60:da:5c:ed:fd:d1:70:5f:c8:61:26:de:9a:54:74:04:87: e9:cf:98:f1:a7:62:62:6b:0e:84:c1:cc:a6:1b:f1:47:8f:9b: cb:92:b8:41:d3:de:ae:c1:ca:01:f6:a4:c1:73:e4:fc:c4:02: b1:82:e5:94:71:7f:c1:67:0f:99:55:75:aa:ea:93:eb:d5:59: ae:5d:a9:83:fe:c8:73:43:de:9b:51:6f:9f:fe:a2:ae:02:18: b9:cb:f4:a1:7a:b7:64:d1:ba:00:6b:f3:3a:0d:a2:2d:73:e6: d0:25:aa:a3:4b:be:ad:f7:6b:ea:70:f3:32:4d:d8:7a:c3:e6: bc:63:c7:cd:1a:0b:c1:a9:ab:6c:4d:97:4d:2a:34:01:b5:f6: d1:61:d4:16:e1:8a:b1:0d:9b:9d:cd:8e:f6:77:df:34:aa:b4: 8e:ae:ca:ed -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICAPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTc3QjgxMTAvBgNVBAUTKDZCQTk5RUQ2MzkxQTY3Q0NBNjEwRTU2NUY0NTNFQjA5 MTI1MTRGMEUwHhcNMjUwNjEzMDQzNDQ5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODRiYWE2OS1mOWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyjxnM7mwu+t5CsCa2RZ6TKWHNzuLzXb6TEllfxCB8YusWHzwYU+BQPrf4JpC Mqoks/4K2RcJSYEvUP/wc2pWPMLDZuoQRjUwYweN1uPKaEUHTJZLDcjUwKCytCr0 XAgWK4k153495wcBbnC8sJc7P8iDeV0afo7/badFZlWLtcRwz/2nb+xQVmDxG938 5rTJtIQ3pIN0wxxB35nN0W1cmCGqY/gIve9vx0VBfFTBUmyVXX1s1pDuHru7x7fX jQTiSLIGeaKXzA/REj+JHTGFmy9/rbIpYaKk7xJMq8nezlAWAc+9o9LLrnZ+/SxH u5P4U3zH4o3kT9BnRuLlrop36wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFM5pgkId HzkVLaSTgbyRwymbYhnyMB8GA1UdIwQYMBaAFGupntY5GmfMphDlZfRT6wkSUU8O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzdCOC8wQUIwNzQwNEUx RjAxMUVFOTAxQTYwODVDNEY5QUUwMi9hNm1lMWprYVo4eW1FT1ZsOUZQckNSSlJU dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2E2bWUxamthWjh5bUVPVmw5RlByQ1JKUlR3NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTc3QjgvMEFCMDc0MDRFMUYwMTFFRTkwMUE2MDg1QzRGOUFFMDIvQjM1REYyQjhG QkEyMTFFRUE4RDFDMzUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMAwEAgABMAYDBAFn4RwwFgQCAAIwEAMHACABDfKVwAMFACQBoGAwDQYJKoZI hvcNAQELBQADggEBAH19s0caXwWn5eycSc6Pb+VnMXaAPcJfzl/xu9gkxUtsPlw6 Hesbo36Rs3xKvSW8pjOCAXFeetNpXit3B9UR0Mt7/nwrORSVbs5uYrjb/orHKYhE yPz7H2hRhrVg2lzt/dFwX8hhJt6aVHQEh+nPmPGnYmJrDoTBzKYb8UePm8uSuEHT 3q7BygH2pMFz5PzEArGC5ZRxf8FnD5lVdarqk+vVWa5dqYP+yHND3ptRb5/+oq4C GLnL9KF6t2TRugBr8zoNoi1z5tAlqqNLvq33a+pw8zJN2HrD5rxjx80aC8Gpq2xN l00qNAG19tFh1BbhirENm53NjvZ33zSqtI6uyu0= -----END CERTIFICATE-----Generated at Mon Jun 16 14:46:38 2025 by rpki-client