$ rpki-client -vvf rpki.apnic.net/member_repository/A919C8C4/C244C83ABD1511EAABDEB01DC4F9AE02/6A3C327ABD1711EA8A3C8E20C4F9AE02.roa File: 6A3C327ABD1711EA8A3C8E20C4F9AE02.roa (raw, json) Hash identifier: chUNg5uPEOUI/4y/JkNyLjCI88SKibEBtbB6b3Giy1g= Subject key identifier: D4:BD:6F:CD:85:70:39:BA:0D:8D:1B:96:24:96:3A:50:DD:A6:FF:57 Certificate issuer: /CN=A919C8C4/serialNumber=937D9951EE1F93FCAC24333B083F9D7F2E39F0F9 Certificate serial: 0870 Authority key identifier: 93:7D:99:51:EE:1F:93:FC:AC:24:33:3B:08:3F:9D:7F:2E:39:F0:F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k32ZUe4fk_ysJDM7CD-dfy458Pk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C8C4/C244C83ABD1511EAABDEB01DC4F9AE02/6A3C327ABD1711EA8A3C8E20C4F9AE02.roa Signing time: Tue 04 Mar 2025 21:49:15 +0000 ROA not before: Tue 04 Mar 2025 21:49:15 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 58411 IP address blocks: 103.210.240.0/24 maxlen: 24 103.210.241.0/24 maxlen: 24 103.210.242.0/24 maxlen: 24 103.210.243.0/24 maxlen: 24 160.20.60.0/24 maxlen: 24 160.20.61.0/24 maxlen: 24 160.20.62.0/24 maxlen: 24 160.20.63.0/24 maxlen: 24 2407:3a40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C8C4/C244C83ABD1511EAABDEB01DC4F9AE02/k32ZUe4fk_ysJDM7CD-dfy458Pk.crl rsync://rpki.apnic.net/member_repository/A919C8C4/C244C83ABD1511EAABDEB01DC4F9AE02/k32ZUe4fk_ysJDM7CD-dfy458Pk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k32ZUe4fk_ysJDM7CD-dfy458Pk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:29:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2160 (0x870) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C8C4, serialNumber=937D9951EE1F93FCAC24333B083F9D7F2E39F0F9 Validity Not Before: Mar 4 21:49:15 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67c7755a-bd39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:89:c6:c5:6a:a7:69:6e:5d:d9:91:b6:00:f8: a2:e3:54:91:02:a8:95:6b:52:07:d4:a4:b5:14:54: 5a:4b:58:ef:a0:2e:84:a0:f7:d0:32:e0:95:a4:3d: 71:a3:d7:0d:a3:d1:a4:52:cb:db:a3:ed:a9:0f:68: 60:5c:53:b7:6b:99:22:25:57:01:e2:70:33:e0:78: 32:3f:ef:89:af:a6:11:bf:09:e7:bf:86:fc:30:44: 0b:c8:6c:e9:4a:6b:35:c6:e1:cf:a4:98:6b:db:db: c2:c9:30:13:ce:4d:9c:c0:d6:09:5c:09:51:3e:69: e9:10:cb:0e:fb:a2:bb:7e:08:4c:5d:18:15:2d:7b: 30:d8:40:90:b3:85:10:2c:cd:a7:5d:9f:e5:99:da: ff:59:36:5d:ff:85:c7:99:ba:a3:85:15:11:e8:4b: a5:56:60:76:28:f7:9b:30:73:8c:fb:d4:78:12:01: 6b:a7:21:03:46:8d:de:e9:b2:fd:bd:50:10:64:15: 82:d7:7d:7e:a9:b4:17:91:1b:eb:87:0a:ff:cd:c9: 2a:24:df:ec:85:09:1f:74:d7:48:e0:f8:29:8e:32: f0:8b:dc:9f:87:cc:9e:4e:c3:29:f6:44:b6:7d:75: c7:6c:db:88:df:bf:c9:1d:32:37:3b:07:89:ea:5e: 5e:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:BD:6F:CD:85:70:39:BA:0D:8D:1B:96:24:96:3A:50:DD:A6:FF:57 X509v3 Authority Key Identifier: keyid:93:7D:99:51:EE:1F:93:FC:AC:24:33:3B:08:3F:9D:7F:2E:39:F0:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C8C4/C244C83ABD1511EAABDEB01DC4F9AE02/k32ZUe4fk_ysJDM7CD-dfy458Pk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k32ZUe4fk_ysJDM7CD-dfy458Pk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C8C4/C244C83ABD1511EAABDEB01DC4F9AE02/6A3C327ABD1711EA8A3C8E20C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.210.240.0/22 160.20.60.0/22 IPv6: 2407:3a40::/32 Signature Algorithm: sha256WithRSAEncryption 14:a9:31:fb:ba:cc:78:03:66:3c:c9:59:c8:da:0f:bc:0a:9a: c7:dc:02:8e:aa:88:ef:41:d6:97:56:ea:29:89:8c:2e:0d:1a: a5:4c:1f:6f:14:f5:cf:99:13:50:d2:53:d3:d7:77:7b:4f:83: 7b:60:57:69:2a:4d:fe:c5:93:9f:dd:48:cb:cc:ac:53:00:40: c8:8a:71:fc:76:e0:bc:cb:f7:e3:de:93:61:a2:4c:02:3b:c2: f9:ff:f4:d6:6d:28:d7:89:57:db:06:64:84:f1:29:bf:c3:e3: 4a:a7:c8:49:ef:8b:2e:dc:24:99:9f:cb:21:68:ad:77:63:77: a7:1e:73:67:f3:6a:97:e8:bc:a0:19:fa:7c:3e:91:a0:dd:54: 6e:da:7b:25:4f:a6:e4:a7:7a:cb:e1:f4:4d:f5:d4:f1:f5:96: 13:d5:20:74:21:27:d8:e8:94:d3:70:7c:9a:a3:25:21:3f:49: db:12:0f:2d:e1:d4:4b:62:20:ad:2f:9d:8b:49:b7:82:14:ab: 69:1b:50:09:ea:e7:03:4c:33:45:4c:20:c7:12:5d:49:e7:50: 6c:53:cd:03:45:d1:e9:b5:b4:50:de:ad:ea:82:10:f4:4e:8c: 06:ec:20:97:b1:f8:19:7f:62:2a:45:0e:ca:ac:46:2f:9b:be: fb:c1:d9:a6 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICCHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUM4QzQxMTAvBgNVBAUTKDkzN0Q5OTUxRUUxRjkzRkNBQzI0MzMzQjA4M0Y5RDdG MkUzOUYwRjkwHhcNMjUwMzA0MjE0OTE1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2M3NzU1YS1iZDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxonGxWqnaW5d2ZG2APii41SRAqiVa1IH1KS1FFRaS1jvoC6EoPfQMuCVpD1x o9cNo9GkUsvbo+2pD2hgXFO3a5kiJVcB4nAz4HgyP++Jr6YRvwnnv4b8MEQLyGzp Sms1xuHPpJhr29vCyTATzk2cwNYJXAlRPmnpEMsO+6K7fghMXRgVLXsw2ECQs4UQ LM2nXZ/lmdr/WTZd/4XHmbqjhRUR6EulVmB2KPebMHOM+9R4EgFrpyEDRo3e6bL9 vVAQZBWC131+qbQXkRvrhwr/zckqJN/shQkfdNdI4PgpjjLwi9yfh8yeTsMp9kS2 fXXHbNuI37/JHTI3OweJ6l5ecQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNS9b82F cDm6DY0bliSWOlDdpv9XMB8GA1UdIwQYMBaAFJN9mVHuH5P8rCQzOwg/nX8uOfD5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzhDNC9DMjQ0QzgzQUJE MTUxMUVBQUJERUIwMURDNEY5QUUwMi9rMzJaVWU0ZmtfeXNKRE03Q0QtZGZ5NDU4 UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2szMlpVZTRma195c0pETTdDRC1kZnk0NThQay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUM4QzQvQzI0NEM4M0FCRDE1MTFFQUFCREVCMDFEQzRGOUFFMDIvNkEzQzMyN0FC RDE3MTFFQThBM0M4RTIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJn0vADBAKgFDwwDQQCAAIwBwMFACQHOkAwDQYJKoZIhvcN AQELBQADggEBABSpMfu6zHgDZjzJWcjaD7wKmsfcAo6qiO9B1pdW6imJjC4NGqVM H28U9c+ZE1DSU9PXd3tPg3tgV2kqTf7Fk5/dSMvMrFMAQMiKcfx24LzL9+Pek2Gi TAI7wvn/9NZtKNeJV9sGZITxKb/D40qnyEnviy7cJJmfyyForXdjd6cec2fzapfo vKAZ+nw+kaDdVG7aeyVPpuSnesvh9E311PH1lhPVIHQhJ9jolNNwfJqjJSE/SdsS Dy3h1EtiIK0vnYtJt4IUq2kbUAnq5wNMM0VMIMcSXUnnUGxTzQNF0em1tFDereqC EPROjAbsIJex+Bl/YipFDsqsRi+bvvvB2aY= -----END CERTIFICATE-----Generated at Sat Apr 26 08:15:59 2025 by rpki-client