$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/9672E862793811EE92C54834C4F9AE02.roa File: 9672E862793811EE92C54834C4F9AE02.roa (raw, json) Hash identifier: UGwpdFjyj5op9VWtjdDebDyJLyb7++gFQLq7ibC5Zo8= Subject key identifier: 6E:B5:EA:D1:6A:DC:BB:DE:81:74:A7:3F:D7:D3:A8:58:13:A3:AE:5B Certificate issuer: /CN=A91B7770/serialNumber=7D55469926D1F934F3AF29645EB6C10BB6069BC9 Certificate serial: 0983 Authority key identifier: 7D:55:46:99:26:D1:F9:34:F3:AF:29:64:5E:B6:C1:0B:B6:06:9B:C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/9672E862793811EE92C54834C4F9AE02.roa Signing time: Sat 02 Aug 2025 21:01:53 +0000 ROA not before: Sat 02 Aug 2025 21:01:53 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 38074 IP address blocks: 103.152.178.0/24 maxlen: 24 103.160.48.0/24 maxlen: 24 2001:df4:1780::/48 maxlen: 48 2406:7ec0::/32 maxlen: 32 2406:7ec0::/33 maxlen: 33 2406:7ec0:400::/39 maxlen: 39 2406:7ec0:600::/39 maxlen: 39 2406:7ec0:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/fVVGmSbR-TTzrylkXrbBC7YGm8k.crl rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/fVVGmSbR-TTzrylkXrbBC7YGm8k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 19 Aug 2025 20:49:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2435 (0x983) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7770, serialNumber=7D55469926D1F934F3AF29645EB6C10BB6069BC9 Validity Not Before: Aug 2 21:01:53 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=688e7cc1-5ebf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:19:be:e7:a4:58:26:d1:9f:91:da:16:cd:50: 47:19:b3:f9:c4:5d:eb:05:df:5f:4f:96:18:2a:87: 0b:ab:41:f9:50:67:57:1a:6a:92:04:3d:b1:04:2d: 42:a6:cf:19:fd:55:f9:1f:30:e9:bc:74:7e:1b:d0: 35:92:53:1a:11:02:31:9a:cb:f3:e2:8e:91:f7:c6: 45:f4:a3:47:e5:18:74:2d:7a:42:3a:7b:d1:a6:21: 7a:0e:e1:e5:10:2a:d3:8c:c5:cf:e9:c8:42:74:d7: b6:f4:f0:76:99:ad:00:dd:c6:42:ff:64:6f:f2:30: 58:26:2f:a4:96:64:7a:bf:b4:6d:f2:3d:86:74:34: d7:52:b8:8c:4a:9e:69:f7:8e:3d:1e:c8:a7:6d:ae: da:97:0a:fb:7e:0d:62:ab:93:ec:52:d1:ea:25:ab: c0:fe:33:bc:de:c8:cf:66:8e:7c:26:43:6e:45:22: 21:9c:7f:ea:ec:91:41:61:c6:ee:ac:f2:c4:9f:9a: 70:21:33:94:1f:c3:bb:95:25:e1:4d:4e:de:8b:c6: 1b:e1:02:94:03:f3:7c:73:db:5e:5f:60:ba:a9:9b: bb:42:a0:f2:9c:8a:9b:50:38:fc:8b:44:18:44:ba: 0c:93:bf:b7:4c:b9:da:00:ff:83:c5:2a:e3:bd:56: c2:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:B5:EA:D1:6A:DC:BB:DE:81:74:A7:3F:D7:D3:A8:58:13:A3:AE:5B X509v3 Authority Key Identifier: keyid:7D:55:46:99:26:D1:F9:34:F3:AF:29:64:5E:B6:C1:0B:B6:06:9B:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/fVVGmSbR-TTzrylkXrbBC7YGm8k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fVVGmSbR-TTzrylkXrbBC7YGm8k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7770/E6810410C0AE11EAB95AB572C4F9AE02/9672E862793811EE92C54834C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.152.178.0/24 103.160.48.0/24 IPv6: 2001:df4:1780::/48 2406:7ec0::/32 Signature Algorithm: sha256WithRSAEncryption 07:87:fe:d7:89:db:be:92:d3:25:ab:03:f1:c7:d6:56:d6:91: 83:e7:88:19:45:ff:7e:c1:54:0e:b8:c9:77:f3:b9:2a:51:2f: 1c:fc:9f:4b:2c:c2:76:25:ac:14:e7:8e:d3:f3:8f:6d:13:57: 0e:1f:ff:a5:78:77:6b:38:f2:20:70:99:96:e9:fb:5b:f4:26: 42:63:5a:a7:82:f3:2b:b7:8e:d5:ba:4b:f9:aa:f7:8f:b0:eb: 04:d5:f0:b7:24:9c:6f:35:36:a5:53:61:b2:8f:85:44:3e:ff: 9a:0e:d0:b5:72:2e:b5:b3:78:77:4e:37:55:2c:b9:fd:c1:ec: 5c:6f:38:df:af:bc:66:9e:5b:bd:c7:3a:62:f0:ae:08:70:cd: 07:ee:11:a2:3b:5a:f7:91:05:14:18:a1:2b:01:26:fd:28:82: 05:1c:04:07:e1:89:b5:e4:93:94:27:d8:90:63:67:a7:e8:c2: bc:74:e0:7c:d4:2a:8e:ff:10:fc:bb:74:da:b4:dd:51:5e:b4: 54:88:76:0b:3b:68:ae:78:57:58:16:6f:bf:d9:85:f7:ce:ec: a2:7f:9b:66:a7:a6:5f:c7:eb:43:d9:08:4f:e2:eb:57:cc:52: da:3d:4a:f7:61:47:f0:10:db:75:e5:89:d3:90:5b:a2:b8:ac: fa:52:a2:d5 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICCYMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc3NzAxMTAvBgNVBAUTKDdENTU0Njk5MjZEMUY5MzRGM0FGMjk2NDVFQjZDMTBC QjYwNjlCQzkwHhcNMjUwODAyMjEwMTUzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhlN2NjMS01ZWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1hm+56RYJtGfkdoWzVBHGbP5xF3rBd9fT5YYKocLq0H5UGdXGmqSBD2xBC1C ps8Z/VX5HzDpvHR+G9A1klMaEQIxmsvz4o6R98ZF9KNH5Rh0LXpCOnvRpiF6DuHl ECrTjMXP6chCdNe29PB2ma0A3cZC/2Rv8jBYJi+klmR6v7Rt8j2GdDTXUriMSp5p 9449Hsinba7alwr7fg1iq5PsUtHqJavA/jO83sjPZo58JkNuRSIhnH/q7JFBYcbu rPLEn5pwITOUH8O7lSXhTU7ei8Yb4QKUA/N8c9teX2C6qZu7QqDynIqbUDj8i0QY RLoMk7+3TLnaAP+DxSrjvVbC4wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFG616tFq 3LvegXSnP9fTqFgTo65bMB8GA1UdIwQYMBaAFH1VRpkm0fk0868pZF62wQu2BpvJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzc3MC9FNjgxMDQxMEMw QUUxMUVBQjk1QUI1NzJDNEY5QUUwMi9mVlZHbVNiUi1UVHpyeWxrWHJiQkM3WUdt OGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZWVkdtU2JSLVRUenJ5bGtYcmJCQzdZR204ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjc3NzAvRTY4MTA0MTBDMEFFMTFFQUI5NUFCNTcyQzRGOUFFMDIvOTY3MkU4NjI3 OTM4MTFFRTkyQzU0ODM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMBIEAgABMAwDBABnmLIDBABnoDAwFgQCAAIwEAMHACABDfQXgAMFACQGfsAw DQYJKoZIhvcNAQELBQADggEBAAeH/teJ276S0yWrA/HH1lbWkYPniBlF/37BVA64 yXfzuSpRLxz8n0sswnYlrBTnjtPzj20TVw4f/6V4d2s48iBwmZbp+1v0JkJjWqeC 8yu3jtW6S/mq94+w6wTV8LcknG81NqVTYbKPhUQ+/5oO0LVyLrWzeHdON1Usuf3B 7FxvON+vvGaeW73HOmLwrghwzQfuEaI7WveRBRQYoSsBJv0oggUcBAfhibXkk5Qn 2JBjZ6fowrx04HzUKo7/EPy7dNq03VFetFSIdgs7aK54V1gWb7/ZhffO7KJ/m2an pl/H60PZCE/i61fMUto9SvdhR/AQ23XlidOQW6K4rPpSotU= -----END CERTIFICATE-----Generated at Wed Aug 13 00:30:04 2025 by rpki-client