$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/CD9B103E08DD11ED830BEB5CC4F9AE02.roa File: CD9B103E08DD11ED830BEB5CC4F9AE02.roa (raw, json) Hash identifier: Or6QdVGJ8KlEltpgE/vRaVt3d7tmMydHusIypsTqbXo= Subject key identifier: 7A:24:A1:59:2C:9C:8C:CE:67:36:68:4A:27:64:F1:39:D3:2A:AB:F3 Certificate issuer: /CN=A91B9A77/serialNumber=25293B0A7036C813A9CD02006DFC290AAF253274 Certificate serial: 0293 Authority key identifier: 25:29:3B:0A:70:36:C8:13:A9:CD:02:00:6D:FC:29:0A:AF:25:32:74 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/CD9B103E08DD11ED830BEB5CC4F9AE02.roa Signing time: Sat 07 Jun 2025 02:00:24 +0000 ROA not before: Sat 07 Jun 2025 02:00:24 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 149984 IP address blocks: 103.189.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.crl rsync://rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Jun 2025 01:10:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 659 (0x293) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9A77, serialNumber=25293B0A7036C813A9CD02006DFC290AAF253274 Validity Not Before: Jun 7 02:00:24 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68439d38-c796 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:33:cb:7b:59:63:d5:d4:23:19:5f:42:32:bc: 50:a5:e5:33:33:f6:ea:fa:34:8b:7d:71:4c:fc:5b: cb:a2:c1:4c:f5:8a:41:da:6a:c4:42:c6:f2:6e:18: 73:64:14:34:38:46:27:55:9c:ce:9f:c0:63:ad:e4: 18:7e:44:8e:1d:a9:85:07:fb:5e:a8:97:8c:e2:76: b9:34:54:25:f8:5a:22:4a:85:e6:d2:33:85:7e:9a: 0a:e7:72:ed:f5:86:25:2d:c5:0d:c3:44:46:69:3d: ae:72:cf:9c:54:c5:53:05:44:a9:af:bb:f5:ff:9a: ba:19:67:54:e6:ff:1e:77:0e:97:99:6c:18:48:2d: 3e:2e:7c:29:59:c1:f0:89:9b:94:1e:eb:11:ff:ff: e3:69:d2:9e:45:ed:0b:22:9e:dd:d8:91:a9:e9:e4: 95:b7:87:03:36:30:65:70:95:3b:0e:fb:a0:64:3e: 5f:d3:58:2a:6f:ef:49:81:4e:34:9d:a3:42:6d:62: 1e:c1:ac:70:f2:dd:de:5c:43:af:e4:42:93:80:f7: bf:c0:94:c5:49:c7:93:cb:b4:b1:d9:6d:cc:29:be: 7b:12:5b:42:eb:b4:b7:a6:cd:93:c1:f3:67:ff:bf: 98:fd:f9:95:56:cd:58:4a:c3:e1:73:9a:d5:e3:96: d3:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:24:A1:59:2C:9C:8C:CE:67:36:68:4A:27:64:F1:39:D3:2A:AB:F3 X509v3 Authority Key Identifier: keyid:25:29:3B:0A:70:36:C8:13:A9:CD:02:00:6D:FC:29:0A:AF:25:32:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSk7CnA2yBOpzQIAbfwpCq8lMnQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9A77/D3AD07E208D911EDBE92C954C4F9AE02/CD9B103E08DD11ED830BEB5CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.189.2.0/24 Signature Algorithm: sha256WithRSAEncryption a8:46:f4:f2:b5:a6:87:42:c5:ec:8f:d2:d7:a5:47:d6:3d:76: b1:6c:49:6c:dc:54:37:a4:b6:a3:65:5b:48:be:df:8c:35:6c: e3:d8:f4:be:56:17:b3:ed:a4:08:ba:62:c4:1f:90:5c:72:b1: d5:7f:0b:63:5b:e8:6c:ec:9d:bc:b9:5a:87:a3:de:d5:86:60: 19:2c:d0:0d:d9:ba:5d:36:86:f1:3c:20:cf:7a:2a:b7:cb:4b: 82:e1:f7:ae:e9:13:28:ca:69:51:af:c7:cc:32:6e:33:53:7f: 3a:cb:38:dd:de:0a:d2:51:b1:df:95:0e:9e:0b:8b:9b:99:1e: 1d:fd:07:b9:57:27:d0:0d:b2:ee:9b:24:4a:64:cd:09:f5:cd: 1f:ec:23:25:8f:7e:61:e9:9c:7a:3d:af:68:49:ec:c9:4c:43: ef:7d:55:07:35:28:cb:51:08:ba:7a:0b:64:86:eb:32:17:af: 62:e2:28:30:65:f4:73:ea:d4:55:d6:c7:dd:5c:3c:89:1f:05: e3:3b:b5:5d:e9:38:57:17:c1:60:1a:28:c0:a9:a3:23:53:c7: e7:45:55:4a:24:b4:42:cb:62:f5:da:ca:df:6f:d7:84:68:1b: d1:81:a0:03:2f:e7:26:66:1b:5f:99:a5:c1:14:20:65:7f:08: 0d:ab:10:93 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICApMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlBNzcxMTAvBgNVBAUTKDI1MjkzQjBBNzAzNkM4MTNBOUNEMDIwMDZERkMyOTBB QUYyNTMyNzQwHhcNMjUwNjA3MDIwMDI0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQzOWQzOC1jNzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtzPLe1lj1dQjGV9CMrxQpeUzM/bq+jSLfXFM/FvLosFM9YpB2mrEQsbybhhz ZBQ0OEYnVZzOn8BjreQYfkSOHamFB/teqJeM4na5NFQl+FoiSoXm0jOFfpoK53Lt 9YYlLcUNw0RGaT2ucs+cVMVTBUSpr7v1/5q6GWdU5v8edw6XmWwYSC0+LnwpWcHw iZuUHusR///jadKeRe0LIp7d2JGp6eSVt4cDNjBlcJU7DvugZD5f01gqb+9JgU40 naNCbWIewaxw8t3eXEOv5EKTgPe/wJTFSceTy7Sx2W3MKb57EltC67S3ps2TwfNn /7+Y/fmVVs1YSsPhc5rV45bT7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFHokoVks nIzOZzZoSidk8TnTKqvzMB8GA1UdIwQYMBaAFCUpOwpwNsgTqc0CAG38KQqvJTJ0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUE3Ny9EM0FEMDdFMjA4 RDkxMUVEQkU5MkM5NTRDNEY5QUUwMi9KU2s3Q25BMnlCT3B6UUlBYmZ3cENxOGxN blEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pTazdDbkEyeUJPcHpRSUFiZndwQ3E4bE1uUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjlBNzcvRDNBRDA3RTIwOEQ5MTFFREJFOTJDOTU0QzRGOUFFMDIvQ0Q5QjEwM0Uw OEREMTFFRDgzMEJFQjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBABnvQIwDQYJKoZIhvcNAQELBQADggEBAKhG9PK1podCxeyP 0telR9Y9drFsSWzcVDektqNlW0i+34w1bOPY9L5WF7PtpAi6YsQfkFxysdV/C2Nb 6Gzsnby5Woej3tWGYBks0A3Zul02hvE8IM96KrfLS4Lh967pEyjKaVGvx8wybjNT fzrLON3eCtJRsd+VDp4Li5uZHh39B7lXJ9ANsu6bJEpkzQn1zR/sIyWPfmHpnHo9 r2hJ7MlMQ+99VQc1KMtRCLp6C2SG6zIXr2LiKDBl9HPq1FXWx91cPIkfBeM7tV3p OFcXwWAaKMCpoyNTx+dFVUoktELLYvXayt9v14RoG9GBoAMv5yZmG1+ZpcEUIGV/ CA2rEJM= -----END CERTIFICATE-----Generated at Tue Jun 17 21:54:27 2025 by rpki-client