$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa File: C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa (raw, json) Hash identifier: 78Vf6/fB7sknA1Wt2VtN9AZj7sBbXgPyMuxI8cL1zlU= Subject key identifier: 55:D8:23:F0:4A:23:64:CA:3D:9C:52:FD:FF:9F:43:61:FF:AC:C1:69 Certificate issuer: /CN=A91C4D8E/serialNumber=3F7D9BBAED7C5BFDBBA3A349ABE96B21AD27DA67 Certificate serial: 0C50 Authority key identifier: 3F:7D:9B:BA:ED:7C:5B:FD:BB:A3:A3:49:AB:E9:6B:21:AD:27:DA:67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa Signing time: Thu 12 Jun 2025 20:28:31 +0000 ROA not before: Thu 12 Jun 2025 20:28:31 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 138534 IP address blocks: 103.132.88.0/22 maxlen: 22 103.132.88.0/23 maxlen: 23 103.132.88.0/24 maxlen: 24 103.132.89.0/24 maxlen: 24 103.132.90.0/23 maxlen: 23 103.132.90.0/24 maxlen: 24 103.132.91.0/24 maxlen: 24 2404:3440::/32 maxlen: 32 2404:3440::/36 maxlen: 36 2404:3440:1000::/36 maxlen: 36 2404:3440:2000::/36 maxlen: 36 2404:3440:3000::/36 maxlen: 36 2404:3440:4000::/36 maxlen: 36 2404:3440:5000::/36 maxlen: 36 2404:3440:6000::/36 maxlen: 36 2404:3440:6000::/48 maxlen: 48 2404:3440:6001::/48 maxlen: 48 2404:3440:7000::/36 maxlen: 36 2404:3440:8000::/36 maxlen: 36 2404:3440:9000::/36 maxlen: 36 2404:3440:a000::/36 maxlen: 36 2404:3440:b000::/36 maxlen: 36 2404:3440:c000::/36 maxlen: 36 2404:3440:d000::/36 maxlen: 36 2404:3440:e000::/36 maxlen: 36 2404:3440:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.crl rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 18:23:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3152 (0xc50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4D8E, serialNumber=3F7D9BBAED7C5BFDBBA3A349ABE96B21AD27DA67 Validity Not Before: Jun 12 20:28:31 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=684b386e-51a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:b6:9d:a5:1a:80:b0:af:74:a0:cd:c7:15:37: 25:d5:65:43:38:da:17:cf:e1:6d:ec:c7:dc:ac:b7: af:f1:1e:b3:9b:6c:ea:c8:74:a7:42:27:00:9b:92: 31:52:15:37:5c:30:9f:d2:2e:76:74:a9:a1:c4:2b: 1a:94:d6:41:fc:29:72:e4:1b:1c:b0:43:cc:e5:58: ad:20:d7:33:06:6f:38:7f:3b:72:12:25:8d:9a:6d: 11:07:61:31:e9:9c:13:1a:43:3f:ad:b1:66:9b:3e: cf:89:34:ae:89:a7:8a:0b:91:f5:38:47:0b:73:a8: c2:e8:2f:9f:b0:ea:c2:f7:3d:28:19:8b:fc:14:d5: 2c:b7:64:9d:3f:b6:50:e4:b0:ba:5b:c1:71:3e:c8: f7:83:24:a6:26:b4:db:97:19:eb:cd:a6:8c:a5:89: 8a:66:2a:5c:e0:b3:32:f2:e7:7e:1a:8c:82:72:f7: 49:37:6e:bd:3a:53:4a:61:f2:dd:bf:01:be:97:3b: 8e:97:e8:f4:24:6b:35:a2:76:b5:59:8e:6a:47:05: 2d:30:61:01:91:ea:16:33:6a:27:a8:b9:05:98:1e: cb:de:4d:27:59:3d:74:a9:ce:07:9e:a1:c8:26:65: 94:f3:d5:ac:ef:07:eb:12:3a:e6:27:fd:5e:e2:f5: f7:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:D8:23:F0:4A:23:64:CA:3D:9C:52:FD:FF:9F:43:61:FF:AC:C1:69 X509v3 Authority Key Identifier: keyid:3F:7D:9B:BA:ED:7C:5B:FD:BB:A3:A3:49:AB:E9:6B:21:AD:27:DA:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/P32buu18W_27o6NJq-lrIa0n2mc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P32buu18W_27o6NJq-lrIa0n2mc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4D8E/589B933C06A411EAB3C66B38C4F9AE02/C9FF2A7E06A511EAA1FFDB3DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.132.88.0/22 IPv6: 2404:3440::/32 Signature Algorithm: sha256WithRSAEncryption 03:77:84:2d:d8:8a:cc:c7:89:9b:47:80:0c:a6:33:b9:8e:e1: fd:b6:a2:57:d0:74:ae:ea:ec:d4:9f:dd:2c:9e:b5:37:70:24: 47:45:0a:8a:86:44:bf:3d:7e:26:70:6a:78:a1:65:67:b8:c2: 63:3c:ca:36:a4:71:3d:68:ea:82:e7:33:96:52:96:e2:67:90: 03:8d:9d:7c:35:ae:85:ca:fe:23:25:3d:2e:06:f4:e9:e9:57: d9:a4:09:b4:42:0b:83:7b:11:16:6b:09:b1:ae:31:ef:fb:f1: 14:08:63:78:f5:e2:90:13:6d:a1:20:b3:7f:74:c4:3c:07:94: aa:95:ef:c0:7f:9a:64:f3:18:bf:52:f6:f2:ca:db:67:30:2f: 40:30:f5:1b:64:79:ec:0c:17:76:eb:05:7c:71:99:ae:48:4c: c4:6a:af:3c:9e:45:fc:be:05:30:9d:9f:b5:bb:27:01:2a:1f: a3:d5:a1:9a:65:b3:ab:3a:fa:05:c8:01:b5:2c:2e:80:bc:90: f5:a8:86:db:79:98:d8:2e:31:4e:65:36:ae:ad:2f:0d:9e:a0: ba:02:c4:af:2a:e7:d4:82:2b:4e:a0:3b:f1:04:73:58:41:67: be:23:60:27:61:8d:d0:9a:6f:07:f8:d0:bb:95:c3:2e:69:c2: cb:fe:78:45 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICDFAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzREOEUxMTAvBgNVBAUTKDNGN0Q5QkJBRUQ3QzVCRkRCQkEzQTM0OUFCRTk2QjIx QUQyN0RBNjcwHhcNMjUwNjEyMjAyODMxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODRiMzg2ZS01MWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz7adpRqAsK90oM3HFTcl1WVDONoXz+Ft7MfcrLev8R6zm2zqyHSnQicAm5Ix UhU3XDCf0i52dKmhxCsalNZB/Cly5BscsEPM5VitINczBm84fztyEiWNmm0RB2Ex 6ZwTGkM/rbFmmz7PiTSuiaeKC5H1OEcLc6jC6C+fsOrC9z0oGYv8FNUst2SdP7ZQ 5LC6W8FxPsj3gySmJrTblxnrzaaMpYmKZipc4LMy8ud+GoyCcvdJN269OlNKYfLd vwG+lzuOl+j0JGs1ona1WY5qRwUtMGEBkeoWM2onqLkFmB7L3k0nWT10qc4HnqHI JmWU89Ws7wfrEjrmJ/1e4vX3KwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFXYI/BK I2TKPZxS/f+fQ2H/rMFpMB8GA1UdIwQYMBaAFD99m7rtfFv9u6OjSavpayGtJ9pn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEQ4RS81ODlCOTMzQzA2 QTQxMUVBQjNDNjZCMzhDNEY5QUUwMi9QMzJidXUxOFdfMjdvNk5KcS1scklhMG4y bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1AzMmJ1dTE4V18yN282TkpxLWxySWEwbjJtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzREOEUvNTg5QjkzM0MwNkE0MTFFQUIzQzY2QjM4QzRGOUFFMDIvQzlGRjJBN0Uw NkE1MTFFQUExRkZEQjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnhFgwDQQCAAIwBwMFACQENEAwDQYJKoZIhvcNAQELBQAD ggEBAAN3hC3YiszHiZtHgAymM7mO4f22olfQdK7q7NSf3SyetTdwJEdFCoqGRL89 fiZwanihZWe4wmM8yjakcT1o6oLnM5ZSluJnkAONnXw1roXK/iMlPS4G9OnpV9mk CbRCC4N7ERZrCbGuMe/78RQIY3j14pATbaEgs390xDwHlKqV78B/mmTzGL9S9vLK 22cwL0Aw9RtkeewMF3brBXxxma5ITMRqrzyeRfy+BTCdn7W7JwEqH6PVoZpls6s6 +gXIAbUsLoC8kPWohtt5mNguMU5lNq6tLw2eoLoCxK8q59SCK06gO/EEc1hBZ74j YCdhjdCabwf40LuVwy5pwsv+eEU= -----END CERTIFICATE-----Generated at Wed Jun 18 19:54:27 2025 by rpki-client