$ rpki-client -vvf rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/BE497906E5E311EEB87FAA36C4F9AE02.roa File: BE497906E5E311EEB87FAA36C4F9AE02.roa (raw, json) Hash identifier: LELUfrjv2Zb3AdaNTlYrhZPGas4dcCeiZo/s6V+XgXI= Subject key identifier: D9:44:3D:E0:8C:39:FB:22:82:54:92:0A:93:8F:01:64:04:E8:B0:36 Certificate issuer: /CN=A91C911D/serialNumber=475B62A5F233ED05AC72D8781234E109BF3A908C Certificate serial: 06F3 Authority key identifier: 47:5B:62:A5:F2:33:ED:05:AC:72:D8:78:12:34:E1:09:BF:3A:90:8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/BE497906E5E311EEB87FAA36C4F9AE02.roa Signing time: Mon 02 Jun 2025 22:30:50 +0000 ROA not before: Mon 02 Jun 2025 22:30:50 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 64098 IP address blocks: 59.153.8.0/22 maxlen: 24 103.55.135.0/24 maxlen: 24 103.61.129.0/24 maxlen: 24 103.79.4.0/22 maxlen: 22 103.79.4.0/24 maxlen: 24 103.197.232.0/22 maxlen: 22 103.197.232.0/24 maxlen: 24 103.197.233.0/24 maxlen: 24 160.202.140.0/22 maxlen: 22 203.189.126.0/24 maxlen: 24 2400:1240::/32 maxlen: 32 2403:780::/32 maxlen: 32 2403:780:f::/48 maxlen: 48 2403:780:e300::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.crl rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 21:55:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1779 (0x6f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C911D, serialNumber=475B62A5F233ED05AC72D8781234E109BF3A908C Validity Not Before: Jun 2 22:30:50 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=683e261a-a474 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:c4:4f:16:b6:43:84:10:33:f0:5c:32:02:7f: 34:ff:35:19:ef:08:15:ee:ea:a3:be:20:39:e7:09: ab:05:e7:8d:b2:7a:e0:fb:a7:4f:55:72:73:f4:fe: 8c:ec:af:af:ae:e7:9f:c5:89:dd:a8:24:d8:a6:9c: ba:f4:f0:3f:3b:49:d1:31:bb:39:48:df:a1:19:81: ab:7b:68:f4:ce:f4:0f:82:55:f7:d1:0f:e4:a9:90: bd:58:e7:e3:f8:a4:53:71:bb:2e:88:d1:34:8f:f4: ed:40:4d:53:df:e3:1a:91:bb:f0:5a:4c:54:b2:9b: bd:d7:a9:44:14:3e:61:8d:30:aa:9c:00:c2:44:d5: 72:6c:15:cd:5d:23:91:a2:c8:76:4b:16:7e:7c:69: 9c:ca:e9:7a:9e:4d:b5:15:ef:44:29:17:b5:f2:6a: 5f:fa:7a:7f:1f:bc:f1:0d:d3:55:dd:81:26:e6:b1: 32:e1:14:a4:8d:fc:b8:de:c6:e4:5b:1e:b5:cd:37: 52:77:cf:bb:4e:cf:de:29:31:f4:10:ff:67:e0:aa: 3b:2a:d8:e8:5c:87:27:58:1e:4e:63:6c:9b:55:d1: 2d:cf:e1:94:15:dc:22:46:b8:87:4b:b1:0f:fe:b5: a1:37:c4:16:79:40:e1:21:b3:9a:45:95:9d:68:43: 5c:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:44:3D:E0:8C:39:FB:22:82:54:92:0A:93:8F:01:64:04:E8:B0:36 X509v3 Authority Key Identifier: keyid:47:5B:62:A5:F2:33:ED:05:AC:72:D8:78:12:34:E1:09:BF:3A:90:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/R1tipfIz7QWscth4EjThCb86kIw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1tipfIz7QWscth4EjThCb86kIw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C911D/7B13B3846C0311EB8844784BC4F9AE02/BE497906E5E311EEB87FAA36C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.153.8.0/22 103.55.135.0/24 103.61.129.0/24 103.79.4.0/22 103.197.232.0/22 160.202.140.0/22 203.189.126.0/24 IPv6: 2400:1240::/32 2403:780::/32 Signature Algorithm: sha256WithRSAEncryption 52:5f:97:48:51:99:34:25:2e:67:25:03:80:44:ea:a7:fa:4c: e3:a3:df:da:9c:8c:60:ba:84:d4:5c:53:a0:23:1e:c9:37:c7: 6b:64:0d:d1:2d:13:7a:f9:c0:f7:a8:80:9f:a4:61:85:22:80: 9b:a8:63:22:5a:7f:61:59:00:f1:cc:ee:0b:e0:c5:be:0e:c1: 5a:46:ba:bd:2b:c9:e0:cd:b4:6e:de:e9:08:91:03:7d:33:7a: 7a:06:35:56:c7:25:51:95:24:f2:9a:4a:12:c8:42:f6:eb:72: 11:a8:c3:15:ae:49:8f:56:6a:3d:c1:9f:4b:b0:36:0c:53:b0: c2:d5:8c:24:37:24:7d:a4:30:0e:44:85:98:4a:81:ea:53:8d: 22:8f:2d:7c:46:07:9a:75:bc:de:f4:f4:94:38:d1:4f:d8:09: 48:7f:0f:05:a1:66:ad:a8:b3:d1:6b:41:b3:7f:af:e6:d7:b6: 60:ef:d5:e5:6a:4a:e6:e1:4d:e3:de:8d:3e:9c:95:42:d7:1a: 30:60:bc:a5:63:b1:0e:b8:18:a9:22:58:d2:37:d0:6a:f0:d6: 39:ff:bc:7c:a7:8b:50:03:89:0c:14:ab:46:11:a6:e4:f1:56: 97:06:fc:59:ae:d2:17:85:3f:ef:79:4d:0c:c1:85:c7:e3:66: 11:07:c8:64 -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgICBvMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzkxMUQxMTAvBgNVBAUTKDQ3NUI2MkE1RjIzM0VEMDVBQzcyRDg3ODEyMzRFMTA5 QkYzQTkwOEMwHhcNMjUwNjAyMjIzMDUwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNlMjYxYS1hNDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAucRPFrZDhBAz8FwyAn80/zUZ7wgV7uqjviA55wmrBeeNsnrg+6dPVXJz9P6M 7K+vruefxYndqCTYppy69PA/O0nRMbs5SN+hGYGre2j0zvQPglX30Q/kqZC9WOfj +KRTcbsuiNE0j/TtQE1T3+MakbvwWkxUspu916lEFD5hjTCqnADCRNVybBXNXSOR osh2SxZ+fGmcyul6nk21Fe9EKRe18mpf+np/H7zxDdNV3YEm5rEy4RSkjfy43sbk Wx61zTdSd8+7Ts/eKTH0EP9n4Ko7KtjoXIcnWB5OY2ybVdEtz+GUFdwiRriHS7EP /rWhN8QWeUDhIbOaRZWdaENcmQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFNlEPeCM OfsiglSSCpOPAWQE6LA2MB8GA1UdIwQYMBaAFEdbYqXyM+0FrHLYeBI04Qm/OpCM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTExRC83QjEzQjM4NDZD MDMxMUVCODg0NDc4NEJDNEY5QUUwMi9SMXRpcGZJejdRV3NjdGg0RWpUaENiODZr SXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IxdGlwZkl6N1FXc2N0aDRFalRoQ2I4NmtJdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzkxMUQvN0IxM0IzODQ2QzAzMTFFQjg4NDQ3ODRCQzRGOUFFMDIvQkU0OTc5MDZF NUUzMTFFRUI4N0ZBQTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E SjBIMDAEAgABMCoDBAI7mQgDBABnN4cDBABnPYEDBAJnTwQDBAJnxegDBAKgyowD BADLvX4wFAQCAAIwDgMFACQAEkADBQAkAweAMA0GCSqGSIb3DQEBCwUAA4IBAQBS X5dIUZk0JS5nJQOAROqn+kzjo9/anIxguoTUXFOgIx7JN8drZA3RLRN6+cD3qICf pGGFIoCbqGMiWn9hWQDxzO4L4MW+DsFaRrq9K8ngzbRu3ukIkQN9M3p6BjVWxyVR lSTymkoSyEL263IRqMMVrkmPVmo9wZ9LsDYMU7DC1YwkNyR9pDAORIWYSoHqU40i jy18Rgeadbze9PSUONFP2AlIfw8FoWatqLPRa0Gzf6/m17Zg79Xlakrm4U3j3o0+ nJVC1xowYLylY7EOuBipIljSN9Bq8NY5/7x8p4tQA4kMFKtGEabk8VaXBvxZrtIX hT/veU0MwYXH42YRB8hk -----END CERTIFICATE-----Generated at Sun Jun 15 22:02:35 2025 by rpki-client