$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/AFD61B9C36A311F08A82A258C4F9AE02.roa File: AFD61B9C36A311F08A82A258C4F9AE02.roa (raw, json) Hash identifier: GbT2Xq8LMseiodZFptbEkKwR2JJrCaZJBMK5VYRS9TY= Subject key identifier: 2F:EB:25:BD:5E:B1:79:8D:A6:99:8E:6E:6D:D5:7C:7F:99:4C:34:CA Certificate issuer: /CN=A91CB3FE/serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Certificate serial: 23 Authority key identifier: AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/AFD61B9C36A311F08A82A258C4F9AE02.roa Signing time: Thu 17 Jul 2025 08:14:35 +0000 ROA not before: Thu 17 Jul 2025 08:14:35 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 137965 IP address blocks: 103.118.120.0/24 maxlen: 24 2001:df5:cb00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB3FE, serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Validity Not Before: Jul 17 08:14:35 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=6878b0eb-3f3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:0c:0d:ff:6e:91:ff:33:c3:e2:7b:dd:c0:7a: 5d:e8:9b:06:1f:57:13:b6:6d:e1:f4:f7:b8:31:8a: 84:76:fa:b3:72:f9:40:88:14:aa:75:0e:8c:1d:3d: a9:d5:1c:7f:46:ce:74:ac:70:1d:98:e9:d6:bf:89: fa:58:ea:c3:0f:31:29:bd:ad:e5:65:f2:07:9d:23: 25:76:45:84:7d:ea:b0:67:5e:7d:bb:9f:3f:41:7e: ba:34:e1:25:43:90:fa:0f:b4:53:e7:53:da:20:3b: 3d:92:f7:c0:c6:85:ef:be:c8:0f:bc:4d:8a:04:de: 51:c0:82:ef:72:7e:df:dd:40:ef:f4:b7:40:0e:4d: 13:96:4f:90:00:ee:2c:13:9d:7d:db:b3:14:f6:5a: 95:31:2d:d9:d6:24:23:e9:4b:ee:7a:67:ef:52:f3: c0:df:c8:70:03:49:c0:67:85:98:9e:85:35:28:44: f8:fd:b5:34:80:3b:f6:24:4b:30:1f:7c:6e:8c:a2: 93:b1:2c:25:f6:22:9e:e5:1c:fc:1f:96:46:0a:a4: 2a:00:de:a7:53:1e:00:48:b4:04:12:df:2c:e1:60: 3a:59:1a:46:48:d8:f4:66:84:72:38:a3:0a:42:70: 37:a4:dd:2e:70:c7:e7:22:a7:c5:a7:71:2a:23:72: 25:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:EB:25:BD:5E:B1:79:8D:A6:99:8E:6E:6D:D5:7C:7F:99:4C:34:CA X509v3 Authority Key Identifier: keyid:AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/AFD61B9C36A311F08A82A258C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.118.120.0/24 IPv6: 2001:df5:cb00::/48 Signature Algorithm: sha256WithRSAEncryption 8d:78:13:4a:b1:05:70:74:bf:36:50:4d:ba:c3:02:93:19:5e: aa:1a:be:92:a7:9c:f4:70:54:97:1e:26:86:28:6b:7c:17:df: bd:a6:d8:30:a4:5f:2e:b5:ab:3f:e5:ed:52:d5:20:5f:61:fe: 6c:99:9b:b5:55:57:f1:69:3d:7f:d8:4c:cb:64:6c:f7:7c:33: 39:3d:3e:ec:94:e9:d2:e4:3b:a0:b8:4e:ae:6f:4b:47:66:b8: ab:5b:e2:5b:01:97:1f:40:34:c1:35:f0:a4:a3:4b:cf:c9:f3: 6b:ff:9c:d9:39:80:94:7d:14:d0:10:e8:0a:b6:ba:d3:42:9f: 83:97:b0:de:25:ad:d5:6d:50:4a:6e:c1:4d:56:56:45:11:37: 42:d0:f7:da:15:4f:80:11:4b:3f:4d:a6:30:c9:27:b2:8f:08: f2:e9:19:ff:d3:8c:29:8d:97:a8:e0:f6:0f:77:cd:45:6d:a7: fa:e3:a7:8e:92:6a:e5:f3:c3:13:0e:93:9f:46:ff:e0:47:e4: bc:12:3d:8c:f9:84:d7:3c:00:c1:6a:3d:76:d2:7f:cb:08:a9: d2:33:19:fb:bc:4e:3e:a4:bf:df:cc:de:e6:a2:af:a9:6d:7d: db:91:e1:ba:e7:ba:7d:4c:f4:9a:89:49:6c:11:a1:a8:aa:36: 6c:5f:e8:9f -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjNGRTExMC8GA1UEBRMoQUZGODc3NzIxODc1MzU4NUMzODhFOUI4MUMzOTA2NkJE MzhEQjU5MjAeFw0yNTA3MTcwODE0MzVaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NzhiMGViLTNmM2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCrDA3/bpH/M8Pie93Ael3omwYfVxO2beH097gxioR2+rNy+UCIFKp1DowdPanV HH9GznSscB2Y6da/ifpY6sMPMSm9reVl8gedIyV2RYR96rBnXn27nz9Bfro04SVD kPoPtFPnU9ogOz2S98DGhe++yA+8TYoE3lHAgu9yft/dQO/0t0AOTROWT5AA7iwT nX3bsxT2WpUxLdnWJCPpS+56Z+9S88DfyHADScBnhZiehTUoRPj9tTSAO/YkSzAf fG6MopOxLCX2Ip7lHPwflkYKpCoA3qdTHgBItAQS3yzhYDpZGkZI2PRmhHI4owpC cDek3S5wx+cip8WncSojciUHAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUL+slvV6x eY2mmY5ubdV8f5lMNMowHwYDVR0jBBgwFoAUr/h3chh1NYXDiOm4HDkGa9ONtZIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCM0ZFLzJBNTY4NzgyMzZB MjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllYRGlPbTRIRGtHYTlPTnRa SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcl9oM2NoaDFOWVhEaU9tNEhEa0dhOU9OdFpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjNGRS8yQTU2ODc4MjM2QTIxMUYwODk3QjRCM0NDNEY5QUUwMi9BRkQ2MUI5QzM2 QTMxMUYwOEE4MkEyNThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAGd2eDAPBAIAAjAJAwcAIAEN9csAMA0GCSqGSIb3DQEBCwUA A4IBAQCNeBNKsQVwdL82UE26wwKTGV6qGr6Sp5z0cFSXHiaGKGt8F9+9ptgwpF8u tas/5e1S1SBfYf5smZu1VVfxaT1/2EzLZGz3fDM5PT7slOnS5DuguE6ub0tHZrir W+JbAZcfQDTBNfCko0vPyfNr/5zZOYCUfRTQEOgKtrrTQp+Dl7DeJa3VbVBKbsFN VlZFETdC0PfaFU+AEUs/TaYwySeyjwjy6Rn/04wpjZeo4PYPd81Fbaf646eOkmrl 88MTDpOfRv/gR+S8Ej2M+YTXPADBaj120n/LCKnSMxn7vE4+pL/fzN7moq+pbX3b keG657p9TPSaiUlsEaGoqjZsX+if -----END CERTIFICATE-----Generated at Sun Aug 10 16:10:04 2025 by rpki-client