$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3D4D/ED6A19929AE711EB8A045626C4F9AE02/8B5C69BACD5211EBBF89483BC4F9AE02.roa File: 8B5C69BACD5211EBBF89483BC4F9AE02.roa (raw, json) Hash identifier: 71fJuckCoKbzUc34v7gFsGAjPnIuO7itiiyZ85r0nVs= Subject key identifier: 66:AA:BB:84:F4:0C:10:21:B7:0D:24:F2:78:D5:9B:F1:A2:D5:10:80 Certificate issuer: /CN=A91E3D4D/serialNumber=DF43CF31F11CD8E69F1A5B451D43F68B14476B47 Certificate serial: 0659 Authority key identifier: DF:43:CF:31:F1:1C:D8:E6:9F:1A:5B:45:1D:43:F6:8B:14:47:6B:47 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30PPMfEc2OafGltFHUP2ixRHa0c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3D4D/ED6A19929AE711EB8A045626C4F9AE02/8B5C69BACD5211EBBF89483BC4F9AE02.roa Signing time: Mon 16 Jun 2025 22:51:44 +0000 ROA not before: Mon 16 Jun 2025 22:51:44 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 142050 IP address blocks: 103.165.186.0/23 maxlen: 23 103.165.186.0/24 maxlen: 24 103.165.187.0/24 maxlen: 24 2407:4d40::/32 maxlen: 32 2407:4d40::/48 maxlen: 48 2407:4d40:1::/48 maxlen: 48 2407:4d40:2::/48 maxlen: 48 2407:4d40:3::/48 maxlen: 48 2407:4d40:4::/48 maxlen: 48 2407:4d40:5::/48 maxlen: 48 2407:4d40:6::/48 maxlen: 48 2407:4d40:7::/48 maxlen: 48 2407:4d40:8::/48 maxlen: 48 2407:4d40:9::/48 maxlen: 48 2407:4d40:a::/48 maxlen: 48 2407:4d40:b::/48 maxlen: 48 2407:4d40:c::/48 maxlen: 48 2407:4d40:d::/48 maxlen: 48 2407:4d40:e::/48 maxlen: 48 2407:4d40:f::/48 maxlen: 48 2407:4d40:10::/48 maxlen: 48 2407:4d40:11::/48 maxlen: 48 2407:4d40:12::/48 maxlen: 48 2407:4d40:13::/48 maxlen: 48 2407:4d40:14::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3D4D/ED6A19929AE711EB8A045626C4F9AE02/30PPMfEc2OafGltFHUP2ixRHa0c.crl rsync://rpki.apnic.net/member_repository/A91E3D4D/ED6A19929AE711EB8A045626C4F9AE02/30PPMfEc2OafGltFHUP2ixRHa0c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30PPMfEc2OafGltFHUP2ixRHa0c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 22:34:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1625 (0x659) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3D4D, serialNumber=DF43CF31F11CD8E69F1A5B451D43F68B14476B47 Validity Not Before: Jun 16 22:51:44 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6850a000-47f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:4c:1f:fb:46:78:b8:f1:1f:80:03:e7:16:fc: 8a:24:76:f4:bd:53:aa:95:2c:f7:67:0b:5c:16:69: 8a:c3:43:70:1f:27:de:94:71:a6:6b:fe:80:11:8d: e0:ee:16:eb:2b:6c:1a:a9:06:8e:c6:c1:dd:3f:c1: a3:53:f2:6a:7e:f8:75:a7:8b:47:d1:7a:a4:a2:ae: 19:0e:32:23:64:32:90:02:e8:ae:af:f9:49:12:ba: 00:7e:7e:ef:8c:05:4c:1b:27:43:7f:77:0d:d7:a2: 6a:fa:71:2c:c9:06:04:78:68:f9:78:9d:67:08:c5: 7f:c0:bc:c1:70:78:06:eb:f1:5f:63:1e:ba:bc:8c: 0a:31:30:8b:a2:92:c9:06:75:47:ee:57:08:ef:e8: 14:fa:8d:7c:78:c2:36:b6:d4:5c:65:bd:28:d7:dc: b8:5a:f2:04:db:a0:90:c9:ec:85:c8:33:ce:b4:08: 55:3b:c8:c5:1c:4c:8d:9a:44:5c:47:c0:45:d2:12: 09:14:cc:83:fa:77:d5:df:5c:f2:73:00:04:5e:3d: ad:7b:f6:5c:10:fd:5e:23:b0:68:7c:47:d4:4d:c3: 47:d5:a1:1a:cb:b0:21:89:46:a5:0a:f5:68:c6:e2: 88:7c:31:15:7d:8e:66:3f:8d:b5:0c:52:f7:25:13: 47:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:AA:BB:84:F4:0C:10:21:B7:0D:24:F2:78:D5:9B:F1:A2:D5:10:80 X509v3 Authority Key Identifier: keyid:DF:43:CF:31:F1:1C:D8:E6:9F:1A:5B:45:1D:43:F6:8B:14:47:6B:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3D4D/ED6A19929AE711EB8A045626C4F9AE02/30PPMfEc2OafGltFHUP2ixRHa0c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30PPMfEc2OafGltFHUP2ixRHa0c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3D4D/ED6A19929AE711EB8A045626C4F9AE02/8B5C69BACD5211EBBF89483BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.165.186.0/23 IPv6: 2407:4d40::/32 Signature Algorithm: sha256WithRSAEncryption 4b:c6:be:13:bf:70:b4:d3:ec:2e:32:04:0d:94:84:bc:d8:84: 30:23:6b:49:9d:64:29:8b:b0:b1:5a:d1:c2:f9:7e:eb:cd:48: be:0b:00:fa:0e:d8:44:17:0e:40:26:30:d1:65:33:70:70:51: 67:58:0c:75:99:a3:eb:4e:9a:53:44:e7:ee:70:04:94:94:a0: c8:e4:4b:3c:18:ac:b7:c0:83:72:29:77:d5:cf:79:0d:53:40: 55:95:6e:1c:1c:f4:19:7d:65:72:67:4e:f6:16:36:8f:3c:d9: cb:22:c8:47:d6:aa:d2:e4:be:b9:5e:14:4f:be:b0:c4:77:d5: 71:d8:8e:7d:65:48:60:74:3f:62:08:d8:3c:8f:fb:4f:95:9e: 2f:3e:8b:78:82:43:ab:75:48:8d:9b:f4:79:ec:f1:ab:98:49: ff:b2:91:f4:29:c9:55:ec:f7:51:52:42:c8:ee:7d:05:42:68: 5e:c1:65:e9:b5:22:07:2b:0d:7d:40:63:7d:87:f0:e1:93:9c: a7:53:02:a7:38:35:ee:47:79:16:0a:86:83:87:80:2f:98:38: e8:d3:a5:a7:4f:52:b6:09:e5:51:09:71:87:9c:f2:39:f8:21: 4a:2c:d8:f3:e9:82:47:41:54:c8:6c:1d:08:ce:5b:b8:9f:22: c2:f8:06:07 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNENEQxMTAvBgNVBAUTKERGNDNDRjMxRjExQ0Q4RTY5RjFBNUI0NTFENDNGNjhC MTQ0NzZCNDcwHhcNMjUwNjE2MjI1MTQ0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODUwYTAwMC00N2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo0wf+0Z4uPEfgAPnFvyKJHb0vVOqlSz3ZwtcFmmKw0NwHyfelHGma/6AEY3g 7hbrK2waqQaOxsHdP8GjU/Jqfvh1p4tH0Xqkoq4ZDjIjZDKQAuiur/lJEroAfn7v jAVMGydDf3cN16Jq+nEsyQYEeGj5eJ1nCMV/wLzBcHgG6/FfYx66vIwKMTCLopLJ BnVH7lcI7+gU+o18eMI2ttRcZb0o19y4WvIE26CQyeyFyDPOtAhVO8jFHEyNmkRc R8BF0hIJFMyD+nfV31zycwAEXj2te/ZcEP1eI7BofEfUTcNH1aEay7AhiUalCvVo xuKIfDEVfY5mP421DFL3JRNHmwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGaqu4T0 DBAhtw0k8njVm/Gi1RCAMB8GA1UdIwQYMBaAFN9DzzHxHNjmnxpbRR1D9osUR2tH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0Q0RC9FRDZBMTk5MjlB RTcxMUVCOEEwNDU2MjZDNEY5QUUwMi8zMFBQTWZFYzJPYWZHbHRGSFVQMml4Ukhh MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMwUFBNZkVjMk9hZkdsdEZIVVAyaXhSSGEwYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTNENEQvRUQ2QTE5OTI5QUU3MTFFQjhBMDQ1NjI2QzRGOUFFMDIvOEI1QzY5QkFD RDUyMTFFQkJGODk0ODNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnpbowDQQCAAIwBwMFACQHTUAwDQYJKoZIhvcNAQELBQAD ggEBAEvGvhO/cLTT7C4yBA2UhLzYhDAja0mdZCmLsLFa0cL5fuvNSL4LAPoO2EQX DkAmMNFlM3BwUWdYDHWZo+tOmlNE5+5wBJSUoMjkSzwYrLfAg3Ipd9XPeQ1TQFWV bhwc9Bl9ZXJnTvYWNo882csiyEfWqtLkvrleFE++sMR31XHYjn1lSGB0P2II2DyP +0+Vni8+i3iCQ6t1SI2b9Hns8auYSf+ykfQpyVXs91FSQsjufQVCaF7BZem1Igcr DX1AY32H8OGTnKdTAqc4Ne5HeRYKhoOHgC+YOOjTpadPUrYJ5VEJcYec8jn4IUos 2PPpgkdBVMhsHQjOW7ifIsL4Bgc= -----END CERTIFICATE-----Generated at Thu Jun 19 08:08:17 2025 by rpki-client