$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6C4E/3448652CF3CB11E5AE366062C4F9AE02/5F0B20081CBF11EAA5FCAC86C4F9AE02.roa File: 5F0B20081CBF11EAA5FCAC86C4F9AE02.roa (raw, json) Hash identifier: BjqwppR+NMle1n/1OCoqadfW2SGArIC17ShPvDamqQc= Subject key identifier: 34:D3:AA:09:77:9C:A6:2A:03:E7:23:AE:1A:40:EB:E5:CE:89:90:0F Certificate issuer: /CN=A91E6C4E/serialNumber=FF431DF8E13BD7FEC51E7B53507B4539A9F96566 Certificate serial: 20C2 Authority key identifier: FF:43:1D:F8:E1:3B:D7:FE:C5:1E:7B:53:50:7B:45:39:A9:F9:65:66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0Md-OE71_7FHntTUHtFOan5ZWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6C4E/3448652CF3CB11E5AE366062C4F9AE02/5F0B20081CBF11EAA5FCAC86C4F9AE02.roa Signing time: Thu 16 Jan 2025 16:23:10 +0000 ROA not before: Thu 16 Jan 2025 16:23:10 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 133179 IP address blocks: 103.254.180.0/22 maxlen: 22 103.254.180.0/24 maxlen: 24 103.254.181.0/24 maxlen: 24 103.254.182.0/24 maxlen: 24 103.254.183.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6C4E/3448652CF3CB11E5AE366062C4F9AE02/_0Md-OE71_7FHntTUHtFOan5ZWY.crl rsync://rpki.apnic.net/member_repository/A91E6C4E/3448652CF3CB11E5AE366062C4F9AE02/_0Md-OE71_7FHntTUHtFOan5ZWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0Md-OE71_7FHntTUHtFOan5ZWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Jun 2025 15:58:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8386 (0x20c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6C4E, serialNumber=FF431DF8E13BD7FEC51E7B53507B4539A9F96566 Validity Not Before: Jan 16 16:23:10 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6789326e-3887 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:06:f9:6e:83:00:19:b8:ed:76:bf:95:6c:8c: 6f:bc:7e:d2:8f:c5:c0:20:e9:25:c0:c8:90:e2:79: 6f:61:28:93:5e:8b:d2:42:2e:72:2d:97:2b:5b:b1: 5d:d8:40:da:33:48:04:14:e0:36:7d:89:9d:b9:87: e4:ff:6d:8f:bd:34:51:ca:35:67:1d:e0:66:dc:10: 4d:1e:2c:1d:cd:25:97:27:02:47:dc:01:0d:44:d4: 33:02:fb:18:e8:81:99:4d:6e:b9:31:5d:de:1f:d5: 02:5b:5b:f1:b9:f0:6d:72:2d:65:38:b7:8c:c3:3a: 12:15:1f:7c:03:9c:d6:50:f7:68:f5:b4:4b:9e:53: 96:65:0b:af:71:44:54:d8:48:c9:fa:51:39:54:c2: d1:57:3d:1b:cb:8f:4f:70:fb:1b:4d:00:0c:72:51: 21:8f:28:94:4a:6c:1a:eb:00:8b:85:51:ba:82:30: 74:69:0c:e4:1c:0e:6d:76:23:74:a0:d6:33:dc:0e: ae:ca:ae:8b:41:eb:2b:89:f7:56:6a:3d:8b:b6:f4: 8a:9d:9b:8c:21:3b:19:55:4d:77:80:d0:e6:5a:9e: 43:1f:b9:34:4c:d6:1b:0a:fa:38:80:82:2e:2c:cd: f5:60:da:cb:d6:04:0d:92:65:ac:33:b9:65:a4:9b: f6:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:D3:AA:09:77:9C:A6:2A:03:E7:23:AE:1A:40:EB:E5:CE:89:90:0F X509v3 Authority Key Identifier: keyid:FF:43:1D:F8:E1:3B:D7:FE:C5:1E:7B:53:50:7B:45:39:A9:F9:65:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6C4E/3448652CF3CB11E5AE366062C4F9AE02/_0Md-OE71_7FHntTUHtFOan5ZWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0Md-OE71_7FHntTUHtFOan5ZWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6C4E/3448652CF3CB11E5AE366062C4F9AE02/5F0B20081CBF11EAA5FCAC86C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.254.180.0/22 Signature Algorithm: sha256WithRSAEncryption 14:e6:5c:11:7d:a3:31:65:26:38:b8:57:b3:78:7e:fe:33:57: 14:5b:32:0c:f5:6b:9e:8e:5c:0d:e7:ba:2a:10:93:ba:82:7a: 6d:5e:a6:22:36:e6:60:52:37:01:e2:89:92:0f:cb:89:f5:83: 15:f3:24:33:eb:60:f3:64:8f:d9:a5:66:d8:0b:57:83:ac:69: 51:d0:a9:44:c9:b7:b0:23:40:85:08:fe:5f:ae:a2:fc:1f:01: 83:ff:b0:54:3b:5b:8b:b0:72:53:6c:02:09:bb:e1:bc:55:db: eb:0f:a0:3f:93:3b:68:ce:df:ce:0e:df:30:58:f8:0f:d2:4a: 46:c3:5d:f7:72:ec:44:36:4b:2e:8d:76:0c:b4:b7:e8:f2:3e: d8:8c:5d:99:1c:dd:c8:8d:8c:0d:af:23:8c:d7:9a:97:05:24: 9c:bf:3f:7d:77:df:94:2e:30:60:4b:ed:a5:64:56:91:c7:2b: 6b:ad:ee:db:3d:61:f8:d6:05:12:41:06:e1:fe:68:ae:ef:49: 23:eb:f9:86:29:13:20:e7:7e:5d:e3:9d:ec:21:a5:6e:dd:cb: fa:f8:7f:09:81:54:0b:39:ff:d1:d8:46:9d:87:13:26:9e:8b: d9:5a:75:f7:8f:1b:4a:f7:da:c2:71:e8:f7:34:07:9e:9b:26: 2b:56:f2:10 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICIMIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTZDNEUxMTAvBgNVBAUTKEZGNDMxREY4RTEzQkQ3RkVDNTFFN0I1MzUwN0I0NTM5 QTlGOTY1NjYwHhcNMjUwMTE2MTYyMzEwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzg5MzI2ZS0zODg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwAb5boMAGbjtdr+VbIxvvH7Sj8XAIOklwMiQ4nlvYSiTXovSQi5yLZcrW7Fd 2EDaM0gEFOA2fYmduYfk/22PvTRRyjVnHeBm3BBNHiwdzSWXJwJH3AENRNQzAvsY 6IGZTW65MV3eH9UCW1vxufBtci1lOLeMwzoSFR98A5zWUPdo9bRLnlOWZQuvcURU 2EjJ+lE5VMLRVz0by49PcPsbTQAMclEhjyiUSmwa6wCLhVG6gjB0aQzkHA5tdiN0 oNYz3A6uyq6LQesrifdWaj2LtvSKnZuMITsZVU13gNDmWp5DH7k0TNYbCvo4gIIu LM31YNrL1gQNkmWsM7llpJv2ZQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDTTqgl3 nKYqA+cjrhpA6+XOiZAPMB8GA1UdIwQYMBaAFP9DHfjhO9f+xR57U1B7RTmp+WVm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkM0RS8zNDQ4NjUyQ0Yz Q0IxMUU1QUUzNjYwNjJDNEY5QUUwMi9fME1kLU9FNzFfN0ZIbnRUVUh0Rk9hbjVa V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL18wTWQtT0U3MV83RkhudFRVSHRGT2FuNVpXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTZDNEUvMzQ0ODY1MkNGM0NCMTFFNUFFMzY2MDYyQzRGOUFFMDIvNUYwQjIwMDgx Q0JGMTFFQUE1RkNBQzg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJn/rQwDQYJKoZIhvcNAQELBQADggEBABTmXBF9ozFlJji4 V7N4fv4zVxRbMgz1a56OXA3nuioQk7qCem1epiI25mBSNwHiiZIPy4n1gxXzJDPr YPNkj9mlZtgLV4OsaVHQqUTJt7AjQIUI/l+uovwfAYP/sFQ7W4uwclNsAgm74bxV 2+sPoD+TO2jO384O3zBY+A/SSkbDXfdy7EQ2Sy6Ndgy0t+jyPtiMXZkc3ciNjA2v I4zXmpcFJJy/P31335QuMGBL7aVkVpHHK2ut7ts9YfjWBRJBBuH+aK7vSSPr+YYp EyDnfl3jnewhpW7dy/r4fwmBVAs5/9HYRp2HEyaei9ladfePG0r32sJx6Pc0B56b JitW8hA= -----END CERTIFICATE-----Generated at Sat Jun 21 01:49:06 2025 by rpki-client