$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/E3272FE036B911E99F4D9A5CC4F9AE02.roa File: E3272FE036B911E99F4D9A5CC4F9AE02.roa (raw, json) Hash identifier: zsPveXQ2Zd6a9Te4YhLc43ZEsJlTYYnv+fpeJR8IN2Y= Subject key identifier: FA:C2:BC:27:48:5D:48:BE:C2:AC:09:AF:A8:58:84:AD:DD:E9:E2:58 Certificate issuer: /CN=A91EA944/serialNumber=3B8D3B5184FF5B481B5B0E59B0B229CC06D6091E Certificate serial: 1068 Authority key identifier: 3B:8D:3B:51:84:FF:5B:48:1B:5B:0E:59:B0:B2:29:CC:06:D6:09:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O407UYT_W0gbWw5ZsLIpzAbWCR4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/E3272FE036B911E99F4D9A5CC4F9AE02.roa Signing time: Mon 09 Jun 2025 11:28:36 +0000 ROA not before: Mon 09 Jun 2025 11:28:36 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 132129 IP address blocks: 103.134.192.0/22 maxlen: 22 103.134.192.0/24 maxlen: 24 103.134.193.0/24 maxlen: 24 103.134.194.0/24 maxlen: 24 103.134.195.0/24 maxlen: 24 2404:69c0::/32 maxlen: 32 2404:69c0::/33 maxlen: 33 2404:69c0:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/O407UYT_W0gbWw5ZsLIpzAbWCR4.crl rsync://rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/O407UYT_W0gbWw5ZsLIpzAbWCR4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O407UYT_W0gbWw5ZsLIpzAbWCR4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 17:18:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4200 (0x1068) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA944, serialNumber=3B8D3B5184FF5B481B5B0E59B0B229CC06D6091E Validity Not Before: Jun 9 11:28:36 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=6846c564-444d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:19:ad:45:f1:31:ab:ed:fd:37:15:6d:0b:1d: 94:10:20:b2:76:5a:ea:2c:64:d4:4a:6a:e9:c9:c5: 47:45:5d:1e:2b:95:49:16:41:de:d8:4d:9b:eb:57: ad:ff:aa:7b:df:c8:54:64:3e:32:d5:36:a5:53:b3: dd:4b:ce:11:13:99:cb:9e:b5:df:ac:b9:5f:d2:77: 56:87:69:2b:b6:9e:20:ce:d5:4f:52:3a:f0:b7:a9: 51:60:03:21:92:05:ae:a4:2f:10:a5:cf:a6:51:a8: d4:c0:78:9b:ff:09:e2:ad:b4:a1:84:6a:0f:68:08: 82:b5:24:0a:98:7c:20:59:7f:aa:5e:0f:a6:80:25: ca:e7:fc:fa:ed:3b:55:b3:d7:9d:ba:72:54:9c:ed: d8:8d:23:ae:02:92:9d:f0:7d:f1:40:68:9e:1a:45: 29:c1:a5:cd:c0:af:d5:10:10:a7:04:2f:91:02:cf: 0c:bf:53:b5:7c:c7:28:a3:b5:0d:c9:87:95:74:4c: b7:97:cf:e1:5e:e3:ca:c4:fd:0a:65:48:87:a2:22: f9:d7:f3:da:9d:a2:c6:77:e9:20:69:e0:ae:16:fd: 40:24:8e:4d:83:0f:31:3d:52:b2:fc:32:bf:30:0c: bb:f7:c9:48:9d:74:ad:00:7f:61:b8:f7:dc:70:06: 39:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:C2:BC:27:48:5D:48:BE:C2:AC:09:AF:A8:58:84:AD:DD:E9:E2:58 X509v3 Authority Key Identifier: keyid:3B:8D:3B:51:84:FF:5B:48:1B:5B:0E:59:B0:B2:29:CC:06:D6:09:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/O407UYT_W0gbWw5ZsLIpzAbWCR4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O407UYT_W0gbWw5ZsLIpzAbWCR4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA944/796C9D7436B911E9984B765CC4F9AE02/E3272FE036B911E99F4D9A5CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.134.192.0/22 IPv6: 2404:69c0::/32 Signature Algorithm: sha256WithRSAEncryption 6f:e9:c9:72:27:1d:70:2e:07:c3:42:33:1a:e3:b3:ad:d5:ba: 65:49:d7:a6:98:60:c2:88:6a:47:f0:0d:86:80:22:83:99:3e: 14:00:2f:87:fa:84:45:e8:7c:1f:ec:5d:75:53:d3:13:90:6e: 4e:4f:cd:49:70:3f:9a:30:1f:60:e6:2d:7f:e8:d2:80:97:89: 69:60:7a:76:1f:5b:e1:8f:b9:31:35:d0:52:d9:7e:93:ff:cb: de:66:1d:d0:94:af:ef:f8:57:64:e6:12:be:ea:0d:41:40:7e: 7a:c6:d1:61:33:7c:8e:b0:58:eb:9e:61:d8:3a:ad:1c:9b:b5: e9:cf:cb:4c:cd:61:4d:46:0d:9a:84:dd:da:6f:8c:f9:1d:0b: 8c:c0:8d:cf:d0:91:b2:1f:fe:73:85:1e:95:a3:ec:e1:1c:11: 31:a7:4e:48:a5:39:b9:75:02:e4:6f:6f:ae:b0:51:03:ee:86: 6b:8f:d7:47:23:d4:02:e2:2f:37:bb:d6:59:ed:51:18:96:07: 55:0b:5b:e1:63:9e:8d:17:e4:bb:0c:01:5c:3c:50:88:52:6b: 6f:cd:95:e8:a3:45:e4:7e:64:b0:14:09:be:19:2c:3e:04:ae: d1:d7:7b:d6:b1:c0:4e:10:ac:41:fb:0d:f5:02:8f:5c:25:3c: 33:11:c9:0b -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICEGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE5NDQxMTAvBgNVBAUTKDNCOEQzQjUxODRGRjVCNDgxQjVCMEU1OUIwQjIyOUND MDZENjA5MUUwHhcNMjUwNjA5MTEyODM2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02ODQ2YzU2NC00NDRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuRmtRfExq+39NxVtCx2UECCydlrqLGTUSmrpycVHRV0eK5VJFkHe2E2b61et /6p738hUZD4y1TalU7PdS84RE5nLnrXfrLlf0ndWh2krtp4gztVPUjrwt6lRYAMh kgWupC8Qpc+mUajUwHib/wnirbShhGoPaAiCtSQKmHwgWX+qXg+mgCXK5/z67TtV s9edunJUnO3YjSOuApKd8H3xQGieGkUpwaXNwK/VEBCnBC+RAs8Mv1O1fMcoo7UN yYeVdEy3l8/hXuPKxP0KZUiHoiL51/PanaLGd+kgaeCuFv1AJI5Ngw8xPVKy/DK/ MAy798lInXStAH9huPfccAY55wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPrCvCdI XUi+wqwJr6hYhK3d6eJYMB8GA1UdIwQYMBaAFDuNO1GE/1tIG1sOWbCyKcwG1gke MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk0NC83OTZDOUQ3NDM2 QjkxMUU5OTg0Qjc2NUNDNEY5QUUwMi9PNDA3VVlUX1cwZ2JXdzVac0xJcHpBYldD UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL080MDdVWVRfVzBnYld3NVpzTElwekFiV0NSNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUE5NDQvNzk2QzlENzQzNkI5MTFFOTk4NEI3NjVDQzRGOUFFMDIvRTMyNzJGRTAz NkI5MTFFOTlGNEQ5QTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnhsAwDQQCAAIwBwMFACQEacAwDQYJKoZIhvcNAQELBQAD ggEBAG/pyXInHXAuB8NCMxrjs63VumVJ16aYYMKIakfwDYaAIoOZPhQAL4f6hEXo fB/sXXVT0xOQbk5PzUlwP5owH2DmLX/o0oCXiWlgenYfW+GPuTE10FLZfpP/y95m HdCUr+/4V2TmEr7qDUFAfnrG0WEzfI6wWOueYdg6rRybtenPy0zNYU1GDZqE3dpv jPkdC4zAjc/QkbIf/nOFHpWj7OEcETGnTkilObl1AuRvb66wUQPuhmuP10cj1ALi Lze71lntURiWB1ULW+Fjno0X5LsMAVw8UIhSa2/NleijReR+ZLAUCb4ZLD4ErtHX e9axwE4QrEH7DfUCj1wlPDMRyQs= -----END CERTIFICATE-----Generated at Sun Jun 15 09:42:55 2025 by rpki-client