$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/2FC13F564ED511EA945E3314C4F9AE02.roa File: 2FC13F564ED511EA945E3314C4F9AE02.roa (raw, json) Hash identifier: A/a0M5805rjTnXrE1n/14FN5oLiy6+lmzg+Var9FAeo= Subject key identifier: AA:CA:F2:CA:F5:DD:2F:DD:2A:3E:8F:76:CB:21:5E:D9:87:EE:42:50 Certificate issuer: /CN=A91EAC82/serialNumber=0A9B6981B12D5A4D2DF36EE9D280A6595C325136 Certificate serial: 0AE6 Authority key identifier: 0A:9B:69:81:B1:2D:5A:4D:2D:F3:6E:E9:D2:80:A6:59:5C:32:51:36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CptpgbEtWk0t827p0oCmWVwyUTY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/2FC13F564ED511EA945E3314C4F9AE02.roa Signing time: Thu 12 Jun 2025 19:35:02 +0000 ROA not before: Thu 12 Jun 2025 19:35:02 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 138965 IP address blocks: 103.137.204.0/22 maxlen: 22 103.137.204.0/24 maxlen: 24 103.137.205.0/24 maxlen: 24 103.137.206.0/24 maxlen: 24 103.137.207.0/24 maxlen: 24 2400:d3e0::/32 maxlen: 32 2400:d3e0::/35 maxlen: 35 2400:d3e0::/48 maxlen: 48 2400:d3e0:1::/48 maxlen: 48 2400:d3e0:2::/48 maxlen: 48 2400:d3e0:3::/48 maxlen: 48 2400:d3e0:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/CptpgbEtWk0t827p0oCmWVwyUTY.crl rsync://rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/CptpgbEtWk0t827p0oCmWVwyUTY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CptpgbEtWk0t827p0oCmWVwyUTY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 19:18:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2790 (0xae6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAC82, serialNumber=0A9B6981B12D5A4D2DF36EE9D280A6595C325136 Validity Not Before: Jun 12 19:35:02 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=684b2be6-4119 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e4:c4:06:d3:1d:65:1f:f1:86:63:42:b8:d6: ad:99:c7:8b:11:d9:e8:6e:e9:93:a8:ee:f3:f7:2a: 8d:c5:46:58:ad:ec:e6:a9:2a:1d:34:15:a8:48:da: 50:9d:84:ee:77:e4:6c:41:11:ab:46:d7:9a:b1:07: 3b:59:ba:2f:34:46:c6:5f:a2:e0:ef:67:6a:ef:4a: 25:d8:64:ad:a2:93:7e:d8:ec:6b:97:41:5e:ca:e4: f2:79:12:b0:a4:ba:4e:12:1f:b5:d2:14:3d:bc:28: d0:21:c2:4c:71:88:d5:89:92:60:7e:a3:96:44:c9: 29:59:1e:e6:23:06:a9:38:d2:e0:f5:e7:f4:4b:eb: 2b:f4:b0:0d:93:92:ae:03:30:2d:60:8e:2c:73:72: 88:09:fe:82:44:a7:b0:c8:a2:da:ea:f5:df:3d:a7: 8d:74:1f:fe:46:5e:fa:23:40:6f:82:8b:d4:48:1a: e5:82:f6:2f:e5:23:f0:32:43:f3:b6:ed:31:46:62: 82:cb:e6:95:b3:8d:9c:f6:6c:9d:4c:7a:96:b2:d2: 77:27:88:13:2f:4f:e8:88:1a:df:d6:b1:42:69:d7: 88:e8:a6:99:4d:81:60:49:ad:64:5d:da:fd:5d:d7: 48:51:c6:dd:97:f5:d0:8b:ce:4f:d1:f2:34:54:4d: 94:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:CA:F2:CA:F5:DD:2F:DD:2A:3E:8F:76:CB:21:5E:D9:87:EE:42:50 X509v3 Authority Key Identifier: keyid:0A:9B:69:81:B1:2D:5A:4D:2D:F3:6E:E9:D2:80:A6:59:5C:32:51:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/CptpgbEtWk0t827p0oCmWVwyUTY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CptpgbEtWk0t827p0oCmWVwyUTY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAC82/CBD893A04ED311EAAD7BA211C4F9AE02/2FC13F564ED511EA945E3314C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.137.204.0/22 IPv6: 2400:d3e0::/32 Signature Algorithm: sha256WithRSAEncryption a8:12:f2:55:f9:1d:dc:ea:05:3c:15:62:6e:4e:8c:26:0f:83: 38:21:cf:49:7a:74:4f:8b:89:89:6b:c9:be:ce:46:4b:9a:08: b1:a6:08:82:a4:32:b3:6d:22:3b:56:ce:f7:a0:1f:49:21:a5: 86:90:f5:7f:3d:7b:9f:22:f7:91:80:eb:22:a3:0d:7b:4f:13: 50:00:95:d9:1b:99:06:50:35:2b:83:e1:5a:41:fb:f6:cc:71: 69:7d:74:cf:91:bd:81:f7:a4:a0:cd:d2:3f:33:a2:7b:b7:c7: 3a:3e:06:b5:d3:36:47:fa:af:9e:16:08:da:1f:4f:32:39:a2: b4:dd:9a:26:37:45:5f:f5:3c:cd:82:68:a3:f7:6e:37:1d:d0: 38:ca:75:6a:e9:05:e1:16:88:19:89:93:d3:89:8c:38:ba:f7: ae:a3:6b:1b:fb:e1:46:02:b4:2f:fb:83:95:c8:f8:67:87:1d: df:0b:21:86:53:30:79:25:51:94:e6:07:27:64:82:f5:59:95: cf:bf:9a:55:37:25:78:1f:b8:da:6f:ab:ab:c3:1d:ad:36:e2: e9:2f:b5:67:68:b7:c5:dc:1e:54:d0:1a:d6:b4:b0:65:ad:39: d9:9d:56:e5:cf:5a:fc:17:26:2e:24:ac:f0:ee:b3:d4:67:5f: d3:26:86:cc -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCuYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFDODIxMTAvBgNVBAUTKDBBOUI2OTgxQjEyRDVBNEQyREYzNkVFOUQyODBBNjU5 NUMzMjUxMzYwHhcNMjUwNjEyMTkzNTAyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODRiMmJlNi00MTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApOTEBtMdZR/xhmNCuNatmceLEdnobumTqO7z9yqNxUZYrezmqSodNBWoSNpQ nYTud+RsQRGrRteasQc7WbovNEbGX6Lg72dq70ol2GStopN+2Oxrl0FeyuTyeRKw pLpOEh+10hQ9vCjQIcJMcYjViZJgfqOWRMkpWR7mIwapONLg9ef0S+sr9LANk5Ku AzAtYI4sc3KICf6CRKewyKLa6vXfPaeNdB/+Rl76I0BvgovUSBrlgvYv5SPwMkPz tu0xRmKCy+aVs42c9mydTHqWstJ3J4gTL0/oiBrf1rFCadeI6KaZTYFgSa1kXdr9 XddIUcbdl/XQi85P0fI0VE2UawIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKrK8sr1 3S/dKj6PdsshXtmH7kJQMB8GA1UdIwQYMBaAFAqbaYGxLVpNLfNu6dKApllcMlE2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUM4Mi9DQkQ4OTNBMDRF RDMxMUVBQUQ3QkEyMTFDNEY5QUUwMi9DcHRwZ2JFdFdrMHQ4MjdwMG9DbVdWd3lV VFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NwdHBnYkV0V2swdDgyN3Awb0NtV1Z3eVVUWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUFDODIvQ0JEODkzQTA0RUQzMTFFQUFEN0JBMjExQzRGOUFFMDIvMkZDMTNGNTY0 RUQ1MTFFQTk0NUUzMzE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnicwwDQQCAAIwBwMFACQA0+AwDQYJKoZIhvcNAQELBQAD ggEBAKgS8lX5HdzqBTwVYm5OjCYPgzghz0l6dE+LiYlryb7ORkuaCLGmCIKkMrNt IjtWzvegH0khpYaQ9X89e58i95GA6yKjDXtPE1AAldkbmQZQNSuD4VpB+/bMcWl9 dM+RvYH3pKDN0j8zonu3xzo+BrXTNkf6r54WCNofTzI5orTdmiY3RV/1PM2CaKP3 bjcd0DjKdWrpBeEWiBmJk9OJjDi6966jaxv74UYCtC/7g5XI+GeHHd8LIYZTMHkl UZTmBydkgvVZlc+/mlU3JXgfuNpvq6vDHa024ukvtWdot8XcHlTQGta0sGWtOdmd VuXPWvwXJi4krPDus9RnX9Mmhsw= -----END CERTIFICATE-----Generated at Fri Jun 20 08:57:14 2025 by rpki-client