$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/2395AD02E44911EFB4261C43C4F9AE02.roa File: 2395AD02E44911EFB4261C43C4F9AE02.roa (raw, json) Hash identifier: yVwnO56nbUbnCX/cr4Z5ZK8KQTm634H9qAQ3mEA0k1k= Subject key identifier: 6C:05:27:05:5C:34:D1:EC:EA:90:91:7D:71:6E:5D:12:0C:D8:E0:6D Certificate issuer: /CN=A91EB2B8/serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F Certificate serial: 02B5 Authority key identifier: A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/2395AD02E44911EFB4261C43C4F9AE02.roa Signing time: Wed 11 Jun 2025 02:18:36 +0000 ROA not before: Wed 11 Jun 2025 02:18:36 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 13335 IP address blocks: 123.108.74.0/24 maxlen: 24 123.108.75.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 01:36:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 693 (0x2b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB2B8, serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F Validity Not Before: Jun 11 02:18:36 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6848e77c-206b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:51:45:1d:9a:c0:c9:40:0f:c5:79:c4:54:0a: 8e:4e:04:23:bf:50:41:86:51:7e:ff:8d:a4:00:31: 3a:46:e7:ff:9a:0b:48:2c:84:67:6e:36:78:cc:05: 39:44:b6:4d:c6:c0:20:a5:a6:68:6d:dc:0d:f9:51: f4:5d:b3:c2:a8:05:2c:49:e3:23:16:2a:e4:d1:8d: 53:b8:35:6f:b1:ab:1c:dd:1b:26:d5:37:de:27:56: 1b:7d:d8:03:50:81:51:e9:4d:d4:ce:31:ec:2c:da: 4f:2b:7c:fb:6b:0d:f7:c7:d6:52:7b:e8:ea:76:63: 95:e6:e5:3b:65:f2:2c:f0:b1:3a:7c:f4:8c:d6:85: a8:0e:c1:d4:d8:0b:63:4c:28:29:1b:c0:9b:a3:e5: 07:fc:67:27:be:71:31:a4:85:e7:ae:db:39:a9:72: 33:54:40:90:84:8f:52:73:41:0a:32:c2:22:22:4d: 67:5c:b0:36:fc:f3:d5:b8:05:dc:30:0f:fd:b6:83: cb:33:e5:80:08:12:44:25:c0:10:c8:76:1b:36:5f: e8:a7:92:57:2b:96:5f:cb:fa:ad:2b:a0:d2:a7:75: 65:ad:8c:1a:66:f1:3b:a1:de:d7:a9:13:e9:58:89: b1:95:78:27:7a:b6:93:9f:9a:ec:59:6e:09:6d:74: 25:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:05:27:05:5C:34:D1:EC:EA:90:91:7D:71:6E:5D:12:0C:D8:E0:6D X509v3 Authority Key Identifier: keyid:A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/2395AD02E44911EFB4261C43C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.108.74.0/23 Signature Algorithm: sha256WithRSAEncryption 0c:47:cc:f2:38:c1:04:78:2f:fb:b2:79:80:78:e5:26:ea:46: a9:1e:95:69:62:18:af:7b:cd:e1:fd:ba:ea:f0:cf:07:ca:2a: 5e:4c:ac:cf:f4:04:6c:cc:7c:e1:82:2b:8a:a7:99:32:43:d3: d1:0c:b0:d9:66:10:db:68:a6:d9:d0:f2:d2:f8:68:d7:b4:43: 90:e9:84:8e:ee:07:6e:fc:35:d4:bc:b6:d1:24:d1:5e:d7:16: b9:04:cc:ff:2e:94:ad:4a:d0:de:84:5b:0d:14:f8:59:10:86: 8d:82:1b:42:82:49:ac:92:17:75:67:38:7b:f7:58:04:c1:ff: 08:cf:cd:46:e1:18:46:78:c0:41:02:e7:62:64:50:f2:e8:27: 85:b5:9a:b7:1d:29:4d:f1:42:7f:b0:87:10:1f:83:39:cb:8a: f3:58:f4:ec:ce:ca:01:f0:ea:21:1a:a9:9e:a3:52:87:e5:a6: 4c:46:fd:1d:c7:0c:68:a6:56:c2:96:8d:3d:1d:7b:9e:61:b0: 8a:1f:3b:85:f0:ed:32:dd:db:9e:26:65:49:7e:86:cf:22:95: 21:1b:46:6c:8d:4d:03:98:ad:5b:65:8b:3d:2d:a4:6c:bf:02: 9e:53:77:d2:e6:32:36:a3:32:e2:65:2a:2f:77:a6:ef:aa:c8: 1d:f3:82:7e -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICArUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUIyQjgxMTAvBgNVBAUTKEE2OTcwMEU3OEQwQzgxMkFEMkUyQzExNEM4MkM2NTVB MEFDRDQ0N0YwHhcNMjUwNjExMDIxODM2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQ4ZTc3Yy0yMDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA41FFHZrAyUAPxXnEVAqOTgQjv1BBhlF+/42kADE6Ruf/mgtILIRnbjZ4zAU5 RLZNxsAgpaZobdwN+VH0XbPCqAUsSeMjFirk0Y1TuDVvsasc3Rsm1TfeJ1YbfdgD UIFR6U3UzjHsLNpPK3z7aw33x9ZSe+jqdmOV5uU7ZfIs8LE6fPSM1oWoDsHU2Atj TCgpG8Cbo+UH/GcnvnExpIXnrts5qXIzVECQhI9Sc0EKMsIiIk1nXLA2/PPVuAXc MA/9toPLM+WACBJEJcAQyHYbNl/op5JXK5Zfy/qtK6DSp3VlrYwaZvE7od7XqRPp WImxlXgneraTn5rsWW4JbXQl5wIDAQABo4IClTCCApEwHQYDVR0OBBYEFGwFJwVc NNHs6pCRfXFuXRIM2OBtMB8GA1UdIwQYMBaAFKaXAOeNDIEq0uLBFMgsZVoKzUR/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjJCOC8zRjQ0Q0JBRTJG NEQxMUVEOEY1QTZBNjRDNEY5QUUwMi9wcGNBNTQwTWdTclM0c0VVeUN4bFdnck5S SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BwY0E1NDBNZ1NyUzRzRVV5Q3hsV2dyTlJIOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUIyQjgvM0Y0NENCQUUyRjREMTFFRDhGNUE2QTY0QzRGOUFFMDIvMjM5NUFEMDJF NDQ5MTFFRkI0MjYxQzQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAF7bEowDQYJKoZIhvcNAQELBQADggEBAAxHzPI4wQR4L/uy eYB45SbqRqkelWliGK97zeH9uurwzwfKKl5MrM/0BGzMfOGCK4qnmTJD09EMsNlm ENtoptnQ8tL4aNe0Q5DphI7uB278NdS8ttEk0V7XFrkEzP8ulK1K0N6EWw0U+FkQ ho2CG0KCSaySF3VnOHv3WATB/wjPzUbhGEZ4wEEC52JkUPLoJ4W1mrcdKU3xQn+w hxAfgznLivNY9OzOygHw6iEaqZ6jUoflpkxG/R3HDGimVsKWjT0de55hsIofO4Xw 7TLd254mZUl+hs8ilSEbRmyNTQOYrVtliz0tpGy/Ap5Td9LmMjajMuJlKi93pu+q yB3zgn4= -----END CERTIFICATE-----Generated at Tue Jun 17 01:29:20 2025 by rpki-client