$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/33F713A8A3CF11EAA31D8C20C4F9AE02.roa File: 33F713A8A3CF11EAA31D8C20C4F9AE02.roa (raw, json) Hash identifier: U+2Kae/qqfcPAGDUNj2rc7ly1La28a/4nOUamtVuvAQ= Subject key identifier: 4F:88:8B:7C:3C:E7:F4:22:90:B9:7D:F9:17:63:4F:22:AF:1F:77:00 Certificate issuer: /CN=A91F1E8B/serialNumber=2BA3EA6C0BD7F184608660F9A204E511865A00DD Certificate serial: 08E3 Authority key identifier: 2B:A3:EA:6C:0B:D7:F1:84:60:86:60:F9:A2:04:E5:11:86:5A:00:DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K6PqbAvX8YRghmD5ogTlEYZaAN0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/33F713A8A3CF11EAA31D8C20C4F9AE02.roa Signing time: Thu 06 Feb 2025 20:18:54 +0000 ROA not before: Thu 06 Feb 2025 20:18:54 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 18359 IP address blocks: 103.90.7.0/24 maxlen: 24 2001:df0:c900::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/K6PqbAvX8YRghmD5ogTlEYZaAN0.crl rsync://rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/K6PqbAvX8YRghmD5ogTlEYZaAN0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K6PqbAvX8YRghmD5ogTlEYZaAN0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:12:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2275 (0x8e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F1E8B, serialNumber=2BA3EA6C0BD7F184608660F9A204E511865A00DD Validity Not Before: Feb 6 20:18:54 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67a5192e-6c31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:7b:e9:7d:c2:8e:ec:14:cf:09:47:f7:ea:fd: 9f:2d:6d:e6:1f:6b:bf:c3:d3:18:55:29:d4:1a:b9: 49:66:be:db:83:af:af:3a:ac:c3:71:4f:39:c4:15: db:df:60:94:f3:74:b3:77:59:06:aa:73:70:42:32: 72:66:29:32:bb:f6:56:7e:77:50:6a:74:a4:44:41: 5b:a8:88:b9:00:d2:d3:c0:ba:de:6f:b4:d8:dd:68: b8:ed:86:5f:af:85:cf:07:37:fe:ab:f1:d8:de:57: 17:52:b0:0b:ba:75:e9:93:49:ee:01:88:cb:a9:9e: a6:bd:2c:7e:f2:c4:65:1d:46:fc:1a:fb:a8:3c:72: 91:38:30:f7:37:37:d0:f6:60:31:c9:56:34:f6:a4: 2e:67:f4:9e:2a:a5:18:5f:b1:6f:c1:34:fc:8f:96: da:9c:2a:fe:bf:23:2c:18:2d:47:8c:8e:b9:eb:61: 95:42:e4:77:d2:b4:b0:de:3e:29:e6:2a:2a:04:0c: e0:03:a7:81:e7:14:83:be:88:7a:1d:66:0d:7b:9a: ce:23:7e:55:7a:83:07:3f:85:5f:61:7d:d0:c5:9a: 5b:02:a3:35:18:24:62:83:c7:29:ed:1c:e1:76:ae: 91:35:a4:75:33:ff:2e:e1:0b:a9:78:35:61:34:f0: a8:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:88:8B:7C:3C:E7:F4:22:90:B9:7D:F9:17:63:4F:22:AF:1F:77:00 X509v3 Authority Key Identifier: keyid:2B:A3:EA:6C:0B:D7:F1:84:60:86:60:F9:A2:04:E5:11:86:5A:00:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/K6PqbAvX8YRghmD5ogTlEYZaAN0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K6PqbAvX8YRghmD5ogTlEYZaAN0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/33F713A8A3CF11EAA31D8C20C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.90.7.0/24 IPv6: 2001:df0:c900::/48 Signature Algorithm: sha256WithRSAEncryption 41:99:33:be:8a:e4:34:a8:b6:8d:75:dd:b0:97:6d:bc:07:8c: 21:90:82:7e:ef:dd:62:60:71:59:25:c0:80:f7:94:d6:b3:b7: 2e:f5:ec:bb:10:d3:2c:40:77:8a:41:9e:5a:15:e4:de:d6:0c: db:6a:e2:0a:01:97:fd:a9:3d:7d:c1:05:44:31:ea:6d:16:0d: 08:77:de:43:79:7d:10:38:a7:c3:50:cd:6d:04:4f:03:1d:f1: 70:98:38:d2:f1:27:a2:3f:c5:97:d8:7f:ea:e0:ea:6d:18:a0: a7:ba:90:b2:3d:51:53:b5:e1:78:0c:5a:00:db:28:46:a7:b0: 1d:e3:dc:7d:18:e6:a7:1a:d6:ac:ee:80:36:02:06:f5:95:9d: 12:2a:81:dc:90:fb:b4:7b:75:e4:3e:c3:64:e0:b9:1e:60:31: 3e:5f:95:5d:e8:56:c3:3e:ee:55:3a:dc:07:1b:48:1f:57:37: 28:8f:53:c8:4d:7f:dc:ba:0c:a8:3a:56:dc:f3:d7:c2:96:eb: 8e:7a:03:86:c9:a7:47:78:0c:e6:c5:76:80:05:34:4f:45:a0: 14:29:db:43:db:54:30:bc:35:14:f9:74:fa:63:60:fc:dd:02: b7:7d:b2:62:89:37:87:27:c3:8e:05:fc:42:c9:5f:c7:8d:05: 2e:36:b4:44 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICCOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjFFOEIxMTAvBgNVBAUTKDJCQTNFQTZDMEJEN0YxODQ2MDg2NjBGOUEyMDRFNTEx ODY1QTAwREQwHhcNMjUwMjA2MjAxODU0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2E1MTkyZS02YzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs3vpfcKO7BTPCUf36v2fLW3mH2u/w9MYVSnUGrlJZr7bg6+vOqzDcU85xBXb 32CU83Szd1kGqnNwQjJyZikyu/ZWfndQanSkREFbqIi5ANLTwLreb7TY3Wi47YZf r4XPBzf+q/HY3lcXUrALunXpk0nuAYjLqZ6mvSx+8sRlHUb8GvuoPHKRODD3NzfQ 9mAxyVY09qQuZ/SeKqUYX7FvwTT8j5banCr+vyMsGC1HjI6562GVQuR30rSw3j4p 5ioqBAzgA6eB5xSDvoh6HWYNe5rOI35VeoMHP4VfYX3QxZpbAqM1GCRig8cp7Rzh dq6RNaR1M/8u4QupeDVhNPCoNQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFE+Ii3w8 5/QikLl9+RdjTyKvH3cAMB8GA1UdIwQYMBaAFCuj6mwL1/GEYIZg+aIE5RGGWgDd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMUU4Qi84MDdERkRBMEEz Q0UxMUVBOEJBRTY1MjBDNEY5QUUwMi9LNlBxYkF2WDhZUmdobUQ1b2dUbEVZWmFB TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0s2UHFiQXZYOFlSZ2htRDVvZ1RsRVlaYUFOMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjFFOEIvODA3REZEQTBBM0NFMTFFQThCQUU2NTIwQzRGOUFFMDIvMzNGNzEzQThB M0NGMTFFQUEzMUQ4QzIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBABnWgcwDwQCAAIwCQMHACABDfDJADANBgkqhkiG9w0BAQsF AAOCAQEAQZkzvorkNKi2jXXdsJdtvAeMIZCCfu/dYmBxWSXAgPeU1rO3LvXsuxDT LEB3ikGeWhXk3tYM22riCgGX/ak9fcEFRDHqbRYNCHfeQ3l9EDinw1DNbQRPAx3x cJg40vEnoj/Fl9h/6uDqbRigp7qQsj1RU7XheAxaANsoRqewHePcfRjmpxrWrO6A NgIG9ZWdEiqB3JD7tHt15D7DZOC5HmAxPl+VXehWwz7uVTrcBxtIH1c3KI9TyE1/ 3LoMqDpW3PPXwpbrjnoDhsmnR3gM5sV2gAU0T0WgFCnbQ9tUMLw1FPl0+mNg/N0C t32yYok3hyfDjgX8Qslfx40FLja0RA== -----END CERTIFICATE-----Generated at Wed Nov 5 21:18:16 2025 by rpki-client