$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/3AFE6DA8F72911EDB956BA86C4F9AE02.roa File: 3AFE6DA8F72911EDB956BA86C4F9AE02.roa (raw, json) Hash identifier: NCtWjC1uM4+Sx0ntIvyY3s6R1AF8S0ZUO+CcBcvcH7w= Subject key identifier: 8F:B4:C9:FD:D1:38:0E:96:87:4C:31:56:B4:1C:51:64:94:83:8E:26 Certificate issuer: /CN=A91F6BFA/serialNumber=AA62C79FE18439412C5B02CF4BEB54AB2EBBE188 Certificate serial: 0A7D Authority key identifier: AA:62:C7:9F:E1:84:39:41:2C:5B:02:CF:4B:EB:54:AB:2E:BB:E1:88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/3AFE6DA8F72911EDB956BA86C4F9AE02.roa Signing time: Thu 22 May 2025 20:05:19 +0000 ROA not before: Thu 22 May 2025 20:05:19 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 142647 IP address blocks: 103.149.32.0/24 maxlen: 24 103.149.33.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/qmLHn-GEOUEsWwLPS-tUqy674Yg.crl rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/qmLHn-GEOUEsWwLPS-tUqy674Yg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 19:31:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2685 (0xa7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F6BFA, serialNumber=AA62C79FE18439412C5B02CF4BEB54AB2EBBE188 Validity Not Before: May 22 20:05:19 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=682f837f-c57e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:c0:d3:64:e5:c4:24:56:0e:3e:22:81:d6:0f: 1b:34:2b:2b:92:62:7e:7a:62:ff:a4:95:84:28:ff: 4c:f2:7d:24:ce:fa:26:96:17:3d:9e:b5:2a:21:51: 68:a9:6e:67:ee:40:5d:95:86:51:cd:ca:10:28:66: af:d9:d0:72:4e:b6:ae:3b:24:c0:b8:0f:04:73:26: ca:b9:40:db:aa:37:e0:57:2e:f2:97:a1:2b:05:63: 80:46:52:99:89:48:71:32:c9:a0:3a:b5:87:ed:de: 21:79:bd:a4:e9:00:0b:10:18:75:bf:cd:c1:9d:ee: ba:47:98:ca:4d:52:1a:43:1d:1c:a2:d6:7c:c4:39: 4e:c7:b0:f9:bd:05:cd:6e:d5:a0:9a:bf:cf:a7:f7: a9:0d:24:be:9a:c0:8b:e0:f3:55:a9:ad:13:f1:85: 90:f5:de:cf:e3:b5:7d:08:42:47:5e:3f:36:55:36: cc:70:b9:f2:8f:46:f1:ad:8a:39:75:10:69:69:a7: 8f:23:9e:dc:fc:c0:a6:9b:10:8b:2a:c9:e6:ff:02: ee:0e:da:52:ab:1f:aa:73:f2:3c:5e:ce:ef:7e:5e: 78:ed:77:46:37:1f:2b:69:8f:f3:ad:bd:42:f4:75: d1:3b:66:6f:86:15:02:13:13:74:13:d4:cb:d9:a1: 57:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:B4:C9:FD:D1:38:0E:96:87:4C:31:56:B4:1C:51:64:94:83:8E:26 X509v3 Authority Key Identifier: keyid:AA:62:C7:9F:E1:84:39:41:2C:5B:02:CF:4B:EB:54:AB:2E:BB:E1:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/qmLHn-GEOUEsWwLPS-tUqy674Yg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/3AFE6DA8F72911EDB956BA86C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.149.32.0/23 Signature Algorithm: sha256WithRSAEncryption 69:31:68:db:e4:71:6d:2f:03:4b:78:bc:ab:1c:a5:ab:0f:b4: 85:22:53:4e:62:30:e7:7e:c0:0d:f1:91:5f:a5:ac:49:a8:05: 90:54:45:ff:00:8e:2f:c0:d6:ca:e3:32:ec:01:99:7f:16:07: ed:bd:c9:29:0d:24:07:50:19:71:4f:6e:fb:60:8f:8e:d8:bb: 2e:01:03:6c:d8:be:70:77:d7:ac:dc:6e:94:69:0a:ff:11:51: 8e:c7:47:91:78:0d:a2:34:7d:ec:72:86:9a:02:a9:f7:cb:7d: 66:83:5e:e7:f2:04:c0:1a:6b:67:6b:42:5b:07:90:cc:19:47: 70:27:4b:9a:fc:08:01:32:46:d1:c1:48:e5:0c:0b:e1:77:af: 0a:64:fe:61:a2:22:46:ec:80:92:8a:90:de:2a:e8:ac:fc:75: f2:23:50:d4:95:ac:76:e1:e4:4a:2d:09:b6:8b:fc:1b:d6:8d: 29:90:e7:85:a7:67:8d:74:45:e2:f4:df:09:77:e7:d6:9c:11: a8:d9:53:86:14:42:c8:93:d6:1a:f3:0b:2a:e5:d2:d2:e4:ec: d0:65:da:1e:87:03:47:2c:e0:48:5a:3b:b6:6f:06:df:63:79: 4d:03:56:46:17:0b:13:a0:5d:83:0f:1b:ba:44:e6:67:f2:f8: dd:0b:a7:cc -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICCn0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjZCRkExMTAvBgNVBAUTKEFBNjJDNzlGRTE4NDM5NDEyQzVCMDJDRjRCRUI1NEFC MkVCQkUxODgwHhcNMjUwNTIyMjAwNTE5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJmODM3Zi1jNTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmcDTZOXEJFYOPiKB1g8bNCsrkmJ+emL/pJWEKP9M8n0kzvomlhc9nrUqIVFo qW5n7kBdlYZRzcoQKGav2dByTrauOyTAuA8EcybKuUDbqjfgVy7yl6ErBWOARlKZ iUhxMsmgOrWH7d4heb2k6QALEBh1v83Bne66R5jKTVIaQx0cotZ8xDlOx7D5vQXN btWgmr/Pp/epDSS+msCL4PNVqa0T8YWQ9d7P47V9CEJHXj82VTbMcLnyj0bxrYo5 dRBpaaePI57c/MCmmxCLKsnm/wLuDtpSqx+qc/I8Xs7vfl547XdGNx8raY/zrb1C 9HXRO2ZvhhUCExN0E9TL2aFXfwIDAQABo4IClTCCApEwHQYDVR0OBBYEFI+0yf3R OA6Wh0wxVrQcUWSUg44mMB8GA1UdIwQYMBaAFKpix5/hhDlBLFsCz0vrVKsuu+GI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkJGQS80MEQ0QjdFQzY2 MDMxMUVBOTlBRDRGNDZDNEY5QUUwMi9xbUxIbi1HRU9VRXNXd0xQUy10VXF5Njc0 WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FtTEhuLUdFT1VFc1d3TFBTLXRVcXk2NzRZZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjZCRkEvNDBENEI3RUM2NjAzMTFFQTk5QUQ0RjQ2QzRGOUFFMDIvM0FGRTZEQThG NzI5MTFFREI5NTZCQTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnlSAwDQYJKoZIhvcNAQELBQADggEBAGkxaNvkcW0vA0t4 vKscpasPtIUiU05iMOd+wA3xkV+lrEmoBZBURf8Aji/A1srjMuwBmX8WB+29ySkN JAdQGXFPbvtgj47Yuy4BA2zYvnB316zcbpRpCv8RUY7HR5F4DaI0fexyhpoCqffL fWaDXufyBMAaa2drQlsHkMwZR3AnS5r8CAEyRtHBSOUMC+F3rwpk/mGiIkbsgJKK kN4q6Kz8dfIjUNSVrHbh5EotCbaL/BvWjSmQ54WnZ410ReL03wl359acEajZU4YU QsiT1hrzCyrl0tLk7NBl2h6HA0cs4EhaO7ZvBt9jeU0DVkYXCxOgXYMPG7pE5mfy +N0Lp8w= -----END CERTIFICATE-----Generated at Mon Jun 16 22:50:59 2025 by rpki-client