$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD609/0C609B9CEC1911EA925DFC6FC4F9AE02/765DBCFEEC1A11EAA8520072C4F9AE02.roa File: 765DBCFEEC1A11EAA8520072C4F9AE02.roa (raw, json) Hash identifier: LwXV2swiHkwzhmRJHgtxVwl/mp8FDjhnbQvKS2GLsds= Subject key identifier: E8:12:7D:A9:3F:00:07:7B:CA:CD:9E:19:65:01:E8:16:70:24:7B:BC Certificate issuer: /CN=A91FD609/serialNumber=07CD9D31ED61862AF503E5209428C7CB27EA881F Certificate serial: 07D3 Authority key identifier: 07:CD:9D:31:ED:61:86:2A:F5:03:E5:20:94:28:C7:CB:27:EA:88:1F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B82dMe1hhir1A-UglCjHyyfqiB8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FD609/0C609B9CEC1911EA925DFC6FC4F9AE02/765DBCFEEC1A11EAA8520072C4F9AE02.roa Signing time: Tue 08 Apr 2025 12:16:20 +0000 ROA not before: Tue 08 Apr 2025 12:16:20 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 64049 IP address blocks: 59.153.104.0/22 maxlen: 22 59.153.104.0/24 maxlen: 24 59.153.105.0/24 maxlen: 24 59.153.106.0/24 maxlen: 24 59.153.107.0/24 maxlen: 24 103.198.140.0/22 maxlen: 22 103.198.140.0/24 maxlen: 24 103.198.141.0/24 maxlen: 24 103.198.142.0/24 maxlen: 24 103.198.143.0/24 maxlen: 24 2403:1a80:a000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FD609/0C609B9CEC1911EA925DFC6FC4F9AE02/B82dMe1hhir1A-UglCjHyyfqiB8.crl rsync://rpki.apnic.net/member_repository/A91FD609/0C609B9CEC1911EA925DFC6FC4F9AE02/B82dMe1hhir1A-UglCjHyyfqiB8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B82dMe1hhir1A-UglCjHyyfqiB8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2003 (0x7d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FD609, serialNumber=07CD9D31ED61862AF503E5209428C7CB27EA881F Validity Not Before: Apr 8 12:16:20 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67f51394-efc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:07:92:ae:f1:72:d9:3c:c1:4b:2c:ab:24:23: 0f:57:62:11:40:bb:98:0c:14:b1:5f:d6:17:17:22: a9:99:27:09:b9:d9:69:21:d1:10:fb:37:cd:61:98: c3:3a:f1:66:8b:8f:46:8a:43:6c:a6:ba:34:53:a9: 92:d9:62:6a:31:de:60:f4:6e:97:d0:38:9c:d5:b5: 87:2b:89:ae:31:c7:9e:55:65:29:e2:60:c1:0b:b1: b2:db:0a:f6:b0:e4:da:04:fa:ff:d6:3b:83:0b:26: 2d:b1:01:ab:72:0d:de:18:ae:9f:de:bf:45:18:7c: 5c:ca:44:8d:4b:ae:71:d8:77:f1:98:b9:f9:0d:f2: a9:b8:a5:61:33:34:2f:f9:64:96:bf:57:3d:60:95: 27:d2:7a:07:a3:3c:66:a6:6f:40:01:d5:21:91:4a: 3e:a1:1d:55:fd:e7:ec:a9:02:36:5d:34:ed:b3:44: 5c:fd:16:e7:df:c1:36:da:9a:85:b1:65:4f:67:98: 7c:54:06:86:c7:1d:ce:fe:e1:8d:42:b0:c9:2b:ab: 10:88:47:1b:9c:aa:1b:3b:90:e5:09:16:dd:e6:85: 66:2f:ee:2d:0f:27:87:ad:4d:2c:7f:70:f2:7c:a2: 0e:f5:f7:50:91:f5:39:12:df:22:4a:bf:27:a3:84: 05:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:12:7D:A9:3F:00:07:7B:CA:CD:9E:19:65:01:E8:16:70:24:7B:BC X509v3 Authority Key Identifier: keyid:07:CD:9D:31:ED:61:86:2A:F5:03:E5:20:94:28:C7:CB:27:EA:88:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FD609/0C609B9CEC1911EA925DFC6FC4F9AE02/B82dMe1hhir1A-UglCjHyyfqiB8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B82dMe1hhir1A-UglCjHyyfqiB8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD609/0C609B9CEC1911EA925DFC6FC4F9AE02/765DBCFEEC1A11EAA8520072C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.153.104.0/22 103.198.140.0/22 IPv6: 2403:1a80:a000::/48 Signature Algorithm: sha256WithRSAEncryption 83:bf:a6:6f:ba:a2:80:9a:6d:8f:ad:3b:87:89:6b:16:34:f7: 4f:2e:02:3c:f2:1a:ba:08:71:1f:bb:d1:8d:98:65:07:60:58: 9f:3d:bb:e0:81:e3:df:4c:40:dc:c7:84:86:1c:c5:ec:ff:11: 81:cc:8f:ae:d2:7d:c9:ba:6d:4f:c0:a7:3e:dc:c7:08:b9:41: 88:09:ef:ae:aa:9a:24:a4:43:c3:01:b0:f2:05:c1:19:90:24: b5:90:6b:4c:76:d4:c8:c9:56:2c:e7:89:f0:3b:02:be:12:01: 67:b7:15:b1:70:43:9d:ab:83:68:d3:a4:f5:af:f1:c2:bc:4c: 39:9c:db:b8:10:d0:3e:e4:d1:2c:45:d9:c9:fe:43:7d:9f:a1: ac:0c:69:db:bf:c2:11:b7:e7:48:cf:ee:4b:37:2b:7e:11:85: 11:22:69:b8:17:8b:9c:bd:de:a3:67:08:01:b1:30:67:6f:80: 4d:aa:c5:16:67:9f:39:48:d9:03:8c:6f:ec:04:6d:4d:a2:6b: 45:40:90:22:f2:d1:ba:75:b9:b9:d5:df:ab:b1:a2:48:2d:1f: 7c:1a:ba:f0:59:a2:1f:d7:c1:ed:f6:4e:5e:f9:b9:d2:6f:d4: c6:43:24:bf:16:d2:6e:6a:b0:3d:25:ed:61:a1:b7:a4:96:8d: 15:19:af:40 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICB9MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkQ2MDkxMTAvBgNVBAUTKDA3Q0Q5RDMxRUQ2MTg2MkFGNTAzRTUyMDk0MjhDN0NC MjdFQTg4MUYwHhcNMjUwNDA4MTIxNjIwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y1MTM5NC1lZmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsweSrvFy2TzBSyyrJCMPV2IRQLuYDBSxX9YXFyKpmScJudlpIdEQ+zfNYZjD OvFmi49GikNspro0U6mS2WJqMd5g9G6X0Dic1bWHK4muMceeVWUp4mDBC7Gy2wr2 sOTaBPr/1juDCyYtsQGrcg3eGK6f3r9FGHxcykSNS65x2HfxmLn5DfKpuKVhMzQv +WSWv1c9YJUn0noHozxmpm9AAdUhkUo+oR1V/efsqQI2XTTts0Rc/Rbn38E22pqF sWVPZ5h8VAaGxx3O/uGNQrDJK6sQiEcbnKobO5DlCRbd5oVmL+4tDyeHrU0sf3Dy fKIO9fdQkfU5Et8iSr8no4QFSQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFOgSfak/ AAd7ys2eGWUB6BZwJHu8MB8GA1UdIwQYMBaAFAfNnTHtYYYq9QPlIJQox8sn6ogf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDYwOS8wQzYwOUI5Q0VD MTkxMUVBOTI1REZDNkZDNEY5QUUwMi9CODJkTWUxaGhpcjFBLVVnbENqSHl5ZnFp QjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0I4MmRNZTFoaGlyMUEtVWdsQ2pIeXlmcWlCOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkQ2MDkvMEM2MDlCOUNFQzE5MTFFQTkyNURGQzZGQzRGOUFFMDIvNzY1REJDRkVF QzFBMTFFQUE4NTIwMDcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBAI7mWgDBAJnxowwDwQCAAIwCQMHACQDGoCgADANBgkqhkiG 9w0BAQsFAAOCAQEAg7+mb7qigJptj607h4lrFjT3Ty4CPPIaughxH7vRjZhlB2BY nz274IHj30xA3MeEhhzF7P8RgcyPrtJ9ybptT8CnPtzHCLlBiAnvrqqaJKRDwwGw 8gXBGZAktZBrTHbUyMlWLOeJ8DsCvhIBZ7cVsXBDnauDaNOk9a/xwrxMOZzbuBDQ PuTRLEXZyf5DfZ+hrAxp27/CEbfnSM/uSzcrfhGFESJpuBeLnL3eo2cIAbEwZ2+A TarFFmefOUjZA4xv7ARtTaJrRUCQIvLRunW5udXfq7GiSC0ffBq68FmiH9fB7fZO Xvm50m/UxkMkvxbSbmqwPSXtYaG3pJaNFRmvQA== -----END CERTIFICATE-----Generated at Sat Apr 26 08:31:58 2025 by rpki-client