$ rpki-client -vvf 0.sb/repo/sb/38/3130332e3132312e3230382e302f32322d3234203d3e2033323538.roa File: 3130332e3132312e3230382e302f32322d3234203d3e2033323538.roa (raw, json) Hash identifier: VMZN08rr5TJWG1SskYiHeIXk4cWC6ozcRj/ZvNJ7dq0= Subject key identifier: B8:82:A5:DC:DF:CB:27:7E:6E:A3:BF:31:BE:E8:59:36:6A:E8:F0:A5 Certificate issuer: /CN=A91FD4CC0000/serialNumber=D67C530C8E16B61FF52C085B2786C67ECCD6A909 Certificate serial: 04F7299A03EBD143CF9812EE0B11BF24D2370876 Authority key identifier: D6:7C:53:0C:8E:16:B6:1F:F5:2C:08:5B:27:86:C6:7E:CC:D6:A9:09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nxTDI4Wth_1LAhbJ4bGfszWqQk.cer Subject info access: rsync://0.sb/repo/sb/38/3130332e3132312e3230382e302f32322d3234203d3e2033323538.roa Signing time: Fri 11 Apr 2025 08:52:19 +0000 ROA not before: Fri 11 Apr 2025 08:47:19 +0000 ROA not after: Fri 10 Apr 2026 08:52:19 +0000 asID: 3258 IP address blocks: 103.121.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://0.sb/repo/sb/38/D67C530C8E16B61FF52C085B2786C67ECCD6A909.crl rsync://0.sb/repo/sb/38/D67C530C8E16B61FF52C085B2786C67ECCD6A909.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nxTDI4Wth_1LAhbJ4bGfszWqQk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 21:46:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:f7:29:9a:03:eb:d1:43:cf:98:12:ee:0b:11:bf:24:d2:37:08:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FD4CC0000, serialNumber=D67C530C8E16B61FF52C085B2786C67ECCD6A909 Validity Not Before: Apr 11 08:47:19 2025 GMT Not After : Apr 10 08:52:19 2026 GMT Subject: CN=B882A5DCDFCB277E6EA3BF31BEE859366AE8F0A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:86:0b:fe:41:16:9b:db:09:b3:9a:f2:b7:2a: d9:58:db:52:72:15:6c:20:1a:84:16:c5:23:4c:3d: 39:08:34:cc:47:68:8f:6b:88:85:fc:28:c6:03:b1: 06:76:be:65:bf:c8:e5:03:be:c8:5a:40:55:d1:8e: 30:df:e8:b6:b6:b0:0e:9f:9e:e3:e8:17:ca:bd:e5: 4d:17:41:76:7d:44:e7:aa:05:56:33:78:ea:18:46: 94:a9:b2:fa:2b:9c:c3:63:7d:44:b1:16:f4:ef:10: c5:6c:49:41:68:eb:b3:05:1d:4a:1d:5d:96:3b:cb: 79:47:21:fb:0c:c4:1a:18:27:b4:44:26:8b:fd:8e: ca:f7:93:92:1b:a0:b1:2e:8b:06:ca:90:22:66:90: fb:a3:e3:36:1c:f7:fb:b0:b3:7e:0a:95:7e:f6:e5: dd:42:57:96:ca:91:01:e0:2d:dd:65:46:8f:eb:d6: 1e:f9:e8:a0:c4:65:df:0c:d6:13:02:b5:b0:32:4e: 77:fc:ac:28:be:37:06:ee:c2:3c:a8:22:18:1b:00: 89:0e:73:7a:df:d2:cb:92:75:81:66:7a:c3:66:ed: cb:7e:df:04:cf:1e:85:3b:74:e9:57:5e:7f:00:b8: 9d:24:5f:c5:a6:3f:86:77:3d:7f:2a:43:85:36:9b: 88:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:82:A5:DC:DF:CB:27:7E:6E:A3:BF:31:BE:E8:59:36:6A:E8:F0:A5 X509v3 Authority Key Identifier: keyid:D6:7C:53:0C:8E:16:B6:1F:F5:2C:08:5B:27:86:C6:7E:CC:D6:A9:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://0.sb/repo/sb/38/D67C530C8E16B61FF52C085B2786C67ECCD6A909.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1nxTDI4Wth_1LAhbJ4bGfszWqQk.cer Subject Information Access: Signed Object - URI:rsync://0.sb/repo/sb/38/3130332e3132312e3230382e302f32322d3234203d3e2033323538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.121.208.0/22 Signature Algorithm: sha256WithRSAEncryption 0e:47:d8:c1:a0:5e:e4:fa:bd:f5:4a:08:dc:44:1b:bf:8d:2b: 2b:57:8d:49:05:73:65:ef:f6:80:b8:cd:68:7f:56:b8:e7:85: 9c:6b:f3:94:bc:6e:62:03:e2:98:c4:5e:3d:02:ad:75:44:a3: 50:b9:30:cf:91:ec:9d:a3:49:17:6a:58:4d:7e:a3:e4:88:bc: 80:23:bf:42:f4:8d:76:44:e2:86:93:7a:c0:ad:f2:fd:02:cc: b3:fe:11:c6:69:18:bf:21:77:2d:5e:44:97:af:d2:c4:5c:66: e7:a1:f6:f5:65:d0:0f:f5:eb:d1:13:2e:6d:63:63:b4:02:da: 3b:63:f4:48:98:c5:7b:27:14:31:4b:3a:e3:72:c1:31:88:35: e3:ff:97:5b:01:73:d2:49:58:42:f5:2e:49:f9:55:78:80:2f: 9d:63:f5:a3:df:22:cb:43:0a:6e:47:41:ff:21:8a:c7:e5:54: 21:fa:34:46:83:07:fe:b6:22:3a:49:57:91:c3:17:d6:2f:fd: 7e:3c:ac:18:91:8e:e4:96:10:6a:32:3e:a5:88:39:d4:89:f5: 32:9d:44:da:a4:c9:94:da:0a:c4:4b:cf:3b:c6:1a:e2:dc:d9: 2d:83:c0:61:98:c9:10:bd:a6:95:1f:d9:be:bf:c6:3b:f8:23: 7e:52:84:75 -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUBPcpmgPr0UPPmBLuCxG/JNI3CHYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkQ0Q0MwMDAwMTEwLwYDVQQFEyhENjdDNTMwQzhF MTZCNjFGRjUyQzA4NUIyNzg2QzY3RUNDRDZBOTA5MB4XDTI1MDQxMTA4NDcxOVoX DTI2MDQxMDA4NTIxOVowMzExMC8GA1UEAxMoQjg4MkE1RENERkNCMjc3RTZFQTNC RjMxQkVFODU5MzY2QUU4RjBBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKuGC/5BFpvbCbOa8rcq2VjbUnIVbCAahBbFI0w9OQg0zEdoj2uIhfwoxgOx Bna+Zb/I5QO+yFpAVdGOMN/otrawDp+e4+gXyr3lTRdBdn1E56oFVjN46hhGlKmy +iucw2N9RLEW9O8QxWxJQWjrswUdSh1dljvLeUch+wzEGhgntEQmi/2OyveTkhug sS6LBsqQImaQ+6PjNhz3+7CzfgqVfvbl3UJXlsqRAeAt3WVGj+vWHvnooMRl3wzW EwK1sDJOd/ysKL43Bu7CPKgiGBsAiQ5zet/Sy5J1gWZ6w2bty37fBM8ehTt06Vde fwC4nSRfxaY/hnc9fypDhTabiK0CAwEAAaOCAdYwggHSMB0GA1UdDgQWBBS4gqXc 38snfm6jvzG+6Fk2aujwpTAfBgNVHSMEGDAWgBTWfFMMjha2H/UsCFsnhsZ+zNap CTAOBgNVHQ8BAf8EBAMCB4AwVQYDVR0fBE4wTDBKoEigRoZEcnN5bmM6Ly8wLnNi L3JlcG8vc2IvMzgvRDY3QzUzMEM4RTE2QjYxRkY1MkMwODVCMjc4NkM2N0VDQ0Q2 QTkwOS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD NzJGRDFGRjIvMW54VERJNFd0aF8xTEFoYko0Ykdmc3pXcVFrLmNlcjBuBggrBgEF BQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJzeW5jOi8vMC5zYi9yZXBvL3NiLzM4LzMx MzAzMzJlMzEzMjMxMmUzMjMwMzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMzMy MzUzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB /wQQMA4wDAQCAAEwBgMEAmd50DANBgkqhkiG9w0BAQsFAAOCAQEADkfYwaBe5Pq9 9UoI3EQbv40rK1eNSQVzZe/2gLjNaH9WuOeFnGvzlLxuYgPimMRePQKtdUSjULkw z5HsnaNJF2pYTX6j5Ii8gCO/QvSNdkTihpN6wK3y/QLMs/4RxmkYvyF3LV5El6/S xFxm56H29WXQD/Xr0RMubWNjtALaO2P0SJjFeycUMUs643LBMYg14/+XWwFz0klY QvUuSflVeIAvnWP1o98iy0MKbkdB/yGKx+VUIfo0RoMH/rYiOklXkcMX1i/9fjys GJGO5JYQajI+pYg51In1Mp1E2qTJlNoKxEvPO8Ya4tzZLYPAYZjJEL2mlR/Zvr/G O/gjflKEdQ== -----END CERTIFICATE-----Generated at Sat Apr 26 12:58:38 2025 by rpki-client