$ rpki-client -vvf rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa File: 98DD71780ECC11F0B8E48170C4F9AE02.roa (raw, json) Hash identifier: cGPpp/esUi8b0bnRXtMxI2RZ2ubr/NkWyGf+0H8nirE= Subject key identifier: 41:91:84:88:31:BE:97:4A:3E:86:51:2E:CD:67:6B:F7:34:2E:8B:D6 Certificate issuer: /CN=A91144C9/serialNumber=95745293C88A2726E10A57D58F42CC3169B7C922 Certificate serial: 0B Authority key identifier: 95:74:52:93:C8:8A:27:26:E1:0A:57:D5:8F:42:CC:31:69:B7:C9:22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa Signing time: Tue 01 Apr 2025 10:03:41 +0000 ROA not before: Tue 01 Apr 2025 10:03:41 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 10099 IP address blocks: 43.252.84.0/22 maxlen: 24 103.107.88.0/22 maxlen: 24 103.228.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.crl rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:04:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91144C9, serialNumber=95745293C88A2726E10A57D58F42CC3169B7C922 Validity Not Before: Apr 1 10:03:41 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67ebb9fc-493e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:0e:75:88:fd:bc:29:23:88:08:ef:bc:ee:67: 5b:8f:0f:4d:17:13:88:cd:83:15:21:02:13:50:ac: 45:8e:c6:95:7f:eb:d7:f3:07:fb:f5:81:44:b8:63: f3:26:ff:3c:32:e2:82:26:ae:04:ee:dc:2d:05:02: d9:a8:0a:a6:99:4c:c8:a0:eb:ea:ee:8d:56:34:4d: 25:cc:31:61:2a:ed:0a:e0:88:26:ca:43:4c:48:fc: 96:5c:2d:d4:15:ef:81:48:ad:09:db:f4:d7:72:22: e8:1e:3a:79:8f:62:94:95:d9:46:cc:e6:fa:8a:74: 9e:2e:b2:34:63:5a:10:b3:f0:8c:02:a3:3e:55:cd: af:94:52:91:7c:67:09:c0:2b:d5:cd:c6:9b:5f:40: 6c:a0:6f:84:1a:e6:9f:20:55:a2:62:38:9f:9e:46: 56:0b:18:99:70:28:6d:d9:a9:c1:47:ce:07:e9:e9: 58:91:f4:4d:fc:37:d4:ac:2c:c2:1e:1b:6d:40:dd: b2:f0:35:bf:c4:4a:7d:81:f6:77:e9:2a:d8:a4:97: dd:25:b5:49:f3:68:fe:d3:1f:d2:44:9e:be:76:c1: 61:61:4a:46:9c:ef:56:18:33:50:41:f4:da:6f:10: bc:03:cf:10:25:ee:bd:12:be:f1:09:dc:b2:26:ee: cd:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:91:84:88:31:BE:97:4A:3E:86:51:2E:CD:67:6B:F7:34:2E:8B:D6 X509v3 Authority Key Identifier: keyid:95:74:52:93:C8:8A:27:26:E1:0A:57:D5:8F:42:CC:31:69:B7:C9:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.84.0/22 103.107.88.0/22 103.228.68.0/22 Signature Algorithm: sha256WithRSAEncryption 87:c0:ee:36:aa:94:65:f0:0b:f0:de:a2:98:86:cd:16:9b:0f: ad:f1:f8:a6:27:6d:ee:43:5a:df:ee:1b:7f:37:b6:af:a4:65: ed:cc:67:52:55:88:2b:b9:e7:0e:d4:eb:19:b4:f0:b8:1c:9c: 6d:0c:f3:39:e0:72:5c:61:6c:84:96:54:be:6a:ef:6d:9a:ec: 1f:42:0e:9a:11:2e:84:74:2e:e1:34:29:55:f9:85:b6:64:9e: 04:4e:58:5a:b7:66:bc:70:3a:f6:39:3c:fd:87:66:ff:69:1b: 1b:37:4b:3b:d1:53:75:cf:04:4c:c9:25:0f:5c:49:10:fa:21: 36:d1:ff:25:e9:14:7e:e0:16:3b:90:cf:0d:53:28:98:07:61: 84:e0:8b:7a:43:65:36:ca:6d:a7:d6:33:2a:dd:e8:1e:a9:fb: 8f:9a:bc:5c:03:6d:e7:72:83:d6:f4:d4:ec:1d:1e:80:b7:2d: 32:3e:be:3a:6d:31:cb:6f:6a:04:cd:c2:4a:e8:12:eb:c8:8b: 23:ea:ce:87:7d:34:f6:35:b4:68:ee:a2:c7:72:dc:27:2f:be: b2:2c:79:d5:d4:54:ff:da:da:c0:73:08:7a:a3:da:7d:02:89: c1:36:eb:ed:be:73:3b:62:9e:0f:66:e5:28:58:1e:fc:c5:ce: ab:78:3a:13 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx NDRDOTExMC8GA1UEBRMoOTU3NDUyOTNDODhBMjcyNkUxMEE1N0Q1OEY0MkNDMzE2 OUI3QzkyMjAeFw0yNTA0MDExMDAzNDFaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ZWJiOWZjLTQ5M2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD2DnWI/bwpI4gI77zuZ1uPD00XE4jNgxUhAhNQrEWOxpV/69fzB/v1gUS4Y/Mm /zwy4oImrgTu3C0FAtmoCqaZTMig6+rujVY0TSXMMWEq7QrgiCbKQ0xI/JZcLdQV 74FIrQnb9NdyIugeOnmPYpSV2UbM5vqKdJ4usjRjWhCz8IwCoz5Vza+UUpF8ZwnA K9XNxptfQGygb4Qa5p8gVaJiOJ+eRlYLGJlwKG3ZqcFHzgfp6ViR9E38N9SsLMIe G21A3bLwNb/ESn2B9nfpKtikl90ltUnzaP7TH9JEnr52wWFhSkac71YYM1BB9Npv ELwDzxAl7r0SvvEJ3LIm7s3nAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUQZGEiDG+ l0o+hlEuzWdr9zQui9YwHwYDVR0jBBgwFoAUlXRSk8iKJybhClfVj0LMMWm3ySIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE0NEM5Lzg0MkY5ODk0MEVD OTExRjBBMjZGRjE0NEM0RjlBRTAyL2xYUlNrOGlLSnliaENsZlZqMExNTVdtM3lT SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbFhSU2s4aUtKeWJoQ2xmVmowTE1NV20zeVNJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NDRDOS84NDJGOTg5NDBFQzkxMUYwQTI2RkYxNDRDNEY5QUUwMi85OERENzE3ODBF Q0MxMUYwQjhFNDgxNzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc MBowGAQCAAEwEgMEAiv8VAMEAmdrWAMEAmfkRDANBgkqhkiG9w0BAQsFAAOCAQEA h8DuNqqUZfAL8N6imIbNFpsPrfH4pidt7kNa3+4bfze2r6Rl7cxnUlWIK7nnDtTr GbTwuBycbQzzOeByXGFshJZUvmrvbZrsH0IOmhEuhHQu4TQpVfmFtmSeBE5YWrdm vHA69jk8/Ydm/2kbGzdLO9FTdc8ETMklD1xJEPohNtH/JekUfuAWO5DPDVMomAdh hOCLekNlNsptp9YzKt3oHqn7j5q8XANt53KD1vTU7B0egLctMj6+Om0xy29qBM3C SugS68iLI+rOh3009jW0aO6ix3LcJy++six51dRU/9rawHMIeqPafQKJwTbr7b5z O2KeD2blKFge/MXOq3g6Ew== -----END CERTIFICATE-----Generated at Sat Apr 26 09:31:15 2025 by rpki-client