$ rpki-client -vvf rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/AA1ABF0AB20011EA9C0DFB2FC4F9AE02.roa File: AA1ABF0AB20011EA9C0DFB2FC4F9AE02.roa (raw, json) Hash identifier: FcXy6QLc2Tvjs24Fp66P1cwtAXMmWgi5gNPzljev1BY= Subject key identifier: B1:CF:75:29:C0:49:24:8E:AA:A5:64:73:E4:E1:7A:7C:72:73:58:39 Certificate issuer: /CN=A911E6CA/serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4 Certificate serial: 0AC3 Authority key identifier: 76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/AA1ABF0AB20011EA9C0DFB2FC4F9AE02.roa Signing time: Tue 18 Mar 2025 19:39:33 +0000 ROA not before: Tue 18 Mar 2025 19:39:33 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 138688 IP address blocks: 103.136.156.0/23 maxlen: 23 103.136.156.0/24 maxlen: 24 103.136.157.0/24 maxlen: 24 2407:4140::/32 maxlen: 32 2407:4140::/48 maxlen: 48 2407:4140:1::/48 maxlen: 48 2407:4140:2::/48 maxlen: 48 2407:4140:3::/48 maxlen: 48 2407:4140:4::/48 maxlen: 48 2407:4140:5::/48 maxlen: 48 2407:4140:6::/48 maxlen: 48 2407:4140:7::/48 maxlen: 48 2407:4140:8::/48 maxlen: 48 2407:4140:9::/48 maxlen: 48 2407:4140:a::/48 maxlen: 48 2407:4140:b::/48 maxlen: 48 2407:4140:c::/48 maxlen: 48 2407:4140:d::/48 maxlen: 48 2407:4140:e::/48 maxlen: 48 2407:4140:f::/48 maxlen: 48 2407:4140:10::/48 maxlen: 48 2407:4140:11::/48 maxlen: 48 2407:4140:13::/48 maxlen: 48 2407:4140:14::/48 maxlen: 48 2407:4140:15::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.crl rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:23:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2755 (0xac3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E6CA, serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4 Validity Not Before: Mar 18 19:39:33 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67d9cbf5-aeae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:b7:70:ab:b4:45:8b:f6:8a:f8:90:27:31:32: bb:58:b0:28:34:41:bf:62:b6:bc:9d:7c:bb:44:86: 74:04:94:38:3d:fd:0e:e5:f8:0e:7c:f4:fc:13:26: 93:2e:aa:59:7e:ec:e6:a7:cc:4e:b2:f8:0b:2f:91: 11:99:89:9f:b7:1d:09:c1:58:4c:27:b8:10:65:2e: d2:9d:68:ec:25:bf:ba:ac:15:e3:ff:ac:c5:2b:d4: 20:01:a0:30:fb:20:8d:ca:82:47:a0:24:d7:36:91: f0:34:87:a5:65:1e:25:17:c1:32:bc:cf:a3:a6:72: 30:7e:aa:af:55:79:3e:f9:d4:14:f1:50:a7:0f:70: 12:fb:9e:32:de:48:f9:24:cf:0f:5c:39:18:46:7c: cc:41:55:62:83:ae:2f:25:44:34:50:f9:c3:1c:f4: 1f:a3:74:46:a7:76:22:7d:43:25:26:2a:4b:3e:73: 88:84:98:85:bd:fd:85:54:ca:f2:a8:17:a7:2b:83: 56:02:9d:a9:13:c8:60:33:23:61:df:33:7b:7e:24: 0b:fd:bb:c0:89:5a:44:14:f7:0e:6f:db:73:a5:31: 62:a7:4f:ff:52:26:64:df:fc:31:58:16:54:df:f4: f4:02:12:ca:1e:73:34:1c:b2:b0:80:2e:3b:71:15: c8:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:CF:75:29:C0:49:24:8E:AA:A5:64:73:E4:E1:7A:7C:72:73:58:39 X509v3 Authority Key Identifier: keyid:76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/AA1ABF0AB20011EA9C0DFB2FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.136.156.0/23 IPv6: 2407:4140::/32 Signature Algorithm: sha256WithRSAEncryption 69:16:ce:e7:61:51:17:80:e8:fd:ba:b5:21:da:88:d9:6d:d0: 6f:96:5e:40:20:10:7f:f3:a2:ba:17:61:40:90:c8:2d:a9:6c: 13:58:57:39:59:f7:d2:91:38:62:01:98:7b:17:88:41:0f:a8: 80:3a:d2:6f:7d:65:dc:97:84:dd:d9:fe:1d:cc:b2:60:67:5a: 3a:fa:11:f5:44:b4:44:f4:22:f9:4f:46:4f:37:e5:e7:45:78: 1b:0f:9b:ae:e9:1f:98:5a:63:ea:63:c1:67:81:25:0c:54:af: 93:c5:03:9a:a6:f1:0d:d7:bf:af:07:a3:21:c2:d4:3f:83:a6: 2b:df:c2:51:d1:23:45:11:de:cb:ac:e0:6f:2b:ef:03:9c:91: 38:6b:b0:9f:0b:71:03:48:8c:63:af:bb:39:b3:0f:32:49:c4: 3a:d7:34:83:c4:02:19:e0:a7:27:59:ad:f8:61:3b:54:74:27: 92:93:d4:db:59:15:1e:73:16:e6:27:c2:f0:e6:08:9c:4d:b8: db:0e:9d:3e:0c:7a:f8:c6:6b:d4:b7:e7:8d:dd:25:0c:de:40: 5a:37:96:a3:20:5a:25:89:e3:d7:5d:b1:c9:c5:b7:3d:ac:61: cf:2d:5f:98:d2:0f:7d:d8:07:0a:64:77:db:82:8a:70:2e:4a: 6d:4e:3f:7b -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUU2Q0ExMTAvBgNVBAUTKDc2QjlEMzM5RkFDRDYyQjQ3RTkzRTg4ODRERTg1MDM5 NkRCQ0VGQjQwHhcNMjUwMzE4MTkzOTMzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2Q5Y2JmNS1hZWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmrdwq7RFi/aK+JAnMTK7WLAoNEG/Yra8nXy7RIZ0BJQ4Pf0O5fgOfPT8EyaT LqpZfuzmp8xOsvgLL5ERmYmftx0JwVhMJ7gQZS7SnWjsJb+6rBXj/6zFK9QgAaAw +yCNyoJHoCTXNpHwNIelZR4lF8EyvM+jpnIwfqqvVXk++dQU8VCnD3AS+54y3kj5 JM8PXDkYRnzMQVVig64vJUQ0UPnDHPQfo3RGp3YifUMlJipLPnOIhJiFvf2FVMry qBenK4NWAp2pE8hgMyNh3zN7fiQL/bvAiVpEFPcOb9tzpTFip0//UiZk3/wxWBZU 3/T0AhLKHnM0HLKwgC47cRXIYQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLHPdSnA SSSOqqVkc+Thenxyc1g5MB8GA1UdIwQYMBaAFHa50zn6zWK0fpPoiE3oUDltvO+0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTZDQS83NDA5QjQ3QTRG QzcxMUVBOEU0NkQ0MTVDNEY5QUUwMi9kcm5UT2ZyTllyUi1rLWlJVGVoUU9XMjg3 N1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RyblRPZnJOWXJSLWstaUlUZWhRT1cyODc3US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUU2Q0EvNzQwOUI0N0E0RkM3MTFFQThFNDZENDE1QzRGOUFFMDIvQUExQUJGMEFC MjAwMTFFQTlDMERGQjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFniJwwDQQCAAIwBwMFACQHQUAwDQYJKoZIhvcNAQELBQAD ggEBAGkWzudhUReA6P26tSHaiNlt0G+WXkAgEH/zoroXYUCQyC2pbBNYVzlZ99KR OGIBmHsXiEEPqIA60m99ZdyXhN3Z/h3MsmBnWjr6EfVEtET0IvlPRk835edFeBsP m67pH5haY+pjwWeBJQxUr5PFA5qm8Q3Xv68HoyHC1D+DpivfwlHRI0UR3sus4G8r 7wOckThrsJ8LcQNIjGOvuzmzDzJJxDrXNIPEAhngpydZrfhhO1R0J5KT1NtZFR5z FuYnwvDmCJxNuNsOnT4MevjGa9S3543dJQzeQFo3lqMgWiWJ49ddscnFtz2sYc8t X5jSD33YBwpkd9uCinAuSm1OP3s= -----END CERTIFICATE-----Generated at Sat Apr 26 07:43:50 2025 by rpki-client