$ rpki-client -vvf rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/939AAE78B1D511EA8E3DAE1CC4F9AE02.roa File: 939AAE78B1D511EA8E3DAE1CC4F9AE02.roa (raw, json) Hash identifier: KFIHw6tMuHLxcRTo8fAv1CEG7OYhkgzMk8UZPi5UKvY= Subject key identifier: 91:B7:A9:63:D8:C3:AD:D1:D2:E5:A0:AB:2E:C9:7C:B5:4C:4D:51:2F Certificate issuer: /CN=A91352C6/serialNumber=1DA01AFC0888CAA6171E0A0E741CFC904ED2DF6F Certificate serial: 08B3 Authority key identifier: 1D:A0:1A:FC:08:88:CA:A6:17:1E:0A:0E:74:1C:FC:90:4E:D2:DF:6F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/939AAE78B1D511EA8E3DAE1CC4F9AE02.roa Signing time: Wed 02 Apr 2025 20:51:08 +0000 ROA not before: Wed 02 Apr 2025 20:51:08 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 135107 IP address blocks: 103.86.188.0/23 maxlen: 23 103.209.152.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.crl rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:22:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2227 (0x8b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91352C6, serialNumber=1DA01AFC0888CAA6171E0A0E741CFC904ED2DF6F Validity Not Before: Apr 2 20:51:08 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67eda33c-9df1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:64:d8:c8:92:54:18:78:51:f8:e5:0c:82:a8: 33:a1:40:7c:97:f3:c8:36:c6:a4:a8:69:3c:09:1f: c2:a3:ed:a2:cb:54:45:6c:32:11:d3:97:fb:ff:44: 3d:29:aa:c2:0d:72:b6:30:5d:86:ba:72:b8:60:b6: c1:59:06:a1:ae:d0:ee:67:8d:e6:59:ec:56:11:83: 34:c3:26:ca:5b:63:b5:c9:65:69:17:6b:96:b6:e1: 75:f6:eb:67:bc:36:a9:2d:bc:c7:eb:f7:9c:b1:88: ed:72:95:3d:df:fc:ef:5c:aa:8c:ca:da:fb:40:e0: 49:3f:e3:a6:01:0d:4d:b9:dd:47:77:bc:60:40:fc: a7:5e:dc:50:32:81:4b:41:5a:6e:66:14:2b:09:fe: eb:d3:01:8a:a3:fa:22:0f:37:1e:03:aa:59:20:96: b9:cd:4d:cd:ab:0a:02:56:28:e5:ab:a1:65:e0:14: 20:5e:b9:bf:11:c8:e5:98:55:57:d4:f7:f1:28:ca: 4d:78:72:25:e1:c6:76:64:e5:26:95:68:67:e9:92: ec:13:8e:90:3e:08:7c:d2:ce:58:b8:76:0c:97:b0: 36:16:76:b2:2b:f8:4e:0b:ba:26:d1:66:db:a1:82: f7:c8:b9:c5:d2:05:96:c1:fc:4c:cc:bb:21:30:e5: 01:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:B7:A9:63:D8:C3:AD:D1:D2:E5:A0:AB:2E:C9:7C:B5:4C:4D:51:2F X509v3 Authority Key Identifier: keyid:1D:A0:1A:FC:08:88:CA:A6:17:1E:0A:0E:74:1C:FC:90:4E:D2:DF:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/939AAE78B1D511EA8E3DAE1CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.86.188.0/23 103.209.152.0/23 Signature Algorithm: sha256WithRSAEncryption 45:99:c9:b2:55:99:60:27:39:f1:4d:26:07:8e:b4:b8:3e:ee: 6c:73:28:d4:61:05:c2:27:f7:8a:a8:8c:57:03:91:8a:06:30: d0:b4:7a:ff:c7:35:34:90:ad:7a:51:59:7d:0c:90:a4:cd:5b: b7:01:0a:89:2e:dc:50:71:f6:44:7e:af:d3:d5:28:3c:5e:81: e6:0b:05:a3:89:f5:d4:d4:3c:c4:78:15:27:11:3e:07:ff:65: 7b:50:7c:b1:ff:ef:27:03:8d:ce:43:ea:26:ea:1f:ec:bb:5c: 69:50:41:23:65:67:9e:7f:3a:c9:49:41:0e:ed:ac:26:67:76: 6c:fd:e2:0d:eb:c0:e7:8d:08:8d:2b:4b:66:11:e8:2b:fa:6c: cb:c1:b1:58:99:83:88:c4:20:cd:c4:94:18:2d:bf:d2:5c:21: fc:57:58:3d:14:2e:35:54:28:36:ff:92:e9:1b:66:3d:48:7a: b2:4f:da:e7:e7:f0:45:fc:7f:cd:b1:92:a4:08:01:43:1b:ef: fa:c5:9b:00:00:d6:f2:81:05:34:4c:61:9d:d5:99:5b:6d:bf: 13:41:25:55:10:b2:fd:96:db:5b:53:dc:98:a1:21:79:0f:a3: 97:b0:fc:22:00:ec:4f:16:76:d6:b2:f0:29:d7:40:4e:59:90: 3e:91:32:98 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCLMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzUyQzYxMTAvBgNVBAUTKDFEQTAxQUZDMDg4OENBQTYxNzFFMEEwRTc0MUNGQzkw NEVEMkRGNkYwHhcNMjUwNDAyMjA1MTA4WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2VkYTMzYy05ZGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5WTYyJJUGHhR+OUMgqgzoUB8l/PINsakqGk8CR/Co+2iy1RFbDIR05f7/0Q9 KarCDXK2MF2GunK4YLbBWQahrtDuZ43mWexWEYM0wybKW2O1yWVpF2uWtuF19utn vDapLbzH6/ecsYjtcpU93/zvXKqMytr7QOBJP+OmAQ1Nud1Hd7xgQPynXtxQMoFL QVpuZhQrCf7r0wGKo/oiDzceA6pZIJa5zU3NqwoCVijlq6Fl4BQgXrm/EcjlmFVX 1PfxKMpNeHIl4cZ2ZOUmlWhn6ZLsE46QPgh80s5YuHYMl7A2FnayK/hOC7om0Wbb oYL3yLnF0gWWwfxMzLshMOUB3QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJG3qWPY w63R0uWgqy7JfLVMTVEvMB8GA1UdIwQYMBaAFB2gGvwIiMqmFx4KDnQc/JBO0t9v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNTJDNi8xRURGRTQ5NkIx RDQxMUVBQTQ2RjAwMUFDNEY5QUUwMi9IYUFhX0FpSXlxWVhIZ29PZEJ6OGtFN1Mz MjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hhQWFfQWlJeXFZWEhnb09kQno4a0U3UzMyOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzUyQzYvMUVERkU0OTZCMUQ0MTFFQUE0NkYwMDFBQzRGOUFFMDIvOTM5QUFFNzhC MUQ1MTFFQThFM0RBRTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAFnVrwDBAFn0ZgwDQYJKoZIhvcNAQELBQADggEBAEWZybJV mWAnOfFNJgeOtLg+7mxzKNRhBcIn94qojFcDkYoGMNC0ev/HNTSQrXpRWX0MkKTN W7cBCoku3FBx9kR+r9PVKDxegeYLBaOJ9dTUPMR4FScRPgf/ZXtQfLH/7ycDjc5D 6ibqH+y7XGlQQSNlZ55/OslJQQ7trCZndmz94g3rwOeNCI0rS2YR6Cv6bMvBsViZ g4jEIM3ElBgtv9JcIfxXWD0ULjVUKDb/kukbZj1IerJP2ufn8EX8f82xkqQIAUMb 7/rFmwAA1vKBBTRMYZ3VmVttvxNBJVUQsv2W21tT3JihIXkPo5ew/CIA7E8Wdtay 8CnXQE5ZkD6RMpg= -----END CERTIFICATE-----Generated at Sat Apr 26 12:39:57 2025 by rpki-client