$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/D90961489C1311EFA0BF1480C4F9AE02.roa File: D90961489C1311EFA0BF1480C4F9AE02.roa (raw, json) Hash identifier: Jv1d6fF3qu1qMz0c/kGUVQ3xOsIZk2UWH2dC2+4vagE= Subject key identifier: B7:3F:8E:3F:72:EC:53:07:B9:82:5F:2A:64:1F:BE:F0:FA:D5:F8:52 Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70 Certificate serial: 1ADA Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/D90961489C1311EFA0BF1480C4F9AE02.roa Signing time: Tue 24 Dec 2024 16:34:02 +0000 ROA not before: Tue 24 Dec 2024 16:34:01 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 4837 IP address blocks: 43.248.4.0/24 maxlen: 24 43.248.7.0/24 maxlen: 24 60.16.0.0/13 maxlen: 24 103.3.132.0/24 maxlen: 24 113.9.196.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:19:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6874 (0x1ada) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143CB3, serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70 Validity Not Before: Dec 24 16:34:01 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=676ae279-277e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:82:90:dc:60:10:d7:9c:8d:62:53:b7:f1:3d: 62:60:f6:2c:c4:07:61:1b:66:70:5d:c7:28:c4:40: c8:db:a6:8f:f2:d0:59:13:76:bf:13:ca:bf:99:da: 19:ae:3a:26:09:f0:17:73:2b:b3:b7:0b:d7:54:1b: 80:65:ef:71:f0:e9:ad:07:e1:35:41:6d:ac:aa:92: 47:49:35:b8:1a:53:7b:63:c4:8c:20:dc:bb:d6:0f: 2f:8b:4c:82:eb:7a:3b:25:cb:04:b4:f4:f2:61:75: 60:28:ba:43:58:8b:15:48:45:33:cc:52:d3:bc:ff: cf:93:20:cb:e2:6e:08:f9:a0:2b:ca:d9:59:55:27: c6:43:47:59:0e:63:f7:3f:2e:49:dd:99:ab:68:8a: a6:8d:24:46:df:08:4a:8a:ab:e7:bd:93:a4:e8:81: 8a:6c:36:b1:2b:b2:7c:bf:4d:8c:63:09:e4:36:0b: 35:21:70:ce:31:ed:bc:4f:eb:18:2c:40:28:42:b8: cf:9d:0a:87:77:c8:5c:e1:3e:9f:9f:4b:09:be:0c: ae:4b:87:7a:64:df:f3:9e:04:da:5d:96:1f:31:84: a4:5e:e6:d1:de:3d:87:ea:88:df:ce:95:1f:35:02: 41:f2:86:63:6a:50:c8:2e:27:bb:fa:4f:b2:3c:c1: 8e:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:3F:8E:3F:72:EC:53:07:B9:82:5F:2A:64:1F:BE:F0:FA:D5:F8:52 X509v3 Authority Key Identifier: keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/D90961489C1311EFA0BF1480C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.248.4.0/24 43.248.7.0/24 60.16.0.0/13 103.3.132.0/24 113.9.196.0/24 Signature Algorithm: sha256WithRSAEncryption 03:a2:f0:48:97:1b:e5:38:d2:82:7b:d6:5c:0c:a7:cf:bf:d0: d6:eb:25:73:e0:57:4c:c2:cd:d5:8d:5a:b7:46:98:0a:0f:82: 72:a5:01:fe:30:3c:24:2d:c3:47:33:f1:6e:11:8b:29:e7:88: 7a:3c:6f:f0:ae:ed:2b:7a:7d:cc:45:41:2f:a3:93:ee:b7:80: fa:76:3b:d6:6a:d2:07:5b:f4:9c:a5:35:c0:87:cf:8b:83:41: a5:4b:43:ff:09:09:03:9f:f5:de:c8:d6:47:ad:3a:a3:be:dc: 92:93:bb:df:07:24:5d:35:c8:8e:81:40:84:13:58:f3:d5:68: 6b:69:fa:b4:0f:88:f5:4d:65:f6:4e:ad:1a:e7:57:b8:0a:24: 9b:0e:df:93:83:c5:9d:bc:fa:d1:7c:47:3c:5c:01:53:c4:3c: 93:ef:96:62:d2:9a:0a:0c:87:81:4e:b6:63:31:f6:f7:d4:d8: a3:ab:23:ee:7d:19:86:d5:cb:f1:c5:34:ad:fb:fc:90:c7:f4: cc:db:94:bb:09:fe:cd:2f:eb:1e:a8:14:3b:c8:e0:05:cc:14: ed:d7:d8:38:a1:2a:29:12:22:89:17:a0:8d:13:a2:2f:98:77: ce:8c:42:c1:27:93:96:d6:e0:c4:a0:ce:7f:80:15:87:75:27: 83:92:35:5f -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICGtowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB QTNGQkVGNzAwHhcNMjQxMjI0MTYzNDAxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzZhZTI3OS0yNzdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2IKQ3GAQ15yNYlO38T1iYPYsxAdhG2ZwXccoxEDI26aP8tBZE3a/E8q/mdoZ rjomCfAXcyuztwvXVBuAZe9x8OmtB+E1QW2sqpJHSTW4GlN7Y8SMINy71g8vi0yC 63o7JcsEtPTyYXVgKLpDWIsVSEUzzFLTvP/PkyDL4m4I+aArytlZVSfGQ0dZDmP3 Py5J3ZmraIqmjSRG3whKiqvnvZOk6IGKbDaxK7J8v02MYwnkNgs1IXDOMe28T+sY LEAoQrjPnQqHd8hc4T6fn0sJvgyuS4d6ZN/zngTaXZYfMYSkXubR3j2H6ojfzpUf NQJB8oZjalDILie7+k+yPMGOlwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFLc/jj9y 7FMHuYJfKmQfvvD61fhSMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1 OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3 M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvRDkwOTYxNDg5 QzEzMTFFRkEwQkYxNDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMCMEAgABMB0DBAAr+AQDBAAr+AcDAwM8EAMEAGcDhAMEAHEJxDANBgkqhkiG 9w0BAQsFAAOCAQEAA6LwSJcb5TjSgnvWXAynz7/Q1uslc+BXTMLN1Y1at0aYCg+C cqUB/jA8JC3DRzPxbhGLKeeIejxv8K7tK3p9zEVBL6OT7reA+nY71mrSB1v0nKU1 wIfPi4NBpUtD/wkJA5/13sjWR606o77ckpO73wckXTXIjoFAhBNY89Voa2n6tA+I 9U1l9k6tGudXuAokmw7fk4PFnbz60XxHPFwBU8Q8k++WYtKaCgyHgU62YzH299TY o6sj7n0ZhtXL8cU0rfv8kMf0zNuUuwn+zS/rHqgUO8jgBcwU7dfYOKEqKRIiiReg jROiL5h3zoxCwSeTltbgxKDOf4AVh3Ung5I1Xw== -----END CERTIFICATE-----Generated at Sat Apr 26 13:07:46 2025 by rpki-client