$ rpki-client -vvf rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/72E60DEA3CC911EDA5EBD21DC4F9AE02.roa File: 72E60DEA3CC911EDA5EBD21DC4F9AE02.roa (raw, json) Hash identifier: zq2Qkn/Tk6HTf9mmAUUEV4eovm/AM6TvEoGB/VFCywQ= Subject key identifier: D5:AC:60:5C:4A:A6:6B:97:43:7A:91:96:C0:88:C3:7C:7D:FA:B4:06 Certificate issuer: /CN=A91452AC/serialNumber=36D77E9243ABBA2FD5496A291830B7D38B0BCBC4 Certificate serial: 085F Authority key identifier: 36:D7:7E:92:43:AB:BA:2F:D5:49:6A:29:18:30:B7:D3:8B:0B:CB:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ntd-kkOrui_VSWopGDC304sLy8Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/72E60DEA3CC911EDA5EBD21DC4F9AE02.roa Signing time: Wed 06 Nov 2024 20:39:41 +0000 ROA not before: Wed 06 Nov 2024 20:39:41 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 133115 IP address blocks: 43.249.28.0/24 maxlen: 24 43.249.29.0/24 maxlen: 24 43.249.30.0/24 maxlen: 24 43.249.31.0/24 maxlen: 24 103.43.160.0/24 maxlen: 24 103.43.161.0/24 maxlen: 24 103.243.180.0/24 maxlen: 24 103.243.181.0/24 maxlen: 24 103.243.182.0/24 maxlen: 24 103.243.183.0/24 maxlen: 24 202.43.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.crl rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ntd-kkOrui_VSWopGDC304sLy8Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:27:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2143 (0x85f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91452AC, serialNumber=36D77E9243ABBA2FD5496A291830B7D38B0BCBC4 Validity Not Before: Nov 6 20:39:41 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=672bd40d-afdf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:fd:c8:05:d8:ac:0a:dd:25:47:95:75:a6:58: 2b:fa:23:5f:29:e0:52:91:22:76:9e:6e:8a:e6:b0: c0:04:08:e7:52:c9:f3:f3:74:a4:84:8f:ef:a4:be: 87:a7:79:ee:19:31:92:11:75:c3:1a:1f:23:cc:32: 62:26:fe:0a:97:12:3e:21:1b:8e:e6:5a:77:40:0e: 5a:7b:59:d0:48:7f:98:14:e3:ab:05:8e:5a:68:27: 3d:50:e9:26:5b:6c:0a:89:5f:64:9e:db:23:6b:e8: b0:6a:ec:15:57:19:fb:02:81:cc:8b:a5:85:5f:fc: 26:6a:a2:ab:4c:e0:03:a3:b1:8d:28:6e:0f:d2:17: 14:49:cc:90:35:6d:71:a4:43:0c:d8:48:45:f7:db: 47:e5:f7:46:ef:e5:fb:45:5c:54:9e:00:76:c3:67: 32:e6:7a:a0:87:6d:b4:c7:2f:b4:02:93:b1:4b:b1: cf:c9:5c:03:1b:41:ec:9f:ac:22:2e:89:8a:55:fa: 45:5f:1b:4c:79:c6:e5:8a:ad:e9:76:f2:b9:b0:00: 02:c6:66:9c:6c:32:0d:c3:aa:ed:96:4a:18:b4:b6: cb:c1:cf:d9:9b:b9:af:7c:6f:f5:d1:86:44:36:b7: 29:fe:4a:62:f4:7b:d7:52:7f:e7:06:45:e1:ed:97: ae:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:AC:60:5C:4A:A6:6B:97:43:7A:91:96:C0:88:C3:7C:7D:FA:B4:06 X509v3 Authority Key Identifier: keyid:36:D7:7E:92:43:AB:BA:2F:D5:49:6A:29:18:30:B7:D3:8B:0B:CB:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/Ntd-kkOrui_VSWopGDC304sLy8Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ntd-kkOrui_VSWopGDC304sLy8Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91452AC/A48D5966BB3E11EAA29EE321C4F9AE02/72E60DEA3CC911EDA5EBD21DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.28.0/22 103.43.160.0/23 103.243.180.0/22 202.43.238.0/24 Signature Algorithm: sha256WithRSAEncryption 0f:df:77:7e:80:e3:d0:90:25:89:34:27:34:7e:14:96:90:02: 6b:2b:45:76:75:b5:82:8b:cb:a2:9c:cb:5c:e5:90:33:30:89: 06:27:96:25:5c:68:05:41:0c:7b:ec:e8:81:41:a3:b5:4f:cd: 17:d2:84:de:61:b5:39:6c:de:33:f5:fc:09:d7:50:35:10:de: 1f:30:e5:ec:72:8c:b6:a4:f5:2d:c2:7d:2c:cb:18:70:9c:42: 24:90:de:ab:47:bf:20:3e:05:58:a8:27:2f:b2:a1:9d:8a:de: 73:2a:20:d6:5a:02:d4:c1:32:fe:33:6a:f9:5c:14:b3:b9:51: ed:e8:04:df:68:9e:9c:20:b9:eb:66:71:85:90:35:94:7c:83: f1:76:a3:16:5e:16:27:c2:50:ff:b8:9d:34:ae:fc:ec:ff:f3: d8:8e:03:60:08:ac:12:4e:59:d0:e0:cc:b9:5b:c9:72:50:c0: 88:20:f8:a2:e2:0f:bb:1a:81:2b:e2:67:9e:46:46:53:5f:2f: e5:37:d5:36:d7:ce:6a:f2:44:89:e6:93:0c:c6:c9:27:dc:a1: e3:0c:90:90:5d:46:ef:d9:61:8b:1e:30:8b:e2:40:09:6d:cb: 34:99:47:5f:2c:9d:ad:3a:7e:14:5d:99:93:bf:0e:13:24:fc: e2:68:91:9e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICCF8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDUyQUMxMTAvBgNVBAUTKDM2RDc3RTkyNDNBQkJBMkZENTQ5NkEyOTE4MzBCN0Qz OEIwQkNCQzQwHhcNMjQxMTA2MjAzOTQxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzJiZDQwZC1hZmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz/3IBdisCt0lR5V1plgr+iNfKeBSkSJ2nm6K5rDABAjnUsnz83SkhI/vpL6H p3nuGTGSEXXDGh8jzDJiJv4KlxI+IRuO5lp3QA5ae1nQSH+YFOOrBY5aaCc9UOkm W2wKiV9kntsja+iwauwVVxn7AoHMi6WFX/wmaqKrTOADo7GNKG4P0hcUScyQNW1x pEMM2EhF99tH5fdG7+X7RVxUngB2w2cy5nqgh220xy+0ApOxS7HPyVwDG0Hsn6wi LomKVfpFXxtMecbliq3pdvK5sAACxmacbDINw6rtlkoYtLbLwc/Zm7mvfG/10YZE Nrcp/kpi9HvXUn/nBkXh7ZeuXwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFNWsYFxK pmuXQ3qRlsCIw3x9+rQGMB8GA1UdIwQYMBaAFDbXfpJDq7ov1UlqKRgwt9OLC8vE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTJBQy9BNDhENTk2NkJC M0UxMUVBQTI5RUUzMjFDNEY5QUUwMi9OdGQta2tPcnVpX1ZTV29wR0RDMzA0c0x5 OFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL050ZC1ra09ydWlfVlNXb3BHREMzMDRzTHk4US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDUyQUMvQTQ4RDU5NjZCQjNFMTFFQUEyOUVFMzIxQzRGOUFFMDIvNzJFNjBERUEz Q0M5MTFFREE1RUJEMjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAIr+RwDBAFnK6ADBAJn87QDBADKK+4wDQYJKoZIhvcNAQEL BQADggEBAA/fd36A49CQJYk0JzR+FJaQAmsrRXZ1tYKLy6Kcy1zlkDMwiQYnliVc aAVBDHvs6IFBo7VPzRfShN5htTls3jP1/AnXUDUQ3h8w5exyjLak9S3CfSzLGHCc QiSQ3qtHvyA+BVioJy+yoZ2K3nMqINZaAtTBMv4zavlcFLO5Ue3oBN9onpwguetm cYWQNZR8g/F2oxZeFifCUP+4nTSu/Oz/89iOA2AIrBJOWdDgzLlbyXJQwIgg+KLi D7sagSviZ55GRlNfL+U31TbXzmryRInmkwzGySfcoeMMkJBdRu/ZYYseMIviQAlt yzSZR18sna06fhRdmZO/DhMk/OJokZ4= -----END CERTIFICATE-----Generated at Sat Apr 26 08:09:32 2025 by rpki-client