$ rpki-client -vvf rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/AD35C0044EA511EAAB9DBE7DC4F9AE02.roa File: AD35C0044EA511EAAB9DBE7DC4F9AE02.roa (raw, json) Hash identifier: vRrkQ11gFoedPJsbqh7nQv1lr6X8LYa0tpYVg51dxDk= Subject key identifier: D8:30:8F:64:39:8B:D3:D5:D5:EE:19:7A:93:54:4F:CA:F5:17:0E:16 Certificate issuer: /CN=A9167C20/serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Certificate serial: 0AB5 Authority key identifier: D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/AD35C0044EA511EAAB9DBE7DC4F9AE02.roa Signing time: Wed 02 Apr 2025 19:49:46 +0000 ROA not before: Wed 02 Apr 2025 19:49:46 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 45637 IP address blocks: 103.91.172.0/22 maxlen: 23 123.253.56.0/22 maxlen: 23 182.54.160.0/20 maxlen: 21 2402:ff00::/32 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:22:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2741 (0xab5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167C20, serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Validity Not Before: Apr 2 19:49:46 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67ed94da-6e07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:3e:33:e5:be:3a:52:28:9d:55:f2:c9:56:3a: 12:24:ba:b9:84:ba:2e:6c:0e:f8:0b:93:5b:67:a3: a0:80:a6:bf:ba:e3:47:8d:fc:5c:76:6d:01:9d:72: e7:71:92:c4:95:09:a8:ea:ee:43:7a:bf:cc:29:e5: fc:48:2f:df:dc:e7:a4:62:76:dd:ad:9f:4e:b0:d4: da:84:f8:61:cf:03:a4:f9:22:b7:bf:7c:1f:6f:23: 9e:0f:23:41:4c:a2:0e:cc:16:2e:f3:d8:9a:07:9f: 42:26:88:cb:6f:3f:ce:e1:ca:74:63:5c:c7:a5:e6: ad:48:9f:6d:93:3f:44:d4:bf:39:87:29:87:1f:a1: ff:f0:06:c9:79:59:53:7a:79:fb:e1:3d:88:bf:8c: 2c:8b:0c:c1:e9:35:10:41:ab:b4:5c:f3:14:d8:84: bb:83:93:b6:dc:64:bc:67:98:85:ac:02:65:ce:93: 64:be:9b:bd:13:37:a8:63:37:d5:75:96:6f:34:e8: 41:a5:05:1f:19:88:f8:0d:4b:24:d1:0f:3d:de:1d: 49:d2:1a:60:03:96:aa:78:aa:49:bc:21:62:89:cc: d2:e8:93:67:03:ce:e0:a2:d3:90:c9:36:4f:72:f0: 49:70:72:0a:d7:ca:ca:90:6b:ed:60:de:4c:ce:48: 8e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:30:8F:64:39:8B:D3:D5:D5:EE:19:7A:93:54:4F:CA:F5:17:0E:16 X509v3 Authority Key Identifier: keyid:D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/AD35C0044EA511EAAB9DBE7DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.91.172.0/22 123.253.56.0/22 182.54.160.0/20 IPv6: 2402:ff00::/32 Signature Algorithm: sha256WithRSAEncryption 4d:d7:fa:39:df:c8:b2:b0:32:4b:52:0a:3a:0c:f5:d9:00:4a: 10:37:36:a2:10:af:bc:d1:9a:69:41:c9:5a:87:d2:2a:8f:98: 28:26:0b:90:db:2a:e2:1e:27:3c:fb:16:b1:bb:50:23:5e:3f: 7d:67:7d:2a:1a:1a:54:24:69:3a:4d:03:cd:a5:37:5c:15:4c: 79:44:7a:a4:5b:c7:54:e9:42:86:46:25:69:20:5a:f3:d2:3e: 63:81:a7:d1:75:97:98:36:71:02:f2:50:0e:7a:6c:46:ae:e2: 1b:2e:43:74:5a:6a:e3:04:c4:95:04:ee:51:9f:39:83:fb:1b: 04:24:0e:ef:5e:d3:70:ce:fe:9f:3e:65:e2:d9:71:28:dc:f9: a9:ea:d3:7a:01:51:7d:5b:d4:6f:dd:52:3a:dd:5a:15:34:d4: 61:52:fe:7e:85:4d:3c:bd:d1:51:3e:de:d2:42:f7:3c:5b:67: 70:3e:f3:fc:dc:34:b1:09:f0:d6:7a:e8:4c:b3:a7:37:b9:44: aa:89:f1:c9:3d:26:9c:b9:ab:ce:d4:21:a8:c5:19:d7:dd:61: ba:da:80:e6:66:19:8c:3c:f4:56:a5:e8:f9:dd:66:71:34:5e: 7a:8e:a1:0d:e4:eb:e1:cc:b5:3b:55:f2:f4:af:97:5e:93:42: 8e:d9:25:10 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICCrUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdDMjAxMTAvBgNVBAUTKEQ0MEIxMEMxMjI0QzYxRTBEMzE4QzJGQzYwMDM5Mzc4 RUNGNzJEMDAwHhcNMjUwNDAyMTk0OTQ2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2VkOTRkYS02ZTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzz4z5b46UiidVfLJVjoSJLq5hLoubA74C5NbZ6OggKa/uuNHjfxcdm0BnXLn cZLElQmo6u5Der/MKeX8SC/f3OekYnbdrZ9OsNTahPhhzwOk+SK3v3wfbyOeDyNB TKIOzBYu89iaB59CJojLbz/O4cp0Y1zHpeatSJ9tkz9E1L85hymHH6H/8AbJeVlT enn74T2Iv4wsiwzB6TUQQau0XPMU2IS7g5O23GS8Z5iFrAJlzpNkvpu9EzeoYzfV dZZvNOhBpQUfGYj4DUsk0Q893h1J0hpgA5aqeKpJvCFiiczS6JNnA87gotOQyTZP cvBJcHIK18rKkGvtYN5MzkiOjQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNgwj2Q5 i9PV1e4ZepNUT8r1Fw4WMB8GA1UdIwQYMBaAFNQLEMEiTGHg0xjC/GADk3js9y0A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0MyMC84NjU3MUMxMDRF QTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVllRFRHTUw4WUFPVGVPejNM UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBc1F3U0pNWWVEVEdNTDhZQU9UZU96M0xRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjdDMjAvODY1NzFDMTA0RUEyMTFFQTg0QzA4ODc0QzRGOUFFMDIvQUQzNUMwMDQ0 RUE1MTFFQUFCOURCRTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnW6wDBAJ7/TgDBAS2NqAwDQQCAAIwBwMFACQC/wAwDQYJ KoZIhvcNAQELBQADggEBAE3X+jnfyLKwMktSCjoM9dkAShA3NqIQr7zRmmlByVqH 0iqPmCgmC5DbKuIeJzz7FrG7UCNeP31nfSoaGlQkaTpNA82lN1wVTHlEeqRbx1Tp QoZGJWkgWvPSPmOBp9F1l5g2cQLyUA56bEau4hsuQ3RaauMExJUE7lGfOYP7GwQk Du9e03DO/p8+ZeLZcSjc+anq03oBUX1b1G/dUjrdWhU01GFS/n6FTTy90VE+3tJC 9zxbZ3A+8/zcNLEJ8NZ66Eyzpze5RKqJ8ck9Jpy5q87UIajFGdfdYbragOZmGYw8 9Fal6PndZnE0XnqOoQ3k6+HMtTtV8vSvl16TQo7ZJRA= -----END CERTIFICATE-----Generated at Sat Apr 26 16:57:07 2025 by rpki-client