$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0D57/9FD2C9D0A91811E98C3EC24FC4F9AE02/A43B3718ABC111E9A200115CC4F9AE02.roa File: A43B3718ABC111E9A200115CC4F9AE02.roa (raw, json) Hash identifier: H3PZR2Ocqd5DrHweNG98HWtY6eO+2MOa7m6IWNzWQmk= Subject key identifier: 5A:14:56:FE:4A:71:1C:EE:F1:FA:0D:E5:5F:30:06:F6:09:AF:8E:5B Certificate issuer: /CN=A91A0D57/serialNumber=7F2B2EB5B8F4F7956895F1312D8DCC42239C9A62 Certificate serial: 0E13 Authority key identifier: 7F:2B:2E:B5:B8:F4:F7:95:68:95:F1:31:2D:8D:CC:42:23:9C:9A:62 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fysutbj095VolfExLY3MQiOcmmI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0D57/9FD2C9D0A91811E98C3EC24FC4F9AE02/A43B3718ABC111E9A200115CC4F9AE02.roa Signing time: Fri 18 Apr 2025 18:07:28 +0000 ROA not before: Fri 18 Apr 2025 18:07:28 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 59342 IP address blocks: 103.229.104.0/22 maxlen: 22 103.229.104.0/23 maxlen: 23 103.229.104.0/24 maxlen: 24 103.229.105.0/24 maxlen: 24 103.229.106.0/23 maxlen: 23 103.229.106.0/24 maxlen: 24 103.229.107.0/24 maxlen: 24 103.252.176.0/24 maxlen: 24 103.252.177.0/24 maxlen: 24 103.252.178.0/24 maxlen: 24 103.252.179.0/24 maxlen: 24 2400:bd40::/32 maxlen: 32 2400:bd40::/34 maxlen: 34 2400:bd40:4000::/34 maxlen: 34 2400:bd40:8000::/34 maxlen: 34 2400:bd40:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0D57/9FD2C9D0A91811E98C3EC24FC4F9AE02/fysutbj095VolfExLY3MQiOcmmI.crl rsync://rpki.apnic.net/member_repository/A91A0D57/9FD2C9D0A91811E98C3EC24FC4F9AE02/fysutbj095VolfExLY3MQiOcmmI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fysutbj095VolfExLY3MQiOcmmI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:48:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3603 (0xe13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0D57, serialNumber=7F2B2EB5B8F4F7956895F1312D8DCC42239C9A62 Validity Not Before: Apr 18 18:07:28 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=680294df-85a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:cb:8b:44:eb:68:b5:3e:10:c6:7f:25:c1:e7: 8b:cc:d9:f2:07:00:33:0f:a9:7b:b0:8c:b1:67:8a: f4:5b:ec:83:33:0a:8a:bb:37:d4:11:71:ce:fa:25: 58:06:70:6d:58:e2:a1:b3:d7:2e:d5:81:fa:e3:91: 24:fc:43:54:43:1f:ef:88:6a:34:2a:1f:59:50:78: 09:a1:08:0f:b4:cc:53:8c:8c:39:00:7e:7a:39:b0: f7:5e:ce:1d:79:9d:d2:da:4e:19:30:7a:e6:6f:74: eb:7f:01:3e:d7:20:08:9b:5e:15:d8:4e:97:79:0e: 16:01:04:dc:cb:18:49:fd:ad:f6:98:5c:c5:bd:6b: 91:05:0b:20:de:90:6a:2c:35:81:ee:4d:fd:78:11: b3:7b:65:ac:2b:ba:9c:70:6f:d8:49:d9:15:19:8a: 52:05:69:ea:95:97:9f:fd:ea:75:40:ff:64:28:60: d7:e5:ff:3b:db:ab:8e:c9:d1:88:4a:2c:ab:f7:2b: ab:1d:bd:1f:d8:6c:81:c4:c0:d4:d2:6a:5c:14:62: 64:d4:a1:bf:3f:51:26:6a:6d:5d:59:a7:86:e3:88: 90:6f:f8:40:20:8a:eb:dc:3b:3a:83:86:23:10:62: 35:58:49:ab:09:2c:bb:ee:61:12:6d:91:a5:55:fd: aa:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:14:56:FE:4A:71:1C:EE:F1:FA:0D:E5:5F:30:06:F6:09:AF:8E:5B X509v3 Authority Key Identifier: keyid:7F:2B:2E:B5:B8:F4:F7:95:68:95:F1:31:2D:8D:CC:42:23:9C:9A:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0D57/9FD2C9D0A91811E98C3EC24FC4F9AE02/fysutbj095VolfExLY3MQiOcmmI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fysutbj095VolfExLY3MQiOcmmI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0D57/9FD2C9D0A91811E98C3EC24FC4F9AE02/A43B3718ABC111E9A200115CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.229.104.0/22 103.252.176.0/22 IPv6: 2400:bd40::/32 Signature Algorithm: sha256WithRSAEncryption 07:d7:b7:39:f1:b6:aa:7b:59:aa:bc:89:50:b8:2e:2a:db:75: 9a:45:76:c4:5a:f5:97:5f:5b:e8:b8:5f:29:f6:5f:91:41:2b: 2f:83:74:47:ab:c5:e9:82:eb:56:9c:ed:e8:cc:82:8d:c3:ab: 74:34:a6:cf:62:f5:aa:92:5d:ff:87:7b:95:c6:15:4c:a4:a1: f2:20:50:ba:f0:21:e2:ac:1b:f2:da:b7:0d:9b:9c:a3:a5:50: 3c:21:36:fd:76:49:bc:b5:89:19:e3:d1:7f:b7:d8:84:69:fd: 8a:e2:79:9b:bd:e4:b8:8c:e8:04:6e:37:4a:3c:56:7b:09:8c: 4e:65:fc:5b:42:4a:0e:34:45:e6:d7:11:d6:3b:cb:1d:89:29: c5:24:37:d7:f8:41:72:80:1a:ac:82:ff:33:56:c7:b3:ca:54: ae:fb:70:87:d6:71:01:6b:1b:eb:8f:bc:01:40:e5:8b:ab:4a: 1b:d9:97:b8:43:23:27:ff:01:35:85:c7:d2:34:87:ca:25:f1: 2e:57:9f:82:ff:99:15:71:03:02:6b:14:5c:5b:6a:36:68:c5: 89:0c:c8:21:a7:70:db:3b:c8:b6:1d:7a:98:e0:c6:79:97:9e: 77:fc:b3:10:ad:8b:97:1c:0b:d9:9b:e4:7f:db:d0:60:d2:ce: 93:87:95:9c -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDhMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTBENTcxMTAvBgNVBAUTKDdGMkIyRUI1QjhGNEY3OTU2ODk1RjEzMTJEOERDQzQy MjM5QzlBNjIwHhcNMjUwNDE4MTgwNzI4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODAyOTRkZi04NWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw8uLROtotT4Qxn8lweeLzNnyBwAzD6l7sIyxZ4r0W+yDMwqKuzfUEXHO+iVY BnBtWOKhs9cu1YH645Ek/ENUQx/viGo0Kh9ZUHgJoQgPtMxTjIw5AH56ObD3Xs4d eZ3S2k4ZMHrmb3TrfwE+1yAIm14V2E6XeQ4WAQTcyxhJ/a32mFzFvWuRBQsg3pBq LDWB7k39eBGze2WsK7qccG/YSdkVGYpSBWnqlZef/ep1QP9kKGDX5f8726uOydGI Siyr9yurHb0f2GyBxMDU0mpcFGJk1KG/P1Emam1dWaeG44iQb/hAIIrr3Ds6g4Yj EGI1WEmrCSy77mESbZGlVf2qqQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFoUVv5K cRzu8foN5V8wBvYJr45bMB8GA1UdIwQYMBaAFH8rLrW49PeVaJXxMS2NzEIjnJpi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMEQ1Ny85RkQyQzlEMEE5 MTgxMUU5OEMzRUMyNEZDNEY5QUUwMi9meXN1dGJqMDk1Vm9sZkV4TFkzTVFpT2Nt bUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Z5c3V0YmowOTVWb2xmRXhMWTNNUWlPY21tSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTBENTcvOUZEMkM5RDBBOTE4MTFFOThDM0VDMjRGQzRGOUFFMDIvQTQzQjM3MThB QkMxMTFFOUEyMDAxMTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJn5WgDBAJn/LAwDQQCAAIwBwMFACQAvUAwDQYJKoZIhvcN AQELBQADggEBAAfXtznxtqp7Waq8iVC4LirbdZpFdsRa9ZdfW+i4Xyn2X5FBKy+D dEerxemC61ac7ejMgo3Dq3Q0ps9i9aqSXf+He5XGFUykofIgULrwIeKsG/Latw2b nKOlUDwhNv12Sby1iRnj0X+32IRp/YrieZu95LiM6ARuN0o8VnsJjE5l/FtCSg40 RebXEdY7yx2JKcUkN9f4QXKAGqyC/zNWx7PKVK77cIfWcQFrG+uPvAFA5YurShvZ l7hDIyf/ATWFx9I0h8ol8S5Xn4L/mRVxAwJrFFxbajZoxYkMyCGncNs7yLYdepjg xnmXnnf8sxCti5ccC9mb5H/b0GDSzpOHlZw= -----END CERTIFICATE-----Generated at Sat Apr 26 17:05:04 2025 by rpki-client