$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3BB1/EA1B22E01D9611E29806C57F08B02CD2/0B3FC58CB0DA11E5A8C8BF13C4F9AE02.roa File: 0B3FC58CB0DA11E5A8C8BF13C4F9AE02.roa (raw, json) Hash identifier: IB+Pst0/hjjnT/aD3F4nsmgPYgJjXgVIAOW0RdKrpkY= Subject key identifier: CF:B5:7B:73:E0:48:51:94:AF:54:6E:8E:74:44:25:A9:C2:E0:76:24 Certificate issuer: /CN=A91A3BB1/serialNumber=E83A59B881CE1E5735D1ADDCD8BAE05E53B853D0 Certificate serial: 3474 Authority key identifier: E8:3A:59:B8:81:CE:1E:57:35:D1:AD:DC:D8:BA:E0:5E:53:B8:53:D0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6DpZuIHOHlc10a3c2LrgXlO4U9A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3BB1/EA1B22E01D9611E29806C57F08B02CD2/0B3FC58CB0DA11E5A8C8BF13C4F9AE02.roa Signing time: Fri 20 Dec 2024 15:20:50 +0000 ROA not before: Fri 20 Dec 2024 15:20:50 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 38830 IP address blocks: 103.10.8.0/24 maxlen: 24 203.12.235.0/24 maxlen: 24 2001:df0:218::/48 maxlen: 48 2001:df7:e800::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3BB1/EA1B22E01D9611E29806C57F08B02CD2/6DpZuIHOHlc10a3c2LrgXlO4U9A.crl rsync://rpki.apnic.net/member_repository/A91A3BB1/EA1B22E01D9611E29806C57F08B02CD2/6DpZuIHOHlc10a3c2LrgXlO4U9A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6DpZuIHOHlc10a3c2LrgXlO4U9A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:49:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13428 (0x3474) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3BB1, serialNumber=E83A59B881CE1E5735D1ADDCD8BAE05E53B853D0 Validity Not Before: Dec 20 15:20:50 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67658b52-9d2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:a5:7b:cc:b5:72:17:93:f6:32:7a:fe:f1:9f: d8:0f:53:30:4b:c6:75:42:fc:1b:f1:a3:19:aa:de: 11:d0:0b:10:71:aa:fa:94:79:a7:a8:ca:54:e5:43: 17:d8:37:bd:17:a3:8a:27:ed:10:ee:c4:cc:92:87: ca:c1:85:32:88:19:cd:00:b7:46:c4:f2:cc:c7:ec: 71:ae:83:57:31:48:87:98:2a:c3:60:b3:ee:06:41: 88:d2:ed:02:a0:34:a2:89:c2:f8:1c:e2:16:88:31: c0:98:e6:f5:4e:6e:3f:3e:ca:30:18:1d:35:9d:7e: e7:ad:25:e1:38:21:9e:2f:83:d0:3a:80:eb:7b:1d: 3d:9b:95:67:ca:bc:bb:de:94:81:56:94:59:85:69: 52:0e:ea:4b:59:85:4f:7c:15:26:08:98:27:c8:ac: 76:1d:0b:cb:0d:16:ab:82:89:6c:62:36:6c:75:22: a7:f9:b5:d6:7a:f4:a2:e7:e7:2d:8a:d3:99:76:d4: e5:4e:74:6a:b8:71:67:a7:37:78:62:58:77:20:1d: 34:0f:4c:d9:96:5f:03:f1:38:22:90:a4:45:eb:c8: a7:2d:84:2c:15:e6:de:5a:ad:50:7d:45:e4:af:f3: 35:48:83:c6:00:38:a2:6a:1f:d3:30:a6:73:64:04: a2:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:B5:7B:73:E0:48:51:94:AF:54:6E:8E:74:44:25:A9:C2:E0:76:24 X509v3 Authority Key Identifier: keyid:E8:3A:59:B8:81:CE:1E:57:35:D1:AD:DC:D8:BA:E0:5E:53:B8:53:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3BB1/EA1B22E01D9611E29806C57F08B02CD2/6DpZuIHOHlc10a3c2LrgXlO4U9A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6DpZuIHOHlc10a3c2LrgXlO4U9A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3BB1/EA1B22E01D9611E29806C57F08B02CD2/0B3FC58CB0DA11E5A8C8BF13C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.10.8.0/24 203.12.235.0/24 IPv6: 2001:df0:218::/48 2001:df7:e800::/48 Signature Algorithm: sha256WithRSAEncryption c1:d0:ed:c2:07:b7:12:84:1d:f8:4a:67:8b:f0:b6:69:ad:f3: b7:7a:ab:58:ed:94:3a:f7:a5:03:7c:02:a9:80:02:e5:67:28: 78:ac:2b:13:7b:c3:db:9e:0e:c3:93:b8:cd:fb:b4:f0:f3:be: 65:7b:9a:c5:d9:6f:1b:3c:16:4c:f1:57:d8:f1:4a:9d:a6:c9: 17:84:43:22:4b:d4:0e:3d:03:ac:86:91:64:b9:a7:97:38:0a: 32:b6:1c:d4:43:f6:01:4f:81:ec:01:26:67:eb:c2:d8:3e:71: 2c:ea:a2:a3:70:c6:b4:39:14:31:24:2e:52:c8:b6:02:f1:1d: c9:57:b9:09:9c:04:47:a2:36:17:93:e9:71:0e:a9:8a:ea:0e: d6:4d:4a:bf:12:ca:64:66:5c:05:ac:fd:b3:f1:19:43:83:f1: 73:aa:06:f8:50:a8:6b:89:bd:41:98:ed:06:ba:16:5f:81:e0: 99:34:0a:22:91:eb:ad:f4:e7:c7:e8:ac:05:2f:cc:95:5e:af: 80:ff:b1:d0:02:75:51:a7:bf:6c:dc:52:e2:6a:34:ec:77:81: 5b:63:be:a0:9c:15:f5:0b:88:a6:a6:60:ca:47:05:29:65:a9: 4e:40:7e:8f:5f:5e:11:0c:90:c0:e4:39:b8:6a:45:71:ac:67: 54:3d:16:55 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICNHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTNCQjExMTAvBgNVBAUTKEU4M0E1OUI4ODFDRTFFNTczNUQxQUREQ0Q4QkFFMDVF NTNCODUzRDAwHhcNMjQxMjIwMTUyMDUwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzY1OGI1Mi05ZDJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4aV7zLVyF5P2Mnr+8Z/YD1MwS8Z1Qvwb8aMZqt4R0AsQcar6lHmnqMpU5UMX 2De9F6OKJ+0Q7sTMkofKwYUyiBnNALdGxPLMx+xxroNXMUiHmCrDYLPuBkGI0u0C oDSiicL4HOIWiDHAmOb1Tm4/PsowGB01nX7nrSXhOCGeL4PQOoDrex09m5Vnyry7 3pSBVpRZhWlSDupLWYVPfBUmCJgnyKx2HQvLDRargolsYjZsdSKn+bXWevSi5+ct itOZdtTlTnRquHFnpzd4Ylh3IB00D0zZll8D8TgikKRF68inLYQsFebeWq1QfUXk r/M1SIPGADiiah/TMKZzZASifwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFM+1e3Pg SFGUr1RujnREJanC4HYkMB8GA1UdIwQYMBaAFOg6WbiBzh5XNdGt3Ni64F5TuFPQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0JCMS9FQTFCMjJFMDFE OTYxMUUyOTgwNkM1N0YwOEIwMkNEMi82RHBadUlIT0hsYzEwYTNjMkxyZ1hsTzRV OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZEcFp1SUhPSGxjMTBhM2MyTHJnWGxPNFU5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTNCQjEvRUExQjIyRTAxRDk2MTFFMjk4MDZDNTdGMDhCMDJDRDIvMEIzRkM1OENC MERBMTFFNUE4QzhCRjEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMBIEAgABMAwDBABnCggDBADLDOswGAQCAAIwEgMHACABDfACGAMHACABDffo ADANBgkqhkiG9w0BAQsFAAOCAQEAwdDtwge3EoQd+Epni/C2aa3zt3qrWO2UOvel A3wCqYAC5WcoeKwrE3vD254Ow5O4zfu08PO+ZXuaxdlvGzwWTPFX2PFKnabJF4RD IkvUDj0DrIaRZLmnlzgKMrYc1EP2AU+B7AEmZ+vC2D5xLOqio3DGtDkUMSQuUsi2 AvEdyVe5CZwER6I2F5PpcQ6piuoO1k1KvxLKZGZcBaz9s/EZQ4Pxc6oG+FCoa4m9 QZjtBroWX4HgmTQKIpHrrfTnx+isBS/MlV6vgP+x0AJ1Uae/bNxS4mo07HeBW2O+ oJwV9QuIpqZgykcFKWWpTkB+j19eEQyQwOQ5uGpFcaxnVD0WVQ== -----END CERTIFICATE-----Generated at Sat Apr 26 08:02:53 2025 by rpki-client