$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/B96DD308BF4311EE844DDD58C4F9AE02.roa File: B96DD308BF4311EE844DDD58C4F9AE02.roa (raw, json) Hash identifier: Qyo+y73YZI83wemHD69A6cWahcYB7AOwFIX0fbO5DQM= Subject key identifier: 89:FC:D6:FA:90:D9:3F:23:DB:80:81:E8:C4:03:53:7A:7A:83:74:A0 Certificate issuer: /CN=A91AB2EB/serialNumber=5559831ADCEDECA5FA92FC4EB5D2EDE62E37A8CD Certificate serial: D5 Authority key identifier: 55:59:83:1A:DC:ED:EC:A5:FA:92:FC:4E:B5:D2:ED:E6:2E:37:A8:CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VVmDGtzt7KX6kvxOtdLt5i43qM0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/B96DD308BF4311EE844DDD58C4F9AE02.roa Signing time: Sun 09 Mar 2025 04:51:26 +0000 ROA not before: Sun 09 Mar 2025 04:51:26 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 135343 IP address blocks: 103.214.192.0/22 maxlen: 22 103.214.192.0/24 maxlen: 24 103.214.193.0/24 maxlen: 24 103.214.194.0/24 maxlen: 24 103.214.195.0/24 maxlen: 24 144.48.140.0/22 maxlen: 22 144.48.140.0/24 maxlen: 24 144.48.141.0/24 maxlen: 24 144.48.142.0/24 maxlen: 24 144.48.143.0/24 maxlen: 24 2001:df1:b200::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/VVmDGtzt7KX6kvxOtdLt5i43qM0.crl rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/VVmDGtzt7KX6kvxOtdLt5i43qM0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VVmDGtzt7KX6kvxOtdLt5i43qM0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:27:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 213 (0xd5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB2EB, serialNumber=5559831ADCEDECA5FA92FC4EB5D2EDE62E37A8CD Validity Not Before: Mar 9 04:51:26 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67cd1e4d-28c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:83:f5:33:1a:02:4b:f0:e1:b6:1c:fe:bf:f5: bc:77:32:40:8b:1a:d7:48:1e:44:0b:3c:7c:2c:8f: 96:b3:45:c1:7a:e4:df:d7:89:77:00:6a:95:8e:b7: a0:81:e7:f4:22:b4:b4:fc:a6:be:c5:bf:09:43:c3: ec:c4:01:c4:d6:b0:e0:54:9e:ae:44:ec:c2:f4:bf: 5e:77:ef:5f:a7:3a:54:42:6b:f7:a3:ed:52:f3:89: 0b:54:b4:65:23:51:04:38:f4:67:27:f1:fe:09:2e: e7:26:2c:1d:9b:be:e0:d5:21:54:84:e7:c5:15:be: 43:ff:b9:95:6b:9e:0f:3d:6f:05:0e:16:a9:b0:ef: e2:38:d6:de:eb:18:d2:2d:82:1f:c6:fe:01:fc:50: 50:cc:a3:f3:da:e9:da:fb:1d:eb:65:b9:86:bd:7a: be:8b:69:6b:55:37:e6:cd:c6:3e:74:94:ff:54:2a: a7:10:5b:4d:c1:2e:f1:9a:11:30:17:e3:29:42:bf: 7d:46:21:28:fc:dc:14:09:5c:6f:50:61:f0:24:73: b7:30:7b:62:78:e7:cf:25:32:1e:9e:d8:c2:8e:5c: c7:d7:0d:53:da:86:4e:1d:de:cd:f8:ed:39:d8:9a: f3:be:7c:4c:2d:65:7e:d0:a1:68:71:71:22:6a:23: 7d:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:FC:D6:FA:90:D9:3F:23:DB:80:81:E8:C4:03:53:7A:7A:83:74:A0 X509v3 Authority Key Identifier: keyid:55:59:83:1A:DC:ED:EC:A5:FA:92:FC:4E:B5:D2:ED:E6:2E:37:A8:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/VVmDGtzt7KX6kvxOtdLt5i43qM0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VVmDGtzt7KX6kvxOtdLt5i43qM0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB2EB/430B5A78BF4311EE8FD30758C4F9AE02/B96DD308BF4311EE844DDD58C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.214.192.0/22 144.48.140.0/22 IPv6: 2001:df1:b200::/48 Signature Algorithm: sha256WithRSAEncryption 29:19:71:19:d2:a8:a8:4b:8b:67:7f:09:51:5e:b6:d0:f9:8d: 5b:7b:78:f0:41:77:d2:59:c4:52:56:8d:67:be:77:e6:b4:fb: 05:de:b4:d1:a4:ad:2e:47:3f:f7:6a:e3:c9:32:92:87:e4:68: 4f:2a:c4:12:bd:ce:03:64:a2:65:2f:aa:1b:8e:96:13:8c:c6: fa:2c:df:42:46:dd:16:2a:9f:6a:c1:95:ec:48:92:fc:fa:f4: 8a:11:7f:22:30:ae:6e:79:78:65:92:89:17:e5:f0:2d:4a:93: 74:5a:7d:89:da:7e:d2:43:49:cb:f4:12:f6:ec:bb:08:5d:da: 12:b4:a9:84:6e:42:3c:c6:e8:91:31:94:54:83:fa:38:e3:f6: b1:21:33:7e:1b:fa:a3:05:3f:db:88:c9:e5:5a:1f:a0:69:4a: 7f:1f:a5:6e:e0:0f:93:0a:d2:76:b7:f1:12:97:74:d8:2f:25: ad:59:15:c8:d8:e1:63:ec:71:fb:92:d6:24:bb:9c:60:5f:f9: 9b:e9:5c:42:17:c9:8c:14:46:66:c8:3f:cb:a0:c0:fa:dc:d2: 9d:36:cf:46:94:be:9d:47:81:2d:6d:37:75:06:a1:ac:90:04: 78:e7:51:c0:39:f2:b9:3a:e3:1c:e5:cf:6a:31:54:a7:a5:18: 31:45:29:b7 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICANUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyRUIxMTAvBgNVBAUTKDU1NTk4MzFBRENFREVDQTVGQTkyRkM0RUI1RDJFREU2 MkUzN0E4Q0QwHhcNMjUwMzA5MDQ1MTI2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2NkMWU0ZC0yOGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz4P1MxoCS/Dhthz+v/W8dzJAixrXSB5ECzx8LI+Ws0XBeuTf14l3AGqVjreg gef0IrS0/Ka+xb8JQ8PsxAHE1rDgVJ6uROzC9L9ed+9fpzpUQmv3o+1S84kLVLRl I1EEOPRnJ/H+CS7nJiwdm77g1SFUhOfFFb5D/7mVa54PPW8FDhapsO/iONbe6xjS LYIfxv4B/FBQzKPz2una+x3rZbmGvXq+i2lrVTfmzcY+dJT/VCqnEFtNwS7xmhEw F+MpQr99RiEo/NwUCVxvUGHwJHO3MHtieOfPJTIentjCjlzH1w1T2oZOHd7N+O05 2JrzvnxMLWV+0KFocXEiaiN95wIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFIn81vqQ 2T8j24CB6MQDU3p6g3SgMB8GA1UdIwQYMBaAFFVZgxrc7eyl+pL8TrXS7eYuN6jN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjJFQi80MzBCNUE3OEJG NDMxMUVFOEZEMzA3NThDNEY5QUUwMi9WVm1ER3R6dDdLWDZrdnhPdGRMdDVpNDNx TTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZWbURHdHp0N0tYNmt2eE90ZEx0NWk0M3FNMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUIyRUIvNDMwQjVBNzhCRjQzMTFFRThGRDMwNzU4QzRGOUFFMDIvQjk2REQzMDhC RjQzMTFFRTg0NERERDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBAJn1sADBAKQMIwwDwQCAAIwCQMHACABDfGyADANBgkqhkiG 9w0BAQsFAAOCAQEAKRlxGdKoqEuLZ38JUV620PmNW3t48EF30lnEUlaNZ7535rT7 Bd600aStLkc/92rjyTKSh+RoTyrEEr3OA2SiZS+qG46WE4zG+izfQkbdFiqfasGV 7EiS/Pr0ihF/IjCubnl4ZZKJF+XwLUqTdFp9idp+0kNJy/QS9uy7CF3aErSphG5C PMbokTGUVIP6OOP2sSEzfhv6owU/24jJ5VofoGlKfx+lbuAPkwrSdrfxEpd02C8l rVkVyNjhY+xx+5LWJLucYF/5m+lcQhfJjBRGZsg/y6DA+tzSnTbPRpS+nUeBLW03 dQahrJAEeOdRwDnyuTrjHOXPajFUp6UYMUUptw== -----END CERTIFICATE-----Generated at Sat Apr 26 12:56:39 2025 by rpki-client