$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/3636BCD2937011EA8A795583C4F9AE02.roa File: 3636BCD2937011EA8A795583C4F9AE02.roa (raw, json) Hash identifier: Xd/9pByFb2cbZ9xoUnmDVjNmjmus87X0lFOERhfsZNI= Subject key identifier: C9:57:C5:BE:B4:71:0E:39:83:3D:D5:D7:25:01:E6:52:01:41:CC:AD Certificate issuer: /CN=A91ACFEB/serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Certificate serial: 093A Authority key identifier: 53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/3636BCD2937011EA8A795583C4F9AE02.roa Signing time: Fri 24 Jan 2025 20:10:07 +0000 ROA not before: Fri 24 Jan 2025 20:10:07 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 55361 IP address blocks: 103.6.4.0/24 maxlen: 24 103.6.5.0/24 maxlen: 24 103.6.6.0/24 maxlen: 24 103.6.7.0/24 maxlen: 24 113.20.20.0/24 maxlen: 24 113.20.21.0/24 maxlen: 24 113.20.22.0/24 maxlen: 24 113.20.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:05:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2362 (0x93a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACFEB, serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Validity Not Before: Jan 24 20:10:07 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6793f39f-7546 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:23:8a:9b:4c:cd:97:4e:17:d8:f5:3b:55:3d: 73:69:95:d6:42:6d:58:bc:f6:e7:63:4f:1e:39:c1: 0b:83:de:4a:c6:b0:78:62:86:c3:1a:da:c8:70:1d: f5:89:ad:6d:dc:a2:9f:6a:3b:84:68:f5:32:00:db: b0:63:61:03:78:61:27:2f:d8:bf:bd:5c:5e:fe:a5: 70:08:d4:0f:85:b8:84:7f:ab:70:70:9d:4f:d0:f3: 11:5b:1b:03:9f:42:69:1d:22:68:da:65:0d:76:dc: a4:ba:28:3f:1b:1b:92:ce:cf:11:6a:e8:7f:6b:ee: 40:72:e1:f0:7b:b1:57:a7:8e:28:04:7e:d2:55:9c: 12:d1:8a:75:a7:38:2d:49:c4:db:3e:4c:65:89:4e: 45:22:91:58:8a:fa:6c:d9:70:5a:c5:13:9b:e8:91: b5:e4:b1:cb:18:1f:ef:00:13:a0:89:81:7c:fd:40: d1:ef:e3:9c:2e:44:ab:e5:57:ed:a7:ea:f1:d7:da: 83:dd:c8:1a:7a:62:fc:1d:0e:b5:41:7b:37:a2:68: 90:c3:c2:88:b1:75:cf:e8:71:2a:8c:9c:94:47:d4: 60:63:89:c7:15:34:69:c8:a7:65:e6:c5:4a:d0:ca: 39:06:4d:bb:67:56:20:a5:aa:31:df:b7:2d:e6:0d: e3:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:57:C5:BE:B4:71:0E:39:83:3D:D5:D7:25:01:E6:52:01:41:CC:AD X509v3 Authority Key Identifier: keyid:53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/3636BCD2937011EA8A795583C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.6.4.0/22 113.20.20.0/22 Signature Algorithm: sha256WithRSAEncryption 80:18:9d:96:7e:4f:e8:dc:fe:f9:20:e9:04:f5:05:d0:06:0d: 9d:28:b0:3a:64:26:55:72:b6:a1:fc:bb:ff:0d:2a:40:b4:3d: eb:68:48:bb:0f:02:eb:29:69:5b:3f:f3:24:0d:6d:c1:19:52: 5b:f2:60:62:bb:a7:de:0d:bc:11:98:af:33:23:19:1e:e1:97: 4e:38:d7:ef:5f:20:b2:4f:1b:4c:6f:1e:8f:08:e3:4e:a4:20: e1:b7:b4:ba:e4:39:4b:b2:a2:0a:d7:f6:c5:2d:61:e3:7f:c5: 68:05:16:fd:44:c5:a7:7e:d4:7f:02:8c:a0:fd:5b:24:14:b2: 9c:9d:86:39:3c:18:74:70:eb:ad:fd:f6:5b:26:4e:44:c0:e0: 64:ce:01:52:d8:76:79:67:c6:50:c4:fa:74:f8:c4:a6:e5:a8: 3c:73:d3:0f:c5:84:9d:56:d1:9f:0c:8f:f2:70:69:ef:c4:c5: 04:af:2e:55:0c:8c:69:70:79:8c:04:77:41:2a:46:78:8b:fb: 74:8a:aa:da:f7:dd:a4:b1:42:a6:fa:3f:96:b2:02:a6:34:f8: e0:00:9e:b3:89:19:e1:aa:ee:c5:2a:44:e5:b2:5f:ae:b0:b3: 7e:c1:9f:6f:46:8a:ff:c2:af:da:c7:5f:d4:c2:19:34:8a:5e: cb:fe:fc:2e -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCTowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNGRUIxMTAvBgNVBAUTKDUzODVFMTNBMUI1ODQ1RkI0NENFRUI2QkVEOERFQjRF ODlBRjM4MjkwHhcNMjUwMTI0MjAxMDA3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzkzZjM5Zi03NTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2SOKm0zNl04X2PU7VT1zaZXWQm1YvPbnY08eOcELg95KxrB4YobDGtrIcB31 ia1t3KKfajuEaPUyANuwY2EDeGEnL9i/vVxe/qVwCNQPhbiEf6twcJ1P0PMRWxsD n0JpHSJo2mUNdtykuig/GxuSzs8Rauh/a+5AcuHwe7FXp44oBH7SVZwS0Yp1pzgt ScTbPkxliU5FIpFYivps2XBaxROb6JG15LHLGB/vABOgiYF8/UDR7+OcLkSr5Vft p+rx19qD3cgaemL8HQ61QXs3omiQw8KIsXXP6HEqjJyUR9RgY4nHFTRpyKdl5sVK 0Mo5Bk27Z1Ygpaox37ct5g3j9wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMlXxb60 cQ45gz3V1yUB5lIBQcytMB8GA1UdIwQYMBaAFFOF4TobWEX7RM7ra+2N606Jrzgp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0ZFQi9DQjJDMzNFNjkz NkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJmdEV6dXRyN1kzclRvbXZP Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0WGhPaHRZUmZ0RXp1dHI3WTNyVG9tdk9Day5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUNGRUIvQ0IyQzMzRTY5MzZFMTFFQUE1RTU2QjdFQzRGOUFFMDIvMzYzNkJDRDI5 MzcwMTFFQThBNzk1NTgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnBgQDBAJxFBQwDQYJKoZIhvcNAQELBQADggEBAIAYnZZ+ T+jc/vkg6QT1BdAGDZ0osDpkJlVytqH8u/8NKkC0PetoSLsPAuspaVs/8yQNbcEZ UlvyYGK7p94NvBGYrzMjGR7hl0441+9fILJPG0xvHo8I406kIOG3tLrkOUuyogrX 9sUtYeN/xWgFFv1Exad+1H8CjKD9WyQUspydhjk8GHRw66399lsmTkTA4GTOAVLY dnlnxlDE+nT4xKblqDxz0w/FhJ1W0Z8Mj/Jwae/ExQSvLlUMjGlweYwEd0EqRniL +3SKqtr33aSxQqb6P5ayAqY0+OAAnrOJGeGq7sUqROWyX66ws37Bn29Giv/Cr9rH X9TCGTSKXsv+/C4= -----END CERTIFICATE-----Generated at Sat Apr 26 17:00:40 2025 by rpki-client