$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/3D3FCB5EC8F911EFA0603266C4F9AE02.roa File: 3D3FCB5EC8F911EFA0603266C4F9AE02.roa (raw, json) Hash identifier: dVvAOLaR7VeZVwIO8MXBU1Oox1e9LXcIU8oAAShatyQ= Subject key identifier: 9C:F5:A4:8B:84:29:3D:0E:C6:76:F9:2F:45:CF:58:35:9A:DA:22:E2 Certificate issuer: /CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D Certificate serial: 03B3 Authority key identifier: 1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/3D3FCB5EC8F911EFA0603266C4F9AE02.roa Signing time: Wed 09 Apr 2025 16:00:11 +0000 ROA not before: Wed 09 Apr 2025 16:00:11 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 139042 IP address blocks: 103.138.147.0/24 maxlen: 24 2407:3b40::/32 maxlen: 32 2407:3b40:8000::/36 maxlen: 36 2407:3b40:b000::/36 maxlen: 36 2407:3b40:c000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/GwNr_4eAfL_G6RI2ywhtT-KwmT0.crl rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/GwNr_4eAfL_G6RI2ywhtT-KwmT0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:42:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 947 (0x3b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0720, serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D Validity Not Before: Apr 9 16:00:11 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67f6998b-81f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:2e:32:66:f7:da:af:e0:96:6c:c5:29:f2:21: d9:00:20:a2:64:74:2e:60:3b:b4:8d:10:d4:89:9e: d9:31:26:5f:41:67:eb:6a:03:b0:09:31:3f:7f:58: d6:c2:f1:b2:8c:03:80:b0:2e:17:ba:38:83:cd:35: 56:46:6b:77:0d:4d:90:b5:75:b2:9c:f8:b3:66:9a: 63:cf:e2:71:7a:ce:8b:2b:9d:e1:9b:7e:19:37:d3: 9d:cf:67:74:e4:6d:04:eb:57:ce:08:f7:ef:6f:ce: 3a:b7:42:19:f0:d2:3d:c9:82:fc:9b:0b:a8:bd:89: f2:d5:10:a1:56:3c:2b:5f:47:cc:87:51:9a:f6:b6: 92:25:a2:36:dc:dd:96:39:02:19:9d:fb:1d:5d:87: 6f:b4:a6:71:b5:94:6a:ff:81:d3:67:f5:b1:4d:7d: d8:e4:1a:4b:2e:fc:8e:13:df:17:ed:62:f4:f6:eb: db:91:dd:88:27:79:db:3c:fd:a2:72:64:86:26:38: 06:e3:44:d6:a8:80:c8:33:df:89:cf:cf:ed:ca:29: 4f:56:33:d3:f1:bc:30:36:c6:38:5b:67:52:86:03: ed:bc:8a:68:33:7a:57:90:1f:fd:4b:91:e2:07:c4: 28:92:17:5a:bf:96:45:b1:fa:7c:0b:3f:a9:b5:5f: 1b:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:F5:A4:8B:84:29:3D:0E:C6:76:F9:2F:45:CF:58:35:9A:DA:22:E2 X509v3 Authority Key Identifier: keyid:1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/GwNr_4eAfL_G6RI2ywhtT-KwmT0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/3D3FCB5EC8F911EFA0603266C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.147.0/24 IPv6: 2407:3b40::/32 Signature Algorithm: sha256WithRSAEncryption 96:57:42:7a:de:90:76:61:6e:67:db:fc:fb:37:1f:5b:85:e6: 8f:e5:ab:a2:c9:a1:07:3e:78:83:d1:7b:4f:b9:60:b6:12:d6: d3:8f:43:3d:38:21:57:fd:d3:6d:00:1b:6e:3f:22:18:84:b2: 37:b3:4a:0b:0f:66:4e:cb:88:d5:13:49:c3:c8:71:98:94:dd: ad:4b:2b:2a:f4:29:6b:d8:b2:16:bd:6a:00:f1:4d:bb:88:b5: cf:cf:2b:18:99:b8:37:ad:4b:b4:e3:27:60:e3:e2:61:a1:69: f2:46:42:1e:7d:b0:0f:aa:21:03:51:01:1f:00:f9:8c:7e:26: 91:35:84:54:47:1a:56:16:3d:32:87:1c:bf:c2:ab:47:6a:65: af:a6:fa:f9:8b:96:5f:d6:63:4d:30:1f:40:c2:d7:51:90:d7: 81:d1:6a:07:09:4d:96:f1:6d:e4:b7:c0:5b:e3:98:04:ef:7d: 51:dc:ee:c8:59:b4:c3:0f:d1:4e:51:78:13:4d:0f:05:0c:a9: b5:d3:fe:b6:e3:5b:d2:cc:1a:d7:20:57:ea:cf:89:5d:43:96: ad:b9:3d:60:1a:5d:67:cd:8b:0a:11:4f:d2:8c:23:64:91:4e: 4f:ec:f5:c3:b4:be:26:4d:63:3e:7a:70:c5:39:88:9c:ae:47: f8:8d:34:ab -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICA7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjA3MjAxMTAvBgNVBAUTKDFCMDM2QkZGODc4MDdDQkZDNkU5MTIzNkNCMDg2RDRG RTJCMDk5M0QwHhcNMjUwNDA5MTYwMDExWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y2OTk4Yi04MWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7y4yZvfar+CWbMUp8iHZACCiZHQuYDu0jRDUiZ7ZMSZfQWfragOwCTE/f1jW wvGyjAOAsC4XujiDzTVWRmt3DU2QtXWynPizZppjz+Jxes6LK53hm34ZN9Odz2d0 5G0E61fOCPfvb846t0IZ8NI9yYL8mwuovYny1RChVjwrX0fMh1Ga9raSJaI23N2W OQIZnfsdXYdvtKZxtZRq/4HTZ/WxTX3Y5BpLLvyOE98X7WL09uvbkd2IJ3nbPP2i cmSGJjgG40TWqIDIM9+Jz8/tyilPVjPT8bwwNsY4W2dShgPtvIpoM3pXkB/9S5Hi B8Qokhdav5ZFsfp8Cz+ptV8bwQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJz1pIuE KT0Oxnb5L0XPWDWa2iLiMB8GA1UdIwQYMBaAFBsDa/+HgHy/xukSNssIbU/isJk9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDcyMC8yMDlGOEI3NEE3 OUIxMUVDOEREMkIxNTdDNEY5QUUwMi9Hd05yXzRlQWZMX0c2UkkyeXdodFQtS3dt VDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0d3TnJfNGVBZkxfRzZSSTJ5d2h0VC1Ld21UMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjA3MjAvMjA5RjhCNzRBNzlCMTFFQzhERDJCMTU3QzRGOUFFMDIvM0QzRkNCNUVD OEY5MTFFRkEwNjAzMjY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBABnipMwDQQCAAIwBwMFACQHO0AwDQYJKoZIhvcNAQELBQAD ggEBAJZXQnrekHZhbmfb/Ps3H1uF5o/lq6LJoQc+eIPRe0+5YLYS1tOPQz04IVf9 020AG24/IhiEsjezSgsPZk7LiNUTScPIcZiU3a1LKyr0KWvYsha9agDxTbuItc/P KxiZuDetS7TjJ2Dj4mGhafJGQh59sA+qIQNRAR8A+Yx+JpE1hFRHGlYWPTKHHL/C q0dqZa+m+vmLll/WY00wH0DC11GQ14HRagcJTZbxbeS3wFvjmATvfVHc7shZtMMP 0U5ReBNNDwUMqbXT/rbjW9LMGtcgV+rPiV1Dlq25PWAaXWfNiwoRT9KMI2SRTk/s 9cO0viZNYz56cMU5iJyuR/iNNKs= -----END CERTIFICATE-----Generated at Sat Apr 26 16:57:20 2025 by rpki-client