$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2BC9/66D37AA6915611ED8D4B773DC4F9AE02/044E6658915A11ED8D2FBE43C4F9AE02.roa File: 044E6658915A11ED8D2FBE43C4F9AE02.roa (raw, json) Hash identifier: 5eORjOKdJA5R5JqKv9kUobgVioj38QF3cQAhkx2yC1U= Subject key identifier: 35:61:DB:3B:3E:4B:48:76:0B:25:25:CE:21:5C:75:E0:60:5F:18:E0 Certificate issuer: /CN=A91B2BC9/serialNumber=7ECC77A2CCADAADA6342FC0F44691875EA3F9287 Certificate serial: 017A Authority key identifier: 7E:CC:77:A2:CC:AD:AA:DA:63:42:FC:0F:44:69:18:75:EA:3F:92:87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fsx3osytqtpjQvwPRGkYdeo_koc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2BC9/66D37AA6915611ED8D4B773DC4F9AE02/044E6658915A11ED8D2FBE43C4F9AE02.roa Signing time: Thu 09 Jan 2025 02:47:22 +0000 ROA not before: Thu 09 Jan 2025 02:47:21 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 139238 IP address blocks: 103.66.142.0/23 maxlen: 23 103.66.142.0/24 maxlen: 24 103.66.143.0/24 maxlen: 24 2400:d1e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2BC9/66D37AA6915611ED8D4B773DC4F9AE02/fsx3osytqtpjQvwPRGkYdeo_koc.crl rsync://rpki.apnic.net/member_repository/A91B2BC9/66D37AA6915611ED8D4B773DC4F9AE02/fsx3osytqtpjQvwPRGkYdeo_koc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fsx3osytqtpjQvwPRGkYdeo_koc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:23:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 378 (0x17a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2BC9, serialNumber=7ECC77A2CCADAADA6342FC0F44691875EA3F9287 Validity Not Before: Jan 9 02:47:21 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=677f38b9-528f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:87:ec:2a:ae:38:f7:b2:e7:f9:9e:43:a1:06: 5b:da:3a:2d:2e:a4:15:87:21:46:cb:3b:ac:91:9a: a6:53:8c:9b:3f:0a:6d:5b:5a:0f:7f:e2:21:63:69: ae:ad:05:f4:c0:c5:85:4c:76:cb:da:e5:be:70:8c: dc:45:1b:f4:86:75:fd:03:f9:92:80:3e:7f:7f:d0: 26:c7:b9:11:dd:34:a9:87:85:15:04:74:ae:13:4d: 06:6b:78:d4:9e:49:e8:b6:31:1a:5e:9f:2c:f7:67: 67:58:0b:18:25:26:fd:76:d1:a8:9a:6c:b5:a0:5d: 33:e2:74:51:ed:df:50:eb:33:fc:6f:32:d3:da:b9: 93:94:b1:19:2b:97:58:1d:fc:47:85:3f:03:66:2f: b3:d3:87:3a:b8:0f:e0:01:40:8c:32:25:d5:db:4f: 6d:06:8e:37:ff:03:dd:14:b4:ad:2e:49:51:0a:0b: dc:87:a4:ac:1f:52:e2:29:99:33:87:6f:34:64:e8: c8:c2:70:3f:ff:41:d5:3d:d3:39:39:d2:76:ba:df: 89:e2:44:41:34:a1:da:d5:98:94:34:81:94:57:74: 77:82:a2:8c:03:46:99:df:60:10:eb:93:1d:a2:f7: f2:d5:54:db:70:aa:9c:88:6f:93:de:cd:4f:c2:42: 0b:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:61:DB:3B:3E:4B:48:76:0B:25:25:CE:21:5C:75:E0:60:5F:18:E0 X509v3 Authority Key Identifier: keyid:7E:CC:77:A2:CC:AD:AA:DA:63:42:FC:0F:44:69:18:75:EA:3F:92:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2BC9/66D37AA6915611ED8D4B773DC4F9AE02/fsx3osytqtpjQvwPRGkYdeo_koc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fsx3osytqtpjQvwPRGkYdeo_koc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2BC9/66D37AA6915611ED8D4B773DC4F9AE02/044E6658915A11ED8D2FBE43C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.66.142.0/23 IPv6: 2400:d1e0::/32 Signature Algorithm: sha256WithRSAEncryption 63:7e:a7:4a:80:59:99:de:12:b9:71:6e:c5:bc:b4:2a:9c:b9: 9a:57:6d:4d:db:92:da:bb:f5:75:46:4d:7d:ac:06:70:11:e6: ea:70:a3:6c:88:39:90:f7:42:48:41:2e:3c:fd:6e:1c:a4:34: be:59:d1:bf:45:4e:45:bd:00:b8:0b:49:fa:fb:e1:b7:e7:5c: f0:15:b6:c3:a3:66:f7:ee:a7:83:11:5b:40:99:b0:84:27:04: 1c:74:de:8d:c2:87:36:e0:f4:47:0b:30:1b:8e:b9:1f:ac:e4: 9e:9e:e4:51:4a:e7:93:42:22:43:a7:80:14:ee:28:0f:f9:d3: 10:b1:57:c7:64:b7:82:48:0a:50:c3:77:64:1a:70:3d:07:d3: 9e:34:4e:42:48:28:4c:a6:87:94:7d:ee:f0:4a:2a:4f:39:4b: bd:b1:91:f6:20:27:36:8c:75:88:bb:be:21:65:7d:43:b0:97: f4:f8:44:53:f7:ab:9e:a2:ab:23:1b:ae:eb:8c:73:af:74:bb: b4:73:a0:08:1f:2e:fa:de:80:61:ef:4f:96:3a:df:74:04:32: 10:b5:4c:fe:10:ee:ab:fc:19:c9:8d:a9:06:3b:6f:e8:e4:9b: b0:22:05:d0:fa:58:c6:c9:85:4c:9d:f6:6d:12:3c:1c:9c:a6: 4d:80:c0:49 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICAXowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJCQzkxMTAvBgNVBAUTKDdFQ0M3N0EyQ0NBREFBREE2MzQyRkMwRjQ0NjkxODc1 RUEzRjkyODcwHhcNMjUwMTA5MDI0NzIxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzdmMzhiOS01MjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv4fsKq4497Ln+Z5DoQZb2jotLqQVhyFGyzuskZqmU4ybPwptW1oPf+IhY2mu rQX0wMWFTHbL2uW+cIzcRRv0hnX9A/mSgD5/f9Amx7kR3TSph4UVBHSuE00Ga3jU nknotjEaXp8s92dnWAsYJSb9dtGommy1oF0z4nRR7d9Q6zP8bzLT2rmTlLEZK5dY HfxHhT8DZi+z04c6uA/gAUCMMiXV209tBo43/wPdFLStLklRCgvch6SsH1LiKZkz h280ZOjIwnA//0HVPdM5OdJ2ut+J4kRBNKHa1ZiUNIGUV3R3gqKMA0aZ32AQ65Md ovfy1VTbcKqciG+T3s1PwkILwwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDVh2zs+ S0h2CyUlziFcdeBgXxjgMB8GA1UdIwQYMBaAFH7Md6LMraraY0L8D0RpGHXqP5KH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkJDOS82NkQzN0FBNjkx NTYxMUVEOEQ0Qjc3M0RDNEY5QUUwMi9mc3gzb3N5dHF0cGpRdndQUkdrWWRlb19r b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZzeDNvc3l0cXRwalF2d1BSR2tZZGVvX2tvYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjJCQzkvNjZEMzdBQTY5MTU2MTFFRDhENEI3NzNEQzRGOUFFMDIvMDQ0RTY2NTg5 MTVBMTFFRDhEMkZCRTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnQo4wDQQCAAIwBwMFACQA0eAwDQYJKoZIhvcNAQELBQAD ggEBAGN+p0qAWZneErlxbsW8tCqcuZpXbU3bktq79XVGTX2sBnAR5upwo2yIOZD3 QkhBLjz9bhykNL5Z0b9FTkW9ALgLSfr74bfnXPAVtsOjZvfup4MRW0CZsIQnBBx0 3o3Chzbg9EcLMBuOuR+s5J6e5FFK55NCIkOngBTuKA/50xCxV8dkt4JIClDDd2Qa cD0H0540TkJIKEymh5R97vBKKk85S72xkfYgJzaMdYi7viFlfUOwl/T4RFP3q56i qyMbruuMc690u7RzoAgfLvregGHvT5Y633QEMhC1TP4Q7qv8GcmNqQY7b+jkm7Ai BdD6WMbJhUyd9m0SPBycpk2AwEk= -----END CERTIFICATE-----Generated at Sat Apr 26 16:47:44 2025 by rpki-client