$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/707BA10E9DB211EAB3A85A19C4F9AE02.roa File: 707BA10E9DB211EAB3A85A19C4F9AE02.roa (raw, json) Hash identifier: GS9APLnsd9N7vlTL0hOq7MNSzNO+PtSv7rLmtH3iPh4= Subject key identifier: 64:22:B9:E7:75:34:85:91:3B:77:30:8F:22:06:B9:EA:C6:26:19:D6 Certificate issuer: /CN=A91B5732/serialNumber=0CEAF28FEE812F1CC97F1C96BCA6452EF72E6D4C Certificate serial: 0B39 Authority key identifier: 0C:EA:F2:8F:EE:81:2F:1C:C9:7F:1C:96:BC:A6:45:2E:F7:2E:6D:4C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOryj-6BLxzJfxyWvKZFLvcubUw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/707BA10E9DB211EAB3A85A19C4F9AE02.roa Signing time: Tue 28 Jan 2025 19:08:18 +0000 ROA not before: Tue 28 Jan 2025 19:08:18 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 133187 IP address blocks: 103.203.238.0/23 maxlen: 23 103.243.96.0/22 maxlen: 24 2403:d140::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/DOryj-6BLxzJfxyWvKZFLvcubUw.crl rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/DOryj-6BLxzJfxyWvKZFLvcubUw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOryj-6BLxzJfxyWvKZFLvcubUw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:59:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2873 (0xb39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5732, serialNumber=0CEAF28FEE812F1CC97F1C96BCA6452EF72E6D4C Validity Not Before: Jan 28 19:08:18 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67992b22-028c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:20:63:db:4b:f3:50:b1:00:b2:61:05:f2:3e: b3:07:3d:c7:1a:dc:d9:97:79:9d:64:d8:7e:d6:c2: 51:8b:6b:2a:6a:79:e5:47:6e:4a:eb:d7:0d:d0:79: be:58:7e:f0:f6:54:76:00:ae:af:de:27:b5:45:7f: c0:e6:4a:d6:9d:6b:0a:6b:59:3a:55:b9:17:ff:a8: 8e:1d:97:68:c8:6d:81:44:42:63:54:6b:ee:bd:43: 4d:d1:96:24:38:ea:fb:e9:31:a0:67:42:7c:0a:58: 0e:c9:68:ac:2f:52:6e:29:a8:7f:7a:2f:2d:c4:95: b4:70:4b:13:59:e4:ff:27:52:fc:a2:8c:07:79:23: e8:85:92:71:32:26:3f:53:87:a0:c9:b8:6e:1e:fc: ae:22:a9:b4:ff:92:a9:1d:dd:67:a2:a1:ea:a4:39: eb:6f:95:15:47:59:61:90:ed:1c:ca:e0:2e:33:57: 43:ea:61:fe:9f:8d:ac:ff:2d:4d:da:9a:49:57:14: 26:76:4c:1e:74:44:86:0d:d3:66:c3:de:d7:d8:b4: 53:41:2a:32:a3:41:fe:5e:75:79:36:8d:13:a0:59: 9c:ec:ea:7b:19:90:70:a7:79:4c:01:b3:f5:77:a0: 3b:c2:00:20:b3:7c:f4:d0:55:99:12:b5:57:e0:b1: b6:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:22:B9:E7:75:34:85:91:3B:77:30:8F:22:06:B9:EA:C6:26:19:D6 X509v3 Authority Key Identifier: keyid:0C:EA:F2:8F:EE:81:2F:1C:C9:7F:1C:96:BC:A6:45:2E:F7:2E:6D:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/DOryj-6BLxzJfxyWvKZFLvcubUw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOryj-6BLxzJfxyWvKZFLvcubUw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5732/8A7E9E422F2311EA903C1439C4F9AE02/707BA10E9DB211EAB3A85A19C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.203.238.0/23 103.243.96.0/22 IPv6: 2403:d140::/32 Signature Algorithm: sha256WithRSAEncryption 6c:fd:32:e9:e2:a2:68:2d:5b:fc:5a:34:ce:83:16:ba:36:2f: d7:ec:51:c0:af:d0:07:06:47:b8:56:f7:2d:60:f7:20:75:80: ef:c6:84:7b:ec:0f:8f:70:9a:3f:04:3e:73:bf:52:19:49:b6: f6:36:f8:f1:c2:f3:0d:f9:6c:25:e0:de:3c:6d:8a:1c:f0:6f: da:f3:5a:d6:a1:7f:7d:ff:b5:72:44:8c:77:49:49:b5:a2:a2: eb:67:70:35:4e:80:62:2e:8c:a3:bc:fb:f7:02:71:1b:f2:6a: 5a:fe:65:3f:9f:35:ec:f9:df:33:5a:f4:bf:25:cc:8b:6f:09: de:7e:e9:21:ff:03:93:ad:77:cb:47:bc:1d:94:a9:6d:a4:a3: bb:a5:82:c4:72:da:37:89:95:0f:af:8b:b0:e2:80:28:9e:3d: 6b:0f:d7:a1:44:b7:78:d2:54:b2:f8:69:29:47:2f:30:24:34: 31:eb:28:24:54:7c:85:bb:0e:05:57:23:23:cf:ce:a9:ea:6c: 50:33:96:9b:8e:b7:9d:ff:f9:b8:c5:b2:18:31:b8:d2:91:6f: 17:f8:26:20:f7:ca:3d:0b:48:ce:47:96:6b:39:94:6c:fe:73: cf:a3:37:0c:0e:1c:1e:3f:0f:d6:cc:d9:9a:91:04:19:e8:81: 70:c4:98:9d -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICCzkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjU3MzIxMTAvBgNVBAUTKDBDRUFGMjhGRUU4MTJGMUNDOTdGMUM5NkJDQTY0NTJF RjcyRTZENEMwHhcNMjUwMTI4MTkwODE4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzk5MmIyMi0wMjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwSBj20vzULEAsmEF8j6zBz3HGtzZl3mdZNh+1sJRi2sqannlR25K69cN0Hm+ WH7w9lR2AK6v3ie1RX/A5krWnWsKa1k6VbkX/6iOHZdoyG2BREJjVGvuvUNN0ZYk OOr76TGgZ0J8ClgOyWisL1JuKah/ei8txJW0cEsTWeT/J1L8oowHeSPohZJxMiY/ U4egybhuHvyuIqm0/5KpHd1noqHqpDnrb5UVR1lhkO0cyuAuM1dD6mH+n42s/y1N 2ppJVxQmdkwedESGDdNmw97X2LRTQSoyo0H+XnV5No0ToFmc7Op7GZBwp3lMAbP1 d6A7wgAgs3z00FWZErVX4LG2IwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGQiued1 NIWRO3cwjyIGuerGJhnWMB8GA1UdIwQYMBaAFAzq8o/ugS8cyX8clrymRS73Lm1M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTczMi84QTdFOUU0MjJG MjMxMUVBOTAzQzE0MzlDNEY5QUUwMi9ET3J5ai02Qkx4ekpmeHlXdktaRkx2Y3Vi VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RPcnlqLTZCTHh6SmZ4eVd2S1pGTHZjdWJVdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjU3MzIvOEE3RTlFNDIyRjIzMTFFQTkwM0MxNDM5QzRGOUFFMDIvNzA3QkExMEU5 REIyMTFFQUIzQTg1QTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAFny+4DBAJn82AwDQQCAAIwBwMFACQD0UAwDQYJKoZIhvcN AQELBQADggEBAGz9MuniomgtW/xaNM6DFro2L9fsUcCv0AcGR7hW9y1g9yB1gO/G hHvsD49wmj8EPnO/UhlJtvY2+PHC8w35bCXg3jxtihzwb9rzWtahf33/tXJEjHdJ SbWioutncDVOgGIujKO8+/cCcRvyalr+ZT+fNez53zNa9L8lzItvCd5+6SH/A5Ot d8tHvB2UqW2ko7ulgsRy2jeJlQ+vi7DigCiePWsP16FEt3jSVLL4aSlHLzAkNDHr KCRUfIW7DgVXIyPPzqnqbFAzlpuOt53/+bjFshgxuNKRbxf4JiD3yj0LSM5Hlms5 lGz+c8+jNwwOHB4/D9bM2ZqRBBnogXDEmJ0= -----END CERTIFICATE-----Generated at Sat Apr 26 17:19:28 2025 by rpki-client