$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7BDC/681C8F4658BE11EC8AED5F2CC4F9AE02/D76AC8AC2EAB11EF9B369566C4F9AE02.roa File: D76AC8AC2EAB11EF9B369566C4F9AE02.roa (raw, json) Hash identifier: naYHhlwgJToIdxwYRVcDTwuzPaQ2WtmkFGMwkiEal6s= Subject key identifier: 3F:DC:67:7A:81:FB:6A:38:B5:73:75:82:3A:D4:DD:73:82:BD:C3:D1 Certificate issuer: /CN=A91B7BDC/serialNumber=D43B44D5F937F65E8BAB9B7F987A3DC9D2104A32 Certificate serial: 0458 Authority key identifier: D4:3B:44:D5:F9:37:F6:5E:8B:AB:9B:7F:98:7A:3D:C9:D2:10:4A:32 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DtE1fk39l6Lq5t_mHo9ydIQSjI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7BDC/681C8F4658BE11EC8AED5F2CC4F9AE02/D76AC8AC2EAB11EF9B369566C4F9AE02.roa Signing time: Fri 25 Apr 2025 00:25:42 +0000 ROA not before: Fri 25 Apr 2025 00:25:42 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 132139 IP address blocks: 103.149.62.0/23 maxlen: 23 103.149.62.0/24 maxlen: 24 103.149.63.0/24 maxlen: 24 2405:e440::/32 maxlen: 32 2405:e440::/48 maxlen: 48 2405:e440:1::/48 maxlen: 48 2405:e440:2::/48 maxlen: 48 2405:e440:3::/48 maxlen: 48 2405:e440:4::/46 maxlen: 46 2405:e440:4::/48 maxlen: 48 2405:e440:5::/48 maxlen: 48 2405:e440:6::/48 maxlen: 48 2405:e440:7::/48 maxlen: 48 2405:e440:8::/46 maxlen: 46 2405:e440:8::/48 maxlen: 48 2405:e440:9::/48 maxlen: 48 2405:e440:a::/48 maxlen: 48 2405:e440:b::/48 maxlen: 48 2405:e440:c::/46 maxlen: 46 2405:e440:c::/48 maxlen: 48 2405:e440:d::/48 maxlen: 48 2405:e440:e::/48 maxlen: 48 2405:e440:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7BDC/681C8F4658BE11EC8AED5F2CC4F9AE02/1DtE1fk39l6Lq5t_mHo9ydIQSjI.crl rsync://rpki.apnic.net/member_repository/A91B7BDC/681C8F4658BE11EC8AED5F2CC4F9AE02/1DtE1fk39l6Lq5t_mHo9ydIQSjI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DtE1fk39l6Lq5t_mHo9ydIQSjI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:25:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1112 (0x458) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7BDC, serialNumber=D43B44D5F937F65E8BAB9B7F987A3DC9D2104A32 Validity Not Before: Apr 25 00:25:42 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=680ad686-b7e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:4f:55:74:ec:26:35:9d:e3:bc:0d:06:6c:46: 36:ed:5b:1c:d2:12:5b:3f:ff:10:fb:8e:05:28:0f: c2:9a:9c:62:ef:f3:b9:46:1d:3b:da:2a:fd:af:32: 5c:d0:b7:0a:d1:9b:f2:77:18:d5:f8:ef:fa:7f:d8: 8b:ce:ea:80:8a:81:50:4e:2e:e4:9e:85:aa:0b:b1: f9:b3:ed:e9:87:fd:c5:53:2e:16:2f:2e:97:10:dc: a7:b8:c3:05:c1:e0:c9:1b:2d:7e:73:67:13:c1:d9: 36:3c:19:fe:5c:26:9e:69:60:0e:e2:a2:35:ca:14: c0:e8:4e:c3:20:e4:b1:61:85:bd:37:19:bb:ec:1c: ac:8a:40:de:3f:f1:bf:11:48:3b:22:84:88:23:13: 7d:e2:2e:aa:ad:3b:a5:b8:0c:ea:65:29:59:9c:89: 5e:66:6b:fd:62:55:47:8f:ef:49:2a:ed:58:c1:15: 7f:da:85:7f:b9:e0:28:b6:14:33:a8:d5:fd:d8:2e: e7:e9:5c:eb:4e:29:39:24:c2:42:9e:67:fa:e7:30: 0b:02:25:72:18:b4:7b:ce:36:bf:dd:07:13:2f:4e: 06:5c:95:fe:4e:ac:8d:04:bb:7e:02:a1:9d:49:ad: 50:1c:cc:2e:05:91:60:c7:d3:ca:21:2e:b8:35:a6: b7:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:DC:67:7A:81:FB:6A:38:B5:73:75:82:3A:D4:DD:73:82:BD:C3:D1 X509v3 Authority Key Identifier: keyid:D4:3B:44:D5:F9:37:F6:5E:8B:AB:9B:7F:98:7A:3D:C9:D2:10:4A:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7BDC/681C8F4658BE11EC8AED5F2CC4F9AE02/1DtE1fk39l6Lq5t_mHo9ydIQSjI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1DtE1fk39l6Lq5t_mHo9ydIQSjI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7BDC/681C8F4658BE11EC8AED5F2CC4F9AE02/D76AC8AC2EAB11EF9B369566C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.149.62.0/23 IPv6: 2405:e440::/32 Signature Algorithm: sha256WithRSAEncryption 72:32:e8:42:88:04:13:8b:4d:fd:ec:94:68:d3:51:94:fa:d5: c6:7c:ba:8e:c6:76:f0:13:5c:19:ba:cf:5f:3c:c9:db:0c:5e: 2f:09:73:03:04:d9:5a:39:76:64:4c:29:6c:43:10:6f:34:f5: e6:f6:dd:88:10:c7:09:81:fe:7a:ad:34:94:86:28:00:fa:c3: 0c:b9:0e:6e:68:dc:74:48:ae:7b:0e:3e:87:82:3b:07:2b:6f: 18:46:7f:1c:3d:35:40:9c:e8:c3:80:bb:07:96:59:1f:78:35: 35:f0:da:92:f4:75:66:05:9a:4b:e4:62:cb:b9:3b:b6:91:54: 33:02:db:e3:ba:16:e8:2c:80:0f:92:ee:89:6e:97:62:f9:3b: ea:78:92:e2:ba:b4:29:14:8a:42:2e:63:d4:09:19:82:5e:ae: f4:61:3f:2d:37:f4:58:e5:2b:04:0c:21:99:0b:66:2d:1a:13: 64:99:ee:15:17:be:54:35:1b:af:48:64:ee:ce:83:fe:4d:3d: 53:ab:6b:61:47:13:4c:8a:93:1c:e6:5d:ca:d3:95:a1:f1:d9: f9:9a:f4:cb:55:ad:99:f7:a9:b1:77:ac:ef:f3:a2:ea:b4:2f: a9:81:c4:16:8c:cb:bc:9a:59:7c:eb:84:b8:15:5e:68:8e:1e: 43:e3:7c:c2 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjdCREMxMTAvBgNVBAUTKEQ0M0I0NEQ1RjkzN0Y2NUU4QkFCOUI3Rjk4N0EzREM5 RDIxMDRBMzIwHhcNMjUwNDI1MDAyNTQyWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODBhZDY4Ni1iN2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvE9VdOwmNZ3jvA0GbEY27Vsc0hJbP/8Q+44FKA/Cmpxi7/O5Rh072ir9rzJc 0LcK0ZvydxjV+O/6f9iLzuqAioFQTi7knoWqC7H5s+3ph/3FUy4WLy6XENynuMMF weDJGy1+c2cTwdk2PBn+XCaeaWAO4qI1yhTA6E7DIOSxYYW9Nxm77BysikDeP/G/ EUg7IoSIIxN94i6qrTuluAzqZSlZnIleZmv9YlVHj+9JKu1YwRV/2oV/ueAothQz qNX92C7n6VzrTik5JMJCnmf65zALAiVyGLR7zja/3QcTL04GXJX+TqyNBLt+AqGd Sa1QHMwuBZFgx9PKIS64Naa3IQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFD/cZ3qB +2o4tXN1gjrU3XOCvcPRMB8GA1UdIwQYMBaAFNQ7RNX5N/Zei6ubf5h6PcnSEEoy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0JEQy82ODFDOEY0NjU4 QkUxMUVDOEFFRDVGMkNDNEY5QUUwMi8xRHRFMWZrMzlsNkxxNXRfbUhvOXlkSVFT akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFEdEUxZmszOWw2THE1dF9tSG85eWRJUVNqSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjdCREMvNjgxQzhGNDY1OEJFMTFFQzhBRUQ1RjJDQzRGOUFFMDIvRDc2QUM4QUMy RUFCMTFFRjlCMzY5NTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnlT4wDQQCAAIwBwMFACQF5EAwDQYJKoZIhvcNAQELBQAD ggEBAHIy6EKIBBOLTf3slGjTUZT61cZ8uo7GdvATXBm6z188ydsMXi8JcwME2Vo5 dmRMKWxDEG809eb23YgQxwmB/nqtNJSGKAD6wwy5Dm5o3HRIrnsOPoeCOwcrbxhG fxw9NUCc6MOAuweWWR94NTXw2pL0dWYFmkvkYsu5O7aRVDMC2+O6FugsgA+S7olu l2L5O+p4kuK6tCkUikIuY9QJGYJervRhPy039FjlKwQMIZkLZi0aE2SZ7hUXvlQ1 G69IZO7Og/5NPVOra2FHE0yKkxzmXcrTlaHx2fma9MtVrZn3qbF3rO/zouq0L6mB xBaMy7yaWXzrhLgVXmiOHkPjfMI= -----END CERTIFICATE-----Generated at Sat Apr 26 14:05:32 2025 by rpki-client