$ rpki-client -vvf rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/8CA3BAEC7DCB11EC99806E25C4F9AE02.roa File: 8CA3BAEC7DCB11EC99806E25C4F9AE02.roa (raw, json) Hash identifier: 7VcZosPp1uH1LHkRjpyCPhzaiPyFOlncH9YUjxzCpg4= Subject key identifier: 69:80:CD:F3:62:F9:25:E7:32:A4:69:9C:F1:F8:C6:49:DB:35:89:8A Certificate issuer: /CN=A91B915D/serialNumber=A398DFD4D3975EAB96FD38033968246E475E28B3 Certificate serial: 03D5 Authority key identifier: A3:98:DF:D4:D3:97:5E:AB:96:FD:38:03:39:68:24:6E:47:5E:28:B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o5jf1NOXXquW_TgDOWgkbkdeKLM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/8CA3BAEC7DCB11EC99806E25C4F9AE02.roa Signing time: Sun 13 Apr 2025 00:34:34 +0000 ROA not before: Sun 13 Apr 2025 00:34:34 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 58885 IP address blocks: 45.116.136.0/22 maxlen: 22 45.116.136.0/24 maxlen: 24 45.116.137.0/24 maxlen: 24 45.116.138.0/24 maxlen: 24 45.116.139.0/24 maxlen: 24 103.19.20.0/22 maxlen: 22 103.19.20.0/24 maxlen: 24 103.19.21.0/24 maxlen: 24 103.19.22.0/24 maxlen: 24 103.19.23.0/24 maxlen: 24 2001:df5:8000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/o5jf1NOXXquW_TgDOWgkbkdeKLM.crl rsync://rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/o5jf1NOXXquW_TgDOWgkbkdeKLM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o5jf1NOXXquW_TgDOWgkbkdeKLM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:20:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 981 (0x3d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B915D, serialNumber=A398DFD4D3975EAB96FD38033968246E475E28B3 Validity Not Before: Apr 13 00:34:34 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67fb069a-07e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:5d:51:d9:83:01:6e:2b:7b:b2:6d:f1:b4:b3: d6:19:39:b0:8e:a6:63:b3:19:7f:d7:db:6c:42:83: 20:80:17:12:37:e0:93:99:9e:6f:dd:2e:25:a7:6d: 18:ec:e5:17:15:23:96:44:bb:70:2a:f6:c9:cc:19: cb:14:94:55:ed:ae:5c:51:28:87:4f:a5:1b:85:56: 3d:d5:2c:55:ab:32:bf:2d:33:bd:1a:3a:16:3c:f5: d9:ba:dc:11:ba:ac:0f:a7:45:e4:d8:6a:59:7f:4f: a0:45:8a:7e:d3:cc:d0:a9:50:e9:0a:43:f0:1d:c1: 40:b5:26:81:e2:ed:f5:7f:a6:9c:f4:db:0e:eb:95: 36:13:cf:bc:7d:ae:db:75:21:ba:1f:67:f0:39:76: c3:6b:7e:a3:49:4b:bf:16:47:34:57:c3:be:e8:84: 29:03:6f:65:56:b7:38:17:bc:de:6f:87:4a:3c:85: aa:60:22:b6:f4:f0:1a:b4:1c:56:ac:9e:ef:9f:35: f2:d0:ea:29:28:f9:64:7f:7f:eb:8e:fa:01:9b:69: 0f:32:36:4f:0b:d8:a7:7d:61:61:ea:70:94:cf:af: f8:aa:9c:49:3d:0a:16:70:6a:fa:2f:83:d8:10:48: c5:64:60:da:2e:b0:6d:bd:66:4c:b8:8e:e0:3e:66: e4:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:80:CD:F3:62:F9:25:E7:32:A4:69:9C:F1:F8:C6:49:DB:35:89:8A X509v3 Authority Key Identifier: keyid:A3:98:DF:D4:D3:97:5E:AB:96:FD:38:03:39:68:24:6E:47:5E:28:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/o5jf1NOXXquW_TgDOWgkbkdeKLM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o5jf1NOXXquW_TgDOWgkbkdeKLM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B915D/7109EFC47DC911ECBBFB6F24C4F9AE02/8CA3BAEC7DCB11EC99806E25C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.116.136.0/22 103.19.20.0/22 IPv6: 2001:df5:8000::/48 Signature Algorithm: sha256WithRSAEncryption 9d:8c:bf:a8:50:ca:da:a4:c5:ec:04:3c:ac:ba:d6:3d:06:37: ba:0a:b6:2d:89:c5:31:99:40:67:d9:38:fd:4f:2e:3b:00:1b: 0b:30:ee:8f:c0:ae:9e:71:e1:4e:38:8a:f5:96:78:b7:dd:ac: 4e:83:be:d9:f6:35:91:25:a7:c3:c5:aa:dc:78:66:05:c1:e3: 73:e6:92:2b:90:d3:3d:20:c8:67:50:cf:f8:d0:15:af:38:32: 0f:44:38:69:ef:93:2f:97:66:84:fa:0f:2c:35:2a:85:ac:5b: 9b:21:56:1d:73:0d:8f:16:70:19:5d:19:9e:76:3e:52:67:a9: 19:f5:51:70:42:05:f9:0e:3a:8b:97:6c:d5:da:b4:5e:ef:3f: 57:69:c0:b4:44:22:b8:1b:43:46:04:cf:0a:6b:f3:0f:e2:e8: cb:c9:68:7d:b5:4f:e0:83:79:88:be:3b:42:46:0b:9b:7a:76: af:f6:01:5f:76:f5:e9:83:bd:02:a3:39:e0:d8:8d:1c:53:e6: 32:29:5b:c7:73:ff:7b:12:65:7b:17:2d:70:85:d1:5e:d5:c9: 3a:91:46:26:7d:79:21:37:dc:63:da:c4:ef:d0:39:f8:3c:14: cc:f4:25:41:4b:1f:b0:3e:16:cd:c4:0e:2a:c3:06:2a:70:4d: df:69:85:ff -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICA9UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjkxNUQxMTAvBgNVBAUTKEEzOThERkQ0RDM5NzVFQUI5NkZEMzgwMzM5NjgyNDZF NDc1RTI4QjMwHhcNMjUwNDEzMDAzNDM0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2ZiMDY5YS0wN2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyl1R2YMBbit7sm3xtLPWGTmwjqZjsxl/19tsQoMggBcSN+CTmZ5v3S4lp20Y 7OUXFSOWRLtwKvbJzBnLFJRV7a5cUSiHT6UbhVY91SxVqzK/LTO9GjoWPPXZutwR uqwPp0Xk2GpZf0+gRYp+08zQqVDpCkPwHcFAtSaB4u31f6ac9NsO65U2E8+8fa7b dSG6H2fwOXbDa36jSUu/Fkc0V8O+6IQpA29lVrc4F7zeb4dKPIWqYCK29PAatBxW rJ7vnzXy0OopKPlkf3/rjvoBm2kPMjZPC9infWFh6nCUz6/4qpxJPQoWcGr6L4PY EEjFZGDaLrBtvWZMuI7gPmbkzwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFGmAzfNi +SXnMqRpnPH4xknbNYmKMB8GA1UdIwQYMBaAFKOY39TTl16rlv04AzloJG5HXiiz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTE1RC83MTA5RUZDNDdE QzkxMUVDQkJGQjZGMjRDNEY5QUUwMi9vNWpmMU5PWFhxdVdfVGdET1dna2JrZGVL TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL281amYxTk9YWHF1V19UZ0RPV2drYmtkZUtMTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjkxNUQvNzEwOUVGQzQ3REM5MTFFQ0JCRkI2RjI0QzRGOUFFMDIvOENBM0JBRUM3 RENCMTFFQzk5ODA2RTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBAItdIgDBAJnExQwDwQCAAIwCQMHACABDfWAADANBgkqhkiG 9w0BAQsFAAOCAQEAnYy/qFDK2qTF7AQ8rLrWPQY3ugq2LYnFMZlAZ9k4/U8uOwAb CzDuj8CunnHhTjiK9ZZ4t92sToO+2fY1kSWnw8Wq3HhmBcHjc+aSK5DTPSDIZ1DP +NAVrzgyD0Q4ae+TL5dmhPoPLDUqhaxbmyFWHXMNjxZwGV0ZnnY+UmepGfVRcEIF +Q46i5ds1dq0Xu8/V2nAtEQiuBtDRgTPCmvzD+Loy8lofbVP4IN5iL47QkYLm3p2 r/YBX3b16YO9AqM54NiNHFPmMilbx3P/exJlexctcIXRXtXJOpFGJn15ITfcY9rE 79A5+DwUzPQlQUsfsD4WzcQOKsMGKnBN32mF/w== -----END CERTIFICATE-----Generated at Sat Apr 26 08:08:39 2025 by rpki-client