$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/96D571D41FEB11F0A2AEE444C4F9AE02.roa File: 96D571D41FEB11F0A2AEE444C4F9AE02.roa (raw, json) Hash identifier: AHDoKb/llb+LLqKjO48bsoYIkNNC05Md7hDccepwp54= Subject key identifier: FE:80:0B:FA:A6:6B:F1:E6:08:4B:47:4E:F7:0A:7C:FB:CF:B8:E2:DA Certificate issuer: /CN=A91BA164/serialNumber=2EC44B9FC165C3BC8285812C313CC7801988FF31 Certificate serial: 11DD Authority key identifier: 2E:C4:4B:9F:C1:65:C3:BC:82:85:81:2C:31:3C:C7:80:19:88:FF:31 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LsRLn8Flw7yChYEsMTzHgBmI_zE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/96D571D41FEB11F0A2AEE444C4F9AE02.roa Signing time: Wed 23 Apr 2025 02:35:16 +0000 ROA not before: Wed 23 Apr 2025 02:35:15 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 139021 IP address blocks: 43.249.0.0/23 maxlen: 24 43.249.2.0/24 maxlen: 24 43.249.3.0/24 maxlen: 24 103.24.248.0/22 maxlen: 24 103.96.148.0/23 maxlen: 24 103.96.150.0/23 maxlen: 24 103.120.80.0/23 maxlen: 24 103.120.82.0/23 maxlen: 24 2404:ccc0::/32 maxlen: 32 2404:ccc0:200::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/LsRLn8Flw7yChYEsMTzHgBmI_zE.crl rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/LsRLn8Flw7yChYEsMTzHgBmI_zE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LsRLn8Flw7yChYEsMTzHgBmI_zE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:12:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4573 (0x11dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA164, serialNumber=2EC44B9FC165C3BC8285812C313CC7801988FF31 Validity Not Before: Apr 23 02:35:15 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=680851e3-03f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:61:5d:b4:9b:20:f5:22:28:9b:e4:89:4f:2f: f6:77:bc:2b:3a:51:70:1a:32:d1:1e:ec:7c:a3:f4: 71:a1:b9:66:cb:57:e0:22:fc:df:ff:83:ed:78:4b: 40:b9:2b:ae:43:7a:b9:06:3b:27:1f:cb:87:ff:16: 7c:cb:59:25:d7:80:8b:03:c1:07:56:8e:3c:80:e1: 53:4d:00:92:aa:6b:27:95:49:02:fb:70:3b:e9:73: a3:43:3b:9f:82:0f:c9:8d:7d:31:2e:41:f6:e2:e3: 1b:48:8c:9e:53:8b:3b:5e:f3:b8:4c:b4:5d:7c:49: 56:02:71:75:e5:80:e4:ea:d1:c9:e5:c5:4e:66:a2: 01:9d:b4:d3:e6:2e:17:75:64:7f:ea:b0:cc:6a:48: 00:95:9b:de:27:f8:29:f2:40:3e:1a:01:44:4a:e2: 14:fe:45:d9:98:70:d1:82:30:27:c1:56:da:fd:31: 22:18:22:99:79:38:ae:0d:b2:1d:dd:39:53:cc:b9: 02:37:f2:0e:14:56:70:87:5e:30:47:b1:d9:41:07: ae:9c:b6:0e:f8:aa:c5:39:b1:12:ea:d9:39:6f:92: 2e:c9:95:20:9c:bd:96:30:f7:2d:2e:47:10:b3:22: f8:f8:ff:bf:e4:3c:1c:21:15:53:69:fa:7d:98:3d: f0:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:80:0B:FA:A6:6B:F1:E6:08:4B:47:4E:F7:0A:7C:FB:CF:B8:E2:DA X509v3 Authority Key Identifier: keyid:2E:C4:4B:9F:C1:65:C3:BC:82:85:81:2C:31:3C:C7:80:19:88:FF:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/LsRLn8Flw7yChYEsMTzHgBmI_zE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LsRLn8Flw7yChYEsMTzHgBmI_zE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/96D571D41FEB11F0A2AEE444C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.0.0/22 103.24.248.0/22 103.96.148.0/22 103.120.80.0/22 IPv6: 2404:ccc0::/32 Signature Algorithm: sha256WithRSAEncryption 15:2d:85:84:4f:22:52:50:8a:1d:f0:ba:86:c6:c5:41:19:6c: c8:32:5a:eb:69:63:52:61:a8:71:ff:4f:77:b2:f0:d8:ae:3b: 6e:f3:5b:c2:5e:70:85:be:f0:fa:3d:7a:02:d1:3f:87:60:87: 50:45:b9:3a:19:3b:37:35:71:d0:fe:41:ca:04:11:a5:03:77: f7:d0:20:a7:5f:34:39:2d:aa:72:60:7c:a4:b3:e4:d6:a6:b6: c8:16:54:64:c1:7e:3a:46:0d:1d:10:5f:f8:d3:38:e7:3b:14: 10:65:f7:53:8d:bc:07:83:48:b3:fc:ef:e1:1e:60:46:d4:3b: a4:68:42:42:5b:af:61:66:14:ea:cd:48:52:e0:25:02:7a:c6: 84:6b:7c:32:7c:cd:66:65:14:18:33:e9:e3:01:26:62:35:0a: 74:ef:f5:ff:38:23:82:3f:93:ca:be:33:e4:99:ab:5b:38:fd: f4:ac:fd:f5:c8:d9:27:aa:91:09:d3:e9:18:7c:99:43:f4:ee: 2e:b6:49:1b:8a:85:35:e8:5a:e7:11:c0:83:33:fa:b3:40:04: b9:c5:85:f5:16:72:bc:3a:a7:d7:a1:30:57:6a:c9:e9:9f:40: 41:9f:2f:71:4a:64:8c:aa:af:de:b2:a8:75:bb:31:28:52:8e: 0e:6f:aa:a9 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICEd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkExNjQxMTAvBgNVBAUTKDJFQzQ0QjlGQzE2NUMzQkM4Mjg1ODEyQzMxM0NDNzgw MTk4OEZGMzEwHhcNMjUwNDIzMDIzNTE1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODA4NTFlMy0wM2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxWFdtJsg9SIom+SJTy/2d7wrOlFwGjLRHux8o/Rxoblmy1fgIvzf/4PteEtA uSuuQ3q5BjsnH8uH/xZ8y1kl14CLA8EHVo48gOFTTQCSqmsnlUkC+3A76XOjQzuf gg/JjX0xLkH24uMbSIyeU4s7XvO4TLRdfElWAnF15YDk6tHJ5cVOZqIBnbTT5i4X dWR/6rDMakgAlZveJ/gp8kA+GgFESuIU/kXZmHDRgjAnwVba/TEiGCKZeTiuDbId 3TlTzLkCN/IOFFZwh14wR7HZQQeunLYO+KrFObES6tk5b5IuyZUgnL2WMPctLkcQ syL4+P+/5DwcIRVTafp9mD3wZQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFP6AC/qm a/HmCEtHTvcKfPvPuOLaMB8GA1UdIwQYMBaAFC7ES5/BZcO8goWBLDE8x4AZiP8x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTE2NC9BRkM1OTJFQ0Yz MUUxMUU4ODNFQjdCNzlDNEY5QUUwMi9Mc1JMbjhGbHc3eUNoWUVzTVR6SGdCbUlf ekUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xzUkxuOEZsdzd5Q2hZRXNNVHpIZ0JtSV96RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkExNjQvQUZDNTkyRUNGMzFFMTFFODgzRUI3Qjc5QzRGOUFFMDIvOTZENTcxRDQx RkVCMTFGMEEyQUVFNDQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr+QADBAJnGPgDBAJnYJQDBAJneFAwDQQCAAIwBwMFACQE zMAwDQYJKoZIhvcNAQELBQADggEBABUthYRPIlJQih3wuobGxUEZbMgyWutpY1Jh qHH/T3ey8NiuO27zW8JecIW+8Po9egLRP4dgh1BFuToZOzc1cdD+QcoEEaUDd/fQ IKdfNDktqnJgfKSz5NamtsgWVGTBfjpGDR0QX/jTOOc7FBBl91ONvAeDSLP87+Ee YEbUO6RoQkJbr2FmFOrNSFLgJQJ6xoRrfDJ8zWZlFBgz6eMBJmI1CnTv9f84I4I/ k8q+M+SZq1s4/fSs/fXI2SeqkQnT6Rh8mUP07i62SRuKhTXoWucRwIMz+rNABLnF hfUWcrw6p9ehMFdqyemfQEGfL3FKZIyqr96yqHW7MShSjg5vqqk= -----END CERTIFICATE-----Generated at Sat Apr 26 14:07:54 2025 by rpki-client