$ rpki-client -vvf rpki.apnic.net/member_repository/A91BCB3A/9AD6C5B8458411EAA46E7571C4F9AE02/34492F3A13A011F0B2541067C4F9AE02.roa File: 34492F3A13A011F0B2541067C4F9AE02.roa (raw, json) Hash identifier: CB9T3Z9Kr+65LPAMP9ETCGEmFvpN7j5O01tRCMGo/Ss= Subject key identifier: 80:E9:3F:D2:EA:4D:65:73:18:5C:B9:7D:1D:38:B8:08:C3:0E:09:F3 Certificate issuer: /CN=A91BCB3A/serialNumber=EE5EC37F3D3BC57599F3C73C52226E7EE050BF96 Certificate serial: 0AFE Authority key identifier: EE:5E:C3:7F:3D:3B:C5:75:99:F3:C7:3C:52:22:6E:7E:E0:50:BF:96 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7l7Dfz07xXWZ88c8UiJufuBQv5Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BCB3A/9AD6C5B8458411EAA46E7571C4F9AE02/34492F3A13A011F0B2541067C4F9AE02.roa Signing time: Mon 07 Apr 2025 11:05:24 +0000 ROA not before: Mon 07 Apr 2025 11:05:24 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 140072 IP address blocks: 103.52.28.0/22 maxlen: 24 103.148.22.0/23 maxlen: 23 103.148.22.0/24 maxlen: 24 103.148.23.0/24 maxlen: 24 2405:c840::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BCB3A/9AD6C5B8458411EAA46E7571C4F9AE02/7l7Dfz07xXWZ88c8UiJufuBQv5Y.crl rsync://rpki.apnic.net/member_repository/A91BCB3A/9AD6C5B8458411EAA46E7571C4F9AE02/7l7Dfz07xXWZ88c8UiJufuBQv5Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7l7Dfz07xXWZ88c8UiJufuBQv5Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:16:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2814 (0xafe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BCB3A, serialNumber=EE5EC37F3D3BC57599F3C73C52226E7EE050BF96 Validity Not Before: Apr 7 11:05:24 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67f3b174-9fb3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:6d:97:08:d2:f0:0d:b5:ea:4d:f4:53:86:b8: ff:c0:5e:6b:8d:7f:7f:e4:13:d1:19:23:9c:a3:9d: 18:df:37:22:40:48:c1:f5:cc:cc:e5:d7:04:0b:3e: cd:93:3f:2a:6e:25:0c:c8:2c:1c:16:56:e0:79:21: 0b:fe:bf:bc:89:07:34:85:79:5d:da:0f:96:20:b7: 71:84:1d:c7:ba:90:f4:7f:ef:cc:04:68:67:bd:38: 9c:40:79:19:19:4b:66:c2:9f:12:24:9d:34:4b:dd: 3d:19:32:53:ed:47:cd:70:16:f2:b5:bf:12:9d:02: 9b:ea:14:f5:cb:07:6e:65:82:c9:1d:04:45:e4:9f: f4:d0:cf:48:78:7a:e4:14:7e:3e:61:82:f3:a3:79: 74:c1:db:02:13:58:8d:0f:67:e8:a5:87:ea:6f:dc: f6:af:c2:aa:fb:bf:36:e5:d1:b8:fb:3a:06:bd:81: a4:9c:e9:7b:74:09:75:36:00:29:38:9e:38:d0:e6: 95:18:16:c3:54:76:ff:9a:28:0a:fd:81:8d:23:e9: 20:b3:b8:e6:81:ce:e3:09:b0:b5:05:eb:26:c7:eb: ac:ae:d9:0c:85:1c:36:c4:e8:66:4e:d6:06:ba:d9: a5:95:7d:de:24:32:58:5b:ce:a8:43:35:25:63:cf: 8c:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:E9:3F:D2:EA:4D:65:73:18:5C:B9:7D:1D:38:B8:08:C3:0E:09:F3 X509v3 Authority Key Identifier: keyid:EE:5E:C3:7F:3D:3B:C5:75:99:F3:C7:3C:52:22:6E:7E:E0:50:BF:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BCB3A/9AD6C5B8458411EAA46E7571C4F9AE02/7l7Dfz07xXWZ88c8UiJufuBQv5Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7l7Dfz07xXWZ88c8UiJufuBQv5Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BCB3A/9AD6C5B8458411EAA46E7571C4F9AE02/34492F3A13A011F0B2541067C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.52.28.0/22 103.148.22.0/23 IPv6: 2405:c840::/32 Signature Algorithm: sha256WithRSAEncryption 6a:cb:fc:7e:9f:fc:8c:b2:0a:a3:ad:f9:9f:86:a6:8e:e8:d9: c4:f7:c1:d9:9d:f7:e0:f9:df:97:a6:7e:87:4d:50:a5:0d:d7: 05:60:8a:a2:ec:25:7d:60:b5:eb:b7:5b:cb:bd:10:88:37:1f: 96:75:01:6b:40:02:f4:55:b9:d2:d9:a7:05:f3:52:48:82:b9: 26:49:fb:c5:b2:b6:79:5c:08:d8:99:1d:51:0a:14:da:2a:c2: 67:5c:48:8a:7d:c7:d9:c0:46:a0:23:88:e6:4f:8f:db:a8:a6: 76:15:7f:7e:da:81:84:5a:a5:f1:92:f4:5a:a3:0b:d8:6f:a1: f3:23:c9:50:5e:4c:d4:8c:89:fb:89:cd:a2:ee:09:97:fe:e4: 80:86:ee:c0:b2:78:d8:86:9e:c6:4e:0e:e0:d8:58:8a:2c:4e: 92:8a:10:03:ab:db:e5:c3:89:2b:94:3c:c3:c2:10:16:b4:32: 62:60:5c:7c:97:de:6f:8c:7d:04:d5:e9:ee:f7:60:4f:3b:df: b5:d8:d4:f2:62:04:15:69:7c:03:2e:80:77:16:a3:ca:2a:7f: a8:a6:62:f1:fb:63:48:9e:e9:f5:f6:de:0a:de:bf:d4:55:95: 80:a1:b5:e5:e0:67:1f:a7:25:d6:c2:13:cd:5f:2a:24:4a:67: 12:24:2c:ac -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICCv4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkNCM0ExMTAvBgNVBAUTKEVFNUVDMzdGM0QzQkM1NzU5OUYzQzczQzUyMjI2RTdF RTA1MEJGOTYwHhcNMjUwNDA3MTEwNTI0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2YzYjE3NC05ZmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA022XCNLwDbXqTfRThrj/wF5rjX9/5BPRGSOco50Y3zciQEjB9czM5dcECz7N kz8qbiUMyCwcFlbgeSEL/r+8iQc0hXld2g+WILdxhB3HupD0f+/MBGhnvTicQHkZ GUtmwp8SJJ00S909GTJT7UfNcBbytb8SnQKb6hT1ywduZYLJHQRF5J/00M9IeHrk FH4+YYLzo3l0wdsCE1iND2fopYfqb9z2r8Kq+7825dG4+zoGvYGknOl7dAl1NgAp OJ440OaVGBbDVHb/migK/YGNI+kgs7jmgc7jCbC1Besmx+usrtkMhRw2xOhmTtYG utmllX3eJDJYW86oQzUlY8+MQwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIDpP9Lq TWVzGFy5fR04uAjDDgnzMB8GA1UdIwQYMBaAFO5ew389O8V1mfPHPFIibn7gUL+W MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQ0IzQS85QUQ2QzVCODQ1 ODQxMUVBQTQ2RTc1NzFDNEY5QUUwMi83bDdEZnowN3hYV1o4OGM4VWlKdWZ1QlF2 NVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdsN0RmejA3eFhXWjg4YzhVaUp1ZnVCUXY1WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkNCM0EvOUFENkM1Qjg0NTg0MTFFQUE0NkU3NTcxQzRGOUFFMDIvMzQ0OTJGM0Ex M0EwMTFGMEIyNTQxMDY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnNBwDBAFnlBYwDQQCAAIwBwMFACQFyEAwDQYJKoZIhvcN AQELBQADggEBAGrL/H6f/IyyCqOt+Z+Gpo7o2cT3wdmd9+D535emfodNUKUN1wVg iqLsJX1gteu3W8u9EIg3H5Z1AWtAAvRVudLZpwXzUkiCuSZJ+8WytnlcCNiZHVEK FNoqwmdcSIp9x9nARqAjiOZPj9uopnYVf37agYRapfGS9FqjC9hvofMjyVBeTNSM ifuJzaLuCZf+5ICG7sCyeNiGnsZODuDYWIosTpKKEAOr2+XDiSuUPMPCEBa0MmJg XHyX3m+MfQTV6e73YE8737XY1PJiBBVpfAMugHcWo8oqf6imYvH7Y0ie6fX23gre v9RVlYChteXgZx+nJdbCE81fKiRKZxIkLKw= -----END CERTIFICATE-----Generated at Sat Apr 26 07:52:31 2025 by rpki-client