$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDDB8/D3DD37F8F3B311E888D37228C4F9AE02/732BAF02BF5D11EB8199C943C4F9AE02.roa File: 732BAF02BF5D11EB8199C943C4F9AE02.roa (raw, json) Hash identifier: 19PePHoFF22nUkndMtbal1vAJr/Bweg8ayj4IBTrMGk= Subject key identifier: 25:DF:EA:27:34:39:08:96:BB:AD:3F:5F:BA:62:9E:57:DC:62:BD:D1 Certificate issuer: /CN=A91BDDB8/serialNumber=73F4BBDBD7A21D6E7B9E4BF5B0C81722CCC21D67 Certificate serial: 11A3 Authority key identifier: 73:F4:BB:DB:D7:A2:1D:6E:7B:9E:4B:F5:B0:C8:17:22:CC:C2:1D:67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c_S729eiHW57nkv1sMgXIszCHWc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BDDB8/D3DD37F8F3B311E888D37228C4F9AE02/732BAF02BF5D11EB8199C943C4F9AE02.roa Signing time: Mon 10 Mar 2025 17:36:39 +0000 ROA not before: Mon 10 Mar 2025 17:36:39 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 206264 IP address blocks: 43.243.160.0/22 maxlen: 22 43.243.160.0/24 maxlen: 24 43.243.161.0/24 maxlen: 24 43.243.162.0/24 maxlen: 24 43.243.163.0/24 maxlen: 24 103.28.88.0/24 maxlen: 24 103.28.89.0/24 maxlen: 24 103.109.100.0/22 maxlen: 22 103.109.102.0/24 maxlen: 24 183.81.168.0/23 maxlen: 24 2402:7840::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BDDB8/D3DD37F8F3B311E888D37228C4F9AE02/c_S729eiHW57nkv1sMgXIszCHWc.crl rsync://rpki.apnic.net/member_repository/A91BDDB8/D3DD37F8F3B311E888D37228C4F9AE02/c_S729eiHW57nkv1sMgXIszCHWc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c_S729eiHW57nkv1sMgXIszCHWc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:12:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4515 (0x11a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDDB8, serialNumber=73F4BBDBD7A21D6E7B9E4BF5B0C81722CCC21D67 Validity Not Before: Mar 10 17:36:39 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67cf2327-8232 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:38:f7:0f:99:37:02:b7:dc:90:81:71:f2:83: da:c7:fb:06:28:2c:05:85:e4:97:dc:85:de:e5:9f: 45:80:85:3c:a9:99:1d:68:74:9a:0f:3a:b9:bd:ea: eb:48:3b:aa:f6:1b:aa:63:7a:6a:d5:2e:65:a7:23: b1:da:fe:c3:96:ff:a9:53:cc:9a:09:79:30:10:36: 7b:0a:bb:43:e4:6d:8e:65:44:ed:a0:68:31:87:14: 4c:de:69:11:2a:ed:d4:93:7e:88:2a:e5:bb:57:3a: 04:aa:61:ad:f7:db:18:32:b7:04:a2:50:df:80:f7: 9a:ad:82:4d:31:1a:ef:7d:ca:25:5b:dd:2c:7f:99: 2f:3d:63:12:18:87:58:71:63:2b:cc:e3:ae:c2:0b: 4b:13:97:96:6b:26:c5:2a:6f:a1:62:c1:b3:db:7b: 63:2c:05:ab:0a:fb:69:3a:12:01:9c:78:1e:e6:b7: 48:02:50:75:e9:9e:c4:3b:a0:a7:3f:b8:c1:45:cd: c2:47:52:3e:47:ad:53:98:80:45:d5:42:86:b9:74: d8:74:88:19:78:fb:06:65:7a:2a:1f:7c:ad:f5:5d: d7:85:6c:70:ff:8e:92:15:89:4f:59:67:f0:ad:f1: 69:5b:32:8d:02:96:94:5a:b1:cf:c0:4a:8c:2e:2d: fc:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:DF:EA:27:34:39:08:96:BB:AD:3F:5F:BA:62:9E:57:DC:62:BD:D1 X509v3 Authority Key Identifier: keyid:73:F4:BB:DB:D7:A2:1D:6E:7B:9E:4B:F5:B0:C8:17:22:CC:C2:1D:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BDDB8/D3DD37F8F3B311E888D37228C4F9AE02/c_S729eiHW57nkv1sMgXIszCHWc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c_S729eiHW57nkv1sMgXIszCHWc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDDB8/D3DD37F8F3B311E888D37228C4F9AE02/732BAF02BF5D11EB8199C943C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.243.160.0/22 103.28.88.0/23 103.109.100.0/22 183.81.168.0/23 IPv6: 2402:7840::/32 Signature Algorithm: sha256WithRSAEncryption 95:fa:66:aa:a0:7d:02:b6:89:89:2c:72:30:2d:8a:7a:fc:ca: 7c:e4:c1:48:fc:b9:9f:3d:bc:01:cb:31:c3:55:2f:f0:50:bb: b9:64:78:4e:5b:d8:2b:8e:70:42:b5:4f:50:45:15:fe:ed:e4: 6a:23:97:d5:fe:fa:fc:c4:66:52:d8:bc:34:f1:e2:21:b8:ed: 92:c6:12:36:9d:a5:62:06:69:af:4c:48:3b:16:16:1e:16:6c: 05:77:f1:6c:16:08:e7:3e:29:59:56:fc:c6:a2:c7:6a:56:29: b1:d8:f6:02:72:ea:8b:5d:cc:eb:80:42:4d:63:c8:2c:09:bf: 2f:14:d2:92:a6:75:78:74:ad:b5:63:63:b8:a2:54:1f:88:ea: 13:f2:89:1a:4e:79:fe:e5:8a:80:fd:ca:d1:db:bb:bb:a4:1f: 77:93:98:d5:fc:44:c4:d9:7d:52:cd:ad:c2:da:53:59:bd:42: de:06:0e:61:02:bc:53:e3:4f:89:88:b1:66:71:68:43:4c:4a: 37:97:1a:aa:dc:52:cb:eb:23:af:15:b5:ca:a8:82:4a:64:f7: 65:20:41:0b:93:4e:53:ed:ab:14:72:ea:4f:07:b5:e4:f0:9a: ee:b9:65:ec:55:7e:4a:16:cb:e2:32:5c:e8:68:72:b3:ec:57: a2:82:00:46 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICEaMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkREQjgxMTAvBgNVBAUTKDczRjRCQkRCRDdBMjFENkU3QjlFNEJGNUIwQzgxNzIy Q0NDMjFENjcwHhcNMjUwMzEwMTczNjM5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2NmMjMyNy04MjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuDj3D5k3ArfckIFx8oPax/sGKCwFheSX3IXe5Z9FgIU8qZkdaHSaDzq5verr SDuq9huqY3pq1S5lpyOx2v7Dlv+pU8yaCXkwEDZ7CrtD5G2OZUTtoGgxhxRM3mkR Ku3Uk36IKuW7VzoEqmGt99sYMrcEolDfgPearYJNMRrvfcolW90sf5kvPWMSGIdY cWMrzOOuwgtLE5eWaybFKm+hYsGz23tjLAWrCvtpOhIBnHge5rdIAlB16Z7EO6Cn P7jBRc3CR1I+R61TmIBF1UKGuXTYdIgZePsGZXoqH3yt9V3XhWxw/46SFYlPWWfw rfFpWzKNApaUWrHPwEqMLi38twIDAQABo4ICtjCCArIwHQYDVR0OBBYEFCXf6ic0 OQiWu60/X7pinlfcYr3RMB8GA1UdIwQYMBaAFHP0u9vXoh1ue55L9bDIFyLMwh1n MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRERCOC9EM0REMzdGOEYz QjMxMUU4ODhEMzcyMjhDNEY5QUUwMi9jX1M3MjllaUhXNTdua3Yxc01nWElzekNI V2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NfUzcyOWVpSFc1N25rdjFzTWdYSXN6Q0hXYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkREQjgvRDNERDM3RjhGM0IzMTFFODg4RDM3MjI4QzRGOUFFMDIvNzMyQkFGMDJC RjVEMTFFQjgxOTlDOTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr86ADBAFnHFgDBAJnbWQDBAG3UagwDQQCAAIwBwMFACQC eEAwDQYJKoZIhvcNAQELBQADggEBAJX6ZqqgfQK2iYkscjAtinr8ynzkwUj8uZ89 vAHLMcNVL/BQu7lkeE5b2CuOcEK1T1BFFf7t5Gojl9X++vzEZlLYvDTx4iG47ZLG EjadpWIGaa9MSDsWFh4WbAV38WwWCOc+KVlW/Maix2pWKbHY9gJy6otdzOuAQk1j yCwJvy8U0pKmdXh0rbVjY7iiVB+I6hPyiRpOef7lioD9ytHbu7ukH3eTmNX8RMTZ fVLNrcLaU1m9Qt4GDmECvFPjT4mIsWZxaENMSjeXGqrcUsvrI68Vtcqogkpk92Ug QQuTTlPtqxRy6k8HteTwmu65ZexVfkoWy+IyXOhocrPsV6KCAEY= -----END CERTIFICATE-----Generated at Sat Apr 26 12:31:48 2025 by rpki-client