$ rpki-client -vvf rpki.apnic.net/member_repository/A91C66D4/BD9875027A8E11EBA90CCE22C4F9AE02/A33A3E10755611ED9BD81B73C4F9AE02.roa File: A33A3E10755611ED9BD81B73C4F9AE02.roa (raw, json) Hash identifier: CJrC42fEHsl4a4F29xS9BQgj5clgqDLXG0TYmKNYKAw= Subject key identifier: 71:4C:ED:68:24:2A:4B:78:25:36:3F:8B:BC:F0:44:0B:60:A4:68:DB Certificate issuer: /CN=A91C66D4/serialNumber=15AF5EA83FDF289A0D661CF5DBB8B3888BC758EB Certificate serial: 066C Authority key identifier: 15:AF:5E:A8:3F:DF:28:9A:0D:66:1C:F5:DB:B8:B3:88:8B:C7:58:EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fa9eqD_fKJoNZhz127iziIvHWOs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C66D4/BD9875027A8E11EBA90CCE22C4F9AE02/A33A3E10755611ED9BD81B73C4F9AE02.roa Signing time: Sun 20 Apr 2025 22:22:31 +0000 ROA not before: Sun 20 Apr 2025 22:22:31 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 141745 IP address blocks: 103.163.116.0/23 maxlen: 23 103.163.116.0/24 maxlen: 24 103.163.117.0/24 maxlen: 24 2001:df6:1580::/48 maxlen: 52 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C66D4/BD9875027A8E11EBA90CCE22C4F9AE02/Fa9eqD_fKJoNZhz127iziIvHWOs.crl rsync://rpki.apnic.net/member_repository/A91C66D4/BD9875027A8E11EBA90CCE22C4F9AE02/Fa9eqD_fKJoNZhz127iziIvHWOs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fa9eqD_fKJoNZhz127iziIvHWOs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:09:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1644 (0x66c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C66D4, serialNumber=15AF5EA83FDF289A0D661CF5DBB8B3888BC758EB Validity Not Before: Apr 20 22:22:31 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=680573a7-041f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:b1:f6:3c:da:f9:9d:77:08:35:93:5a:71:a3: 8e:fd:04:14:03:9f:f0:37:25:08:29:15:11:8f:f3: b8:44:22:b3:5c:1a:c4:10:ac:da:9a:20:22:c2:cb: fe:78:00:e8:d2:18:c2:39:df:3e:9a:34:98:b7:49: 8b:d0:37:87:8c:85:aa:1a:9b:f7:bf:b3:34:e6:02: 08:47:0a:26:4c:45:86:e9:b9:2b:67:70:de:63:6e: 5a:af:37:d0:87:8e:91:e4:a0:f1:22:1e:fa:db:01: 6e:05:92:8d:3c:59:d3:92:02:6e:dd:13:e4:84:26: 0f:f3:72:14:1b:92:49:d3:00:91:39:ad:e9:cf:2e: fc:ea:61:02:ff:39:d8:6c:3a:6e:5d:05:8d:8b:e9: f9:7b:a3:ab:f6:50:55:a2:3b:32:cd:78:47:cf:41: ad:97:de:23:9f:1d:bd:38:03:96:cd:b8:85:bc:95: 7a:73:15:0e:0a:a0:e0:e8:36:97:c3:6a:41:75:ce: fc:e1:a2:c2:26:3c:9f:b4:45:0a:db:bf:6d:c8:90: 4f:fd:58:a4:ab:2d:ae:55:16:49:8e:a8:f8:dc:51: 02:db:5f:44:00:98:87:1f:16:f8:18:58:65:3e:04: 63:1b:63:4f:36:22:d7:8f:d3:f8:ee:cc:1a:27:fd: fd:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:4C:ED:68:24:2A:4B:78:25:36:3F:8B:BC:F0:44:0B:60:A4:68:DB X509v3 Authority Key Identifier: keyid:15:AF:5E:A8:3F:DF:28:9A:0D:66:1C:F5:DB:B8:B3:88:8B:C7:58:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C66D4/BD9875027A8E11EBA90CCE22C4F9AE02/Fa9eqD_fKJoNZhz127iziIvHWOs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fa9eqD_fKJoNZhz127iziIvHWOs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C66D4/BD9875027A8E11EBA90CCE22C4F9AE02/A33A3E10755611ED9BD81B73C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.163.116.0/23 IPv6: 2001:df6:1580::/48 Signature Algorithm: sha256WithRSAEncryption a5:2e:59:23:8c:31:73:83:9f:30:f0:a3:22:ea:e8:30:19:4e: 39:04:fe:93:14:86:0b:b9:2c:ac:bb:f0:c2:15:50:83:5d:34: 49:56:26:f0:ec:d9:77:49:ee:b2:41:6a:62:e5:e6:86:96:29: 33:1b:76:bd:c9:df:e9:66:1e:24:b2:a5:47:03:fe:4e:43:d5: eb:5d:2e:92:e9:78:e4:dc:70:28:a5:6b:d2:e3:5d:87:97:51: ac:31:a5:f4:87:73:16:5b:bd:d0:65:a8:72:92:fb:46:58:43: 4a:bb:41:b2:84:9f:1b:de:80:f0:a3:1a:1a:b9:e2:25:6b:3b: 36:0e:da:68:cf:8b:69:07:11:4a:d6:03:fc:4a:13:37:40:a1: 1f:70:f9:6d:0b:f5:95:46:25:7d:0b:60:22:7a:72:6f:fb:53: 48:2a:7d:88:cf:c9:90:bf:2f:67:16:98:aa:49:17:b7:49:fa: 82:ab:a5:0d:b8:c7:3e:bb:3d:c6:8b:01:f2:e6:ad:f0:ab:56: d6:97:74:d3:40:b7:80:31:c1:41:c9:8c:c5:bd:fb:96:ea:87: 88:cd:e0:57:c8:54:38:7e:92:c5:96:37:d6:e8:d2:98:d2:d9: 78:ca:4a:d0:05:1f:d5:49:6d:5f:70:be:04:58:c5:b1:e9:50: 26:f2:47:57 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBmwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzY2RDQxMTAvBgNVBAUTKDE1QUY1RUE4M0ZERjI4OUEwRDY2MUNGNURCQjhCMzg4 OEJDNzU4RUIwHhcNMjUwNDIwMjIyMjMxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02ODA1NzNhNy0wNDFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6bH2PNr5nXcINZNacaOO/QQUA5/wNyUIKRURj/O4RCKzXBrEEKzamiAiwsv+ eADo0hjCOd8+mjSYt0mL0DeHjIWqGpv3v7M05gIIRwomTEWG6bkrZ3DeY25arzfQ h46R5KDxIh762wFuBZKNPFnTkgJu3RPkhCYP83IUG5JJ0wCROa3pzy786mEC/znY bDpuXQWNi+n5e6Or9lBVojsyzXhHz0Gtl94jnx29OAOWzbiFvJV6cxUOCqDg6DaX w2pBdc784aLCJjyftEUK279tyJBP/Vikqy2uVRZJjqj43FEC219EAJiHHxb4GFhl PgRjG2NPNiLXj9P47swaJ/39KwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHFM7Wgk Kkt4JTY/i7zwRAtgpGjbMB8GA1UdIwQYMBaAFBWvXqg/3yiaDWYc9du4s4iLx1jr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjZENC9CRDk4NzUwMjdB OEUxMUVCQTkwQ0NFMjJDNEY5QUUwMi9GYTllcURfZktKb05aaHoxMjdpemlJdkhX T3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZhOWVxRF9mS0pvTlpoejEyN2l6aUl2SFdPcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzY2RDQvQkQ5ODc1MDI3QThFMTFFQkE5MENDRTIyQzRGOUFFMDIvQTMzQTNFMTA3 NTU2MTFFRDlCRDgxQjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFno3QwDwQCAAIwCQMHACABDfYVgDANBgkqhkiG9w0BAQsF AAOCAQEApS5ZI4wxc4OfMPCjIuroMBlOOQT+kxSGC7ksrLvwwhVQg100SVYm8OzZ d0nuskFqYuXmhpYpMxt2vcnf6WYeJLKlRwP+TkPV610ukul45NxwKKVr0uNdh5dR rDGl9IdzFlu90GWocpL7RlhDSrtBsoSfG96A8KMaGrniJWs7Ng7aaM+LaQcRStYD /EoTN0ChH3D5bQv1lUYlfQtgInpyb/tTSCp9iM/JkL8vZxaYqkkXt0n6gqulDbjH Prs9xosB8uat8KtW1pd000C3gDHBQcmMxb37luqHiM3gV8hUOH6SxZY31ujSmNLZ eMpK0AUf1UltX3C+BFjFselQJvJHVw== -----END CERTIFICATE-----Generated at Sat Apr 26 09:19:55 2025 by rpki-client