$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8B4F/DD73264868BC11EC87807948C4F9AE02/43540B7A0EE311EF9E24862BC4F9AE02.roa File: 43540B7A0EE311EF9E24862BC4F9AE02.roa (raw, json) Hash identifier: 06e2Kd9kP50w5XlMiJZ3tSgrZONMMPBPJ5HjMD4Ujzw= Subject key identifier: C3:83:20:8C:3F:DD:25:3B:76:16:F3:78:0E:4B:38:8A:18:89:AE:E6 Certificate issuer: /CN=A91C8B4F/serialNumber=40DB9E2CBADECDA9B972351021507ADCD1A5627F Certificate serial: 03CC Authority key identifier: 40:DB:9E:2C:BA:DE:CD:A9:B9:72:35:10:21:50:7A:DC:D1:A5:62:7F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNueLLrezam5cjUQIVB63NGlYn8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C8B4F/DD73264868BC11EC87807948C4F9AE02/43540B7A0EE311EF9E24862BC4F9AE02.roa Signing time: Sun 01 Dec 2024 00:34:26 +0000 ROA not before: Sun 01 Dec 2024 00:34:26 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 45814 IP address blocks: 103.48.24.0/24 maxlen: 24 103.48.25.0/24 maxlen: 24 103.104.84.0/24 maxlen: 24 103.104.85.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C8B4F/DD73264868BC11EC87807948C4F9AE02/QNueLLrezam5cjUQIVB63NGlYn8.crl rsync://rpki.apnic.net/member_repository/A91C8B4F/DD73264868BC11EC87807948C4F9AE02/QNueLLrezam5cjUQIVB63NGlYn8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNueLLrezam5cjUQIVB63NGlYn8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:13:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 972 (0x3cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C8B4F, serialNumber=40DB9E2CBADECDA9B972351021507ADCD1A5627F Validity Not Before: Dec 1 00:34:26 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=674baf12-fb05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:cf:b4:07:62:7e:c9:a4:8a:27:fd:08:a3:bc: 81:aa:39:97:0f:a2:84:21:54:9d:0c:f9:54:e2:cb: 87:bc:fa:89:49:e4:c9:6a:46:22:34:1a:ab:59:77: 4f:69:51:f4:b2:4c:9e:be:27:17:3e:9b:ce:3d:f9: bc:c7:ef:5a:99:e1:0d:b9:9a:6c:04:c0:d3:f2:06: a2:0d:34:8e:18:31:6e:d7:43:c4:4f:1d:d0:f3:7b: ba:c4:c6:f7:a3:bc:7e:26:34:5b:61:d5:3c:51:93: ec:40:a5:07:91:65:69:87:9e:a5:c1:76:15:68:76: 9c:55:0b:39:d9:6a:b0:13:4e:27:ff:b1:e6:6d:09: 9a:77:7b:d7:75:bd:ee:7e:55:34:10:b6:0e:12:95: a4:d7:89:67:61:be:be:ce:2e:eb:d5:92:2a:8f:7f: 0b:ff:4e:3a:de:24:01:0a:9a:05:f8:f1:22:63:ad: 8b:aa:6b:da:4d:4a:a5:37:c5:43:ca:b1:7b:88:fd: 88:b6:d9:3f:7b:d2:13:f6:12:61:44:95:75:73:99: 94:c6:f2:0a:e3:bb:96:d7:2a:a7:eb:14:0c:f4:1f: 28:53:33:85:20:69:ea:11:a4:18:46:85:c0:66:74: 70:7d:76:d8:5d:ce:59:23:18:af:0e:17:27:61:a2: 40:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:83:20:8C:3F:DD:25:3B:76:16:F3:78:0E:4B:38:8A:18:89:AE:E6 X509v3 Authority Key Identifier: keyid:40:DB:9E:2C:BA:DE:CD:A9:B9:72:35:10:21:50:7A:DC:D1:A5:62:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C8B4F/DD73264868BC11EC87807948C4F9AE02/QNueLLrezam5cjUQIVB63NGlYn8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QNueLLrezam5cjUQIVB63NGlYn8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8B4F/DD73264868BC11EC87807948C4F9AE02/43540B7A0EE311EF9E24862BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.48.24.0/23 103.104.84.0/23 Signature Algorithm: sha256WithRSAEncryption ac:b0:b6:23:c8:ad:6d:35:b4:50:11:6f:89:62:19:28:c1:21: a2:f0:88:a3:27:a2:80:3f:6c:e1:88:8d:4c:9a:fd:95:27:69: 04:80:3f:8e:24:d0:d7:6c:82:85:72:84:21:02:a2:9a:07:a0: 71:f8:42:92:0b:6a:0c:df:9b:56:fb:c5:2f:83:d6:b6:ee:5b: 71:b0:93:4f:e0:a4:c3:89:13:53:06:82:ca:27:57:f6:34:1d: 25:47:8a:af:64:8e:c3:f2:35:6c:16:35:9b:9b:48:e2:38:a5: e2:b5:ca:95:0c:79:5c:6c:9b:d8:86:d2:00:45:3e:4a:f9:9e: dd:d4:57:15:f2:08:5f:d9:d8:97:c5:bd:db:40:1d:72:7a:da: a0:39:e4:3e:0d:bc:9b:e5:b1:96:31:21:67:ac:c2:c2:1d:59: 9e:b5:70:23:28:c2:69:7a:84:2a:59:c5:af:28:df:c9:c5:c5: 71:99:6b:96:64:1d:a4:64:30:ea:5c:41:47:69:b5:23:b6:4f: 1e:26:01:bd:c7:8b:63:78:b7:f5:e4:e2:b1:eb:59:b2:6d:4e: bb:86:b5:28:b4:06:2b:ff:18:e1:74:6c:80:34:1e:62:0e:0d: bb:d9:72:f5:cf:5a:8e:df:52:e7:f6:a9:8e:34:0a:6b:e8:2b: f3:c5:f9:a9 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICA8wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzhCNEYxMTAvBgNVBAUTKDQwREI5RTJDQkFERUNEQTlCOTcyMzUxMDIxNTA3QURD RDFBNTYyN0YwHhcNMjQxMjAxMDAzNDI2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzRiYWYxMi1mYjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq8+0B2J+yaSKJ/0Io7yBqjmXD6KEIVSdDPlU4suHvPqJSeTJakYiNBqrWXdP aVH0skyevicXPpvOPfm8x+9ameENuZpsBMDT8gaiDTSOGDFu10PETx3Q83u6xMb3 o7x+JjRbYdU8UZPsQKUHkWVph56lwXYVaHacVQs52WqwE04n/7HmbQmad3vXdb3u flU0ELYOEpWk14lnYb6+zi7r1ZIqj38L/0463iQBCpoF+PEiY62LqmvaTUqlN8VD yrF7iP2Ittk/e9IT9hJhRJV1c5mUxvIK47uW1yqn6xQM9B8oUzOFIGnqEaQYRoXA ZnRwfXbYXc5ZIxivDhcnYaJAgwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMODIIw/ 3SU7dhbzeA5LOIoYia7mMB8GA1UdIwQYMBaAFEDbniy63s2puXI1ECFQetzRpWJ/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOEI0Ri9ERDczMjY0ODY4 QkMxMUVDODc4MDc5NDhDNEY5QUUwMi9RTnVlTExyZXphbTVjalVRSVZCNjNOR2xZ bjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FOdWVMTHJlemFtNWNqVVFJVkI2M05HbFluOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzhCNEYvREQ3MzI2NDg2OEJDMTFFQzg3ODA3OTQ4QzRGOUFFMDIvNDM1NDBCN0Ew RUUzMTFFRjlFMjQ4NjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAFnMBgDBAFnaFQwDQYJKoZIhvcNAQELBQADggEBAKywtiPI rW01tFARb4liGSjBIaLwiKMnooA/bOGIjUya/ZUnaQSAP44k0NdsgoVyhCECopoH oHH4QpILagzfm1b7xS+D1rbuW3Gwk0/gpMOJE1MGgsonV/Y0HSVHiq9kjsPyNWwW NZubSOI4peK1ypUMeVxsm9iG0gBFPkr5nt3UVxXyCF/Z2JfFvdtAHXJ62qA55D4N vJvlsZYxIWeswsIdWZ61cCMowml6hCpZxa8o38nFxXGZa5ZkHaRkMOpcQUdptSO2 Tx4mAb3Hi2N4t/Xk4rHrWbJtTruGtSi0Biv/GOF0bIA0HmIODbvZcvXPWo7fUuf2 qY40CmvoK/PF+ak= -----END CERTIFICATE-----Generated at Sat Apr 26 12:31:48 2025 by rpki-client