$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/49036D2CB0D711E58B185E0FC4F9AE02.roa File: 49036D2CB0D711E58B185E0FC4F9AE02.roa (raw, json) Hash identifier: AsLmLNpdLhba6hfcYMLpd0sVqrUh2auGXL+sqK0hCjo= Subject key identifier: E2:E2:9E:F4:6A:1F:D0:4B:5E:57:EB:CF:29:42:B7:5F:30:FB:F5:0F Certificate issuer: /CN=A91C9484/serialNumber=F972E75E3D03E5CE1901930C43D16DC4A89C4792 Certificate serial: 3499 Authority key identifier: F9:72:E7:5E:3D:03:E5:CE:19:01:93:0C:43:D1:6D:C4:A8:9C:47:92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/49036D2CB0D711E58B185E0FC4F9AE02.roa Signing time: Fri 28 Mar 2025 14:51:01 +0000 ROA not before: Fri 28 Mar 2025 14:51:01 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 38478 IP address blocks: 103.15.120.0/22 maxlen: 22 103.15.120.0/24 maxlen: 24 103.15.121.0/24 maxlen: 24 103.15.122.0/24 maxlen: 24 103.15.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.crl rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:46:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13465 (0x3499) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9484, serialNumber=F972E75E3D03E5CE1901930C43D16DC4A89C4792 Validity Not Before: Mar 28 14:51:01 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67e6b755-6cc3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:37:45:0a:2f:06:a7:30:6d:66:5b:35:66:27: 5d:0d:08:aa:88:e2:11:6a:08:4e:84:24:11:7c:cf: fb:ff:54:b0:89:dd:a5:03:d3:b5:01:48:1a:b1:c2: fb:f2:81:9a:f2:54:e5:1d:2c:ef:67:c3:0d:85:8e: 22:7c:50:84:d8:0e:d4:72:7d:58:21:26:fa:9d:95: e7:24:0e:8d:b5:be:09:db:2c:7a:a2:d1:bf:ac:1c: 1a:1f:14:45:f9:42:57:ab:d2:e9:f8:84:32:b7:f1: c9:4b:d9:d3:77:7c:71:b1:0b:14:94:e1:9d:ae:4d: fd:76:00:a0:cc:22:95:f6:cb:fb:a2:21:84:18:cf: 79:9a:ca:66:19:36:a0:41:a4:ca:06:31:9c:64:17: 70:09:ca:a7:d5:8f:dc:8f:0e:99:79:48:6b:b8:50: d7:bd:ca:96:30:e5:79:73:dc:d2:ef:ea:b8:d7:f8: 26:f1:5a:6f:e6:14:d2:23:21:03:92:f7:c2:94:33: ba:41:0a:23:7b:f3:7a:8f:1b:46:81:ed:7f:c1:a3: b9:83:df:ce:f6:f3:60:41:86:09:60:04:49:b9:f1: 74:4c:79:8c:aa:07:fe:4d:60:87:85:ec:90:d9:db: 59:fb:9a:4f:d8:85:86:76:86:14:76:7d:c3:76:a8: 00:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:E2:9E:F4:6A:1F:D0:4B:5E:57:EB:CF:29:42:B7:5F:30:FB:F5:0F X509v3 Authority Key Identifier: keyid:F9:72:E7:5E:3D:03:E5:CE:19:01:93:0C:43:D1:6D:C4:A8:9C:47:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XLnXj0D5c4ZAZMMQ9FtxKicR5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9484/6FF0DDE01D9411E29DECB5F808B02CD2/49036D2CB0D711E58B185E0FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.15.120.0/22 Signature Algorithm: sha256WithRSAEncryption 33:9e:26:d9:0b:90:47:89:86:53:2c:e3:60:38:5c:20:0b:65: 10:10:64:b8:2c:f5:98:46:07:d9:1b:0c:f2:6d:46:5f:74:5d: ee:4e:10:31:75:a2:fd:8f:33:b6:71:b1:ea:b4:48:6c:d3:f1: 30:2a:dc:c9:db:82:9d:a9:22:4d:00:c9:00:12:59:a7:ed:b0: 65:36:73:7e:4c:0b:2d:b7:d9:f8:1c:48:b4:94:ee:5e:57:45: 96:ba:4a:e5:e9:88:76:a8:02:c8:88:a1:65:5b:07:24:5a:c2: 14:a0:6f:24:47:2a:e5:6d:39:15:73:9d:1d:59:27:bb:82:a9: ae:a9:bb:2f:ce:e8:bb:4b:ac:d5:f4:17:a0:9e:b1:19:1d:0d: b7:52:99:ef:e4:d5:e4:33:d6:fd:e0:1f:68:2d:53:75:27:9f: 1b:5b:77:37:26:3f:08:52:3d:8f:2e:a0:db:19:76:01:50:8f: c1:d3:69:2b:32:58:a6:7f:7a:7c:c4:34:b6:74:7f:f3:6d:64: a9:d4:a0:02:77:2a:93:52:ca:50:44:12:a9:9c:d6:a6:99:aa: 22:a5:51:f6:e3:d3:2a:6e:f7:b6:1c:7f:9b:20:ec:4f:55:65: d2:a1:82:be:4b:bf:e3:e3:3d:96:97:28:37:06:fa:dc:f6:dd: 84:55:5e:61 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICNJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk0ODQxMTAvBgNVBAUTKEY5NzJFNzVFM0QwM0U1Q0UxOTAxOTMwQzQzRDE2REM0 QTg5QzQ3OTIwHhcNMjUwMzI4MTQ1MTAxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2U2Yjc1NS02Y2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAujdFCi8GpzBtZls1ZiddDQiqiOIRaghOhCQRfM/7/1Swid2lA9O1AUgascL7 8oGa8lTlHSzvZ8MNhY4ifFCE2A7Ucn1YISb6nZXnJA6Ntb4J2yx6otG/rBwaHxRF +UJXq9Lp+IQyt/HJS9nTd3xxsQsUlOGdrk39dgCgzCKV9sv7oiGEGM95mspmGTag QaTKBjGcZBdwCcqn1Y/cjw6ZeUhruFDXvcqWMOV5c9zS7+q41/gm8Vpv5hTSIyED kvfClDO6QQoje/N6jxtGge1/waO5g9/O9vNgQYYJYARJufF0THmMqgf+TWCHheyQ 2dtZ+5pP2IWGdoYUdn3DdqgAjQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOLinvRq H9BLXlfrzylCt18w+/UPMB8GA1UdIwQYMBaAFPly5149A+XOGQGTDEPRbcSonEeS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTQ4NC82RkYwRERFMDFE OTQxMUUyOURFQ0I1RjgwOEIwMkNEMi8tWExuWGowRDVjNFpBWk1NUTlGdHhLaWNS NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1YTG5YajBENWM0WkFaTU1ROUZ0eEtpY1I1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzk0ODQvNkZGMERERTAxRDk0MTFFMjlERUNCNUY4MDhCMDJDRDIvNDkwMzZEMkNC MEQ3MTFFNThCMTg1RTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJnD3gwDQYJKoZIhvcNAQELBQADggEBADOeJtkLkEeJhlMs 42A4XCALZRAQZLgs9ZhGB9kbDPJtRl90Xe5OEDF1ov2PM7Zxseq0SGzT8TAq3Mnb gp2pIk0AyQASWaftsGU2c35MCy232fgcSLSU7l5XRZa6SuXpiHaoAsiIoWVbByRa whSgbyRHKuVtORVznR1ZJ7uCqa6puy/O6LtLrNX0F6CesRkdDbdSme/k1eQz1v3g H2gtU3UnnxtbdzcmPwhSPY8uoNsZdgFQj8HTaSsyWKZ/enzENLZ0f/NtZKnUoAJ3 KpNSylBEEqmc1qaZqiKlUfbj0ypu97Ycf5sg7E9VZdKhgr5Lv+PjPZaXKDcG+tz2 3YRVXmE= -----END CERTIFICATE-----Generated at Sat Apr 26 07:49:18 2025 by rpki-client