$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/5C0006B4E1B711EEA6D7F740C4F9AE02.roa File: 5C0006B4E1B711EEA6D7F740C4F9AE02.roa (raw, json) Hash identifier: 4jfL7SNWxDFOPvyEexB/Au04m937KqyBQLuHPsEG/BI= Subject key identifier: 35:F9:B3:48:11:97:E7:EA:44:CA:4D:4C:F1:96:49:AB:25:F6:B3:68 Certificate issuer: /CN=A91CC1EB/serialNumber=534E675E89AC9AC302F530A277528CF81A3C5306 Certificate serial: 0576 Authority key identifier: 53:4E:67:5E:89:AC:9A:C3:02:F5:30:A2:77:52:8C:F8:1A:3C:53:06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U05nXomsmsMC9TCid1KM-Bo8UwY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/5C0006B4E1B711EEA6D7F740C4F9AE02.roa Signing time: Fri 21 Feb 2025 00:52:48 +0000 ROA not before: Fri 21 Feb 2025 00:52:48 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 136047 IP address blocks: 103.109.228.0/23 maxlen: 23 103.109.230.0/23 maxlen: 24 2401:e20::/32 maxlen: 32 2401:e20::/40 maxlen: 40 2401:e20:1000::/40 maxlen: 40 2401:e20:2000::/36 maxlen: 36 2401:e20:3000::/40 maxlen: 40 2401:e20:c100::/40 maxlen: 40 2401:e20:cc00::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/U05nXomsmsMC9TCid1KM-Bo8UwY.crl rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/U05nXomsmsMC9TCid1KM-Bo8UwY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U05nXomsmsMC9TCid1KM-Bo8UwY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 07 May 2025 22:55:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1398 (0x576) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CC1EB, serialNumber=534E675E89AC9AC302F530A277528CF81A3C5306 Validity Not Before: Feb 21 00:52:48 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67b7ce60-0ad5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:89:87:cc:c2:b0:05:b5:65:ca:d7:2f:a5:9a: 26:99:df:76:9d:d4:fd:e0:ca:c0:d1:df:27:bd:89: 2d:de:45:4d:6d:89:99:db:37:92:69:3e:49:00:16: a5:c9:4c:be:9b:c7:de:06:ef:aa:76:e9:07:7b:f2: 29:b0:30:e5:6c:8c:10:63:af:50:42:ae:36:f9:d6: 83:03:a6:c2:ea:a5:40:16:81:10:9f:5d:34:27:4f: c7:d3:e9:40:61:d2:0f:49:7f:58:04:7a:5e:c8:75: a5:ba:4d:58:97:93:8a:a0:21:76:c9:06:6f:6a:b6: 83:1e:1e:c2:0d:9c:70:17:d6:e7:c8:a3:7c:90:69: 74:a6:fa:32:56:f4:1a:d4:d9:d7:13:d1:6a:d2:41: 45:2f:03:41:92:50:7d:3a:8c:72:fc:31:fe:42:da: 60:2c:8e:79:61:8c:cc:b2:1c:34:bc:88:57:15:0c: 22:0e:bd:a2:fc:ae:1e:f2:6c:e6:b9:61:95:77:be: 72:19:30:26:0e:08:49:1f:a7:da:95:1b:13:10:b7: 38:2b:b3:98:54:be:b3:6e:29:14:e3:5b:ba:92:e7: e4:2e:96:05:86:f5:3b:ac:22:d2:ce:be:bd:d9:dc: 43:88:db:6a:d0:6b:08:92:2d:e6:15:a5:1f:b5:35: 31:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:F9:B3:48:11:97:E7:EA:44:CA:4D:4C:F1:96:49:AB:25:F6:B3:68 X509v3 Authority Key Identifier: keyid:53:4E:67:5E:89:AC:9A:C3:02:F5:30:A2:77:52:8C:F8:1A:3C:53:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/U05nXomsmsMC9TCid1KM-Bo8UwY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U05nXomsmsMC9TCid1KM-Bo8UwY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/5C0006B4E1B711EEA6D7F740C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.109.228.0/22 IPv6: 2401:e20::/32 Signature Algorithm: sha256WithRSAEncryption a4:a2:8e:99:9b:37:44:2c:1c:a8:ce:ed:94:14:0b:9f:92:39: c6:70:71:67:f1:da:5c:50:72:77:bb:90:a7:20:e3:c2:0b:3a: bb:b6:fa:e2:d4:34:d6:71:57:f6:62:68:c4:7a:8a:8a:a7:08: 1d:da:e6:94:c0:c9:42:b3:97:b1:30:3a:06:0b:34:ad:b8:f9: fc:1f:6b:e4:8b:f2:cf:a9:14:44:15:c2:2a:1c:03:22:f6:6e: 55:02:e6:45:17:3b:34:d7:5d:23:36:d1:98:a1:34:e2:b6:9e: 34:bc:f1:6e:f7:86:a7:0e:0e:cd:df:07:2c:5c:99:43:35:8d: ef:8e:1b:ec:d7:6e:f3:07:5f:fb:68:fd:e6:c3:d2:8b:c9:e2: 2a:fa:c3:0e:df:d6:2f:1f:d1:a5:86:90:6c:b6:f9:77:69:7c: da:33:c1:fc:e6:a0:4d:d1:73:d8:f1:54:fb:d4:e1:5a:c0:a8: 1f:e8:0a:69:2c:38:29:c4:6f:f1:5d:aa:cb:37:9d:87:b6:60: a6:a8:ba:cf:ab:9a:84:df:9d:65:a7:cd:5f:23:93:08:f1:cf: 61:f5:2e:8d:55:79:cb:30:8c:22:44:76:d8:3b:c1:61:7e:72: 15:da:90:d7:ef:41:5d:ee:bb:ca:d1:b4:7a:e5:02:c4:2c:a5: ff:86:c0:cc -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBXYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0MxRUIxMTAvBgNVBAUTKDUzNEU2NzVFODlBQzlBQzMwMkY1MzBBMjc3NTI4Q0Y4 MUEzQzUzMDYwHhcNMjUwMjIxMDA1MjQ4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2I3Y2U2MC0wYWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA64mHzMKwBbVlytcvpZommd92ndT94MrA0d8nvYkt3kVNbYmZ2zeSaT5JABal yUy+m8feBu+qdukHe/IpsDDlbIwQY69QQq42+daDA6bC6qVAFoEQn100J0/H0+lA YdIPSX9YBHpeyHWluk1Yl5OKoCF2yQZvaraDHh7CDZxwF9bnyKN8kGl0pvoyVvQa 1NnXE9Fq0kFFLwNBklB9Ooxy/DH+QtpgLI55YYzMshw0vIhXFQwiDr2i/K4e8mzm uWGVd75yGTAmDghJH6falRsTELc4K7OYVL6zbikU41u6kufkLpYFhvU7rCLSzr69 2dxDiNtq0GsIki3mFaUftTUxgQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDX5s0gR l+fqRMpNTPGWSasl9rNoMB8GA1UdIwQYMBaAFFNOZ16JrJrDAvUwondSjPgaPFMG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQzFFQi9BQzM4NEFBNkRE ODIxMUVCOTU4RDFDMzBDNEY5QUUwMi9VMDVuWG9tc21zTUM5VENpZDFLTS1CbzhV d1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UwNW5Yb21zbXNNQzlUQ2lkMUtNLUJvOFV3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0MxRUIvQUMzODRBQTZERDgyMTFFQjk1OEQxQzMwQzRGOUFFMDIvNUMwMDA2QjRF MUI3MTFFRUE2RDdGNzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJnbeQwDQQCAAIwBwMFACQBDiAwDQYJKoZIhvcNAQELBQAD ggEBAKSijpmbN0QsHKjO7ZQUC5+SOcZwcWfx2lxQcne7kKcg48ILOru2+uLUNNZx V/ZiaMR6ioqnCB3a5pTAyUKzl7EwOgYLNK24+fwfa+SL8s+pFEQVwiocAyL2blUC 5kUXOzTXXSM20ZihNOK2njS88W73hqcODs3fByxcmUM1je+OG+zXbvMHX/to/ebD 0ovJ4ir6ww7f1i8f0aWGkGy2+XdpfNozwfzmoE3Rc9jxVPvU4VrAqB/oCmksOCnE b/Fdqss3nYe2YKaous+rmoTfnWWnzV8jkwjxz2H1Lo1VecswjCJEdtg7wWF+chXa kNfvQV3uu8rRtHrlAsQspf+GwMw= -----END CERTIFICATE-----Generated at Thu May 1 23:01:19 2025 by rpki-client