$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa File: 61663178F88311EDB1DF555DC4F9AE02.roa (raw, json) Hash identifier: fXSIWmh9V9F/x3Hddt6PPXIzX5rLMrps20QQT3eYyH8= Subject key identifier: B7:31:89:50:50:E8:83:77:15:AA:12:3A:33:D7:CD:5A:70:14:D9:7A Certificate issuer: /CN=A91CFA8E/serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Certificate serial: 018B Authority key identifier: D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa Signing time: Mon 07 Apr 2025 08:13:27 +0000 ROA not before: Mon 07 Apr 2025 08:13:27 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 56309 IP address blocks: 43.229.148.0/22 maxlen: 24 43.249.32.0/23 maxlen: 24 103.13.28.0/22 maxlen: 24 103.40.118.0/23 maxlen: 24 103.99.11.0/24 maxlen: 24 103.107.52.0/22 maxlen: 24 103.117.148.0/22 maxlen: 24 117.18.124.0/22 maxlen: 24 199.21.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 395 (0x18b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFA8E, serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Validity Not Before: Apr 7 08:13:27 2025 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=67f38927-970c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:4a:99:34:e5:c6:f9:73:40:f1:71:53:92:cd: ce:2a:61:51:92:f9:36:e1:e3:2f:9e:53:97:0c:36: 25:5a:52:19:51:22:11:6e:ae:a5:48:20:c6:d1:27: 8c:03:fe:16:1d:47:3d:b7:df:99:c1:d8:2a:55:ef: a3:b9:2c:6b:81:4e:0f:37:5f:94:33:c3:d2:7b:ed: 4f:0a:71:17:6d:d3:ea:ec:42:79:19:08:8b:4a:dc: 9d:cf:72:2f:59:4f:a4:a5:6e:94:30:00:9b:0d:e2: b4:c0:20:b2:f0:20:bf:cd:e1:3e:44:86:a3:34:27: 19:02:37:d7:32:63:bd:20:a9:ca:d0:cf:ba:f7:b0: 21:b0:3a:2f:8d:34:85:e6:17:3e:1f:98:e1:7b:b8: 8c:13:24:b2:db:95:ec:de:09:81:f2:bc:53:38:f5: 0a:48:7a:80:00:2c:6e:91:87:8e:25:b9:97:9e:9c: 16:65:e2:d9:22:4f:a2:c0:af:fe:8f:12:83:ac:de: a2:1e:7d:d7:11:24:3b:d8:fd:f0:fb:5b:ee:78:74: 8b:c8:8d:c3:da:a2:7e:9f:18:f1:da:d6:db:be:14: 24:f9:bc:41:f2:60:20:d2:d7:7a:73:2b:45:12:30: c5:0b:44:8b:87:b2:e0:5a:00:88:2a:39:fb:ab:ea: ef:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:31:89:50:50:E8:83:77:15:AA:12:3A:33:D7:CD:5A:70:14:D9:7A X509v3 Authority Key Identifier: keyid:D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/61663178F88311EDB1DF555DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.148.0/22 43.249.32.0/23 103.13.28.0/22 103.40.118.0/23 103.99.11.0/24 103.107.52.0/22 103.117.148.0/22 117.18.124.0/22 199.21.172.0/22 Signature Algorithm: sha256WithRSAEncryption a7:9c:6a:a3:3b:03:c9:b2:b4:91:5f:5c:f8:45:da:9c:0f:56: 8a:a4:95:97:4b:3b:73:bc:27:7e:e9:20:33:95:bb:e4:78:02: 1a:c6:a3:fa:fe:a7:8a:a5:02:83:dd:92:51:b4:ea:ef:30:89: bf:24:19:2e:75:0d:d9:0f:0d:a8:4a:fa:f0:20:43:8a:7f:4d: 83:40:33:16:ae:f4:2b:36:50:ed:9c:d5:08:61:71:fb:61:dd: c3:64:d6:f0:42:a4:5d:04:a1:f6:af:cf:7c:f5:e3:57:2c:aa: 3b:f0:68:3c:67:b1:d0:07:47:0e:ac:71:9d:44:1a:a4:1c:9e: d9:c1:e3:a6:62:27:b7:ff:7b:a3:b2:23:17:e5:ca:3c:3f:78: 69:0a:31:c8:e0:29:a3:6e:49:69:a9:0e:68:58:b9:4e:d7:3f: eb:30:ab:03:7e:17:f3:89:69:fb:b9:59:b2:3b:c6:0f:80:b3: 2e:da:fc:7f:34:ea:fd:75:c8:a8:d8:5e:77:fb:e8:0c:43:5e: 02:ea:7b:fe:13:ec:0c:83:be:f0:3c:cb:f7:56:28:81:31:a2: 2a:94:b2:0e:51:e2:56:5b:58:ed:dc:b9:d3:b5:08:7b:05:66: ad:61:54:19:21:90:34:d2:0d:f4:24:58:f1:71:d0:bf:1f:22: 19:44:b1:ab -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgICAYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBOEUxMTAvBgNVBAUTKEQ4ODBFRjI2NUI5NDBFMzFERkVEMUM0MkFFRjUxNDRC NjQ0MTM3MTcwHhcNMjUwNDA3MDgxMzI3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2YzODkyNy05NzBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArkqZNOXG+XNA8XFTks3OKmFRkvk24eMvnlOXDDYlWlIZUSIRbq6lSCDG0SeM A/4WHUc9t9+ZwdgqVe+juSxrgU4PN1+UM8PSe+1PCnEXbdPq7EJ5GQiLStydz3Iv WU+kpW6UMACbDeK0wCCy8CC/zeE+RIajNCcZAjfXMmO9IKnK0M+697AhsDovjTSF 5hc+H5jhe7iMEySy25Xs3gmB8rxTOPUKSHqAACxukYeOJbmXnpwWZeLZIk+iwK/+ jxKDrN6iHn3XESQ72P3w+1vueHSLyI3D2qJ+nxjx2tbbvhQk+bxB8mAg0td6cytF EjDFC0SLh7LgWgCIKjn7q+rvNQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFLcxiVBQ 6IN3FaoSOjPXzVpwFNl6MB8GA1UdIwQYMBaAFNiA7yZblA4x3+0cQq71FEtkQTcX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkE4RS82MUJBRDhFMEY4 N0UxMUVEOTBEODQ0NUNDNEY5QUUwMi8ySUR2Smx1VURqSGY3UnhDcnZVVVMyUkJO eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJJRHZKbHVVRGpIZjdSeENydlVVUzJSQk54Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZBOEUvNjFCQUQ4RTBGODdFMTFFRDkwRDg0NDVDQzRGOUFFMDIvNjE2NjMxNzhG ODgzMTFFREIxREY1NTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E QDA+MDwEAgABMDYDBAIr5ZQDBAEr+SADBAJnDRwDBAFnKHYDBABnYwsDBAJnazQD BAJndZQDBAJ1EnwDBALHFawwDQYJKoZIhvcNAQELBQADggEBAKecaqM7A8mytJFf XPhF2pwPVoqklZdLO3O8J37pIDOVu+R4AhrGo/r+p4qlAoPdklG06u8wib8kGS51 DdkPDahK+vAgQ4p/TYNAMxau9Cs2UO2c1Qhhcfth3cNk1vBCpF0Eofavz3z141cs qjvwaDxnsdAHRw6scZ1EGqQcntnB46ZiJ7f/e6OyIxflyjw/eGkKMcjgKaNuSWmp DmhYuU7XP+swqwN+F/OJafu5WbI7xg+Asy7a/H806v11yKjYXnf76AxDXgLqe/4T 7AyDvvA8y/dWKIExoiqUsg5R4lZbWO3cudO1CHsFZq1hVBkhkDTSDfQkWPFx0L8f IhlEsas= -----END CERTIFICATE-----Generated at Sat Apr 26 13:10:37 2025 by rpki-client