$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1306/FE49749883CA11E7B8240A42C4F9AE02/66BEBEDE83CB11E796105342C4F9AE02.roa File: 66BEBEDE83CB11E796105342C4F9AE02.roa (raw, json) Hash identifier: /U/CsYIhht9s+NW7SN7K/1R2JyIlhuy3zjDWLZs60Yg= Subject key identifier: 68:C1:69:AF:38:95:8C:2E:09:7D:E0:D9:5C:1C:32:7E:08:A9:6B:0F Certificate issuer: /CN=A91D1306/serialNumber=E04FB2AA627D97B989AECFE86974E3C5F303121A Certificate serial: 18F6 Authority key identifier: E0:4F:B2:AA:62:7D:97:B9:89:AE:CF:E8:69:74:E3:C5:F3:03:12:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4E-yqmJ9l7mJrs_oaXTjxfMDEho.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1306/FE49749883CA11E7B8240A42C4F9AE02/66BEBEDE83CB11E796105342C4F9AE02.roa Signing time: Tue 08 Apr 2025 16:54:38 +0000 ROA not before: Tue 08 Apr 2025 16:54:38 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 17882 IP address blocks: 43.228.128.0/24 maxlen: 24 43.228.129.0/24 maxlen: 24 43.228.130.0/24 maxlen: 24 43.228.131.0/24 maxlen: 24 103.229.120.0/24 maxlen: 24 103.229.121.0/24 maxlen: 24 103.229.122.0/24 maxlen: 24 103.229.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1306/FE49749883CA11E7B8240A42C4F9AE02/4E-yqmJ9l7mJrs_oaXTjxfMDEho.crl rsync://rpki.apnic.net/member_repository/A91D1306/FE49749883CA11E7B8240A42C4F9AE02/4E-yqmJ9l7mJrs_oaXTjxfMDEho.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4E-yqmJ9l7mJrs_oaXTjxfMDEho.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:27:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6390 (0x18f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1306, serialNumber=E04FB2AA627D97B989AECFE86974E3C5F303121A Validity Not Before: Apr 8 16:54:38 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67f554cd-6098 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:9f:32:20:36:12:51:a7:a6:15:d2:37:78:55: 56:f7:50:56:86:e0:b7:03:81:43:b4:80:23:26:60: 4e:c6:8a:cd:0b:c5:f7:0f:26:fc:a3:4c:a9:dc:8b: a6:57:77:b6:9b:85:00:1f:bf:9b:49:3e:c4:74:7f: 88:f4:4c:8a:cf:94:51:92:cc:b3:e8:82:64:46:e9: 80:5c:25:2b:1f:5f:c5:58:f6:ca:6f:ec:cd:84:24: 65:aa:e3:bd:7a:d1:9d:e4:58:ad:a2:3e:1c:00:d8: 47:b1:0f:61:d7:5b:85:b6:2a:66:0c:af:af:47:90: d8:41:cb:06:63:67:0a:1a:2e:d4:95:90:f2:05:9a: f0:8e:c2:55:22:3d:26:08:02:fb:cb:4c:e4:fa:68: 39:7b:06:9f:f2:53:9c:06:15:5c:7a:fa:7d:36:c9: 68:5c:d0:ee:6b:67:f4:c6:8d:98:5e:a4:f2:45:2f: b0:9d:f7:60:07:fb:b5:c2:9d:35:24:b9:d9:ba:09: 76:b3:34:84:51:9c:3c:cd:2e:73:4b:2a:22:aa:8f: 3a:26:94:23:b5:c7:7f:1b:54:9c:9c:f9:ac:9f:84: 31:11:b7:ed:10:6c:3d:bb:23:fd:69:40:b1:78:d2: 58:d4:cd:13:19:4d:9e:b7:e6:97:44:31:55:9a:24: ce:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:C1:69:AF:38:95:8C:2E:09:7D:E0:D9:5C:1C:32:7E:08:A9:6B:0F X509v3 Authority Key Identifier: keyid:E0:4F:B2:AA:62:7D:97:B9:89:AE:CF:E8:69:74:E3:C5:F3:03:12:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1306/FE49749883CA11E7B8240A42C4F9AE02/4E-yqmJ9l7mJrs_oaXTjxfMDEho.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4E-yqmJ9l7mJrs_oaXTjxfMDEho.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1306/FE49749883CA11E7B8240A42C4F9AE02/66BEBEDE83CB11E796105342C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.128.0/22 103.229.120.0/22 Signature Algorithm: sha256WithRSAEncryption 70:56:16:fc:c7:62:b9:e7:72:79:4f:f1:53:87:80:99:0c:a8: b2:e5:88:0a:72:bb:89:2b:5b:96:48:8e:42:03:76:d5:49:66: 92:c7:aa:17:c7:8d:3e:5a:b9:96:87:82:a1:57:50:dd:74:a9: 5c:79:5e:32:1a:2c:ac:57:72:92:7a:f4:cc:55:1d:e5:86:01: b5:a8:5c:38:ca:ec:42:f2:1b:b4:89:5a:db:a0:a2:24:a0:9c: 79:42:ee:3a:52:1b:86:ac:af:1e:39:18:97:0f:a4:ce:a4:27: 97:95:ed:ea:7e:c2:cc:73:85:23:8b:bc:cc:d5:f2:7c:53:74: f0:62:06:33:c0:49:1d:59:f1:5b:f3:5b:62:21:2b:5d:de:b3: b4:f0:35:d0:39:61:db:0b:d3:63:9d:29:16:35:d1:2e:0c:46: a6:f1:0a:cd:1e:cb:ce:f3:b1:50:f7:12:5e:97:85:cb:db:0f: 62:99:4f:89:3b:5d:ed:09:57:ab:af:af:21:b3:1a:f3:e6:c6: 12:99:13:43:0a:d2:a5:c5:b9:7b:1c:90:26:73:05:d6:ac:3f: aa:53:c5:f5:57:71:8b:fd:48:91:99:d7:c4:7d:da:66:33:b1: fa:dd:53:50:19:13:a7:e3:6e:36:dc:62:e4:7a:e4:2f:2b:35: 24:f9:4b:31 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICGPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDEzMDYxMTAvBgNVBAUTKEUwNEZCMkFBNjI3RDk3Qjk4OUFFQ0ZFODY5NzRFM0M1 RjMwMzEyMUEwHhcNMjUwNDA4MTY1NDM4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y1NTRjZC02MDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsJ8yIDYSUaemFdI3eFVW91BWhuC3A4FDtIAjJmBOxorNC8X3Dyb8o0yp3Ium V3e2m4UAH7+bST7EdH+I9EyKz5RRksyz6IJkRumAXCUrH1/FWPbKb+zNhCRlquO9 etGd5Fitoj4cANhHsQ9h11uFtipmDK+vR5DYQcsGY2cKGi7UlZDyBZrwjsJVIj0m CAL7y0zk+mg5ewaf8lOcBhVcevp9NsloXNDua2f0xo2YXqTyRS+wnfdgB/u1wp01 JLnZugl2szSEUZw8zS5zSyoiqo86JpQjtcd/G1ScnPmsn4QxEbftEGw9uyP9aUCx eNJY1M0TGU2et+aXRDFVmiTOeQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGjBaa84 lYwuCX3g2VwcMn4IqWsPMB8GA1UdIwQYMBaAFOBPsqpifZe5ia7P6Gl048XzAxIa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTMwNi9GRTQ5NzQ5ODgz Q0ExMUU3QjgyNDBBNDJDNEY5QUUwMi80RS15cW1KOWw3bUpyc19vYVhUanhmTURF aG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRFLXlxbUo5bDdtSnJzX29hWFRqeGZNREVoby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDEzMDYvRkU0OTc0OTg4M0NBMTFFN0I4MjQwQTQyQzRGOUFFMDIvNjZCRUJFREU4 M0NCMTFFNzk2MTA1MzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr5IADBAJn5XgwDQYJKoZIhvcNAQELBQADggEBAHBWFvzH YrnncnlP8VOHgJkMqLLliApyu4krW5ZIjkIDdtVJZpLHqhfHjT5auZaHgqFXUN10 qVx5XjIaLKxXcpJ69MxVHeWGAbWoXDjK7ELyG7SJWtugoiSgnHlC7jpSG4asrx45 GJcPpM6kJ5eV7ep+wsxzhSOLvMzV8nxTdPBiBjPASR1Z8VvzW2IhK13es7TwNdA5 YdsL02OdKRY10S4MRqbxCs0ey87zsVD3El6XhcvbD2KZT4k7Xe0JV6uvryGzGvPm xhKZE0MK0qXFuXsckCZzBdasP6pTxfVXcYv9SJGZ18R92mYzsfrdU1AZE6fjbjbc YuR65C8rNST5SzE= -----END CERTIFICATE-----Generated at Sat Apr 26 15:08:46 2025 by rpki-client