$ rpki-client -vvf rpki.apnic.net/member_repository/A91D17E8/F16E18565C5311E99AB5CF68C4F9AE02/35A169488D8611E9B1106E6FC4F9AE02.roa File: 35A169488D8611E9B1106E6FC4F9AE02.roa (raw, json) Hash identifier: MIfxKi8mqzy4qfoso9S7UhSd/IeBwSzQBKvFHVpyedo= Subject key identifier: E0:A1:AD:42:DC:83:4B:27:7D:AF:64:E0:05:A6:F5:CC:40:0F:0A:37 Certificate issuer: /CN=A91D17E8/serialNumber=3027308159151941AB734C720617DF7FDCC2410C Certificate serial: 0FAE Authority key identifier: 30:27:30:81:59:15:19:41:AB:73:4C:72:06:17:DF:7F:DC:C2:41:0C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MCcwgVkVGUGrc0xyBhfff9zCQQw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D17E8/F16E18565C5311E99AB5CF68C4F9AE02/35A169488D8611E9B1106E6FC4F9AE02.roa Signing time: Fri 02 May 2025 17:57:36 +0000 ROA not before: Fri 02 May 2025 17:57:36 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 138978 IP address blocks: 103.138.32.0/24 maxlen: 24 103.139.90.0/24 maxlen: 24 2404:bb40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D17E8/F16E18565C5311E99AB5CF68C4F9AE02/MCcwgVkVGUGrc0xyBhfff9zCQQw.crl rsync://rpki.apnic.net/member_repository/A91D17E8/F16E18565C5311E99AB5CF68C4F9AE02/MCcwgVkVGUGrc0xyBhfff9zCQQw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MCcwgVkVGUGrc0xyBhfff9zCQQw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 17:57:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4014 (0xfae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D17E8, serialNumber=3027308159151941AB734C720617DF7FDCC2410C Validity Not Before: May 2 17:57:36 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68150790-647d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:91:b6:16:b1:5c:44:39:55:0c:e6:ff:cd:87: 6b:23:ae:5e:6e:81:8a:41:c8:17:13:49:4c:1c:1b: 0d:1f:1d:29:66:20:86:37:eb:78:d4:4e:48:f5:14: 79:52:e2:64:1a:30:b8:c1:2f:77:8f:f9:1f:32:bf: 5f:c0:62:36:b0:99:e9:0d:c2:ab:9c:cd:3c:3e:80: 74:dd:3f:1b:27:e1:de:bb:bc:62:18:46:24:a5:9a: 3a:a4:78:0c:5d:3c:18:84:93:ad:ea:da:96:d9:70: 77:de:64:47:3c:24:26:c5:2b:fb:47:bd:dd:01:b1: 28:12:f6:fb:d0:24:60:f9:0a:9c:f5:53:05:ad:53: 56:2b:18:2c:db:70:e2:11:86:cf:fe:a1:bf:58:66: 90:5d:f2:60:f0:a2:dd:f5:cf:a7:12:7a:3b:1b:73: b6:7e:65:7a:a2:fc:ea:37:6f:9b:f4:e1:31:91:91: c6:fc:a9:a5:70:0a:4d:46:36:f4:e1:31:eb:19:c3: e4:3b:bd:98:b2:66:6e:4b:04:09:19:81:0a:d8:96: da:61:90:cf:f9:38:36:b7:be:3b:ae:2b:53:e4:bb: 5e:75:5f:01:79:85:e7:4a:0f:03:8a:e6:20:5e:61: a7:ab:9e:fd:fb:a3:16:37:6a:3d:64:99:85:ec:f5: 63:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:A1:AD:42:DC:83:4B:27:7D:AF:64:E0:05:A6:F5:CC:40:0F:0A:37 X509v3 Authority Key Identifier: keyid:30:27:30:81:59:15:19:41:AB:73:4C:72:06:17:DF:7F:DC:C2:41:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D17E8/F16E18565C5311E99AB5CF68C4F9AE02/MCcwgVkVGUGrc0xyBhfff9zCQQw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MCcwgVkVGUGrc0xyBhfff9zCQQw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D17E8/F16E18565C5311E99AB5CF68C4F9AE02/35A169488D8611E9B1106E6FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.32.0/24 103.139.90.0/24 IPv6: 2404:bb40::/32 Signature Algorithm: sha256WithRSAEncryption 08:0b:14:b9:34:7e:eb:4b:f8:d4:b5:59:6d:2f:d1:e2:3e:10: 22:7f:55:4a:0e:54:e9:0f:47:68:c5:81:cf:a0:09:16:2b:c7: a6:83:9e:a6:b1:10:46:9d:1c:ee:e2:7a:23:d2:27:bd:e3:90: d5:75:1a:6f:b3:1d:cd:6c:9f:f0:2e:95:dc:29:7f:72:e7:0f: b4:c6:e4:87:de:f5:8e:f0:fe:14:bb:b2:d4:c9:77:bc:b1:ab: cb:a2:cf:27:a8:0d:9b:c8:ec:e3:18:e5:fb:2e:62:aa:6f:e0: c3:92:40:e4:80:88:5a:a0:fd:a5:52:69:fe:de:12:47:8e:f2: 6a:ce:e9:29:01:f0:f0:67:ed:68:9f:66:aa:c5:08:b0:d7:cd: db:b5:f4:67:8d:00:15:c5:ec:22:cd:64:01:d6:1e:03:62:24: 01:3e:e8:0d:78:7c:b2:ea:c6:c7:06:3f:b8:bb:ae:d9:13:17: 3f:57:74:ed:1e:44:1d:83:83:9b:d4:51:bd:37:99:46:00:50: f6:ac:5f:80:fb:69:b6:d8:40:35:bc:dd:02:cc:3c:a9:3e:c5: a0:8d:cd:eb:cf:6d:14:95:74:ee:6c:6c:a9:9b:8e:17:1d:4f: 6e:5e:37:4f:db:10:fe:53:ea:74:a7:3d:00:80:ce:9c:4b:46: 9e:53:f3:51 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICD64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDE3RTgxMTAvBgNVBAUTKDMwMjczMDgxNTkxNTE5NDFBQjczNEM3MjA2MTdERjdG RENDMjQxMEMwHhcNMjUwNTAyMTc1NzM2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE1MDc5MC02NDdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuZG2FrFcRDlVDOb/zYdrI65eboGKQcgXE0lMHBsNHx0pZiCGN+t41E5I9RR5 UuJkGjC4wS93j/kfMr9fwGI2sJnpDcKrnM08PoB03T8bJ+Heu7xiGEYkpZo6pHgM XTwYhJOt6tqW2XB33mRHPCQmxSv7R73dAbEoEvb70CRg+Qqc9VMFrVNWKxgs23Di EYbP/qG/WGaQXfJg8KLd9c+nEno7G3O2fmV6ovzqN2+b9OExkZHG/KmlcApNRjb0 4THrGcPkO72YsmZuSwQJGYEK2JbaYZDP+Tg2t747ritT5LtedV8BeYXnSg8DiuYg XmGnq579+6MWN2o9ZJmF7PVjaQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOChrULc g0snfa9k4AWm9cxADwo3MB8GA1UdIwQYMBaAFDAnMIFZFRlBq3NMcgYX33/cwkEM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTdFOC9GMTZFMTg1NjVD NTMxMUU5OUFCNUNGNjhDNEY5QUUwMi9NQ2N3Z1ZrVkdVR3JjMHh5QmhmZmY5ekNR UXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01DY3dnVmtWR1VHcmMweHlCaGZmZjl6Q1FRdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDE3RTgvRjE2RTE4NTY1QzUzMTFFOTlBQjVDRjY4QzRGOUFFMDIvMzVBMTY5NDg4 RDg2MTFFOUIxMTA2RTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBABniiADBABni1owDQQCAAIwBwMFACQEu0AwDQYJKoZIhvcN AQELBQADggEBAAgLFLk0futL+NS1WW0v0eI+ECJ/VUoOVOkPR2jFgc+gCRYrx6aD nqaxEEadHO7ieiPSJ73jkNV1Gm+zHc1sn/Auldwpf3LnD7TG5Ife9Y7w/hS7stTJ d7yxq8uizyeoDZvI7OMY5fsuYqpv4MOSQOSAiFqg/aVSaf7eEkeO8mrO6SkB8PBn 7WifZqrFCLDXzdu19GeNABXF7CLNZAHWHgNiJAE+6A14fLLqxscGP7i7rtkTFz9X dO0eRB2Dg5vUUb03mUYAUPasX4D7abbYQDW83QLMPKk+xaCNzevPbRSVdO5sbKmb jhcdT25eN0/bEP5T6nSnPQCAzpxLRp5T81E= -----END CERTIFICATE-----Generated at Sun May 4 14:46:25 2025 by rpki-client