$ rpki-client -vvf rpki.apnic.net/member_repository/A91D19ED/54B97A268AB611EB832F0314C4F9AE02/C28841A201DB11EDA4B7F257C4F9AE02.roa File: C28841A201DB11EDA4B7F257C4F9AE02.roa (raw, json) Hash identifier: SRwuKl9iZ5F1PmABZLmK117SIfLF/ZW+yQgLNckgk2s= Subject key identifier: 13:00:C5:31:A0:C4:5B:4A:A1:5A:67:C1:A1:53:98:9D:52:28:37:16 Certificate issuer: /CN=A91D19ED/serialNumber=1ED4A50449F86200A0C2668069A28324F9F6A93E Certificate serial: 0626 Authority key identifier: 1E:D4:A5:04:49:F8:62:00:A0:C2:66:80:69:A2:83:24:F9:F6:A9:3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HtSlBEn4YgCgwmaAaaKDJPn2qT4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D19ED/54B97A268AB611EB832F0314C4F9AE02/C28841A201DB11EDA4B7F257C4F9AE02.roa Signing time: Thu 13 Feb 2025 00:01:44 +0000 ROA not before: Thu 13 Feb 2025 00:01:44 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 38583 IP address blocks: 103.249.127.0/24 maxlen: 24 113.29.244.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D19ED/54B97A268AB611EB832F0314C4F9AE02/HtSlBEn4YgCgwmaAaaKDJPn2qT4.crl rsync://rpki.apnic.net/member_repository/A91D19ED/54B97A268AB611EB832F0314C4F9AE02/HtSlBEn4YgCgwmaAaaKDJPn2qT4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HtSlBEn4YgCgwmaAaaKDJPn2qT4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:23:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1574 (0x626) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D19ED, serialNumber=1ED4A50449F86200A0C2668069A28324F9F6A93E Validity Not Before: Feb 13 00:01:44 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67ad3668-8f8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a4:90:e0:9e:a3:69:28:06:ac:93:69:fb:6e: 75:40:1e:2c:e1:3b:64:ed:ed:d7:89:68:bb:2e:0f: 5f:7e:48:f3:68:67:e2:74:41:16:86:d3:1d:37:af: 34:92:54:16:26:eb:d3:3a:ef:43:44:57:30:e8:6a: 6c:af:95:3f:0a:d1:7f:36:4d:78:76:37:1b:96:55: 89:2a:22:7f:4e:1c:8c:be:9d:d1:93:2f:39:bd:78: 80:01:60:63:f8:1c:20:be:bb:5f:65:ee:d8:90:1a: 2a:78:f7:9d:b5:26:7f:05:f0:2f:36:6e:c5:cf:3f: 0f:89:b6:25:5c:ca:21:5a:84:d1:18:62:01:58:c9: 4a:66:aa:d4:cb:4d:9d:ef:ce:47:2a:eb:dc:1b:ec: 7e:67:e8:a6:75:9a:61:8c:60:14:f4:cd:97:51:fb: 6b:09:8c:14:9e:1b:67:55:36:27:16:57:cd:44:af: 2e:72:c4:07:88:7c:04:df:af:ac:94:70:d1:11:cb: 74:5b:c4:2a:fe:ec:9d:7a:61:20:cd:bb:da:4b:18: 64:7f:7b:24:88:1a:c6:fb:ae:52:21:c5:9d:6f:6f: 67:44:c3:cc:4c:1f:6d:91:b1:ba:bf:a0:67:85:7f: 0d:ad:b8:40:78:45:4d:17:bb:9c:e0:65:1e:09:4c: 58:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:00:C5:31:A0:C4:5B:4A:A1:5A:67:C1:A1:53:98:9D:52:28:37:16 X509v3 Authority Key Identifier: keyid:1E:D4:A5:04:49:F8:62:00:A0:C2:66:80:69:A2:83:24:F9:F6:A9:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D19ED/54B97A268AB611EB832F0314C4F9AE02/HtSlBEn4YgCgwmaAaaKDJPn2qT4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HtSlBEn4YgCgwmaAaaKDJPn2qT4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D19ED/54B97A268AB611EB832F0314C4F9AE02/C28841A201DB11EDA4B7F257C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.249.127.0/24 113.29.244.0/22 Signature Algorithm: sha256WithRSAEncryption 8e:b5:eb:73:fb:78:37:30:35:9d:d1:e1:96:e8:0d:9a:3d:35: 50:43:3d:11:13:e4:55:b2:e9:87:d0:64:f1:29:3b:99:66:eb: 24:75:d8:6c:18:15:80:63:76:ea:b9:dc:6a:a1:6e:b2:21:d3: 88:9a:39:58:95:b5:d6:03:ec:3b:77:9f:61:27:cb:2a:42:cb: 07:7e:f5:ff:61:66:b7:9d:9f:ae:53:f9:20:92:de:0a:19:e0: 06:1d:e0:4e:0e:24:e7:21:88:14:3e:e8:2e:b6:0a:b4:41:fc: 2f:df:3e:72:97:92:de:ba:4f:74:6c:63:58:ac:db:79:62:cd: 4f:60:24:79:eb:85:12:db:25:30:28:8d:5a:ed:06:40:75:01: b5:0c:e7:6e:be:a2:85:f4:36:e1:21:9c:c9:85:83:18:7d:24: a9:9f:2a:b1:80:c9:36:a9:8e:8f:d6:8b:35:2c:0e:87:03:78: c6:79:44:fc:c3:6f:d7:10:69:47:dc:8b:a6:61:85:d0:f6:04: 35:3e:d6:c6:d2:90:a0:23:ba:78:25:89:c4:ff:97:75:5c:39: b6:7f:0c:cc:5e:38:d7:1b:f1:9e:b7:f5:09:c2:31:0c:2e:15: 6d:ef:b9:27:65:cb:17:64:84:97:a9:9e:e0:f9:f2:96:11:3c: 32:ba:54:de -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDE5RUQxMTAvBgNVBAUTKDFFRDRBNTA0NDlGODYyMDBBMEMyNjY4MDY5QTI4MzI0 RjlGNkE5M0UwHhcNMjUwMjEzMDAwMTQ0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2FkMzY2OC04ZjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv6SQ4J6jaSgGrJNp+251QB4s4Ttk7e3XiWi7Lg9ffkjzaGfidEEWhtMdN680 klQWJuvTOu9DRFcw6Gpsr5U/CtF/Nk14djcbllWJKiJ/ThyMvp3Rky85vXiAAWBj +BwgvrtfZe7YkBoqePedtSZ/BfAvNm7Fzz8PibYlXMohWoTRGGIBWMlKZqrUy02d 785HKuvcG+x+Z+imdZphjGAU9M2XUftrCYwUnhtnVTYnFlfNRK8ucsQHiHwE36+s lHDREct0W8Qq/uydemEgzbvaSxhkf3skiBrG+65SIcWdb29nRMPMTB9tkbG6v6Bn hX8NrbhAeEVNF7uc4GUeCUxYKwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBMAxTGg xFtKoVpnwaFTmJ1SKDcWMB8GA1UdIwQYMBaAFB7UpQRJ+GIAoMJmgGmigyT59qk+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTlFRC81NEI5N0EyNjhB QjYxMUVCODMyRjAzMTRDNEY5QUUwMi9IdFNsQkVuNFlnQ2d3bWFBYWFLREpQbjJx VDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0h0U2xCRW40WWdDZ3dtYUFhYUtESlBuMnFUNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDE5RUQvNTRCOTdBMjY4QUI2MTFFQjgzMkYwMzE0QzRGOUFFMDIvQzI4ODQxQTIw MURCMTFFREE0QjdGMjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBABn+X8DBAJxHfQwDQYJKoZIhvcNAQELBQADggEBAI6163P7 eDcwNZ3R4ZboDZo9NVBDPRET5FWy6YfQZPEpO5lm6yR12GwYFYBjduq53GqhbrIh 04iaOViVtdYD7Dt3n2EnyypCywd+9f9hZredn65T+SCS3goZ4AYd4E4OJOchiBQ+ 6C62CrRB/C/fPnKXkt66T3RsY1is23lizU9gJHnrhRLbJTAojVrtBkB1AbUM526+ ooX0NuEhnMmFgxh9JKmfKrGAyTapjo/WizUsDocDeMZ5RPzDb9cQaUfci6ZhhdD2 BDU+1sbSkKAjunglicT/l3VcObZ/DMxeONcb8Z639QnCMQwuFW3vuSdlyxdkhJep nuD58pYRPDK6VN4= -----END CERTIFICATE-----Generated at Sat Apr 26 12:58:48 2025 by rpki-client