$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/F3529CDCAE1511EE92D99E46C4F9AE02.roa File: F3529CDCAE1511EE92D99E46C4F9AE02.roa (raw, json) Hash identifier: hTD7DjMK2EnPCWqJypUdiJk7jUHRPt10GcfYU8sN4po= Subject key identifier: 13:EA:26:B7:7F:72:89:20:8A:AA:C9:CF:42:B8:58:1A:29:EB:13:55 Certificate issuer: /CN=A91D4345/serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB Certificate serial: 0C12 Authority key identifier: E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/F3529CDCAE1511EE92D99E46C4F9AE02.roa Signing time: Thu 16 Jan 2025 18:26:59 +0000 ROA not before: Thu 16 Jan 2025 18:26:59 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 17471 IP address blocks: 103.7.112.0/22 maxlen: 24 122.99.96.0/21 maxlen: 24 202.125.64.0/20 maxlen: 24 203.83.160.0/19 maxlen: 24 203.191.32.0/23 maxlen: 24 2407:f040::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.crl rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:24:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3090 (0xc12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4345, serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB Validity Not Before: Jan 16 18:26:59 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67894f73-b2c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:06:8c:3d:da:cb:2b:bc:2b:d0:be:75:5b:59: ab:c0:9b:18:cc:bf:dd:d6:19:fa:80:bc:00:32:39: 7b:06:4b:f9:7e:b6:ef:30:78:01:80:87:94:d2:91: eb:d0:5b:1f:0f:fa:8f:c4:cd:50:c4:dc:d1:fc:f4: e1:8d:31:4a:9e:3e:16:63:de:c5:f3:4b:e5:27:e0: 6e:b4:9d:eb:74:d5:c9:24:be:e2:38:26:0b:22:58: 63:ba:29:d3:ed:3f:37:97:08:53:8c:64:8d:60:38: fe:88:80:ea:e9:05:8b:84:fc:88:52:a8:09:c8:d9: aa:ab:04:e6:b8:18:3e:99:bd:c5:6b:cb:16:72:12: d7:a6:97:78:3a:25:d2:24:de:6a:73:51:4a:0c:60: 4c:ea:c8:66:47:71:5d:5f:67:ad:55:d5:66:84:86: 73:a9:ae:2e:63:13:3d:c7:82:b5:c1:e8:6d:69:c1: 39:70:7e:ea:14:82:94:3d:92:a8:a2:e1:3f:14:63: 3f:27:8a:f6:58:7b:97:97:7c:8c:ab:d6:7a:0f:e7: ec:d5:40:15:f1:59:8c:14:71:df:8a:24:af:5b:f6: 62:cd:90:fa:e7:0e:40:11:0e:3a:58:d8:fe:d3:5d: f8:af:e4:d9:c7:03:1f:e6:7f:44:42:87:88:48:3d: 23:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:EA:26:B7:7F:72:89:20:8A:AA:C9:CF:42:B8:58:1A:29:EB:13:55 X509v3 Authority Key Identifier: keyid:E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/F3529CDCAE1511EE92D99E46C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.7.112.0/22 122.99.96.0/21 202.125.64.0/20 203.83.160.0/19 203.191.32.0/23 IPv6: 2407:f040::/32 Signature Algorithm: sha256WithRSAEncryption da:e1:ad:0c:6e:5e:43:e0:c7:98:36:db:02:91:dc:8e:7d:31: ce:fb:c8:ec:1f:77:24:2a:66:45:b2:00:f3:c9:e0:c1:dd:84: c1:58:83:38:9a:35:06:83:81:b0:9e:dd:a8:ec:19:5b:47:7d: b7:41:fe:d2:ca:d1:7c:d7:78:d0:a7:1e:b9:08:0b:2c:39:20: cf:03:58:d7:72:66:f7:0d:fe:43:70:ce:0f:be:79:51:8a:9e: 8b:14:a8:57:33:1f:a3:6b:99:9a:40:47:2b:70:59:de:d5:ed: cc:68:27:44:76:e1:15:35:51:13:82:54:f7:07:c0:df:65:57: 02:94:a7:e5:56:e1:45:b7:7f:f4:9d:2b:3a:89:27:b7:26:f7: 95:6a:b5:ce:e2:cc:c1:2e:fb:7d:c1:6f:39:cf:18:d7:fc:37: 39:6b:df:b2:8c:60:21:64:59:a7:63:ba:de:35:fc:e9:f8:ef: cb:7c:69:00:d8:db:b1:a0:4c:4f:26:9b:d3:2e:bf:d0:c1:da: e7:d3:49:dd:47:3c:fb:c6:13:e1:4e:7c:9d:b8:26:e8:7a:37: a9:18:eb:ae:7b:a6:b6:61:57:6e:cf:98:85:ab:53:d6:ab:85: b7:83:11:44:80:80:75:3a:65:23:38:8e:d1:8a:bf:40:33:00: 12:c3:55:d3 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICDBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQzNDUxMTAvBgNVBAUTKEU1MzdEMEMzNDhGRDdEQzQ5RjVGQzNCMDA2NkEzMUM1 ODRGQUUxQUIwHhcNMjUwMTE2MTgyNjU5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzg5NGY3My1iMmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArAaMPdrLK7wr0L51W1mrwJsYzL/d1hn6gLwAMjl7Bkv5frbvMHgBgIeU0pHr 0FsfD/qPxM1QxNzR/PThjTFKnj4WY97F80vlJ+ButJ3rdNXJJL7iOCYLIlhjuinT 7T83lwhTjGSNYDj+iIDq6QWLhPyIUqgJyNmqqwTmuBg+mb3Fa8sWchLXppd4OiXS JN5qc1FKDGBM6shmR3FdX2etVdVmhIZzqa4uYxM9x4K1wehtacE5cH7qFIKUPZKo ouE/FGM/J4r2WHuXl3yMq9Z6D+fs1UAV8VmMFHHfiiSvW/ZizZD65w5AEQ46WNj+ 0134r+TZxwMf5n9EQoeISD0jnwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFBPqJrd/ cokgiqrJz0K4WBop6xNVMB8GA1UdIwQYMBaAFOU30MNI/X3En1/DsAZqMcWE+uGr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDM0NS9FQzc4Q0REQTA1 MzgxMUVBQjU4OTc2NjhDNEY5QUUwMi81VGZRdzBqOWZjU2ZYOE93Qm1veHhZVDY0 YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVUZlF3MGo5ZmNTZlg4T3dCbW94eFlUNjRhcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDQzNDUvRUM3OENEREEwNTM4MTFFQUI1ODk3NjY4QzRGOUFFMDIvRjM1MjlDRENB RTE1MTFFRTkyRDk5RTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAJnB3ADBAN6Y2ADBATKfUADBAXLU6ADBAHLvyAwDQQCAAIw BwMFACQH8EAwDQYJKoZIhvcNAQELBQADggEBANrhrQxuXkPgx5g22wKR3I59Mc77 yOwfdyQqZkWyAPPJ4MHdhMFYgziaNQaDgbCe3ajsGVtHfbdB/tLK0XzXeNCnHrkI Cyw5IM8DWNdyZvcN/kNwzg++eVGKnosUqFczH6NrmZpARytwWd7V7cxoJ0R24RU1 UROCVPcHwN9lVwKUp+VW4UW3f/SdKzqJJ7cm95Vqtc7izMEu+33BbznPGNf8Nzlr 37KMYCFkWadjut41/On478t8aQDY27GgTE8mm9Muv9DB2ufTSd1HPPvGE+FOfJ24 Juh6N6kY6657prZhV27PmIWrU9arhbeDEUSAgHU6ZSM4jtGKv0AzABLDVdM= -----END CERTIFICATE-----Generated at Sat Apr 26 16:50:29 2025 by rpki-client