$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/9D664600CB1211EAACC0E528C4F9AE02.roa File: 9D664600CB1211EAACC0E528C4F9AE02.roa (raw, json) Hash identifier: UBw2PoTevAndZcrQq8icn0bOX1+H9RUk7B/v/OivD1E= Subject key identifier: 3D:4F:07:13:8A:DB:81:94:0C:EC:B5:D1:A3:CB:02:64:67:E4:3B:6C Certificate issuer: /CN=A91DBF0D/serialNumber=0D68DBAD600F8BD90B355B98F4B238FB9E9A57FA Certificate serial: 0816 Authority key identifier: 0D:68:DB:AD:60:0F:8B:D9:0B:35:5B:98:F4:B2:38:FB:9E:9A:57:FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DWjbrWAPi9kLNVuY9LI4-56aV_o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/9D664600CB1211EAACC0E528C4F9AE02.roa Signing time: Wed 22 Jan 2025 20:49:18 +0000 ROA not before: Wed 22 Jan 2025 20:49:18 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 63920 IP address blocks: 43.225.48.0/22 maxlen: 24 103.44.32.0/22 maxlen: 24 103.65.252.0/22 maxlen: 24 103.208.164.0/22 maxlen: 24 137.59.168.0/22 maxlen: 24 2401:cd80::/31 maxlen: 48 2404:4180::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/DWjbrWAPi9kLNVuY9LI4-56aV_o.crl rsync://rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/DWjbrWAPi9kLNVuY9LI4-56aV_o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DWjbrWAPi9kLNVuY9LI4-56aV_o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:37:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2070 (0x816) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBF0D, serialNumber=0D68DBAD600F8BD90B355B98F4B238FB9E9A57FA Validity Not Before: Jan 22 20:49:18 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=679159ce-1d9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:89:db:4b:60:3f:5f:ab:10:3d:6e:0f:06:44: ef:03:86:7b:9c:34:70:ad:7a:c2:51:af:50:41:93: 0f:56:16:a3:68:c7:eb:8d:86:13:3b:3e:fc:e1:2d: e0:f6:62:c1:d1:22:56:50:9e:2d:49:7d:a0:ca:ae: 83:77:28:dd:33:d0:16:98:6e:f2:72:79:af:59:0c: 3d:f0:ee:c1:67:94:71:11:58:00:30:ce:e3:5c:ea: eb:a8:7a:56:85:4d:c6:fe:19:6d:48:6b:dc:a8:d7: bb:1d:45:1a:f3:08:35:9b:01:1b:d2:2a:f3:55:5e: 29:06:5a:7e:c5:25:8c:e1:6b:79:d6:d4:4b:d6:70: 51:0b:be:e4:ed:4d:28:f7:7d:87:9f:d6:ed:bb:42: 0f:46:73:bb:b4:36:ae:6b:70:5c:fc:b5:5c:46:e6: 8d:75:8f:f4:64:f2:3c:15:65:7c:94:21:41:26:57: cc:bd:c6:f0:21:3a:9f:24:f1:03:bd:db:11:4e:02: 04:f9:9a:46:24:51:6a:27:f2:54:d5:a0:2a:68:6b: 26:4a:de:de:9a:0b:15:00:c0:40:5f:1d:0e:0f:e9: 5e:f9:82:f7:bc:69:1e:2b:97:71:16:1b:69:79:0c: ae:1a:c0:67:2d:bf:1d:b5:a0:f8:25:0d:49:30:80: be:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:4F:07:13:8A:DB:81:94:0C:EC:B5:D1:A3:CB:02:64:67:E4:3B:6C X509v3 Authority Key Identifier: keyid:0D:68:DB:AD:60:0F:8B:D9:0B:35:5B:98:F4:B2:38:FB:9E:9A:57:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/DWjbrWAPi9kLNVuY9LI4-56aV_o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DWjbrWAPi9kLNVuY9LI4-56aV_o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBF0D/57964D4ACB0E11EAA10F331DC4F9AE02/9D664600CB1211EAACC0E528C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.48.0/22 103.44.32.0/22 103.65.252.0/22 103.208.164.0/22 137.59.168.0/22 IPv6: 2401:cd80::/31 2404:4180::/32 Signature Algorithm: sha256WithRSAEncryption 55:2f:1e:4b:c2:48:18:c9:96:6e:15:86:1e:e1:f9:77:02:d5: 05:b4:67:14:57:11:49:bf:ba:a8:7f:98:b9:a6:5f:4a:ae:6c: a1:5c:17:1f:37:3b:78:ef:eb:1f:b7:68:f8:fa:68:33:cb:19: aa:f8:7f:d0:42:fd:40:94:8e:65:fd:a5:71:41:f7:ca:e5:68: 28:81:70:0a:39:a6:06:fa:05:83:78:ad:73:b4:b2:bb:e5:8f: 26:fc:79:a4:73:6f:d7:63:a4:71:cc:00:b0:ec:75:e7:42:e7: 09:ae:cf:4b:3b:94:e9:05:9f:64:6a:f8:d6:94:fd:3f:26:aa: 85:a9:5b:e7:63:16:63:13:dd:a2:d8:77:f1:8c:1e:4e:97:f6: 96:49:f9:c4:fe:80:b6:d1:f4:7f:59:ea:0e:ab:33:85:1f:cb: 95:2c:c5:32:31:17:d5:c9:3d:fe:dc:7b:00:f2:c2:dc:c0:19: 20:f7:5f:67:43:c6:81:63:0d:b9:9f:0d:97:76:b1:90:80:d5: 9b:b2:80:19:95:45:8e:0a:47:0b:a4:4b:2d:98:3f:17:68:ed: 10:0a:87:e9:84:2c:97:9b:ea:7f:95:e8:bd:24:1a:66:4d:51: ef:f3:7a:12:a1:5e:85:02:3d:a1:3e:e0:99:7b:b1:ef:fd:b6: 6d:f7:db:e4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICCBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJGMEQxMTAvBgNVBAUTKDBENjhEQkFENjAwRjhCRDkwQjM1NUI5OEY0QjIzOEZC OUU5QTU3RkEwHhcNMjUwMTIyMjA0OTE4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzkxNTljZS0xZDlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy4nbS2A/X6sQPW4PBkTvA4Z7nDRwrXrCUa9QQZMPVhajaMfrjYYTOz784S3g 9mLB0SJWUJ4tSX2gyq6DdyjdM9AWmG7ycnmvWQw98O7BZ5RxEVgAMM7jXOrrqHpW hU3G/hltSGvcqNe7HUUa8wg1mwEb0irzVV4pBlp+xSWM4Wt51tRL1nBRC77k7U0o 932Hn9btu0IPRnO7tDaua3Bc/LVcRuaNdY/0ZPI8FWV8lCFBJlfMvcbwITqfJPED vdsRTgIE+ZpGJFFqJ/JU1aAqaGsmSt7emgsVAMBAXx0OD+le+YL3vGkeK5dxFhtp eQyuGsBnLb8dtaD4JQ1JMIC+aQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFD1PBxOK 24GUDOy10aPLAmRn5DtsMB8GA1UdIwQYMBaAFA1o261gD4vZCzVbmPSyOPuemlf6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkYwRC81Nzk2NEQ0QUNC MEUxMUVBQTEwRjMzMURDNEY5QUUwMi9EV2picldBUGk5a0xOVnVZOUxJNC01NmFW X28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RXamJyV0FQaTlrTE5WdVk5TEk0LTU2YVZfby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REJGMEQvNTc5NjRENEFDQjBFMTFFQUExMEYzMzFEQzRGOUFFMDIvOUQ2NjQ2MDBD QjEyMTFFQUFDQzBFNTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MCQEAgABMB4DBAIr4TADBAJnLCADBAJnQfwDBAJn0KQDBAKJO6gwFAQCAAIw DgMFASQBzYADBQAkBEGAMA0GCSqGSIb3DQEBCwUAA4IBAQBVLx5LwkgYyZZuFYYe 4fl3AtUFtGcUVxFJv7qof5i5pl9KrmyhXBcfNzt47+sft2j4+mgzyxmq+H/QQv1A lI5l/aVxQffK5WgogXAKOaYG+gWDeK1ztLK75Y8m/Hmkc2/XY6RxzACw7HXnQucJ rs9LO5TpBZ9kavjWlP0/JqqFqVvnYxZjE92i2HfxjB5Ol/aWSfnE/oC20fR/WeoO qzOFH8uVLMUyMRfVyT3+3HsA8sLcwBkg919nQ8aBYw25nw2XdrGQgNWbsoAZlUWO CkcLpEstmD8XaO0QCofphCyXm+p/lei9JBpmTVHv83oSoV6FAj2hPuCZe7Hv/bZt 99vk -----END CERTIFICATE-----Generated at Sat Apr 26 14:10:47 2025 by rpki-client