$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD309/1FD6A6EEFA6911E68EC12333C4F9AE02/5949B76C00DB11E8A9CA373DC4F9AE02.roa File: 5949B76C00DB11E8A9CA373DC4F9AE02.roa (raw, json) Hash identifier: uYIH2Df820V7sq00NPl6eOckfu5/+u+T1sNhFFho9vo= Subject key identifier: 5A:2D:33:E3:E8:B2:D2:8A:19:88:F1:90:A9:CE:57:F9:4D:B6:6C:68 Certificate issuer: /CN=A91DD309/serialNumber=8A73FBC66E6E3E8EAB2D5FC2B68991091F021E45 Certificate serial: 1BB0 Authority key identifier: 8A:73:FB:C6:6E:6E:3E:8E:AB:2D:5F:C2:B6:89:91:09:1F:02:1E:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/inP7xm5uPo6rLV_CtomRCR8CHkU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD309/1FD6A6EEFA6911E68EC12333C4F9AE02/5949B76C00DB11E8A9CA373DC4F9AE02.roa Signing time: Mon 30 Dec 2024 16:28:00 +0000 ROA not before: Mon 30 Dec 2024 16:28:00 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 58689 IP address blocks: 43.250.80.0/22 maxlen: 22 43.250.80.0/23 maxlen: 24 43.250.82.0/23 maxlen: 23 43.250.82.0/24 maxlen: 24 43.250.83.0/24 maxlen: 24 103.15.140.0/23 maxlen: 24 103.41.212.0/23 maxlen: 24 103.109.238.0/23 maxlen: 24 2407:e80::/32 maxlen: 32 2407:e80::/48 maxlen: 48 2407:e80:0:2aa::/64 maxlen: 64 2407:e80:1::/48 maxlen: 48 2407:e80:2::/48 maxlen: 48 2407:e80:3::/48 maxlen: 48 2407:e80:4::/48 maxlen: 48 2407:e80:5::/48 maxlen: 48 2407:e80:b::/48 maxlen: 48 2407:e80:c::/48 maxlen: 48 2407:e80:e::/48 maxlen: 48 2407:e80:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD309/1FD6A6EEFA6911E68EC12333C4F9AE02/inP7xm5uPo6rLV_CtomRCR8CHkU.crl rsync://rpki.apnic.net/member_repository/A91DD309/1FD6A6EEFA6911E68EC12333C4F9AE02/inP7xm5uPo6rLV_CtomRCR8CHkU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/inP7xm5uPo6rLV_CtomRCR8CHkU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:15:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7088 (0x1bb0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD309, serialNumber=8A73FBC66E6E3E8EAB2D5FC2B68991091F021E45 Validity Not Before: Dec 30 16:28:00 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=6772ca10-a989 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:e0:c5:5f:a0:92:b0:8e:23:e0:16:0f:cd:df: dc:bc:60:ff:eb:b4:82:fd:a2:45:93:a0:91:11:83: c1:eb:d3:57:df:3f:2c:0e:54:97:47:a0:3e:ce:82: 6e:75:a6:5d:00:68:3c:f8:40:5a:54:c3:d6:fb:09: c2:da:68:c5:4d:f4:42:7c:ec:ed:7c:8a:55:a9:de: 4d:b7:88:68:af:dd:99:03:ce:a0:9d:ab:d6:6f:32: 6b:7d:2c:18:7b:63:86:27:9a:de:76:df:21:4d:b9: 23:5f:7f:f0:9c:c2:8d:bd:12:c2:b9:8e:4b:db:80: e9:cc:09:89:9d:e1:3c:6a:2f:d0:be:71:93:4b:d8: 23:58:02:69:0e:a0:9c:61:96:c7:1f:08:b0:02:44: 07:4e:11:55:3b:ed:5c:b8:8d:8e:cb:45:74:40:67: 4f:13:2b:75:95:0f:d5:89:74:55:d3:7e:ff:1d:74: 3b:f4:63:c8:8d:52:e1:0a:57:e1:09:54:b8:a9:c8: 0f:87:29:77:55:3a:ab:80:f6:aa:81:21:09:f6:6a: 96:8e:3d:e4:6f:eb:d6:02:67:1a:73:2f:3f:50:ea: 1a:a7:3f:dc:db:fd:22:d1:2f:b9:33:1f:da:4b:50: 25:99:ad:e5:56:fe:86:b3:b9:9c:b4:23:b1:d3:79: cf:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:2D:33:E3:E8:B2:D2:8A:19:88:F1:90:A9:CE:57:F9:4D:B6:6C:68 X509v3 Authority Key Identifier: keyid:8A:73:FB:C6:6E:6E:3E:8E:AB:2D:5F:C2:B6:89:91:09:1F:02:1E:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD309/1FD6A6EEFA6911E68EC12333C4F9AE02/inP7xm5uPo6rLV_CtomRCR8CHkU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/inP7xm5uPo6rLV_CtomRCR8CHkU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD309/1FD6A6EEFA6911E68EC12333C4F9AE02/5949B76C00DB11E8A9CA373DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.250.80.0/22 103.15.140.0/23 103.41.212.0/23 103.109.238.0/23 IPv6: 2407:e80::/32 Signature Algorithm: sha256WithRSAEncryption 60:42:30:12:72:2b:36:45:fc:2c:57:ca:8e:4d:e0:68:df:c8: 53:39:0f:88:f6:2a:1e:11:a7:25:30:1c:86:b9:b6:76:57:64: c2:45:56:d4:62:3c:e9:76:c1:60:e7:5e:cc:1e:05:58:ff:31: 9d:27:d9:cf:29:6d:33:51:13:5b:3e:d1:af:ae:72:be:e8:70: 6b:94:77:12:b8:ab:4c:66:83:3c:75:ac:eb:25:89:f0:9a:de: bd:f3:32:50:ff:39:16:82:61:17:b8:6e:3f:32:e5:00:5b:41: 45:81:0e:79:94:95:be:ed:2e:66:49:c1:2e:97:80:54:41:75: 3b:41:ce:40:b0:a2:b6:51:5e:2d:b3:99:68:5a:0d:f5:f1:e5: b5:80:6f:c0:d6:bc:26:a0:63:a3:59:3d:1f:06:e6:14:77:2a: 80:a3:7c:b6:70:0c:bb:30:71:6c:e0:44:37:1d:97:c3:3f:56: 70:61:28:ea:ec:d3:be:5a:cb:34:46:a0:b5:cf:28:3e:22:91: 75:b0:91:44:76:97:8c:44:6d:37:56:a7:61:58:82:45:91:8b: 3f:d4:b2:fe:d1:bb:3b:70:79:49:c3:8e:d3:1f:dc:04:b6:d9: 72:76:a3:29:6f:c4:e9:bc:fb:dc:4e:d5:d2:02:c5:6c:c1:41: 54:84:43:10 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICG7AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQzMDkxMTAvBgNVBAUTKDhBNzNGQkM2NkU2RTNFOEVBQjJENUZDMkI2ODk5MTA5 MUYwMjFFNDUwHhcNMjQxMjMwMTYyODAwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzcyY2ExMC1hOTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmODFX6CSsI4j4BYPzd/cvGD/67SC/aJFk6CREYPB69NX3z8sDlSXR6A+zoJu daZdAGg8+EBaVMPW+wnC2mjFTfRCfOztfIpVqd5Nt4hor92ZA86gnavWbzJrfSwY e2OGJ5redt8hTbkjX3/wnMKNvRLCuY5L24DpzAmJneE8ai/QvnGTS9gjWAJpDqCc YZbHHwiwAkQHThFVO+1cuI2Oy0V0QGdPEyt1lQ/ViXRV037/HXQ79GPIjVLhClfh CVS4qcgPhyl3VTqrgPaqgSEJ9mqWjj3kb+vWAmcacy8/UOoapz/c2/0i0S+5Mx/a S1Alma3lVv6Gs7mctCOx03nPPwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFFotM+Po stKKGYjxkKnOV/lNtmxoMB8GA1UdIwQYMBaAFIpz+8Zubj6Oqy1fwraJkQkfAh5F MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDMwOS8xRkQ2QTZFRUZB NjkxMUU2OEVDMTIzMzNDNEY5QUUwMi9pblA3eG01dVBvNnJMVl9DdG9tUkNSOENI a1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2luUDd4bTV1UG82ckxWX0N0b21SQ1I4Q0hrVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REQzMDkvMUZENkE2RUVGQTY5MTFFNjhFQzEyMzMzQzRGOUFFMDIvNTk0OUI3NkMw MERCMTFFOEE5Q0EzNzNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr+lADBAFnD4wDBAFnKdQDBAFnbe4wDQQCAAIwBwMFACQH DoAwDQYJKoZIhvcNAQELBQADggEBAGBCMBJyKzZF/CxXyo5N4GjfyFM5D4j2Kh4R pyUwHIa5tnZXZMJFVtRiPOl2wWDnXsweBVj/MZ0n2c8pbTNRE1s+0a+ucr7ocGuU dxK4q0xmgzx1rOslifCa3r3zMlD/ORaCYRe4bj8y5QBbQUWBDnmUlb7tLmZJwS6X gFRBdTtBzkCworZRXi2zmWhaDfXx5bWAb8DWvCagY6NZPR8G5hR3KoCjfLZwDLsw cWzgRDcdl8M/VnBhKOrs075ayzRGoLXPKD4ikXWwkUR2l4xEbTdWp2FYgkWRiz/U sv7RuztweUnDjtMf3AS22XJ2oylvxOm8+9xO1dICxWzBQVSEQxA= -----END CERTIFICATE-----Generated at Sat Apr 26 15:04:39 2025 by rpki-client