$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/3D13A01EA9AB11EAA4DBEA5EC4F9AE02.roa File: 3D13A01EA9AB11EAA4DBEA5EC4F9AE02.roa (raw, json) Hash identifier: Lmn08n30AiKaOdta7GpDKIWNdyU/iej42lU+unei0xc= Subject key identifier: 77:12:3F:F5:1D:C0:3D:D2:F0:5C:3D:BE:2C:8C:38:83:28:00:29:19 Certificate issuer: /CN=A91E3B25/serialNumber=B654DD5F5B1520B325BC09C4BF4CADF3CAFB3429 Certificate serial: 08EF Authority key identifier: B6:54:DD:5F:5B:15:20:B3:25:BC:09:C4:BF:4C:AD:F3:CA:FB:34:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlTdX1sVILMlvAnEv0yt88r7NCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/3D13A01EA9AB11EAA4DBEA5EC4F9AE02.roa Signing time: Tue 08 Apr 2025 16:55:16 +0000 ROA not before: Tue 08 Apr 2025 16:55:16 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 135130 IP address blocks: 103.210.56.0/22 maxlen: 22 103.210.56.0/23 maxlen: 24 103.210.58.0/24 maxlen: 24 103.210.59.0/24 maxlen: 24 2404:6480::/32 maxlen: 32 2404:6480::/48 maxlen: 48 2404:6480:1::/48 maxlen: 48 2404:6480:e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.crl rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlTdX1sVILMlvAnEv0yt88r7NCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:41:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2287 (0x8ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3B25, serialNumber=B654DD5F5B1520B325BC09C4BF4CADF3CAFB3429 Validity Not Before: Apr 8 16:55:16 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67f554f4-780b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c6:74:f5:74:1e:4a:aa:83:11:8e:7c:69:74: 03:cc:02:3f:1a:1c:13:60:bf:fb:f6:63:e1:df:ee: 1e:39:89:68:99:fa:7e:42:30:35:b9:83:e1:29:de: 65:90:65:9c:30:17:db:0c:0a:fa:3c:23:1d:cd:c0: 6f:31:13:5c:70:0f:b1:df:d3:bf:e7:0f:bf:6f:87: dd:b2:3c:33:dd:93:e3:1d:46:90:4f:87:41:be:b3: d4:74:a7:54:67:2f:a0:8a:96:63:ee:e6:61:74:74: e0:ca:40:c1:f8:9a:80:17:56:1f:6c:a1:21:ff:39: f9:68:68:31:22:5e:04:81:91:5a:70:f9:5a:ad:38: 5a:27:59:77:6e:8e:5c:8c:03:37:40:60:8a:65:55: a2:ea:1d:71:6d:87:c3:17:66:3e:ce:ae:a6:bd:8c: 21:b8:04:b4:75:df:20:66:ec:06:7c:0b:7f:fe:27: 53:bd:b1:6c:11:11:6e:f2:9a:f3:9f:21:0f:5f:9c: 73:61:b9:25:5a:46:c1:78:a8:6f:d8:ea:b5:26:d1: 7f:40:49:25:8b:f0:b2:31:65:50:7b:78:16:1f:a7: 38:11:94:02:b5:37:3c:68:6a:31:52:4d:95:e8:1e: 57:ee:e0:7f:9f:ca:7e:4d:1e:a3:8e:4d:88:b1:cb: a4:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:12:3F:F5:1D:C0:3D:D2:F0:5C:3D:BE:2C:8C:38:83:28:00:29:19 X509v3 Authority Key Identifier: keyid:B6:54:DD:5F:5B:15:20:B3:25:BC:09:C4:BF:4C:AD:F3:CA:FB:34:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/tlTdX1sVILMlvAnEv0yt88r7NCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlTdX1sVILMlvAnEv0yt88r7NCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3B25/7E892CC2F61511E7B830096DC4F9AE02/3D13A01EA9AB11EAA4DBEA5EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.210.56.0/22 IPv6: 2404:6480::/32 Signature Algorithm: sha256WithRSAEncryption 53:cb:ae:44:6f:ed:1a:04:2b:5b:75:06:3e:40:7f:d4:4a:82: 6a:61:f7:64:26:5c:95:f5:e3:af:87:00:05:dc:3d:46:56:63: 75:82:8e:af:85:10:07:63:bb:b4:36:91:71:db:fd:c7:06:78: a0:a4:d5:07:2b:5b:d8:01:ac:ab:8c:db:4b:c6:22:0f:1d:18: 6c:d5:f1:50:dd:63:a0:53:41:7c:b1:46:9e:ca:50:5c:3f:a5: f6:74:99:23:f9:c1:fc:c5:eb:54:85:82:6d:a2:aa:9e:36:a6: 76:df:e4:7f:f0:a5:e4:9e:b7:d2:4f:27:77:2f:38:82:4b:62: 3a:7e:05:1e:56:06:a6:a9:bf:5a:0d:4d:15:e9:e3:cb:52:29: 0c:b5:50:f8:73:aa:69:62:60:4c:1c:c7:ef:4c:b5:fe:fe:4a: 58:93:53:c8:4b:76:f3:70:4c:6e:9f:6c:de:b0:53:a1:bf:be: ef:7f:0b:16:9d:b0:54:f1:c4:53:6b:6e:c7:cd:ed:8f:5f:2c: 5e:f4:9d:8e:6a:3b:5e:5c:56:c4:f3:92:17:85:08:cb:94:a2: b9:0f:21:78:7f:34:12:59:d1:36:0b:1d:6a:c8:c5:c4:16:93: 1d:bb:52:95:4a:f0:c3:ef:48:04:73:d5:ec:90:13:b4:30:a5: 94:07:b3:96 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCMjUxMTAvBgNVBAUTKEI2NTRERDVGNUIxNTIwQjMyNUJDMDlDNEJGNENBREYz Q0FGQjM0MjkwHhcNMjUwNDA4MTY1NTE2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y1NTRmNC03ODBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqcZ09XQeSqqDEY58aXQDzAI/GhwTYL/79mPh3+4eOYlomfp+QjA1uYPhKd5l kGWcMBfbDAr6PCMdzcBvMRNccA+x39O/5w+/b4fdsjwz3ZPjHUaQT4dBvrPUdKdU Zy+gipZj7uZhdHTgykDB+JqAF1YfbKEh/zn5aGgxIl4EgZFacPlarThaJ1l3bo5c jAM3QGCKZVWi6h1xbYfDF2Y+zq6mvYwhuAS0dd8gZuwGfAt//idTvbFsERFu8prz nyEPX5xzYbklWkbBeKhv2Oq1JtF/QEkli/CyMWVQe3gWH6c4EZQCtTc8aGoxUk2V 6B5X7uB/n8p+TR6jjk2IscukZQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHcSP/Ud wD3S8Fw9viyMOIMoACkZMB8GA1UdIwQYMBaAFLZU3V9bFSCzJbwJxL9MrfPK+zQp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0IyNS83RTg5MkNDMkY2 MTUxMUU3QjgzMDA5NkRDNEY5QUUwMi90bFRkWDFzVklMTWx2QW5FdjB5dDg4cjdO Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RsVGRYMXNWSUxNbHZBbkV2MHl0ODhyN05Day5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTNCMjUvN0U4OTJDQzJGNjE1MTFFN0I4MzAwOTZEQzRGOUFFMDIvM0QxM0EwMUVB OUFCMTFFQUE0REJFQTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJn0jgwDQQCAAIwBwMFACQEZIAwDQYJKoZIhvcNAQELBQAD ggEBAFPLrkRv7RoEK1t1Bj5Af9RKgmph92QmXJX146+HAAXcPUZWY3WCjq+FEAdj u7Q2kXHb/ccGeKCk1QcrW9gBrKuM20vGIg8dGGzV8VDdY6BTQXyxRp7KUFw/pfZ0 mSP5wfzF61SFgm2iqp42pnbf5H/wpeSet9JPJ3cvOIJLYjp+BR5WBqapv1oNTRXp 48tSKQy1UPhzqmliYEwcx+9Mtf7+SliTU8hLdvNwTG6fbN6wU6G/vu9/CxadsFTx xFNrbsfN7Y9fLF70nY5qO15cVsTzkheFCMuUorkPIXh/NBJZ0TYLHWrIxcQWkx27 UpVK8MPvSARz1eyQE7QwpZQHs5Y= -----END CERTIFICATE-----Generated at Sat Apr 26 05:49:22 2025 by rpki-client