$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/D0CF108ED85111EF9DC0826CC4F9AE02.roa File: D0CF108ED85111EF9DC0826CC4F9AE02.roa (raw, json) Hash identifier: zvHITej7x6G5n4QCQAElY7CsJ+bvYQTRcFwTwkacxFI= Subject key identifier: 2A:AF:DE:BB:1B:54:51:2F:28:D6:6B:0B:5D:D7:4D:43:F2:3D:68:E7 Certificate issuer: /CN=A91E3BB3/serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Certificate serial: 080C Authority key identifier: 3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/D0CF108ED85111EF9DC0826CC4F9AE02.roa Signing time: Tue 21 Jan 2025 23:45:38 +0000 ROA not before: Tue 21 Jan 2025 23:45:38 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 140933 IP address blocks: 103.153.152.0/23 maxlen: 24 2406:46c0::/32 maxlen: 32 2406:46c0::/36 maxlen: 36 2406:46c0:1000::/36 maxlen: 36 2406:46c0:2000::/36 maxlen: 36 2406:46c0:3000::/36 maxlen: 36 2406:46c0:4000::/36 maxlen: 36 2406:46c0:5000::/36 maxlen: 36 2406:46c0:6000::/36 maxlen: 36 2406:46c0:7000::/36 maxlen: 36 2406:46c0:8000::/36 maxlen: 36 2406:46c0:9000::/36 maxlen: 36 2406:46c0:a000::/36 maxlen: 36 2406:46c0:b000::/36 maxlen: 36 2406:46c0:c000::/36 maxlen: 36 2406:46c0:d000::/36 maxlen: 36 2406:46c0:e000::/36 maxlen: 36 2406:46c0:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:38:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2060 (0x80c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BB3, serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Validity Not Before: Jan 21 23:45:38 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=679031a2-2478 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:02:aa:57:3e:0c:41:ca:9a:69:73:9a:b6:ca: aa:31:61:c0:9a:98:9a:cb:a6:b0:40:2e:8c:3c:16: d1:d9:9f:d6:81:67:33:27:5d:30:53:8f:4b:22:d4: 52:1c:fe:66:58:46:6a:7f:06:92:bb:7a:65:e4:13: 54:1b:71:59:8c:d1:8f:38:71:73:45:76:0d:11:48: d3:4a:44:7c:f3:7c:ab:20:34:b5:1e:36:a9:e7:5a: 59:d4:ef:0c:46:50:b4:80:22:97:ec:17:2e:6f:85: 03:8a:81:d2:11:82:d3:f8:62:80:ae:d3:14:c1:4a: a8:06:df:15:c1:6b:4a:2c:74:3e:6d:82:52:e7:61: bc:0b:23:89:ce:20:12:e5:7f:09:9a:a1:1d:d4:0a: 32:85:cc:ca:67:7b:18:b0:86:0a:58:bd:18:9e:dc: 15:1f:33:92:05:5d:24:9d:0b:38:4c:22:b4:99:02: 71:75:b2:ce:36:00:1f:1f:7c:0b:21:97:83:7c:ff: 65:39:8b:f4:a3:01:ee:49:1d:19:4e:ba:0a:47:62: 61:6a:b7:cc:ac:73:bc:d2:c2:38:ea:00:13:00:b1: e1:53:af:9a:08:ea:d0:6c:07:0a:5e:72:ad:e3:62: 38:d8:d2:53:9c:9f:3b:e0:cd:a9:3c:16:19:24:eb: 31:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:AF:DE:BB:1B:54:51:2F:28:D6:6B:0B:5D:D7:4D:43:F2:3D:68:E7 X509v3 Authority Key Identifier: keyid:3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/D0CF108ED85111EF9DC0826CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.153.152.0/23 IPv6: 2406:46c0::/32 Signature Algorithm: sha256WithRSAEncryption ba:4f:3f:6f:65:4c:64:7f:88:73:68:99:6e:79:46:69:a4:2a: 19:30:9b:45:6e:60:ca:3b:3d:95:ff:47:cf:e5:9f:c6:16:76: e6:2a:9b:6a:aa:ab:b5:f5:52:f1:79:33:79:eb:a9:19:f1:b2: 16:e4:46:ef:3e:37:34:96:5d:33:ad:81:4e:2e:c5:a7:2a:ee: 01:2b:16:e9:a1:73:9e:35:00:00:62:f8:00:6e:bd:d3:91:7d: 5e:49:6d:b0:23:95:32:8c:d8:63:c5:9b:dc:97:91:fc:7f:52: d0:6a:e6:9f:39:8e:a7:ca:85:c6:07:62:e1:af:4f:17:76:05: ef:34:79:fd:4a:39:b3:27:0c:03:08:d2:2c:f3:f6:c3:b8:0f: 04:3a:68:98:16:c8:4c:d6:10:2e:dd:b4:9a:99:2c:7c:96:19: db:71:fe:88:11:a1:06:e5:8b:7f:cd:a2:59:a6:c2:e9:27:5d: 61:bb:65:00:c5:4a:df:0b:17:9d:9c:08:03:dd:9d:1b:04:d9: ec:bc:5d:73:d9:f6:99:bd:0e:f7:25:73:09:59:2e:d1:99:50: 5a:b6:5f:37:75:07:9d:6a:64:3f:67:d3:2d:75:8d:37:bb:81: 8e:15:a1:74:15:e1:4b:48:4b:1b:35:6f:88:90:5f:dc:c4:6c: b1:c6:e9:44 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCQjMxMTAvBgNVBAUTKDNDREY0M0Q3MTdGQzU4NDlGMjNBOTRFMjlBNzcyQjI4 QTVENzAxRTMwHhcNMjUwMTIxMjM0NTM4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzkwMzFhMi0yNDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1AKqVz4MQcqaaXOatsqqMWHAmpiay6awQC6MPBbR2Z/WgWczJ10wU49LItRS HP5mWEZqfwaSu3pl5BNUG3FZjNGPOHFzRXYNEUjTSkR883yrIDS1Hjap51pZ1O8M RlC0gCKX7Bcub4UDioHSEYLT+GKArtMUwUqoBt8VwWtKLHQ+bYJS52G8CyOJziAS 5X8JmqEd1AoyhczKZ3sYsIYKWL0YntwVHzOSBV0knQs4TCK0mQJxdbLONgAfH3wL IZeDfP9lOYv0owHuSR0ZTroKR2JharfMrHO80sI46gATALHhU6+aCOrQbAcKXnKt 42I42NJTnJ874M2pPBYZJOsxxQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCqv3rsb VFEvKNZrC13XTUPyPWjnMB8GA1UdIwQYMBaAFDzfQ9cX/FhJ8jqU4pp3Kyil1wHj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JCMy85NUFFQTlFOENC RTQxMUVBODA2QTRBNzVDNEY5QUUwMi9QTjlEMXhmOFdFbnlPcFRpbW5jcktLWFhB ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BOOUQxeGY4V0VueU9wVGltbmNyS0tYWEFlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTNCQjMvOTVBRUE5RThDQkU0MTFFQTgwNkE0QTc1QzRGOUFFMDIvRDBDRjEwOEVE ODUxMTFFRjlEQzA4MjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnmZgwDQQCAAIwBwMFACQGRsAwDQYJKoZIhvcNAQELBQAD ggEBALpPP29lTGR/iHNomW55RmmkKhkwm0VuYMo7PZX/R8/ln8YWduYqm2qqq7X1 UvF5M3nrqRnxshbkRu8+NzSWXTOtgU4uxacq7gErFumhc541AABi+ABuvdORfV5J bbAjlTKM2GPFm9yXkfx/UtBq5p85jqfKhcYHYuGvTxd2Be80ef1KObMnDAMI0izz 9sO4DwQ6aJgWyEzWEC7dtJqZLHyWGdtx/ogRoQbli3/NolmmwuknXWG7ZQDFSt8L F52cCAPdnRsE2ey8XXPZ9pm9DvclcwlZLtGZUFq2Xzd1B51qZD9n0y11jTe7gY4V oXQV4UtISxs1b4iQX9zEbLHG6UQ= -----END CERTIFICATE-----Generated at Sat Apr 26 15:09:42 2025 by rpki-client