$ rpki-client -vvf rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/A9204F96917F11EDA5B26357C4F9AE02.roa File: A9204F96917F11EDA5B26357C4F9AE02.roa (raw, json) Hash identifier: GKHRKfwk3bqrqOFGPvJ+kjY0NTnB33jXoiW8bXeNOjw= Subject key identifier: E3:E0:B7:EA:E9:3D:0A:BD:B9:AC:D8:A1:24:CF:77:38:C2:9C:B4:E5 Certificate issuer: /CN=A91E57DC/serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742 Certificate serial: 10FB Authority key identifier: 22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/A9204F96917F11EDA5B26357C4F9AE02.roa Signing time: Sat 12 Apr 2025 17:26:30 +0000 ROA not before: Sat 12 Apr 2025 17:26:30 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 147314 IP address blocks: 103.86.192.0/24 maxlen: 24 220.152.115.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:19:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4347 (0x10fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E57DC, serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742 Validity Not Before: Apr 12 17:26:30 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67faa246-ac65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e2:ed:5d:ff:f8:fa:ec:f2:84:af:16:19:55: 24:67:8a:5b:64:d1:af:85:7f:5e:02:30:e3:e3:c7: 62:76:51:3e:7d:2b:c6:d1:64:8b:f7:d6:a5:25:15: a1:09:c6:31:eb:6e:05:37:7a:61:4c:47:a9:d7:47: 15:27:68:91:99:ba:d3:84:b2:8f:28:e7:b8:01:d3: 84:63:ba:06:8f:34:66:c1:e6:bd:b5:2f:10:4f:92: a1:0c:35:29:fe:51:3b:c1:40:93:aa:a2:86:7b:a4: 0d:d3:28:0b:13:4a:32:69:70:bb:1b:56:c5:81:04: a4:ab:e9:df:42:05:7f:7c:6f:ea:bd:b9:a4:ed:ca: 7f:20:7b:e8:5f:0b:ef:22:d9:0c:44:2d:29:04:e6: 74:ca:0b:67:77:7c:04:d3:80:ab:9f:1e:7e:d4:cb: d0:b8:70:3f:98:ce:ff:2b:48:e8:0a:cd:44:8a:d1: ca:bb:96:c5:ef:0f:3f:0a:a4:3c:0c:87:1c:4e:bb: fd:11:9c:f1:54:f3:82:eb:bf:f4:7a:bc:20:ff:3b: e6:f6:64:06:a0:18:cd:b5:55:71:23:df:12:6e:97: fc:80:dc:1e:b9:f1:b6:e6:2b:0f:31:42:59:53:ac: 05:10:f9:24:71:4b:0c:6f:cc:aa:28:ca:48:bf:93: b6:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:E0:B7:EA:E9:3D:0A:BD:B9:AC:D8:A1:24:CF:77:38:C2:9C:B4:E5 X509v3 Authority Key Identifier: keyid:22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/A9204F96917F11EDA5B26357C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.86.192.0/24 220.152.115.0/24 Signature Algorithm: sha256WithRSAEncryption 80:d1:ea:3e:55:fe:b2:5a:67:82:84:45:66:e8:83:79:0c:e3: f1:57:a1:ac:1b:bb:2b:e9:33:6e:92:df:e3:3c:94:59:cf:05: 46:41:e5:ee:8c:61:79:bd:87:27:67:59:10:2e:50:a0:53:48: 5e:ad:6c:ee:6d:b7:1b:e7:6d:3a:21:92:79:d2:13:63:90:e6: af:55:28:2a:99:aa:ec:b5:97:d7:33:9d:27:ff:8f:6e:21:ae: c0:75:de:f4:67:5e:42:c4:94:60:6f:ca:e9:94:dd:ae:f2:1a: f6:31:7f:b5:90:b6:7e:80:5b:0e:f2:8c:02:f7:75:21:a4:98: c9:ae:fd:34:6a:db:9a:84:44:d2:39:ce:9e:00:b2:d8:34:54: 92:a0:51:e0:63:02:a3:eb:85:7a:d1:95:16:0f:fe:ef:f1:40: 74:bf:8e:4c:f4:a8:bf:0f:c1:e8:98:2b:d7:91:c7:67:a0:76: 9b:cf:e5:27:93:2e:9d:eb:4a:dc:d2:89:a9:d3:77:c8:54:a6: c3:36:b2:ad:95:0c:f6:6e:60:2f:e2:fd:4e:57:a5:5e:16:92: 94:88:8a:45:f6:d9:a8:bb:a3:10:9f:bd:b8:6b:49:8d:3a:60: ac:d4:fb:a9:9d:c7:a6:42:7b:f6:9b:a3:32:e3:49:90:76:ca: 87:06:0f:65 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICEPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTU3REMxMTAvBgNVBAUTKDIyQjFBNzE3NUU3NUZGRDg0NzM5MUYyQzJFOTY2NUU0 RUVFMUI3NDIwHhcNMjUwNDEyMTcyNjMwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2ZhYTI0Ni1hYzY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsOLtXf/4+uzyhK8WGVUkZ4pbZNGvhX9eAjDj48didlE+fSvG0WSL99alJRWh CcYx624FN3phTEep10cVJ2iRmbrThLKPKOe4AdOEY7oGjzRmwea9tS8QT5KhDDUp /lE7wUCTqqKGe6QN0ygLE0oyaXC7G1bFgQSkq+nfQgV/fG/qvbmk7cp/IHvoXwvv ItkMRC0pBOZ0ygtnd3wE04Crnx5+1MvQuHA/mM7/K0joCs1EitHKu5bF7w8/CqQ8 DIccTrv9EZzxVPOC67/0erwg/zvm9mQGoBjNtVVxI98Sbpf8gNweufG25isPMUJZ U6wFEPkkcUsMb8yqKMpIv5O2DwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOPgt+rp PQq9uazYoSTPdzjCnLTlMB8GA1UdIwQYMBaAFCKxpxdedf/YRzkfLC6WZeTu4bdC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTdEQy8zNUY3OTg2NjFG MDExMUU5QjFBQTk0MzZDNEY5QUUwMi9JckduRjE1MV85aEhPUjhzTHBabDVPN2h0 MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lyR25GMTUxXzloSE9SOHNMcFpsNU83aHQwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTU3REMvMzVGNzk4NjYxRjAxMTFFOUIxQUE5NDM2QzRGOUFFMDIvQTkyMDRGOTY5 MTdGMTFFREE1QjI2MzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBABnVsADBADcmHMwDQYJKoZIhvcNAQELBQADggEBAIDR6j5V /rJaZ4KERWbog3kM4/FXoawbuyvpM26S3+M8lFnPBUZB5e6MYXm9hydnWRAuUKBT SF6tbO5ttxvnbTohknnSE2OQ5q9VKCqZquy1l9cznSf/j24hrsB13vRnXkLElGBv yumU3a7yGvYxf7WQtn6AWw7yjAL3dSGkmMmu/TRq25qERNI5zp4Astg0VJKgUeBj AqPrhXrRlRYP/u/xQHS/jkz0qL8PweiYK9eRx2egdpvP5SeTLp3rStzSianTd8hU psM2sq2VDPZuYC/i/U5XpV4WkpSIikX22ai7oxCfvbhrSY06YKzU+6mdx6ZCe/ab ozLjSZB2yocGD2U= -----END CERTIFICATE-----Generated at Sat Apr 26 08:20:26 2025 by rpki-client