$ rpki-client -vvf rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/9FBFD358C0F911EFA63F3E64C4F9AE02.roa File: 9FBFD358C0F911EFA63F3E64C4F9AE02.roa (raw, json) Hash identifier: yc1nPimI0kUiUPjKIX7+rUbHKCs59csyBzZSSe87J8M= Subject key identifier: 8A:46:09:81:17:73:F9:92:BA:9D:4B:59:CE:E3:EC:D9:5B:78:BA:CB Certificate issuer: /CN=A91E80FB/serialNumber=4085AE134B6338A127657283EBBC16C12F20B862 Certificate serial: 039D Authority key identifier: 40:85:AE:13:4B:63:38:A1:27:65:72:83:EB:BC:16:C1:2F:20:B8:62 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/9FBFD358C0F911EFA63F3E64C4F9AE02.roa Signing time: Tue 25 Feb 2025 02:14:13 +0000 ROA not before: Tue 25 Feb 2025 02:14:13 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 141688 IP address blocks: 103.162.4.0/23 maxlen: 23 103.162.4.0/24 maxlen: 24 103.162.5.0/24 maxlen: 24 118.91.190.0/24 maxlen: 24 202.89.73.0/24 maxlen: 24 2407:bc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.crl rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:30:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 925 (0x39d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E80FB, serialNumber=4085AE134B6338A127657283EBBC16C12F20B862 Validity Not Before: Feb 25 02:14:13 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67bd2775-9d4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ab:b2:1d:f8:9e:7e:97:58:cd:89:29:03:01: 44:0f:75:5a:2b:92:7d:3e:a5:a1:d1:d7:38:24:12: 53:5d:b7:d0:24:bc:77:a6:d3:6a:b1:68:91:f5:83: 4a:52:3d:85:72:1b:17:51:c9:f2:73:7a:3f:b3:98: c8:a3:86:cf:e5:45:94:0c:62:4e:0c:e0:e3:89:b2: 47:34:73:f7:72:5f:f6:82:d1:7f:e7:8a:ad:e1:d2: ad:4c:37:79:70:d8:93:7d:de:ff:b1:fa:cd:bd:fd: f7:4a:11:bd:a4:09:99:21:63:25:5f:08:dc:57:11: c6:3f:19:28:98:94:e2:73:b6:de:59:88:2d:ae:04: 46:de:8d:e8:3f:60:a3:12:ca:d7:9d:de:81:b2:52: 4d:38:01:bf:93:a3:a5:cc:4b:71:43:b9:2d:ed:14: 9d:49:f4:37:d4:62:34:5f:a1:86:24:69:a4:73:e9: 34:9c:f6:b8:eb:8f:7d:28:bf:8f:bf:96:a3:9c:cd: 06:de:d1:bb:be:4b:58:a5:13:41:fd:2e:26:fe:7e: b6:b5:8f:7d:f3:f8:cd:c3:4e:89:fc:07:ee:69:31: ac:b5:5f:4f:43:c6:93:54:ae:5a:2f:47:4c:2f:d9: f0:ec:b1:29:10:25:1c:67:18:63:a9:12:af:96:1a: c6:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:46:09:81:17:73:F9:92:BA:9D:4B:59:CE:E3:EC:D9:5B:78:BA:CB X509v3 Authority Key Identifier: keyid:40:85:AE:13:4B:63:38:A1:27:65:72:83:EB:BC:16:C1:2F:20:B8:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/QIWuE0tjOKEnZXKD67wWwS8guGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QIWuE0tjOKEnZXKD67wWwS8guGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E80FB/628D520C8FB611EC92BD2510C4F9AE02/9FBFD358C0F911EFA63F3E64C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.162.4.0/23 118.91.190.0/24 202.89.73.0/24 IPv6: 2407:bc0::/32 Signature Algorithm: sha256WithRSAEncryption 9e:fc:83:9a:c0:10:3f:55:31:61:45:b0:82:dd:6a:cb:a4:57: c4:6e:7f:96:24:25:0f:17:bc:7c:47:bb:41:2f:d2:58:d7:aa: 2d:b9:89:26:58:93:d7:36:35:cf:c6:57:2a:fa:3a:32:70:d2: 6d:02:26:98:01:6f:cd:a8:40:fd:1a:86:12:e9:a0:8c:66:17: 56:c2:46:a5:e1:c0:e6:1b:30:bb:ab:a4:1b:79:31:29:07:11: b0:f6:7b:de:16:eb:ab:a1:4e:d5:24:77:b8:31:07:dd:88:74: bf:7f:a0:ee:cb:dd:27:32:17:33:c0:f4:55:0b:5a:e1:5f:95: 50:62:6f:a1:3a:f3:17:62:3a:54:9b:40:9c:af:44:cf:ec:9d: f5:76:27:16:f2:22:6f:04:49:74:2a:79:1c:ec:db:47:eb:de: eb:3f:13:de:7a:08:ed:7a:9e:ae:57:b5:66:b6:2f:9c:f3:cd: b3:7f:3f:25:af:4c:c8:fe:7f:4d:b1:b7:b2:c9:97:09:ac:72: 92:5c:61:ef:9a:56:14:46:b7:90:f5:d2:66:0e:c3:d6:ee:29: 32:82:0e:2d:40:08:a9:f5:da:84:1d:3b:dd:04:cc:08:e3:a7: 34:cd:11:45:f7:68:12:36:87:61:1d:dd:1e:71:c7:69:2f:e9: 81:21:77:98 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICA50wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTgwRkIxMTAvBgNVBAUTKDQwODVBRTEzNEI2MzM4QTEyNzY1NzI4M0VCQkMxNkMx MkYyMEI4NjIwHhcNMjUwMjI1MDIxNDEzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2JkMjc3NS05ZDRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyauyHfiefpdYzYkpAwFED3VaK5J9PqWh0dc4JBJTXbfQJLx3ptNqsWiR9YNK Uj2FchsXUcnyc3o/s5jIo4bP5UWUDGJODODjibJHNHP3cl/2gtF/54qt4dKtTDd5 cNiTfd7/sfrNvf33ShG9pAmZIWMlXwjcVxHGPxkomJTic7beWYgtrgRG3o3oP2Cj EsrXnd6BslJNOAG/k6OlzEtxQ7kt7RSdSfQ31GI0X6GGJGmkc+k0nPa46499KL+P v5ajnM0G3tG7vktYpRNB/S4m/n62tY998/jNw06J/AfuaTGstV9PQ8aTVK5aL0dM L9nw7LEpECUcZxhjqRKvlhrGdwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFIpGCYEX c/mSup1LWc7j7NlbeLrLMB8GA1UdIwQYMBaAFECFrhNLYzihJ2Vyg+u8FsEvILhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODBGQi82MjhENTIwQzhG QjYxMUVDOTJCRDI1MTBDNEY5QUUwMi9RSVd1RTB0ak9LRW5aWEtENjd3V3dTOGd1 R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FJV3VFMHRqT0tFblpYS0Q2N3dXd1M4Z3VHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTgwRkIvNjI4RDUyMEM4RkI2MTFFQzkyQkQyNTEwQzRGOUFFMDIvOUZCRkQzNThD MEY5MTFFRkE2M0YzRTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAFnogQDBAB2W74DBADKWUkwDQQCAAIwBwMFACQHC8AwDQYJ KoZIhvcNAQELBQADggEBAJ78g5rAED9VMWFFsILdasukV8Ruf5YkJQ8XvHxHu0Ev 0ljXqi25iSZYk9c2Nc/GVyr6OjJw0m0CJpgBb82oQP0ahhLpoIxmF1bCRqXhwOYb MLurpBt5MSkHEbD2e94W66uhTtUkd7gxB92IdL9/oO7L3ScyFzPA9FULWuFflVBi b6E68xdiOlSbQJyvRM/snfV2JxbyIm8ESXQqeRzs20fr3us/E956CO16nq5XtWa2 L5zzzbN/PyWvTMj+f02xt7LJlwmscpJcYe+aVhRGt5D10mYOw9buKTKCDi1ACKn1 2oQdO90EzAjjpzTNEUX3aBI2h2Ed3R5xx2kv6YEhd5g= -----END CERTIFICATE-----Generated at Sat Apr 26 15:19:51 2025 by rpki-client