$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa File: 14ED07C27B8D11EDB395B621C4F9AE02.roa (raw, json) Hash identifier: QWOTAeLgnWJFAAIChZL1m0e0kICN2c6Ng+tc3RXx8Yg= Subject key identifier: 7F:76:4B:FF:51:BB:0C:80:FD:B6:5B:0B:0D:6D:A9:8A:AD:F4:C0:90 Certificate issuer: /CN=A91EA7B2/serialNumber=1156205EC7380A00F10F3410114D040357F00FF1 Certificate serial: 0DD8 Authority key identifier: 11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa Signing time: Fri 07 Feb 2025 09:37:25 +0000 ROA not before: Fri 07 Feb 2025 09:37:25 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 134190 IP address blocks: 103.117.128.0/24 maxlen: 24 103.117.129.0/24 maxlen: 24 103.117.129.0/25 maxlen: 32 103.117.129.128/25 maxlen: 32 103.117.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:49:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3544 (0xdd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA7B2, serialNumber=1156205EC7380A00F10F3410114D040357F00FF1 Validity Not Before: Feb 7 09:37:25 2025 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=67a5d454-fde8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:b9:e6:1e:ad:81:13:80:d9:6b:cc:63:fb:1a: d5:11:35:ea:15:ff:9b:31:a1:24:f7:ee:81:3c:77: 21:6d:a6:cc:3d:20:2e:0e:a5:3f:6b:60:eb:2b:2b: e7:02:47:14:94:c4:43:65:d6:ff:2e:2d:a4:68:58: 32:c2:b4:06:f5:85:4e:0b:1e:21:1b:56:89:d6:12: 0d:15:e3:c8:32:b5:6f:74:83:09:98:0d:43:65:91: a5:c3:65:f0:49:16:cd:a5:ca:0f:76:a6:f0:24:64: a1:cc:71:88:a9:ea:da:5b:be:fa:88:fa:e4:1a:cb: f1:c8:c4:68:23:da:0d:3e:6c:16:8b:6f:61:1c:a0: a3:40:13:0e:20:91:39:c5:26:2d:ab:d9:5e:12:d5: 24:1d:b5:09:0f:3e:b8:ff:dd:4f:00:9d:e4:bf:a1: 54:9e:97:25:ad:69:7f:fc:c3:3a:2a:da:56:94:e9: 61:fe:d5:56:98:43:39:af:a9:c0:eb:4b:2f:e5:f8: 59:9c:03:b5:7f:5b:33:dc:c5:60:2a:6d:48:17:49: 96:b1:ec:f7:c3:6e:1c:aa:fa:4f:ec:36:e6:81:11: b5:a3:73:75:07:d9:f9:fd:92:31:66:51:40:3b:32: 35:b8:7b:ce:0d:53:e6:6f:9b:1f:db:d7:d8:a8:d4: ca:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:76:4B:FF:51:BB:0C:80:FD:B6:5B:0B:0D:6D:A9:8A:AD:F4:C0:90 X509v3 Authority Key Identifier: keyid:11:56:20:5E:C7:38:0A:00:F1:0F:34:10:11:4D:04:03:57:F0:0F:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/EVYgXsc4CgDxDzQQEU0EA1fwD_E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EVYgXsc4CgDxDzQQEU0EA1fwD_E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA7B2/3EE3235AAE9911E9AC50E17BC4F9AE02/14ED07C27B8D11EDB395B621C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.117.128.0/23 103.117.131.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:6c:ac:8e:a4:d1:3b:aa:9b:9e:70:fd:6d:69:62:60:9a:e1: c2:e0:31:cb:e9:c2:c4:78:23:31:0d:f3:95:66:09:09:c7:f8: 00:22:df:dd:86:28:c8:93:a3:53:5e:13:b2:2b:4c:d5:e8:30: d0:35:7c:b0:15:66:14:40:a4:cc:b3:4e:85:3e:ca:ae:df:66: 33:1e:46:5d:dc:69:f9:83:ec:ea:25:7f:af:24:0f:fe:e6:1b: c9:81:f4:3c:f6:e7:ec:17:fd:df:16:5f:3c:c8:56:df:c7:ca: ec:f8:ce:09:b0:fb:a9:ac:a7:0f:a7:80:76:1e:a9:e2:39:20: d6:34:bc:43:ba:d7:7a:00:32:44:8a:71:b6:5c:26:c9:fc:f4: 72:f0:c7:c4:27:b8:ec:11:f9:9a:a7:fc:62:a6:ce:8e:59:a0: 15:7c:2b:70:cf:41:85:80:e3:20:76:04:98:11:07:d8:18:60: cf:e3:bd:29:3c:89:c2:dc:85:61:48:29:68:c5:f8:c9:f7:a7: 99:54:32:da:49:4b:b5:97:f8:53:c8:6c:7e:35:bb:bf:d0:f5: 49:1f:3c:9e:db:c8:b6:98:21:60:89:27:1a:f2:a7:bb:d6:67: a1:54:aa:33:65:ba:01:28:60:1a:5d:65:8f:ff:73:5f:7f:41: 2a:ba:b2:7e -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICDdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE3QjIxMTAvBgNVBAUTKDExNTYyMDVFQzczODBBMDBGMTBGMzQxMDExNEQwNDAz NTdGMDBGRjEwHhcNMjUwMjA3MDkzNzI1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2E1ZDQ1NC1mZGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA37nmHq2BE4DZa8xj+xrVETXqFf+bMaEk9+6BPHchbabMPSAuDqU/a2DrKyvn AkcUlMRDZdb/Li2kaFgywrQG9YVOCx4hG1aJ1hINFePIMrVvdIMJmA1DZZGlw2Xw SRbNpcoPdqbwJGShzHGIqeraW776iPrkGsvxyMRoI9oNPmwWi29hHKCjQBMOIJE5 xSYtq9leEtUkHbUJDz64/91PAJ3kv6FUnpclrWl//MM6KtpWlOlh/tVWmEM5r6nA 60sv5fhZnAO1f1sz3MVgKm1IF0mWsez3w24cqvpP7DbmgRG1o3N1B9n5/ZIxZlFA OzI1uHvODVPmb5sf29fYqNTKlQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFH92S/9R uwyA/bZbCw1tqYqt9MCQMB8GA1UdIwQYMBaAFBFWIF7HOAoA8Q80EBFNBANX8A/x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTdCMi8zRUUzMjM1QUFF OTkxMUU5QUM1MEUxN0JDNEY5QUUwMi9FVllnWHNjNENnRHhEelFRRVUwRUExZndE X0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VWWWdYc2M0Q2dEeER6UVFFVTBFQTFmd0RfRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUE3QjIvM0VFMzIzNUFBRTk5MTFFOUFDNTBFMTdCQzRGOUFFMDIvMTRFRDA3QzI3 QjhEMTFFREIzOTVCNjIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAFndYADBABndYMwDQYJKoZIhvcNAQELBQADggEBAItsrI6k 0Tuqm55w/W1pYmCa4cLgMcvpwsR4IzEN85VmCQnH+AAi392GKMiTo1NeE7IrTNXo MNA1fLAVZhRApMyzToU+yq7fZjMeRl3cafmD7Oolf68kD/7mG8mB9Dz25+wX/d8W XzzIVt/Hyuz4zgmw+6mspw+ngHYeqeI5INY0vEO613oAMkSKcbZcJsn89HLwx8Qn uOwR+Zqn/GKmzo5ZoBV8K3DPQYWA4yB2BJgRB9gYYM/jvSk8icLchWFIKWjF+Mn3 p5lUMtpJS7WX+FPIbH41u7/Q9UkfPJ7byLaYIWCJJxryp7vWZ6FUqjNlugEoYBpd ZY//c19/QSq6sn4= -----END CERTIFICATE-----Generated at Sat Apr 26 08:10:42 2025 by rpki-client