$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/9EF5320617C811ED95FB874FC4F9AE02.roa File: 9EF5320617C811ED95FB874FC4F9AE02.roa (raw, json) Hash identifier: yklEZhBevYrGub8wKzCUI7Nu4x7RpinOoVY5WtDLrAg= Subject key identifier: 24:F4:2D:E4:93:FF:2F:18:27:0B:7B:ED:27:58:A7:FB:1E:6B:D6:B1 Certificate issuer: /CN=A91EEE1B/serialNumber=85902908828B0331E948D46EDB3825FF603DB986 Certificate serial: 06CE Authority key identifier: 85:90:29:08:82:8B:03:31:E9:48:D4:6E:DB:38:25:FF:60:3D:B9:86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZApCIKLAzHpSNRu2zgl_2A9uYY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/9EF5320617C811ED95FB874FC4F9AE02.roa Signing time: Thu 24 Apr 2025 12:33:16 +0000 ROA not before: Thu 24 Apr 2025 12:33:16 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 10122 IP address blocks: 45.249.44.0/24 maxlen: 24 45.249.45.0/24 maxlen: 24 45.249.46.0/23 maxlen: 23 45.249.46.0/24 maxlen: 24 45.249.47.0/24 maxlen: 24 103.208.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/hZApCIKLAzHpSNRu2zgl_2A9uYY.crl rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/hZApCIKLAzHpSNRu2zgl_2A9uYY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZApCIKLAzHpSNRu2zgl_2A9uYY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1742 (0x6ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EEE1B, serialNumber=85902908828B0331E948D46EDB3825FF603DB986 Validity Not Before: Apr 24 12:33:16 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=680a2f8c-63d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:e1:f0:33:93:da:64:30:b7:ff:68:88:f3:14: 16:28:e6:7c:ce:95:80:f4:72:7f:b0:75:1e:b9:c9: 16:6d:37:5e:d1:f9:67:09:fe:f3:11:c0:d4:4f:3e: e7:79:69:6f:3a:7a:e0:c7:56:c2:26:67:cf:81:63: ef:54:67:a2:63:41:5f:69:1c:21:6d:e8:f7:7b:05: d9:11:1f:ae:31:5b:6d:50:ec:0a:30:4d:9d:b6:37: a5:4e:68:cd:68:94:1e:9b:43:1e:50:09:d5:fc:42: 03:63:8b:4b:6a:9e:38:3e:de:89:98:e1:45:47:0d: 06:d0:c4:34:d6:d4:d3:27:f0:a2:34:0a:80:36:7f: 92:da:6d:8b:99:1d:03:14:e7:53:b8:dd:df:14:2d: 5c:85:b8:4c:2c:df:e1:0e:d5:c3:2b:41:e1:e0:0d: 85:cf:a9:74:71:20:d0:0b:3e:8e:31:ab:cb:08:31: 17:9f:ae:f6:33:62:46:5d:63:92:d6:b5:07:05:ff: 07:70:a3:cd:19:eb:db:1c:11:ef:9e:11:8e:55:b8: 89:fd:26:40:44:aa:1c:f2:8d:98:cd:c3:ea:68:27: 70:42:1b:65:18:ba:b4:37:32:7c:93:51:2d:85:45: 35:d9:4b:f8:c2:bd:41:c7:83:41:30:8b:c5:e3:43: b1:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:F4:2D:E4:93:FF:2F:18:27:0B:7B:ED:27:58:A7:FB:1E:6B:D6:B1 X509v3 Authority Key Identifier: keyid:85:90:29:08:82:8B:03:31:E9:48:D4:6E:DB:38:25:FF:60:3D:B9:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/hZApCIKLAzHpSNRu2zgl_2A9uYY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZApCIKLAzHpSNRu2zgl_2A9uYY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/9EF5320617C811ED95FB874FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.249.44.0/22 103.208.252.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:e5:c1:51:96:00:0d:56:01:54:df:77:3e:aa:d0:17:6f:ea: 29:bf:6d:85:ce:6e:85:22:c9:e3:fb:4f:d5:80:7b:09:dc:8a: f3:70:77:67:d1:c3:c9:4b:ac:a6:2d:d3:fc:f7:59:97:00:9f: 5e:19:ae:05:7a:96:c1:6f:7b:c7:f2:d9:2f:cc:a8:0e:c5:b4: 7d:6c:e0:d4:ae:a6:ed:0a:15:e7:85:54:e6:17:b9:5b:a1:10: 7b:91:76:77:80:bb:68:8a:5d:db:d5:c1:41:06:a2:c3:48:03: 53:f4:62:08:ea:c7:90:a3:e2:f6:c0:5c:43:df:2f:1c:7e:a8: 2b:70:c5:89:6c:91:ef:94:b4:4a:eb:01:6e:4a:c1:ed:4f:2d: a1:ca:23:bf:13:42:ec:4b:7e:af:95:db:df:4a:53:fc:0b:33: ba:5e:9f:fb:8b:93:ac:59:83:c2:55:60:49:7e:18:44:89:03: b9:65:ef:6a:9b:e8:dc:47:d9:48:fd:23:88:94:81:ea:c3:0b: 54:1e:cb:8e:2e:a0:c2:4a:ea:e2:a4:02:50:2a:07:6f:7a:f2: 00:8b:39:12:21:dd:95:ff:96:2d:0d:e1:64:4e:7b:06:3c:af: e9:02:26:dc:16:70:77:ec:0b:6d:bf:4a:29:b8:56:5e:a3:38: 64:60:49:09 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUVFMUIxMTAvBgNVBAUTKDg1OTAyOTA4ODI4QjAzMzFFOTQ4RDQ2RURCMzgyNUZG NjAzREI5ODYwHhcNMjUwNDI0MTIzMzE2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODBhMmY4Yy02M2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAouHwM5PaZDC3/2iI8xQWKOZ8zpWA9HJ/sHUeuckWbTde0flnCf7zEcDUTz7n eWlvOnrgx1bCJmfPgWPvVGeiY0FfaRwhbej3ewXZER+uMVttUOwKME2dtjelTmjN aJQem0MeUAnV/EIDY4tLap44Pt6JmOFFRw0G0MQ01tTTJ/CiNAqANn+S2m2LmR0D FOdTuN3fFC1chbhMLN/hDtXDK0Hh4A2Fz6l0cSDQCz6OMavLCDEXn672M2JGXWOS 1rUHBf8HcKPNGevbHBHvnhGOVbiJ/SZARKoc8o2YzcPqaCdwQhtlGLq0NzJ8k1Et hUU12Uv4wr1Bx4NBMIvF40OxEQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCT0LeST /y8YJwt77SdYp/sea9axMB8GA1UdIwQYMBaAFIWQKQiCiwMx6UjUbts4Jf9gPbmG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUxQi8yMDZERkMyODY0 MzgxMUVCOTQ2ODNCNEVDNEY5QUUwMi9oWkFwQ0lLTEF6SHBTTlJ1MnpnbF8yQTl1 WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2haQXBDSUtMQXpIcFNOUnUyemdsXzJBOXVZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUVFMUIvMjA2REZDMjg2NDM4MTFFQjk0NjgzQjRFQzRGOUFFMDIvOUVGNTMyMDYx N0M4MTFFRDk1RkI4NzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIt+SwDBABn0PwwDQYJKoZIhvcNAQELBQADggEBAIvlwVGW AA1WAVTfdz6q0Bdv6im/bYXOboUiyeP7T9WAewncivNwd2fRw8lLrKYt0/z3WZcA n14ZrgV6lsFve8fy2S/MqA7FtH1s4NSupu0KFeeFVOYXuVuhEHuRdneAu2iKXdvV wUEGosNIA1P0Ygjqx5Cj4vbAXEPfLxx+qCtwxYlske+UtErrAW5Kwe1PLaHKI78T QuxLfq+V299KU/wLM7pen/uLk6xZg8JVYEl+GESJA7ll72qb6NxH2Uj9I4iUgerD C1Qey44uoMJK6uKkAlAqB2968gCLORIh3ZX/li0N4WROewY8r+kCJtwWcHfsC22/ Sim4Vl6jOGRgSQk= -----END CERTIFICATE-----Generated at Sat Apr 26 09:07:27 2025 by rpki-client