$ rpki-client -vvf rpki.apnic.net/member_repository/A91F39A9/525486B8566211ECB8EC7331C4F9AE02/12702794577711ECB7FD0C6FC4F9AE02.roa File: 12702794577711ECB7FD0C6FC4F9AE02.roa (raw, json) Hash identifier: XOYLtUkvxxhHrcsvmr5WB+I6ZV608DvzcypTgdpZOb8= Subject key identifier: BA:6A:50:8D:FF:D6:32:93:00:75:53:07:1F:B7:D1:E3:77:19:F7:C5 Certificate issuer: /CN=A91F39A9/serialNumber=BB7FB957BD6D184A089231694CF8389DB688FE53 Certificate serial: 040D Authority key identifier: BB:7F:B9:57:BD:6D:18:4A:08:92:31:69:4C:F8:38:9D:B6:88:FE:53 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3-5V71tGEoIkjFpTPg4nbaI_lM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F39A9/525486B8566211ECB8EC7331C4F9AE02/12702794577711ECB7FD0C6FC4F9AE02.roa Signing time: Sat 11 Jan 2025 08:08:32 +0000 ROA not before: Sat 11 Jan 2025 08:08:32 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 18196 IP address blocks: 103.115.21.0/24 maxlen: 24 103.123.27.0/24 maxlen: 24 103.123.36.0/23 maxlen: 23 103.123.36.0/24 maxlen: 24 103.123.37.0/24 maxlen: 24 2001:df5:1700::/48 maxlen: 48 2400:3c20::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F39A9/525486B8566211ECB8EC7331C4F9AE02/u3-5V71tGEoIkjFpTPg4nbaI_lM.crl rsync://rpki.apnic.net/member_repository/A91F39A9/525486B8566211ECB8EC7331C4F9AE02/u3-5V71tGEoIkjFpTPg4nbaI_lM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3-5V71tGEoIkjFpTPg4nbaI_lM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1037 (0x40d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F39A9, serialNumber=BB7FB957BD6D184A089231694CF8389DB688FE53 Validity Not Before: Jan 11 08:08:32 2025 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=67822700-7ed2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:11:f3:13:56:50:ff:3c:e7:eb:b4:24:64:27: 3d:4c:ac:19:09:06:bc:59:2e:33:c4:e9:da:7f:84: 35:df:54:0e:35:c8:d4:a1:11:c2:75:c4:36:08:32: d6:f2:f9:63:6b:32:3b:25:9d:77:b5:c5:bf:3d:d2: b5:60:17:ff:70:59:4c:01:85:39:ee:03:0b:96:ab: 2a:cf:ed:b4:56:ad:50:6b:7f:62:4d:3a:31:51:81: ba:fe:0c:ef:89:87:d5:d9:eb:46:bb:18:c2:8f:b6: c2:aa:6e:b5:dd:c3:e4:c6:86:45:be:3d:6c:01:82: 92:d5:fc:f9:3d:1f:bb:a0:62:49:e2:70:2e:29:e1: 03:43:78:5b:e3:86:8d:e4:50:bb:a9:d8:b2:76:30: 45:a7:91:09:a1:2c:20:5c:ac:a6:9b:ad:ba:c2:d0: 5f:b8:93:a0:d3:27:0c:57:2e:dc:53:80:92:13:16: 55:1e:c6:a6:37:b3:c7:4b:36:21:13:73:bd:4b:b8: 68:94:dc:4f:0d:7d:15:ca:b8:ff:12:33:6a:4f:57: 42:ec:c7:4f:7f:92:f1:7d:ca:65:6f:68:13:89:df: ce:9f:ae:3a:d0:41:e4:de:15:fe:1b:15:9d:ce:ed: b1:f1:18:0b:1a:75:02:a3:61:e5:dc:fd:f1:b7:f4: cf:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:6A:50:8D:FF:D6:32:93:00:75:53:07:1F:B7:D1:E3:77:19:F7:C5 X509v3 Authority Key Identifier: keyid:BB:7F:B9:57:BD:6D:18:4A:08:92:31:69:4C:F8:38:9D:B6:88:FE:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F39A9/525486B8566211ECB8EC7331C4F9AE02/u3-5V71tGEoIkjFpTPg4nbaI_lM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3-5V71tGEoIkjFpTPg4nbaI_lM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F39A9/525486B8566211ECB8EC7331C4F9AE02/12702794577711ECB7FD0C6FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.115.21.0/24 103.123.27.0/24 103.123.36.0/23 IPv6: 2001:df5:1700::/48 2400:3c20::/32 Signature Algorithm: sha256WithRSAEncryption 14:1c:8b:4b:0a:84:61:0e:a4:90:55:8d:01:d1:f1:78:e6:20: 91:0e:b6:cd:a4:0c:df:cb:35:32:b1:5e:36:2e:75:6d:9f:07: 2f:bf:54:9e:67:2a:58:7e:8e:dd:52:d0:b3:dd:94:0c:2f:5b: 82:4c:21:2c:55:cf:c7:ba:84:1a:75:c8:79:4b:01:ee:c8:6c: 83:26:ac:02:4e:0a:8d:f5:bd:7b:d7:7b:38:8b:34:cd:e4:85: 93:36:35:2b:fa:90:ab:7c:15:3e:62:6c:c5:cb:bc:41:c2:19: 3e:b6:bc:05:8a:3d:71:ea:9d:33:6b:a0:6e:be:81:5c:d3:cb: b3:0d:1b:c7:97:fb:3e:20:c5:84:43:16:34:8e:ad:70:27:94: 1d:0e:d7:be:7f:ad:c3:4e:d4:d5:0a:60:24:e8:d5:49:0e:9a: e9:f6:04:d9:31:58:64:e7:67:76:e4:5b:d0:49:c6:cd:94:08: 5f:db:d4:d3:a3:d5:bf:75:9d:cc:0d:98:6f:25:7a:28:bc:b1: 96:f2:65:28:d3:9a:08:bc:cb:1b:6a:de:2c:af:fc:f0:23:d3: d7:f5:bf:5e:67:47:53:2e:95:13:d7:fe:ec:1c:32:94:9f:81: fe:18:f0:bc:c4:95:ac:df:6c:50:20:d1:0f:05:8b:ca:73:58: d0:84:51:c7 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICBA0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjM5QTkxMTAvBgNVBAUTKEJCN0ZCOTU3QkQ2RDE4NEEwODkyMzE2OTRDRjgzODlE QjY4OEZFNTMwHhcNMjUwMTExMDgwODMyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzgyMjcwMC03ZWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqxHzE1ZQ/zzn67QkZCc9TKwZCQa8WS4zxOnaf4Q131QONcjUoRHCdcQ2CDLW 8vljazI7JZ13tcW/PdK1YBf/cFlMAYU57gMLlqsqz+20Vq1Qa39iTToxUYG6/gzv iYfV2etGuxjCj7bCqm613cPkxoZFvj1sAYKS1fz5PR+7oGJJ4nAuKeEDQ3hb44aN 5FC7qdiydjBFp5EJoSwgXKymm626wtBfuJOg0ycMVy7cU4CSExZVHsamN7PHSzYh E3O9S7holNxPDX0Vyrj/EjNqT1dC7MdPf5Lxfcplb2gTid/On6460EHk3hX+GxWd zu2x8RgLGnUCo2Hl3P3xt/TPJQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFLpqUI3/ 1jKTAHVTBx+30eN3GffFMB8GA1UdIwQYMBaAFLt/uVe9bRhKCJIxaUz4OJ22iP5T MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzlBOS81MjU0ODZCODU2 NjIxMUVDQjhFQzczMzFDNEY5QUUwMi91My01VjcxdEdFb0lrakZwVFBnNG5iYUlf bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3UzLTVWNzF0R0VvSWtqRnBUUGc0bmJhSV9sTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjM5QTkvNTI1NDg2Qjg1NjYyMTFFQ0I4RUM3MzMxQzRGOUFFMDIvMTI3MDI3OTQ1 Nzc3MTFFQ0I3RkQwQzZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMBgEAgABMBIDBABncxUDBABnexsDBAFneyQwFgQCAAIwEAMHACABDfUXAAMF ACQAPCAwDQYJKoZIhvcNAQELBQADggEBABQci0sKhGEOpJBVjQHR8XjmIJEOts2k DN/LNTKxXjYudW2fBy+/VJ5nKlh+jt1S0LPdlAwvW4JMISxVz8e6hBp1yHlLAe7I bIMmrAJOCo31vXvXeziLNM3khZM2NSv6kKt8FT5ibMXLvEHCGT62vAWKPXHqnTNr oG6+gVzTy7MNG8eX+z4gxYRDFjSOrXAnlB0O175/rcNO1NUKYCTo1UkOmun2BNkx WGTnZ3bkW9BJxs2UCF/b1NOj1b91ncwNmG8leii8sZbyZSjTmgi8yxtq3iyv/PAj 09f1v15nR1MulRPX/uwcMpSfgf4Y8LzElazfbFAg0Q8Fi8pzWNCEUcc= -----END CERTIFICATE-----Generated at Sat Apr 26 12:32:47 2025 by rpki-client