$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4288/A93AA880A27211E6B8BC996AC4F9AE02/2445BC6A6FCE11E9AA5D2439C4F9AE02.roa File: 2445BC6A6FCE11E9AA5D2439C4F9AE02.roa (raw, json) Hash identifier: 7TEbSw3PqWXAumkD/6WCBubmNiQ54mZObTiNmT20Qfk= Subject key identifier: 04:A5:07:0C:AF:8E:DF:E2:3C:47:5A:D8:01:B2:04:C1:B6:91:6A:DF Certificate issuer: /CN=A91F4288/serialNumber=314F55AE5244C4CDB10F784DFF15D022D3896848 Certificate serial: 1D8A Authority key identifier: 31:4F:55:AE:52:44:C4:CD:B1:0F:78:4D:FF:15:D0:22:D3:89:68:48 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MU9VrlJExM2xD3hN_xXQItOJaEg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F4288/A93AA880A27211E6B8BC996AC4F9AE02/2445BC6A6FCE11E9AA5D2439C4F9AE02.roa Signing time: Fri 28 Feb 2025 16:54:19 +0000 ROA not before: Fri 28 Feb 2025 16:54:19 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 17539 IP address blocks: 45.64.180.0/24 maxlen: 32 45.64.181.0/24 maxlen: 24 45.64.182.0/24 maxlen: 24 45.64.183.0/24 maxlen: 24 103.249.152.0/24 maxlen: 24 103.249.153.0/24 maxlen: 24 103.249.154.0/24 maxlen: 24 103.249.155.0/24 maxlen: 24 203.170.64.0/23 maxlen: 24 203.170.66.0/24 maxlen: 24 203.170.67.0/24 maxlen: 24 203.170.68.0/24 maxlen: 24 203.170.71.0/24 maxlen: 32 203.170.72.0/24 maxlen: 24 203.170.73.0/24 maxlen: 24 203.170.74.0/24 maxlen: 24 203.170.75.0/24 maxlen: 24 203.170.76.0/24 maxlen: 24 203.170.77.0/24 maxlen: 24 203.170.78.0/24 maxlen: 24 203.170.79.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F4288/A93AA880A27211E6B8BC996AC4F9AE02/MU9VrlJExM2xD3hN_xXQItOJaEg.crl rsync://rpki.apnic.net/member_repository/A91F4288/A93AA880A27211E6B8BC996AC4F9AE02/MU9VrlJExM2xD3hN_xXQItOJaEg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MU9VrlJExM2xD3hN_xXQItOJaEg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:12:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7562 (0x1d8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F4288, serialNumber=314F55AE5244C4CDB10F784DFF15D022D3896848 Validity Not Before: Feb 28 16:54:19 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c1ea3b-8a95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:fb:28:70:f4:70:51:9a:bd:e9:6a:e2:cb:71: 48:15:20:d9:60:1f:4a:49:c6:94:48:90:9d:6e:c0: d3:39:d5:c5:c6:49:ca:ee:7e:33:84:bb:a9:76:27: c6:34:ae:c3:0c:4c:f0:77:3a:23:bb:76:2c:39:3f: d1:c9:12:cf:9d:f4:52:95:88:a2:cf:cd:58:6f:31: 69:8e:1e:14:2d:93:32:b0:23:76:9f:2e:2c:e4:0c: 94:f0:9c:a3:9e:2d:cf:83:1b:ec:0a:c3:a3:86:66: 6f:0a:d7:a6:ee:42:e3:58:6e:5a:3a:f8:96:de:91: 79:f2:69:f6:f9:2a:68:2e:2d:b9:92:7e:e9:35:de: 1a:a7:aa:cc:c1:21:50:fb:2f:5a:77:8e:5e:1f:ea: ec:e6:d0:11:9c:d9:a3:94:fc:66:51:81:00:d0:7a: 4a:d5:6e:a7:aa:e3:6b:93:89:bb:7e:60:27:23:26: c0:29:76:b7:42:99:f3:eb:46:9a:d5:f6:14:e0:a9: 58:9c:86:e5:09:60:b2:2e:b4:9e:74:e0:16:bb:db: 15:e9:91:0d:01:ca:95:a3:3e:47:46:12:3f:1d:4b: 9e:37:b7:3a:dd:67:e7:fa:3d:c6:f9:aa:68:0a:bc: 4e:21:05:e3:b3:3c:de:06:43:27:7e:26:9a:b2:68: 84:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:A5:07:0C:AF:8E:DF:E2:3C:47:5A:D8:01:B2:04:C1:B6:91:6A:DF X509v3 Authority Key Identifier: keyid:31:4F:55:AE:52:44:C4:CD:B1:0F:78:4D:FF:15:D0:22:D3:89:68:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F4288/A93AA880A27211E6B8BC996AC4F9AE02/MU9VrlJExM2xD3hN_xXQItOJaEg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MU9VrlJExM2xD3hN_xXQItOJaEg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4288/A93AA880A27211E6B8BC996AC4F9AE02/2445BC6A6FCE11E9AA5D2439C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.180.0/22 103.249.152.0/22 203.170.64.0-203.170.68.255 203.170.71.0-203.170.79.255 Signature Algorithm: sha256WithRSAEncryption 78:e3:d4:6f:51:8c:c4:d7:42:ab:8a:91:95:5e:3c:58:40:9c: b9:ca:e4:ab:0a:d2:80:4f:92:5c:cc:b1:08:ab:eb:89:cf:43: 1e:e5:f2:ce:e4:fe:d7:cf:b6:c2:48:ad:0a:53:00:57:c4:c4: 3b:83:fc:a5:81:8f:c9:bc:ea:49:e8:0e:c6:8f:e0:61:be:13: df:fa:7c:2c:0d:c6:2f:9c:16:23:cd:b5:54:65:08:ea:48:23: 5b:36:63:36:a2:26:7f:e9:2c:4d:79:c9:c1:77:e2:20:96:d5: 7d:30:05:1d:db:e4:4b:f6:88:78:d2:d2:59:42:1f:c7:88:65: ad:48:98:3a:65:e5:5c:04:e4:3e:78:1c:b6:88:84:c3:34:69: ab:53:d7:ba:31:0e:83:cf:91:da:fc:b9:a1:9c:6f:ad:ea:e7: 18:2e:ac:6d:fd:04:44:e6:d0:f7:e5:89:23:22:be:5f:f3:45: 1a:78:6d:a3:f2:98:8f:d4:0c:07:e2:79:26:2f:13:20:0c:c2: 75:9c:01:b0:25:2e:8c:d3:58:75:bb:1b:8f:30:16:7a:68:32: 64:ee:21:03:e5:ed:30:ab:42:f5:a5:58:16:d6:31:e5:fc:cc: 32:6b:a1:de:79:c5:e8:c6:07:50:73:43:bd:09:a8:04:38:ce: d8:a0:8d:6c -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICHYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjQyODgxMTAvBgNVBAUTKDMxNEY1NUFFNTI0NEM0Q0RCMTBGNzg0REZGMTVEMDIy RDM4OTY4NDgwHhcNMjUwMjI4MTY1NDE5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MxZWEzYi04YTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvvsocPRwUZq96Wriy3FIFSDZYB9KScaUSJCdbsDTOdXFxknK7n4zhLupdifG NK7DDEzwdzoju3YsOT/RyRLPnfRSlYiiz81YbzFpjh4ULZMysCN2ny4s5AyU8Jyj ni3PgxvsCsOjhmZvCtem7kLjWG5aOviW3pF58mn2+SpoLi25kn7pNd4ap6rMwSFQ +y9ad45eH+rs5tARnNmjlPxmUYEA0HpK1W6nquNrk4m7fmAnIybAKXa3Qpnz60aa 1fYU4KlYnIblCWCyLrSedOAWu9sV6ZENAcqVoz5HRhI/HUueN7c63Wfn+j3G+apo CrxOIQXjszzeBkMnfiaasmiEHwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFASlBwyv jt/iPEda2AGyBMG2kWrfMB8GA1UdIwQYMBaAFDFPVa5SRMTNsQ94Tf8V0CLTiWhI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDI4OC9BOTNBQTg4MEEy NzIxMUU2QjhCQzk5NkFDNEY5QUUwMi9NVTlWcmxKRXhNMnhEM2hOX3hYUUl0T0ph RWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01VOVZybEpFeE0yeEQzaE5feFhRSXRPSmFFZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjQyODgvQTkzQUE4ODBBMjcyMTFFNkI4QkM5OTZBQzRGOUFFMDIvMjQ0NUJDNkE2 RkNFMTFFOUFBNUQyNDM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMC4EAgABMCgDBAItQLQDBAJn+ZgwDAMEBsuqQAMEAMuqRDAMAwQAy6pHAwQE y6pAMA0GCSqGSIb3DQEBCwUAA4IBAQB449RvUYzE10KripGVXjxYQJy5yuSrCtKA T5JczLEIq+uJz0Me5fLO5P7Xz7bCSK0KUwBXxMQ7g/ylgY/JvOpJ6A7Gj+BhvhPf +nwsDcYvnBYjzbVUZQjqSCNbNmM2oiZ/6SxNecnBd+IgltV9MAUd2+RL9oh40tJZ Qh/HiGWtSJg6ZeVcBOQ+eBy2iITDNGmrU9e6MQ6Dz5Ha/LmhnG+t6ucYLqxt/QRE 5tD35YkjIr5f80UaeG2j8piP1AwH4nkmLxMgDMJ1nAGwJS6M01h1uxuPMBZ6aDJk 7iED5e0wq0L1pVgW1jHl/Mwya6HeecXoxgdQc0O9CagEOM7YoI1s -----END CERTIFICATE-----Generated at Wed Nov 5 06:00:16 2025 by rpki-client