$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7FEA/1EE3AEEC604811EA8C690B38C4F9AE02/AF5AC6B69E3F11EEA6B6CB0DC4F9AE02.roa File: AF5AC6B69E3F11EEA6B6CB0DC4F9AE02.roa (raw, json) Hash identifier: aO7ZzsxjyqFcAzfGikfamjQffULd11X020Rl4PUmMgc= Subject key identifier: CE:22:8B:CA:F2:0E:EA:4E:B2:A0:27:05:58:54:24:A3:73:0F:1F:FA Certificate issuer: /CN=A91F7FEA/serialNumber=FE0DBCC3CF50A1E0EB03D31296E39FBA880C1905 Certificate serial: 0A48 Authority key identifier: FE:0D:BC:C3:CF:50:A1:E0:EB:03:D3:12:96:E3:9F:BA:88:0C:19:05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_g28w89QoeDrA9MSluOfuogMGQU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F7FEA/1EE3AEEC604811EA8C690B38C4F9AE02/AF5AC6B69E3F11EEA6B6CB0DC4F9AE02.roa Signing time: Tue 14 Jan 2025 19:38:29 +0000 ROA not before: Tue 14 Jan 2025 19:38:29 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 139870 IP address blocks: 103.146.42.0/23 maxlen: 23 103.146.42.0/24 maxlen: 24 103.146.43.0/24 maxlen: 24 103.244.140.0/22 maxlen: 22 103.244.140.0/24 maxlen: 24 103.244.141.0/24 maxlen: 24 103.244.142.0/24 maxlen: 24 103.244.143.0/24 maxlen: 24 2001:df2:4380::/48 maxlen: 48 2400:5fa0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F7FEA/1EE3AEEC604811EA8C690B38C4F9AE02/_g28w89QoeDrA9MSluOfuogMGQU.crl rsync://rpki.apnic.net/member_repository/A91F7FEA/1EE3AEEC604811EA8C690B38C4F9AE02/_g28w89QoeDrA9MSluOfuogMGQU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_g28w89QoeDrA9MSluOfuogMGQU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:32:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2632 (0xa48) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F7FEA, serialNumber=FE0DBCC3CF50A1E0EB03D31296E39FBA880C1905 Validity Not Before: Jan 14 19:38:29 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6786bd35-1c88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:17:f9:9c:4c:d8:c8:b6:a1:c5:8c:7b:78:3c: e9:9b:29:b8:bd:7c:de:9f:94:ed:8b:03:98:a9:ba: 1d:2d:05:a0:0e:d9:9b:a0:b8:69:cd:db:c8:36:0e: e5:8d:37:37:2e:33:84:63:61:d3:82:36:54:02:b8: 6f:ec:c6:f7:06:57:53:bb:03:7b:a0:a7:82:72:fe: 72:d3:8f:ef:42:66:6e:36:d1:c1:ed:42:fe:80:ee: 75:60:10:7e:d7:f4:12:3e:66:03:38:05:da:c8:2c: dd:53:39:95:65:5b:b7:38:91:d6:be:58:42:f4:9d: 50:cd:cb:c9:25:f3:50:56:48:cd:88:4c:0d:5d:66: e6:e2:46:20:79:48:05:26:e8:7a:a9:30:7e:e8:f1: f2:78:b8:40:c1:5e:ae:25:f6:6d:00:21:13:ad:3a: 5c:62:a9:0e:06:43:02:76:9a:f0:34:80:c7:ef:be: c9:b8:f9:9f:1d:79:f9:bd:33:19:16:36:92:f8:b6: 79:11:6b:51:4e:b8:05:5e:f4:ce:cf:4d:7c:c4:c1: c6:5f:62:b9:fb:d1:d4:7b:5a:ce:bd:2e:d6:b7:2e: 92:ef:fa:ef:68:05:40:db:50:d1:c5:33:52:ce:88: 20:f3:74:77:73:6f:e4:91:44:34:a5:98:7e:3f:87: 0d:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:22:8B:CA:F2:0E:EA:4E:B2:A0:27:05:58:54:24:A3:73:0F:1F:FA X509v3 Authority Key Identifier: keyid:FE:0D:BC:C3:CF:50:A1:E0:EB:03:D3:12:96:E3:9F:BA:88:0C:19:05 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F7FEA/1EE3AEEC604811EA8C690B38C4F9AE02/_g28w89QoeDrA9MSluOfuogMGQU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_g28w89QoeDrA9MSluOfuogMGQU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7FEA/1EE3AEEC604811EA8C690B38C4F9AE02/AF5AC6B69E3F11EEA6B6CB0DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.146.42.0/23 103.244.140.0/22 IPv6: 2001:df2:4380::/48 2400:5fa0::/32 Signature Algorithm: sha256WithRSAEncryption 0c:f0:ca:79:f0:38:53:66:4b:55:3e:e4:c9:f1:c5:5f:a7:19: 92:ba:f1:70:1e:a7:dc:39:06:f2:fe:7d:dd:44:c5:81:9a:ed: 8f:38:f8:7c:7f:f8:b6:c5:fe:8d:eb:60:34:bf:ec:d7:1f:f3: 04:86:1e:e3:9b:60:ea:68:e9:b8:fd:07:e5:cc:2a:f0:f9:78: 75:52:8a:8d:46:18:ba:e8:99:41:79:75:f9:06:04:20:2a:8c: 62:4c:09:27:92:2d:24:0a:a8:93:29:78:5a:be:f0:8d:49:c8: 63:db:84:ad:56:99:40:04:94:6f:28:23:fd:b7:07:75:de:0d: d7:2e:19:b3:f2:71:03:9d:f5:6f:5b:68:bd:4b:92:e1:55:d5: 58:ec:6a:57:c4:bc:1c:6f:68:fd:75:92:38:ea:4d:02:a3:48: b2:5c:b6:25:63:28:5c:27:46:66:c0:b3:6c:6b:d6:a0:d0:cf: 38:62:cf:2c:d1:5c:57:4b:e7:cf:9c:ef:70:5f:f6:9c:be:8c: 16:d3:cc:da:a6:83:64:5e:d1:69:33:f2:06:22:ce:c2:80:83: 8e:83:46:5d:82:62:9b:e9:03:d3:70:42:36:fd:a2:9f:2c:91: ae:7c:58:28:23:0f:66:d4:65:97:dc:e5:92:00:23:08:cc:c3: 83:8d:f0:24 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICCkgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjdGRUExMTAvBgNVBAUTKEZFMERCQ0MzQ0Y1MEExRTBFQjAzRDMxMjk2RTM5RkJB ODgwQzE5MDUwHhcNMjUwMTE0MTkzODI5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzg2YmQzNS0xYzg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxBf5nEzYyLahxYx7eDzpmym4vXzen5TtiwOYqbodLQWgDtmboLhpzdvINg7l jTc3LjOEY2HTgjZUArhv7Mb3BldTuwN7oKeCcv5y04/vQmZuNtHB7UL+gO51YBB+ 1/QSPmYDOAXayCzdUzmVZVu3OJHWvlhC9J1QzcvJJfNQVkjNiEwNXWbm4kYgeUgF Juh6qTB+6PHyeLhAwV6uJfZtACETrTpcYqkOBkMCdprwNIDH777JuPmfHXn5vTMZ FjaS+LZ5EWtRTrgFXvTOz018xMHGX2K5+9HUe1rOvS7Wty6S7/rvaAVA21DRxTNS zogg83R3c2/kkUQ0pZh+P4cNfwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFM4ii8ry DupOsqAnBVhUJKNzDx/6MB8GA1UdIwQYMBaAFP4NvMPPUKHg6wPTEpbjn7qIDBkF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGN0ZFQS8xRUUzQUVFQzYw NDgxMUVBOEM2OTBCMzhDNEY5QUUwMi9fZzI4dzg5UW9lRHJBOU1TbHVPZnVvZ01H UVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19nMjh3ODlRb2VEckE5TVNsdU9mdW9nTUdRVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjdGRUEvMUVFM0FFRUM2MDQ4MTFFQThDNjkwQjM4QzRGOUFFMDIvQUY1QUM2QjY5 RTNGMTFFRUE2QjZDQjBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMBIEAgABMAwDBAFnkioDBAJn9IwwFgQCAAIwEAMHACABDfJDgAMFACQAX6Aw DQYJKoZIhvcNAQELBQADggEBAAzwynnwOFNmS1U+5MnxxV+nGZK68XAep9w5BvL+ fd1ExYGa7Y84+Hx/+LbF/o3rYDS/7Ncf8wSGHuObYOpo6bj9B+XMKvD5eHVSio1G GLromUF5dfkGBCAqjGJMCSeSLSQKqJMpeFq+8I1JyGPbhK1WmUAElG8oI/23B3Xe DdcuGbPycQOd9W9baL1LkuFV1VjsalfEvBxvaP11kjjqTQKjSLJctiVjKFwnRmbA s2xr1qDQzzhizyzRXFdL58+c73Bf9py+jBbTzNqmg2Re0Wkz8gYizsKAg46DRl2C YpvpA9NwQjb9op8ska58WCgjD2bUZZfc5ZIAIwjMw4ON8CQ= -----END CERTIFICATE-----Generated at Sat Apr 26 16:08:23 2025 by rpki-client