$ rpki-client -vvf rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/04421FB4C2A911EBB201FE39C4F9AE02.roa File: 04421FB4C2A911EBB201FE39C4F9AE02.roa (raw, json) Hash identifier: 60vuOkQynjGzHB5ZlHpi78kSHRwd9T4kwsOABZu9eBw= Subject key identifier: 09:05:DD:0F:4F:52:7A:63:52:8D:B2:C4:74:B1:C7:69:99:B7:A4:D4 Certificate issuer: /CN=A91551D7/serialNumber=113618B0D410682AC06A901D65BB9AC955ED89E0 Certificate serial: 0E5E Authority key identifier: 11:36:18:B0:D4:10:68:2A:C0:6A:90:1D:65:BB:9A:C9:55:ED:89:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ETYYsNQQaCrAapAdZbuayVXtieA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/04421FB4C2A911EBB201FE39C4F9AE02.roa Signing time: Mon 24 Mar 2025 09:15:51 +0000 ROA not before: Mon 24 Mar 2025 09:15:51 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 18106 IP address blocks: 43.230.96.0/23 maxlen: 23 43.230.96.0/24 maxlen: 24 43.230.98.0/23 maxlen: 23 103.7.68.0/22 maxlen: 22 103.7.68.0/24 maxlen: 24 103.7.69.0/24 maxlen: 24 103.7.70.0/24 maxlen: 24 103.7.71.0/24 maxlen: 24 163.47.88.0/24 maxlen: 24 163.47.89.0/24 maxlen: 24 223.27.137.0/24 maxlen: 24 223.27.138.0/24 maxlen: 24 223.27.140.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/ETYYsNQQaCrAapAdZbuayVXtieA.crl rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/ETYYsNQQaCrAapAdZbuayVXtieA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ETYYsNQQaCrAapAdZbuayVXtieA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:53:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3678 (0xe5e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91551D7 Validity Not Before: Mar 24 09:15:51 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67e122c6-0922 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:9b:45:11:a8:7f:9b:64:5d:f8:2f:28:88:d2: b2:fb:26:05:29:07:a9:3d:64:6e:79:05:ee:cc:25: bb:f8:26:b1:c3:96:f0:7c:f0:7e:77:27:b9:7d:1f: f9:7d:9e:41:2f:89:8f:1e:ca:77:37:cc:9d:98:3e: 0b:14:c4:df:fa:e7:e6:2e:66:b5:87:5d:ed:58:a1: cb:07:1b:e4:ad:07:af:5f:4f:af:91:bc:27:b4:f7: b7:0b:b1:83:32:99:33:aa:e3:de:c8:a0:51:f7:33: de:2b:b5:c2:b1:58:91:19:27:0c:43:a4:b9:5a:35: 02:fd:45:02:2b:8f:26:20:44:ff:62:6e:ad:19:c6: cf:13:71:d7:60:44:a1:e4:2e:b1:09:92:bc:ca:54: b2:8f:ed:72:14:d7:b1:f0:e0:47:99:fe:86:6f:2d: 1a:3b:ae:6b:e4:98:21:7f:25:77:9b:c3:0a:c7:b5: f3:67:92:06:ae:96:d7:3f:42:14:0f:f3:4a:c5:ef: 99:c4:c0:5a:8a:8d:19:e4:f6:81:48:3d:29:12:14: ee:17:1b:61:17:54:44:f0:40:2d:f8:23:8b:bf:fa: 54:7f:bb:19:9a:8b:46:bd:82:3e:00:40:d5:fe:c5: 85:4b:45:e4:39:d8:33:07:ff:5a:ba:30:16:2d:03: 03:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:05:DD:0F:4F:52:7A:63:52:8D:B2:C4:74:B1:C7:69:99:B7:A4:D4 X509v3 Authority Key Identifier: keyid:11:36:18:B0:D4:10:68:2A:C0:6A:90:1D:65:BB:9A:C9:55:ED:89:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/ETYYsNQQaCrAapAdZbuayVXtieA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ETYYsNQQaCrAapAdZbuayVXtieA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/04421FB4C2A911EBB201FE39C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.96.0/22 103.7.68.0/22 163.47.88.0/23 223.27.137.0-223.27.138.255 223.27.140.0/24 Signature Algorithm: sha256WithRSAEncryption 65:99:46:24:df:20:1b:3e:ca:36:4b:6b:bc:94:0d:90:4c:35: 81:15:8a:06:ba:6e:9d:c3:8d:ca:87:93:83:f8:3c:1f:53:86: 57:8e:c8:8c:d0:f4:82:d3:f9:a6:8e:88:aa:44:70:38:cd:1e: 52:3f:11:6a:cc:c4:3d:70:ee:8e:a9:c9:4d:4d:20:6b:19:7a: aa:88:52:06:0b:1c:70:92:7b:bc:ea:f7:26:fc:15:98:8b:d2: 5b:1a:c7:3d:8a:e8:d3:7d:73:ee:0b:5a:47:5a:11:1a:be:a1: f6:8e:04:3d:70:bd:92:1c:51:b8:d8:00:41:77:db:20:52:95: 6b:e4:47:2a:b4:39:68:d6:9a:75:de:c3:e4:1a:e2:f5:00:92: 35:98:d5:9a:ac:46:5a:61:48:f0:fa:a7:dc:a4:f3:54:da:79: 70:ef:bb:fa:bc:8d:af:8a:a9:ec:8d:e9:76:6e:ac:9d:ad:a8: 58:6d:75:a6:90:95:9c:0e:f8:57:d2:68:48:b3:71:96:4c:1f: 55:05:1f:fa:bd:cd:0c:65:df:37:5d:aa:e1:a4:f6:87:c2:27: 4e:2a:ef:73:2f:7b:fc:da:2a:e3:20:36:72:f4:a2:15:60:c7: 14:f1:59:1e:a8:94:2c:27:bc:90:1e:91:f8:4c:e7:92:08:6b: cb:14:40:82 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICDl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTUxRDcxMTAvBgNVBAUTKDExMzYxOEIwRDQxMDY4MkFDMDZBOTAxRDY1QkI5QUM5 NTVFRDg5RTAwHhcNMjUwMzI0MDkxNTUxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02N2UxMjJjNi0wOTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2JtFEah/m2Rd+C8oiNKy+yYFKQepPWRueQXuzCW7+Caxw5bwfPB+dye5fR/5 fZ5BL4mPHsp3N8ydmD4LFMTf+ufmLma1h13tWKHLBxvkrQevX0+vkbwntPe3C7GD MpkzquPeyKBR9zPeK7XCsViRGScMQ6S5WjUC/UUCK48mIET/Ym6tGcbPE3HXYESh 5C6xCZK8ylSyj+1yFNex8OBHmf6Gby0aO65r5JghfyV3m8MKx7XzZ5IGrpbXP0IU D/NKxe+ZxMBaio0Z5PaBSD0pEhTuFxthF1RE8EAt+COLv/pUf7sZmotGvYI+AEDV /sWFS0XkOdgzB/9aujAWLQMDOQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFAkF3Q9P UnpjUo2yxHSxx2mZt6TUMB8GA1UdIwQYMBaAFBE2GLDUEGgqwGqQHWW7mslV7Yng MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTFENy82OEYwOTI5MjlF MkYxMUU5QjJFNTI4MEFDNEY5QUUwMi9FVFlZc05RUWFDckFhcEFkWmJ1YXlWWHRp ZUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VUWVlzTlFRYUNyQWFwQWRaYnVheVZYdGllQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTUxRDcvNjhGMDkyOTI5RTJGMTFFOUIyRTUyODBBQzRGOUFFMDIvMDQ0MjFGQjRD MkE5MTFFQkIyMDFGRTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBAIr5mADBAJnB0QDBAGjL1gwDAMEAN8biQMEAN8bigMEAN8b jDANBgkqhkiG9w0BAQsFAAOCAQEAZZlGJN8gGz7KNktrvJQNkEw1gRWKBrpuncON yoeTg/g8H1OGV47IjND0gtP5po6IqkRwOM0eUj8RaszEPXDujqnJTU0gaxl6qohS BgsccJJ7vOr3JvwVmIvSWxrHPYro031z7gtaR1oRGr6h9o4EPXC9khxRuNgAQXfb IFKVa+RHKrQ5aNaadd7D5Bri9QCSNZjVmqxGWmFI8Pqn3KTzVNp5cO+7+ryNr4qp 7I3pdm6sna2oWG11ppCVnA74V9JoSLNxlkwfVQUf+r3NDGXfN12q4aT2h8InTirv cy97/Noq4yA2cvSiFWDHFPFZHqiULCe8kB6R+EznkghryxRAgg== -----END CERTIFICATE-----Generated at Sat Apr 5 07:06:55 2025 by rpki-client