$ rpki-client -vvf rpki.apnic.net/member_repository/A91642A0/CA7D1162F67611E990BAA222C4F9AE02/AFB0FFCCB19211EC9EAAD44EC4F9AE02.roa File: AFB0FFCCB19211EC9EAAD44EC4F9AE02.roa (raw, json) Hash identifier: LopWOlrdi+KR3zv5rk9gA4cot01KZERzAUu2r2vV8is= Subject key identifier: 04:B5:70:20:75:1C:5A:4D:74:D4:AB:6A:66:44:CD:D1:01:F6:27:22 Certificate issuer: /CN=A91642A0/serialNumber=02AE84F611B7E82FD7D6FF8F452D8725EF489088 Certificate serial: 0CAF Authority key identifier: 02:AE:84:F6:11:B7:E8:2F:D7:D6:FF:8F:45:2D:87:25:EF:48:90:88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aq6E9hG36C_X1v-PRS2HJe9IkIg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91642A0/CA7D1162F67611E990BAA222C4F9AE02/AFB0FFCCB19211EC9EAAD44EC4F9AE02.roa Signing time: Mon 31 Mar 2025 18:18:05 +0000 ROA not before: Mon 31 Mar 2025 18:18:05 +0000 ROA not after: Fri 01 Aug 2025 00:00:00 +0000 asID: 137453 IP address blocks: 103.134.126.0/24 maxlen: 24 103.134.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91642A0/CA7D1162F67611E990BAA222C4F9AE02/Aq6E9hG36C_X1v-PRS2HJe9IkIg.crl rsync://rpki.apnic.net/member_repository/A91642A0/CA7D1162F67611E990BAA222C4F9AE02/Aq6E9hG36C_X1v-PRS2HJe9IkIg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aq6E9hG36C_X1v-PRS2HJe9IkIg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:22:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3247 (0xcaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91642A0 Validity Not Before: Mar 31 18:18:05 2025 GMT Not After : Aug 1 00:00:00 2025 GMT Subject: CN=67eadc5d-4f02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:39:0f:82:2c:ee:34:13:94:c9:03:f6:f9:57: 0f:9d:d4:e6:4b:54:a7:91:ba:06:26:33:ec:68:eb: 8b:c6:ad:95:c5:0b:2a:44:b6:9f:bd:5a:9b:fc:41: 92:2e:ac:00:d7:60:87:d3:75:99:72:34:5a:58:f2: 00:62:b4:45:72:58:3f:d6:b3:3f:5b:f4:cc:2c:e6: 06:33:8f:c8:3d:c0:76:f4:87:f0:3c:fb:82:d6:29: 12:78:6e:55:ad:01:b9:7e:85:73:40:be:3c:f0:42: 7b:71:60:da:16:a0:ee:64:cf:f9:06:23:72:69:3b: 2e:56:71:25:49:43:7c:81:d9:56:86:8b:0d:f1:b6: d0:b4:17:6d:a9:d4:28:23:a8:ab:d5:dd:ab:b7:7f: d7:34:f7:3a:93:92:c4:fe:7b:fe:6e:94:ff:a1:22: 44:cd:79:09:9b:84:ca:a9:ec:0e:6c:73:f2:d3:1b: 7a:c9:a2:d8:c4:c6:a9:d1:c8:c9:09:e8:99:ed:69: 61:c9:68:7f:4f:57:54:86:48:6c:02:83:83:52:31: 62:13:aa:a5:d7:17:07:b8:57:e2:44:76:41:91:f9: 2f:54:6f:3f:7d:af:cf:3b:fb:1b:9f:0a:e4:94:85: 0f:db:56:cd:cd:b2:da:cf:71:58:1b:c5:cf:ff:61: 36:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:B5:70:20:75:1C:5A:4D:74:D4:AB:6A:66:44:CD:D1:01:F6:27:22 X509v3 Authority Key Identifier: keyid:02:AE:84:F6:11:B7:E8:2F:D7:D6:FF:8F:45:2D:87:25:EF:48:90:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91642A0/CA7D1162F67611E990BAA222C4F9AE02/Aq6E9hG36C_X1v-PRS2HJe9IkIg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aq6E9hG36C_X1v-PRS2HJe9IkIg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91642A0/CA7D1162F67611E990BAA222C4F9AE02/AFB0FFCCB19211EC9EAAD44EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.134.126.0/23 Signature Algorithm: sha256WithRSAEncryption 7d:23:8d:8a:d1:db:65:f2:b3:b0:b0:90:67:e6:73:17:fa:c8: 6d:12:60:c8:fd:e1:62:94:85:80:10:2f:08:30:b7:cc:5f:5e: ab:75:c5:d7:7f:58:0c:bf:a6:51:fb:f1:53:72:31:62:42:10: 91:cc:c8:30:99:0b:10:b3:0b:73:94:30:93:1c:58:dc:94:07: a5:11:7c:4e:a0:62:a1:c9:b7:54:fe:47:a3:fb:77:15:cf:d5: 72:ba:f8:4d:56:c0:9c:4a:f5:1d:f1:cc:af:0f:25:2d:2f:98: 49:ca:49:ca:2a:1e:bc:13:8d:27:c0:00:54:3d:6b:f4:cd:42: 96:c3:69:18:78:d8:e3:58:00:6e:32:a8:d7:28:fc:e7:ec:b9: 68:9f:83:e1:83:92:50:bd:fd:b9:cb:2a:ca:8c:bc:a1:b0:fa: 87:be:95:8a:67:f4:40:5e:4d:c8:17:6f:90:aa:9d:31:a5:b5: a0:5b:41:70:fc:df:5f:32:61:4f:e7:70:15:a0:18:4e:b7:ec: d9:ff:2a:d6:8b:72:a6:c5:66:81:0e:cd:bf:01:97:56:07:d1: ea:51:3b:4b:35:22:5a:05:a2:e9:ab:e7:51:13:f1:1d:53:22: cc:78:4e:ba:1e:c2:3a:88:a9:61:62:31:9e:c2:07:0f:9b:69: 34:85:66:9e -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjQyQTAxMTAvBgNVBAUTKDAyQUU4NEY2MTFCN0U4MkZEN0Q2RkY4RjQ1MkQ4NzI1 RUY0ODkwODgwHhcNMjUwMzMxMTgxODA1WhcNMjUwODAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2VhZGM1ZC00ZjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArjkPgizuNBOUyQP2+VcPndTmS1SnkboGJjPsaOuLxq2VxQsqRLafvVqb/EGS LqwA12CH03WZcjRaWPIAYrRFclg/1rM/W/TMLOYGM4/IPcB29IfwPPuC1ikSeG5V rQG5foVzQL488EJ7cWDaFqDuZM/5BiNyaTsuVnElSUN8gdlWhosN8bbQtBdtqdQo I6ir1d2rt3/XNPc6k5LE/nv+bpT/oSJEzXkJm4TKqewObHPy0xt6yaLYxMap0cjJ CeiZ7WlhyWh/T1dUhkhsAoODUjFiE6ql1xcHuFfiRHZBkfkvVG8/fa/PO/sbnwrk lIUP21bNzbLaz3FYG8XP/2E2/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFAS1cCB1 HFpNdNSramZEzdEB9iciMB8GA1UdIwQYMBaAFAKuhPYRt+gv19b/j0UthyXvSJCI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDJBMC9DQTdEMTE2MkY2 NzYxMUU5OTBCQUEyMjJDNEY5QUUwMi9BcTZFOWhHMzZDX1gxdi1QUlMySEplOUlr SWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FxNkU5aEczNkNfWDF2LVBSUzJISmU5SWtJZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjQyQTAvQ0E3RDExNjJGNjc2MTFFOTkwQkFBMjIyQzRGOUFFMDIvQUZCMEZGQ0NC MTkyMTFFQzlFQUFENDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnhn4wDQYJKoZIhvcNAQELBQADggEBAH0jjYrR22Xys7Cw kGfmcxf6yG0SYMj94WKUhYAQLwgwt8xfXqt1xdd/WAy/plH78VNyMWJCEJHMyDCZ CxCzC3OUMJMcWNyUB6URfE6gYqHJt1T+R6P7dxXP1XK6+E1WwJxK9R3xzK8PJS0v mEnKScoqHrwTjSfAAFQ9a/TNQpbDaRh42ONYAG4yqNco/OfsuWifg+GDklC9/bnL KsqMvKGw+oe+lYpn9EBeTcgXb5CqnTGltaBbQXD8318yYU/ncBWgGE637Nn/KtaL cqbFZoEOzb8Bl1YH0epRO0s1IloFoumr51ET8R1TIsx4TroewjqIqWFiMZ7CBw+b aTSFZp4= -----END CERTIFICATE-----Generated at Sat Apr 5 19:33:12 2025 by rpki-client