$ rpki-client -vvf rpki.apnic.net/member_repository/A91775D8/51C9F6AE705F11EB997BBB16C4F9AE02/18D9E13C5CE611EC80EC7E76C4F9AE02.roa File: 18D9E13C5CE611EC80EC7E76C4F9AE02.roa (raw, json) Hash identifier: dADubiq4OKBbv63hdyf12kRTJe49NXilu5by0bb9kFU= Subject key identifier: E3:36:78:19:48:21:90:2D:95:9C:DE:68:11:CE:E4:C6:60:58:08:4A Certificate issuer: /CN=A91775D8/serialNumber=C439BCD74D64052BB203531C46049AD403588FC7 Certificate serial: 067B Authority key identifier: C4:39:BC:D7:4D:64:05:2B:B2:03:53:1C:46:04:9A:D4:03:58:8F:C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xDm8101kBSuyA1McRgSa1ANYj8c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91775D8/51C9F6AE705F11EB997BBB16C4F9AE02/18D9E13C5CE611EC80EC7E76C4F9AE02.roa Signing time: Mon 31 Mar 2025 22:53:17 +0000 ROA not before: Mon 31 Mar 2025 22:53:17 +0000 ROA not after: Fri 01 Aug 2025 00:00:00 +0000 asID: 138452 IP address blocks: 103.161.152.0/24 maxlen: 24 103.161.152.0/25 maxlen: 25 103.161.152.128/25 maxlen: 25 103.161.153.0/24 maxlen: 24 103.161.153.0/25 maxlen: 25 103.161.153.128/25 maxlen: 25 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91775D8/51C9F6AE705F11EB997BBB16C4F9AE02/xDm8101kBSuyA1McRgSa1ANYj8c.crl rsync://rpki.apnic.net/member_repository/A91775D8/51C9F6AE705F11EB997BBB16C4F9AE02/xDm8101kBSuyA1McRgSa1ANYj8c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xDm8101kBSuyA1McRgSa1ANYj8c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 21:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1659 (0x67b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91775D8 Validity Not Before: Mar 31 22:53:17 2025 GMT Not After : Aug 1 00:00:00 2025 GMT Subject: CN=67eb1cdd-9d86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:49:0a:46:c2:38:40:35:71:0c:1d:62:0a:13: 2d:87:19:b8:90:bf:5a:ec:8c:57:cb:27:bb:97:cf: 72:5d:3b:49:aa:9e:27:f7:21:ac:10:26:63:9b:75: 15:89:3b:cc:75:b1:fb:06:b5:68:29:5e:56:f5:d5: e7:22:05:ad:bb:3a:1a:26:ba:f1:d1:54:11:01:b4: ed:5f:91:c0:f3:45:2e:ef:50:aa:16:ef:23:cb:53: 11:ac:be:8d:1c:c5:ba:1a:b0:20:fa:a7:7c:61:5b: f9:b8:22:ca:2c:91:57:29:e3:98:fb:c9:0c:4a:27: 17:a4:e8:fe:63:67:e3:4d:52:b2:b1:a5:8a:ba:dc: 63:6f:71:1a:ef:c5:e9:ef:d0:08:f9:42:d6:08:3a: 95:bf:a6:95:c9:12:2e:b9:c7:54:45:7e:1d:e6:dd: 53:ee:3c:ee:bf:c9:a4:43:e5:37:41:3c:b5:bc:a5: 0a:a2:b7:23:f7:a2:71:d6:6d:59:f5:13:98:d9:d1: 27:3a:0f:65:4c:90:72:58:3a:3d:0e:0e:99:75:b7: 49:30:80:f6:ff:77:2f:68:9d:b0:56:14:27:d6:fc: 83:f1:00:d6:99:1f:50:9b:29:aa:64:92:ff:c6:1f: c2:9e:f6:86:ea:60:b3:3b:c1:65:31:9a:2a:8d:60: e2:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:36:78:19:48:21:90:2D:95:9C:DE:68:11:CE:E4:C6:60:58:08:4A X509v3 Authority Key Identifier: keyid:C4:39:BC:D7:4D:64:05:2B:B2:03:53:1C:46:04:9A:D4:03:58:8F:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91775D8/51C9F6AE705F11EB997BBB16C4F9AE02/xDm8101kBSuyA1McRgSa1ANYj8c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xDm8101kBSuyA1McRgSa1ANYj8c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91775D8/51C9F6AE705F11EB997BBB16C4F9AE02/18D9E13C5CE611EC80EC7E76C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.161.152.0/23 Signature Algorithm: sha256WithRSAEncryption a4:87:0f:f4:1a:42:a9:6e:f4:24:e0:e4:14:5b:4c:3e:f2:07: d0:54:ec:cb:8e:da:2c:ab:22:bc:3d:a9:8d:36:ee:a4:b7:0a: dd:44:66:be:6e:95:68:0f:b2:27:9b:53:d4:5e:2e:f2:1a:d8: e2:54:9f:43:ec:3b:67:ce:44:4c:de:b9:5a:e7:31:b5:24:f6: 5e:fb:47:6d:60:4c:1c:14:4e:81:e8:20:10:cf:e4:cf:b6:b0: 24:29:a5:24:2c:6f:77:e0:19:99:1f:91:e8:4d:13:21:40:24: 33:c1:7c:b6:dc:1d:cf:68:51:a5:dc:dd:92:fc:df:e6:63:2d: 01:9a:66:c3:65:ba:c6:08:ee:43:d9:0e:98:95:59:39:34:ce: 5a:9a:53:ce:6c:e4:ec:2a:fc:6a:bd:9c:e3:3f:ee:b5:f6:23: 4b:4c:df:22:14:60:81:27:29:0b:2e:b2:3c:78:85:d6:d5:80: 9c:59:ec:20:b2:17:1d:50:a5:73:4d:90:42:98:87:5e:09:20: 65:9d:70:44:3e:b5:68:12:4f:58:6c:5a:18:aa:ab:2d:4b:57: b4:db:f6:53:82:ef:54:18:91:72:99:0b:8b:d0:d3:1b:15:38: b2:8b:5d:c1:4c:95:de:44:8a:90:e0:b4:24:b6:f5:58:92:c3: 43:05:b4:46 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzc1RDgxMTAvBgNVBAUTKEM0MzlCQ0Q3NEQ2NDA1MkJCMjAzNTMxQzQ2MDQ5QUQ0 MDM1ODhGQzcwHhcNMjUwMzMxMjI1MzE3WhcNMjUwODAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2ViMWNkZC05ZDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6UkKRsI4QDVxDB1iChMthxm4kL9a7IxXyye7l89yXTtJqp4n9yGsECZjm3UV iTvMdbH7BrVoKV5W9dXnIgWtuzoaJrrx0VQRAbTtX5HA80Uu71CqFu8jy1MRrL6N HMW6GrAg+qd8YVv5uCLKLJFXKeOY+8kMSicXpOj+Y2fjTVKysaWKutxjb3Ea78Xp 79AI+ULWCDqVv6aVyRIuucdURX4d5t1T7jzuv8mkQ+U3QTy1vKUKorcj96Jx1m1Z 9ROY2dEnOg9lTJByWDo9Dg6ZdbdJMID2/3cvaJ2wVhQn1vyD8QDWmR9QmymqZJL/ xh/CnvaG6mCzO8FlMZoqjWDiSQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOM2eBlI IZAtlZzeaBHO5MZgWAhKMB8GA1UdIwQYMBaAFMQ5vNdNZAUrsgNTHEYEmtQDWI/H MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzVEOC81MUM5RjZBRTcw NUYxMUVCOTk3QkJCMTZDNEY5QUUwMi94RG04MTAxa0JTdXlBMU1jUmdTYTFBTllq OGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hEbTgxMDFrQlN1eUExTWNSZ1NhMUFOWWo4Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Nzc1RDgvNTFDOUY2QUU3MDVGMTFFQjk5N0JCQjE2QzRGOUFFMDIvMThEOUUxM0M1 Q0U2MTFFQzgwRUM3RTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnoZgwDQYJKoZIhvcNAQELBQADggEBAKSHD/QaQqlu9CTg 5BRbTD7yB9BU7MuO2iyrIrw9qY027qS3Ct1EZr5ulWgPsiebU9ReLvIa2OJUn0Ps O2fOREzeuVrnMbUk9l77R21gTBwUToHoIBDP5M+2sCQppSQsb3fgGZkfkehNEyFA JDPBfLbcHc9oUaXc3ZL83+ZjLQGaZsNlusYI7kPZDpiVWTk0zlqaU85s5Owq/Gq9 nOM/7rX2I0tM3yIUYIEnKQsusjx4hdbVgJxZ7CCyFx1QpXNNkEKYh14JIGWdcEQ+ tWgST1hsWhiqqy1LV7Tb9lOC71QYkXKZC4vQ0xsVOLKLXcFMld5EipDgtCS29ViS w0MFtEY= -----END CERTIFICATE-----Generated at Sat Apr 5 01:40:38 2025 by rpki-client