$ rpki-client -vvf rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/1CF68346F0BF11EEA1A0B559C4F9AE02.roa File: 1CF68346F0BF11EEA1A0B559C4F9AE02.roa (raw, json) Hash identifier: 6/4Wi7NNWL18DEfbDuCr0VcAnjHlRgOew4WUdCphh0Q= Subject key identifier: 9D:62:E5:4D:5B:53:5D:8D:95:41:0E:E1:41:74:0A:47:2E:0D:3E:39 Certificate issuer: /CN=A91975CC/serialNumber=0BAC42986E9ABDB7CEE2CDFB2A9FE8D6D02AAB5C Certificate serial: 0359 Authority key identifier: 0B:AC:42:98:6E:9A:BD:B7:CE:E2:CD:FB:2A:9F:E8:D6:D0:2A:AB:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6xCmG6avbfO4s37Kp_o1tAqq1w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/1CF68346F0BF11EEA1A0B559C4F9AE02.roa Signing time: Mon 24 Feb 2025 03:11:35 +0000 ROA not before: Mon 24 Feb 2025 03:11:35 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 134697 IP address blocks: 45.248.48.0/22 maxlen: 24 103.205.28.0/23 maxlen: 24 103.214.220.0/22 maxlen: 24 103.216.190.0/23 maxlen: 24 144.48.164.0/22 maxlen: 24 203.7.236.0/22 maxlen: 24 203.12.0.0/23 maxlen: 24 203.12.2.0/23 maxlen: 24 203.12.4.0/23 maxlen: 24 203.12.6.0/23 maxlen: 23 203.12.6.0/24 maxlen: 24 203.12.7.0/24 maxlen: 24 203.12.8.0/23 maxlen: 24 203.12.10.0/23 maxlen: 24 203.12.12.0/23 maxlen: 24 203.12.14.0/23 maxlen: 24 2404:e80::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/C6xCmG6avbfO4s37Kp_o1tAqq1w.crl rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/C6xCmG6avbfO4s37Kp_o1tAqq1w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6xCmG6avbfO4s37Kp_o1tAqq1w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 01:09:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 857 (0x359) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91975CC Validity Not Before: Feb 24 03:11:35 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67bbe367-654e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:38:b0:22:32:b8:60:09:7a:df:8e:37:02:9f: 56:13:b0:2d:df:df:94:ee:fa:43:6c:4d:37:a6:02: 58:85:53:fc:45:81:63:4d:e9:26:a0:b5:20:a9:e9: 9c:1d:f8:69:e6:b7:f8:2d:b7:76:f5:fc:ef:f0:d3: 96:6c:43:d0:33:b6:ef:9c:4c:19:18:90:6f:3b:55: b6:bf:4e:35:5a:a6:fd:66:ff:42:bf:41:57:50:63: 83:f1:fa:59:af:d8:91:df:58:d3:b0:c1:7d:58:99: 68:2e:95:70:a5:28:bd:e9:8b:8d:f7:a3:ec:ba:d5: a7:92:50:ec:2f:40:59:4c:5a:08:c3:b2:61:4d:39: 1b:44:53:32:5d:b9:c7:21:65:6d:bc:0e:54:84:a0: 96:33:cd:41:1f:e1:3c:b8:77:9c:d1:0f:27:47:b8: c6:03:3d:ea:f9:9b:24:2c:2f:4c:00:32:46:cb:8a: 73:65:4f:f1:ed:1d:52:79:00:0f:e3:e3:04:67:68: 54:41:f1:64:1f:1e:f4:ad:a4:32:d2:c3:9e:a0:27: c1:bb:85:8d:79:58:e5:df:cb:d5:40:0a:e4:d7:b7: 78:b0:00:75:13:61:79:3b:a0:ad:7e:0f:85:5e:a9: a1:65:e0:17:55:aa:88:55:7e:e4:00:f1:59:c2:5a: f7:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:62:E5:4D:5B:53:5D:8D:95:41:0E:E1:41:74:0A:47:2E:0D:3E:39 X509v3 Authority Key Identifier: keyid:0B:AC:42:98:6E:9A:BD:B7:CE:E2:CD:FB:2A:9F:E8:D6:D0:2A:AB:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/C6xCmG6avbfO4s37Kp_o1tAqq1w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6xCmG6avbfO4s37Kp_o1tAqq1w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/1CF68346F0BF11EEA1A0B559C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.248.48.0/22 103.205.28.0/23 103.214.220.0/22 103.216.190.0/23 144.48.164.0/22 203.7.236.0/22 203.12.0.0/20 IPv6: 2404:e80::/32 Signature Algorithm: sha256WithRSAEncryption c2:89:43:3e:25:e9:38:ca:f9:6b:2c:c7:86:f6:53:0d:07:7a: ec:5f:b8:59:81:15:4a:17:18:93:49:8c:0a:c5:94:e3:f1:d9: d1:8e:db:d6:00:28:64:1b:35:7b:4a:9d:8b:0d:a9:59:6f:26: 4c:3f:3a:cb:80:0b:02:30:b8:32:fa:e8:08:55:b9:cb:2a:82: b9:e1:81:3b:ac:35:dd:2f:6c:68:2c:a0:e2:08:a1:b7:a8:f5: 2d:cc:05:23:52:29:ea:5f:48:0e:25:8c:ab:fe:98:ee:23:f8: 35:35:01:ac:a0:6d:3a:a8:b6:ec:90:df:60:62:77:70:a1:3b: d6:4b:e5:9c:ba:2c:03:3e:5d:92:1c:64:81:8b:19:30:7f:80: d3:f2:e6:33:bd:9f:da:72:1c:c7:b5:f2:ca:56:54:df:70:69: 7b:3c:05:3d:a9:f2:c4:66:66:66:38:be:5c:94:9d:d6:3c:cb: 46:98:e6:ef:b0:21:4d:a0:34:92:83:7b:0c:10:18:a8:e8:83: 09:19:0b:c0:15:ee:cc:f3:59:19:c0:dd:2f:d1:8c:db:4f:78: a6:0e:bc:fb:0c:88:26:c9:2e:18:8e:82:d5:51:2b:df:f6:87: 69:ee:04:72:9b:e0:2e:d8:f4:0f:f5:46:23:df:22:5f:8a:26: 66:e5:90:96 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICA1kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTc1Q0MxMTAvBgNVBAUTKDBCQUM0Mjk4NkU5QUJEQjdDRUUyQ0RGQjJBOUZFOEQ2 RDAyQUFCNUMwHhcNMjUwMjI0MDMxMTM1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2JiZTM2Ny02NTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvTiwIjK4YAl63443Ap9WE7At39+U7vpDbE03pgJYhVP8RYFjTekmoLUgqemc Hfhp5rf4Lbd29fzv8NOWbEPQM7bvnEwZGJBvO1W2v041Wqb9Zv9Cv0FXUGOD8fpZ r9iR31jTsMF9WJloLpVwpSi96YuN96PsutWnklDsL0BZTFoIw7JhTTkbRFMyXbnH IWVtvA5UhKCWM81BH+E8uHec0Q8nR7jGAz3q+ZskLC9MADJGy4pzZU/x7R1SeQAP 4+MEZ2hUQfFkHx70raQy0sOeoCfBu4WNeVjl38vVQArk17d4sAB1E2F5O6Ctfg+F XqmhZeAXVaqIVX7kAPFZwlr33wIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFJ1i5U1b U12NlUEO4UF0CkcuDT45MB8GA1UdIwQYMBaAFAusQphumr23zuLN+yqf6NbQKqtc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzVDQy8xRUEzNDNFMkFG RTMxMUVDQTJDQjA2NkRDNEY5QUUwMi9DNnhDbUc2YXZiZk80czM3S3BfbzF0QXFx MXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0M2eENtRzZhdmJmTzRzMzdLcF9vMXRBcXExdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTc1Q0MvMUVBMzQzRTJBRkUzMTFFQ0EyQ0IwNjZEQzRGOUFFMDIvMUNGNjgzNDZG MEJGMTFFRUExQTBCNTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMDAEAgABMCoDBAIt+DADBAFnzRwDBAJn1twDBAFn2L4DBAKQMKQDBALLB+wD BATLDAAwDQQCAAIwBwMFACQEDoAwDQYJKoZIhvcNAQELBQADggEBAMKJQz4l6TjK +Wssx4b2Uw0HeuxfuFmBFUoXGJNJjArFlOPx2dGO29YAKGQbNXtKnYsNqVlvJkw/ OsuACwIwuDL66AhVucsqgrnhgTusNd0vbGgsoOIIobeo9S3MBSNSKepfSA4ljKv+ mO4j+DU1AaygbTqotuyQ32Bid3ChO9ZL5Zy6LAM+XZIcZIGLGTB/gNPy5jO9n9py HMe18spWVN9waXs8BT2p8sRmZmY4vlyUndY8y0aY5u+wIU2gNJKDewwQGKjogwkZ C8AV7szzWRnA3S/RjNtPeKYOvPsMiCbJLhiOgtVRK9/2h2nuBHKb4C7Y9A/1RiPf Il+KJmblkJY= -----END CERTIFICATE-----Generated at Sat Apr 5 07:14:29 2025 by rpki-client