$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5C43/89E36E6A4B2C11EB911BAD70C4F9AE02/69482E56075411EFB23BE380C4F9AE02.roa File: 69482E56075411EFB23BE380C4F9AE02.roa (raw, json) Hash identifier: ZFKSwCcup8+isfjjo8Cp7fgQpt81FqZFYGAbu1futQs= Subject key identifier: 72:1C:88:C3:D6:8E:56:73:D5:26:3A:C3:C9:67:EA:A7:1F:C3:9F:38 Certificate issuer: /CN=A91A5C43/serialNumber=ECDA73070CB6C7790DC60B869FBB0431D967DE4E Certificate serial: 06BF Authority key identifier: EC:DA:73:07:0C:B6:C7:79:0D:C6:0B:86:9F:BB:04:31:D9:67:DE:4E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7NpzBwy2x3kNxguGn7sEMdln3k4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5C43/89E36E6A4B2C11EB911BAD70C4F9AE02/69482E56075411EFB23BE380C4F9AE02.roa Signing time: Fri 24 Jan 2025 22:00:54 +0000 ROA not before: Fri 24 Jan 2025 22:00:54 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 134507 IP address blocks: 103.231.204.0/22 maxlen: 23 103.231.204.0/24 maxlen: 24 103.231.205.0/24 maxlen: 24 103.231.206.0/24 maxlen: 24 103.231.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5C43/89E36E6A4B2C11EB911BAD70C4F9AE02/7NpzBwy2x3kNxguGn7sEMdln3k4.crl rsync://rpki.apnic.net/member_repository/A91A5C43/89E36E6A4B2C11EB911BAD70C4F9AE02/7NpzBwy2x3kNxguGn7sEMdln3k4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7NpzBwy2x3kNxguGn7sEMdln3k4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 22:11:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1727 (0x6bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5C43 Validity Not Before: Jan 24 22:00:54 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67940d96-4d86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:63:52:ec:80:1d:4c:40:b6:c3:f9:29:2d:d7: 66:a0:49:0f:1a:02:56:dd:6e:ee:e7:f0:74:d4:ef: 2e:93:bd:b1:82:fb:82:9d:87:40:32:08:1d:3f:ef: c1:d1:c0:ef:4f:7a:a6:72:f4:b9:94:3d:17:ba:ca: ad:db:67:1d:0e:6c:cc:8a:88:50:65:32:8d:8f:a3: e7:c7:0c:6a:3f:ba:aa:81:03:c5:f5:23:c1:81:ba: fd:53:6d:47:88:f5:a5:57:e6:97:5d:aa:74:de:01: 16:bd:e3:ec:30:5b:ad:3c:e5:37:82:85:af:11:57: 7b:f8:af:1a:8c:83:70:5b:55:1b:73:ff:19:3f:40: 00:d1:e6:80:35:8e:d1:a8:5b:85:d1:52:57:aa:bc: b2:35:ad:85:83:ab:77:bc:c0:7a:e7:eb:0c:e3:79: 7f:1d:30:31:ed:6b:52:e4:81:22:e7:f3:41:a4:fc: 1e:b7:cd:f8:ee:a4:fe:46:10:67:0b:42:25:4c:7a: c8:1d:a6:b0:b9:e6:16:15:27:8a:d2:6b:89:68:46: 11:f0:bf:a9:db:9b:76:0f:62:38:62:47:ff:22:66: b7:f8:66:24:ce:a7:67:59:65:c5:c7:5c:47:62:8c: 2f:c7:d0:d6:92:0b:41:37:1e:c0:23:5f:38:4d:3e: bb:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:1C:88:C3:D6:8E:56:73:D5:26:3A:C3:C9:67:EA:A7:1F:C3:9F:38 X509v3 Authority Key Identifier: keyid:EC:DA:73:07:0C:B6:C7:79:0D:C6:0B:86:9F:BB:04:31:D9:67:DE:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5C43/89E36E6A4B2C11EB911BAD70C4F9AE02/7NpzBwy2x3kNxguGn7sEMdln3k4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7NpzBwy2x3kNxguGn7sEMdln3k4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5C43/89E36E6A4B2C11EB911BAD70C4F9AE02/69482E56075411EFB23BE380C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.231.204.0/22 Signature Algorithm: sha256WithRSAEncryption 6d:8f:52:9e:d4:92:67:79:4e:8a:2a:c5:07:ad:fd:9a:c8:b4: 5a:9a:d1:9a:d9:2b:c9:b3:a4:e4:ed:b0:6f:c1:84:b6:12:2a: ef:7b:e3:4d:69:a6:c3:fc:1a:39:84:dc:75:ab:b7:8f:a2:ae: 45:8e:87:73:08:71:2d:47:f1:73:fd:8a:70:dc:62:88:7a:d8: ab:df:b8:0c:ba:e9:b8:9c:a5:6f:53:3b:5f:82:2e:df:29:8e: 3a:a5:13:a0:2f:fe:df:84:b7:4b:ac:32:90:d6:49:b9:8f:ef: 48:ec:83:f1:09:52:a0:03:d5:b0:fd:08:03:76:2c:70:1d:09: 6f:64:bc:50:f5:82:f7:3f:6f:9e:e1:fa:9a:fc:8d:23:b2:e5: 2a:8c:44:81:82:28:32:5c:4e:ba:49:20:b5:32:ff:33:54:66: 02:b5:90:30:f7:d4:d2:64:73:15:0c:d6:b3:c7:f8:38:ca:5f: 5b:7b:97:06:48:f9:a9:45:5a:fd:7b:f5:72:ad:dd:ed:1a:9c: c6:c4:fc:eb:d7:1e:94:af:fd:02:8f:8b:86:42:70:2d:86:71: 47:d7:a4:15:f8:1c:9f:30:71:72:18:79:2b:5a:e2:3c:fd:72: 56:05:62:9f:25:d6:01:54:d5:2d:ff:3a:ca:bf:2c:13:1d:b3: d9:78:28:8c -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBr8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTVDNDMxMTAvBgNVBAUTKEVDREE3MzA3MENCNkM3NzkwREM2MEI4NjlGQkIwNDMx RDk2N0RFNEUwHhcNMjUwMTI0MjIwMDU0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzk0MGQ5Ni00ZDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArGNS7IAdTEC2w/kpLddmoEkPGgJW3W7u5/B01O8uk72xgvuCnYdAMggdP+/B 0cDvT3qmcvS5lD0Xusqt22cdDmzMiohQZTKNj6PnxwxqP7qqgQPF9SPBgbr9U21H iPWlV+aXXap03gEWvePsMFutPOU3goWvEVd7+K8ajINwW1Ubc/8ZP0AA0eaANY7R qFuF0VJXqryyNa2Fg6t3vMB65+sM43l/HTAx7WtS5IEi5/NBpPwet8347qT+RhBn C0IlTHrIHaawueYWFSeK0muJaEYR8L+p25t2D2I4Ykf/Ima3+GYkzqdnWWXFx1xH Yowvx9DWkgtBNx7AI184TT67swIDAQABo4IClTCCApEwHQYDVR0OBBYEFHIciMPW jlZz1SY6w8ln6qcfw584MB8GA1UdIwQYMBaAFOzacwcMtsd5DcYLhp+7BDHZZ95O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUM0My84OUUzNkU2QTRC MkMxMUVCOTExQkFENzBDNEY5QUUwMi83TnB6Qnd5Mngza054Z3VHbjdzRU1kbG4z azQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdOcHpCd3kyeDNrTnhndUduN3NFTWRsbjNrNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTVDNDMvODlFMzZFNkE0QjJDMTFFQjkxMUJBRDcwQzRGOUFFMDIvNjk0ODJFNTYw NzU0MTFFRkIyM0JFMzgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJn58wwDQYJKoZIhvcNAQELBQADggEBAG2PUp7Ukmd5Tooq xQet/ZrItFqa0ZrZK8mzpOTtsG/BhLYSKu97401ppsP8GjmE3HWrt4+irkWOh3MI cS1H8XP9inDcYoh62KvfuAy66bicpW9TO1+CLt8pjjqlE6Av/t+Et0usMpDWSbmP 70jsg/EJUqAD1bD9CAN2LHAdCW9kvFD1gvc/b57h+pr8jSOy5SqMRIGCKDJcTrpJ ILUy/zNUZgK1kDD31NJkcxUM1rPH+DjKX1t7lwZI+alFWv179XKt3e0anMbE/OvX HpSv/QKPi4ZCcC2GcUfXpBX4HJ8wcXIYeSta4jz9clYFYp8l1gFU1S3/Osq/LBMd s9l4KIw= -----END CERTIFICATE-----Generated at Sat Apr 5 03:36:36 2025 by rpki-client