$ rpki-client -vvf rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/0940732E0E6311EDB98DEA0DC4F9AE02.roa File: 0940732E0E6311EDB98DEA0DC4F9AE02.roa (raw, json) Hash identifier: RMYTLsjzchYs7RKbF9BO3OVp44cFPqnQKzT6ydktQoo= Subject key identifier: 05:9B:2D:C9:AF:B5:45:7F:02:1A:BF:62:4B:23:F5:A2:FA:34:0E:76 Certificate issuer: /CN=A91A654C/serialNumber=5EA11C8A3A29E06973C1F121611D5A5C2A1B069D Certificate serial: 06D4 Authority key identifier: 5E:A1:1C:8A:3A:29:E0:69:73:C1:F1:21:61:1D:5A:5C:2A:1B:06:9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqEcijop4GlzwfEhYR1aXCobBp0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/0940732E0E6311EDB98DEA0DC4F9AE02.roa Signing time: Wed 04 Dec 2024 05:24:08 +0000 ROA not before: Wed 04 Dec 2024 05:24:08 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 136969 IP address blocks: 103.12.196.0/24 maxlen: 24 103.12.197.0/24 maxlen: 24 103.12.198.0/24 maxlen: 24 103.12.199.0/24 maxlen: 24 103.73.100.0/24 maxlen: 24 103.73.101.0/24 maxlen: 24 103.73.102.0/24 maxlen: 24 103.73.103.0/24 maxlen: 24 103.125.176.0/24 maxlen: 24 103.125.177.0/24 maxlen: 24 103.125.178.0/24 maxlen: 24 103.125.179.0/24 maxlen: 24 2406:f480::/32 maxlen: 32 2406:f480::/64 maxlen: 64 2406:f480:0:1::/64 maxlen: 64 2406:f480:0:2::/64 maxlen: 64 2406:f480:0:3::/64 maxlen: 64 2406:f480:800::/38 maxlen: 38 2406:f480:2000::/35 maxlen: 35 2406:f480:8000::/35 maxlen: 35 2406:f480:8000::/64 maxlen: 64 2406:f480:8000:40::/64 maxlen: 64 2406:f480:8000:41::/64 maxlen: 64 2406:f480:8000:42::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/XqEcijop4GlzwfEhYR1aXCobBp0.crl rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/XqEcijop4GlzwfEhYR1aXCobBp0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqEcijop4GlzwfEhYR1aXCobBp0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 22:08:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1748 (0x6d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A654C Validity Not Before: Dec 4 05:24:08 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=674fe777-64d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f5:ec:bd:d8:f8:03:d0:42:d3:dc:49:7b:99: 6f:fc:e6:b2:e2:c3:be:e5:1a:7e:24:be:33:27:8c: 36:be:1b:b7:36:c1:cd:1a:78:bb:f6:db:e8:3a:94: 96:64:d2:ed:41:70:4a:4d:ce:c9:d9:85:ef:35:f2: dd:3a:3d:4b:34:ca:22:42:cb:c8:5d:34:a6:63:c1: df:11:9b:58:d9:bb:67:56:1e:4e:9f:9c:39:77:3d: 2d:f0:49:b4:e0:56:d3:ab:6a:ba:bb:ee:7c:5e:08: 16:bc:6e:78:de:b3:27:70:7f:d7:9c:cf:f7:7f:ed: 26:8e:c9:64:23:16:17:6a:2e:27:07:4c:6e:27:75: 91:4b:cd:c3:52:fe:70:63:6e:40:c8:9e:37:12:7d: d0:e8:cf:08:11:1d:d0:11:57:97:0c:d5:9e:82:3e: 21:26:06:bc:42:43:8e:e0:96:fe:ca:68:b0:a0:d6: 72:41:d5:93:c8:1e:59:43:b4:a8:02:c8:62:97:c5: 52:83:29:82:71:60:55:7a:4f:11:d1:01:ba:d1:73: 85:45:bf:ff:b5:6f:d1:26:a0:1d:de:69:24:92:58: d1:9f:35:07:f1:09:58:e8:54:51:a1:ce:2f:a2:62: 76:aa:3f:c6:91:04:b2:85:dc:67:c4:0b:1f:34:75: 1c:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:9B:2D:C9:AF:B5:45:7F:02:1A:BF:62:4B:23:F5:A2:FA:34:0E:76 X509v3 Authority Key Identifier: keyid:5E:A1:1C:8A:3A:29:E0:69:73:C1:F1:21:61:1D:5A:5C:2A:1B:06:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/XqEcijop4GlzwfEhYR1aXCobBp0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqEcijop4GlzwfEhYR1aXCobBp0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/0940732E0E6311EDB98DEA0DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.12.196.0/22 103.73.100.0/22 103.125.176.0/22 IPv6: 2406:f480::/32 Signature Algorithm: sha256WithRSAEncryption 2f:ab:3d:c9:10:b5:41:dc:84:0a:61:cf:3d:0f:4b:aa:ac:12: fd:3c:b3:19:a8:87:86:e9:10:d7:b6:84:0d:42:47:8a:07:5d: 59:12:01:fd:57:b8:db:68:6f:d2:60:38:02:36:af:77:26:bf: 3c:4d:c3:bb:76:f5:5f:1a:6d:eb:d7:f5:4a:74:12:f8:cd:0d: 35:86:94:03:e4:f0:f3:13:4b:ed:a6:14:6d:37:3e:5b:09:5a: a8:30:bf:0d:28:ae:86:15:e0:22:10:7f:4a:10:64:4a:aa:65: 6b:1b:c0:de:cb:61:e7:c2:42:7b:29:6f:29:b7:2d:e5:2a:87: bb:3e:43:78:10:c7:1f:27:c3:af:ba:36:7e:60:57:80:09:da: 36:4e:9d:9f:e0:3b:24:34:19:55:0a:01:52:04:f7:03:2f:0d: 6d:eb:f8:b1:c8:ee:a8:08:3e:ca:81:81:e9:17:7c:ca:3e:02: 86:68:4e:ef:f6:b2:f4:5f:8a:b0:17:45:7f:83:38:6d:2b:72: 63:fd:60:8b:56:fc:4b:98:b1:6b:ea:47:92:aa:5a:b8:b8:bf: fa:78:42:ee:c1:7f:5d:69:b0:81:fd:7e:38:2b:e4:48:95:6a: 84:03:e7:e2:67:5a:cc:54:20:66:7a:dc:c7:3d:f1:dc:75:c3: a1:36:c0:c5 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICBtQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTY1NEMxMTAvBgNVBAUTKDVFQTExQzhBM0EyOUUwNjk3M0MxRjEyMTYxMUQ1QTVD MkExQjA2OUQwHhcNMjQxMjA0MDUyNDA4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzRmZTc3Ny02NGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo/Xsvdj4A9BC09xJe5lv/Oay4sO+5Rp+JL4zJ4w2vhu3NsHNGni79tvoOpSW ZNLtQXBKTc7J2YXvNfLdOj1LNMoiQsvIXTSmY8HfEZtY2btnVh5On5w5dz0t8Em0 4FbTq2q6u+58XggWvG543rMncH/XnM/3f+0mjslkIxYXai4nB0xuJ3WRS83DUv5w Y25AyJ43En3Q6M8IER3QEVeXDNWegj4hJga8QkOO4Jb+ymiwoNZyQdWTyB5ZQ7So Ashil8VSgymCcWBVek8R0QG60XOFRb//tW/RJqAd3mkkkljRnzUH8QlY6FRRoc4v omJ2qj/GkQSyhdxnxAsfNHUc3wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFAWbLcmv tUV/Ahq/Yksj9aL6NA52MB8GA1UdIwQYMBaAFF6hHIo6KeBpc8HxIWEdWlwqGwad MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjU0Qy81MUE5RUFDQzQx NjAxMUVCOTA4NzQ0NTBDNEY5QUUwMi9YcUVjaWpvcDRHbHp3ZkVoWVIxYVhDb2JC cDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hxRWNpam9wNEdsendmRWhZUjFhWENvYkJwMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTY1NEMvNTFBOUVBQ0M0MTYwMTFFQjkwODc0NDUwQzRGOUFFMDIvMDk0MDczMkUw RTYzMTFFREI5OERFQTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnDMQDBAJnSWQDBAJnfbAwDQQCAAIwBwMFACQG9IAwDQYJ KoZIhvcNAQELBQADggEBAC+rPckQtUHchAphzz0PS6qsEv08sxmoh4bpENe2hA1C R4oHXVkSAf1XuNtob9JgOAI2r3cmvzxNw7t29V8abevX9Up0EvjNDTWGlAPk8PMT S+2mFG03PlsJWqgwvw0oroYV4CIQf0oQZEqqZWsbwN7LYefCQnspbym3LeUqh7s+ Q3gQxx8nw6+6Nn5gV4AJ2jZOnZ/gOyQ0GVUKAVIE9wMvDW3r+LHI7qgIPsqBgekX fMo+AoZoTu/2svRfirAXRX+DOG0rcmP9YItW/EuYsWvqR5KqWri4v/p4Qu7Bf11p sIH9fjgr5EiVaoQD5+JnWsxUIGZ63Mc98dx1w6E2wMU= -----END CERTIFICATE-----Generated at Sat Apr 5 06:10:04 2025 by rpki-client