$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/F2CD19D6E96011EF8940367DC4F9AE02.roa File: F2CD19D6E96011EF8940367DC4F9AE02.roa (raw, json) Hash identifier: u8mLTgdlzLOcst0PW7RFWtPWXwp8xBwUEW3SQOngh5k= Subject key identifier: 45:0F:DE:DF:FC:10:89:D2:87:BE:8B:21:19:D5:47:F2:1C:1E:C9:03 Certificate issuer: /CN=A91A6F68/serialNumber=620D39B3A1837973BD13269F2B06AC9B2738820D Certificate serial: 0E Authority key identifier: 62:0D:39:B3:A1:83:79:73:BD:13:26:9F:2B:06:AC:9B:27:38:82:0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yg05s6GDeXO9EyafKwasmyc4gg0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/F2CD19D6E96011EF8940367DC4F9AE02.roa Signing time: Wed 12 Feb 2025 16:48:08 +0000 ROA not before: Wed 12 Feb 2025 16:48:08 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 50049 IP address blocks: 43.250.52.0/22 maxlen: 22 43.250.52.0/24 maxlen: 24 43.250.53.0/24 maxlen: 24 43.250.54.0/24 maxlen: 24 43.250.55.0/24 maxlen: 24 103.41.176.0/22 maxlen: 22 103.41.176.0/24 maxlen: 24 103.41.177.0/24 maxlen: 24 103.41.178.0/24 maxlen: 24 103.41.179.0/24 maxlen: 24 2406:4fc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/Yg05s6GDeXO9EyafKwasmyc4gg0.crl rsync://rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/Yg05s6GDeXO9EyafKwasmyc4gg0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yg05s6GDeXO9EyafKwasmyc4gg0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 07:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14 (0xe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A6F68 Validity Not Before: Feb 12 16:48:08 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67acd0c7-8f33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ec:83:e5:a9:20:ea:cf:1f:87:e1:8e:71:45: fb:9a:01:4d:b9:9c:9f:a2:ec:bc:5a:82:5d:60:5b: f8:b1:5f:61:a2:de:70:4a:4a:14:3d:48:c6:dd:47: ff:67:0a:54:b2:14:02:08:35:44:9e:0f:5c:f2:93: 4a:b7:dd:e0:eb:19:b5:82:9b:43:45:93:a6:b1:dc: d1:07:2d:f9:f3:96:53:f7:4e:44:00:e7:95:4a:da: a8:fb:27:67:af:90:00:67:bd:08:1b:ad:77:9a:f3: 5a:dd:1a:5d:4c:4f:00:0e:5f:ca:4c:00:5e:dc:02: b9:4a:5a:7a:c9:d5:70:7c:08:f7:0e:85:ec:c9:e1: 61:64:26:38:15:04:6e:c9:85:e9:c8:51:58:91:78: 44:6e:c7:0b:90:4c:ad:f4:74:76:bb:21:81:75:4a: 91:78:9c:c2:48:b8:ce:cb:36:ad:59:40:d6:3f:c7: c1:09:4a:8f:4e:02:2b:76:91:68:b4:9b:58:14:1d: b9:96:52:83:de:50:85:91:c3:9d:cd:b0:61:4b:75: 4e:6e:8b:05:64:65:04:e9:8e:2d:f0:14:cd:d7:b8: 88:c2:a0:d2:66:6e:4c:b8:cd:98:cf:9f:5b:ec:2b: 5e:dc:1f:a3:1b:5a:58:26:11:d6:79:bc:29:45:b9: 08:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:0F:DE:DF:FC:10:89:D2:87:BE:8B:21:19:D5:47:F2:1C:1E:C9:03 X509v3 Authority Key Identifier: keyid:62:0D:39:B3:A1:83:79:73:BD:13:26:9F:2B:06:AC:9B:27:38:82:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/Yg05s6GDeXO9EyafKwasmyc4gg0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yg05s6GDeXO9EyafKwasmyc4gg0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6F68/92E25962DF2111EF833F4F2CC4F9AE02/F2CD19D6E96011EF8940367DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.250.52.0/22 103.41.176.0/22 IPv6: 2406:4fc0::/32 Signature Algorithm: sha256WithRSAEncryption b7:43:fc:db:15:a6:aa:5f:e2:cc:cb:cb:57:7a:a1:a1:82:fc: 1a:fa:d9:c7:0c:18:99:1f:69:8d:2e:a0:8b:5b:98:9a:78:fb: 15:64:f9:0c:7d:8b:96:98:8c:a0:13:ca:f0:2a:5d:99:f4:e6: cf:0b:a2:9a:e9:4d:52:da:96:1a:71:33:58:cf:e9:8d:ac:ac: a6:3a:ad:f0:e1:26:74:34:c0:0c:6f:4b:92:62:03:ab:23:96: 61:a5:94:9c:bf:0b:24:dd:8f:13:26:2c:8d:23:46:66:9d:4f: 62:2d:42:f1:92:ed:fe:54:dd:d7:04:ea:d0:94:c2:13:d4:d7: fc:1e:c8:bf:36:94:63:40:3d:ae:c1:37:bc:0c:f2:48:fa:9a: e2:d3:9a:43:6f:2f:5a:99:4f:54:9c:ea:ed:4b:91:70:ff:ab: 02:0b:02:2e:0e:a9:d5:94:93:2b:84:59:ae:e5:5a:79:3a:1f: 17:29:39:e5:fb:d8:1b:35:54:4c:d0:20:b3:9a:17:e9:b0:d2: 9d:a8:b9:59:88:63:ca:65:f7:6a:a8:43:a8:df:a5:a1:5c:31: 83:94:37:a2:09:c6:88:62:2c:8f:bc:c4:56:fc:45:75:b6:71: b8:db:8e:ad:49:a1:5b:2a:9a:d0:51:12:30:ff:0d:b8:27:ad: 5b:64:f7:0f -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NkY2ODExMC8GA1UEBRMoNjIwRDM5QjNBMTgzNzk3M0JEMTMyNjlGMkIwNkFDOUIy NzM4ODIwRDAeFw0yNTAyMTIxNjQ4MDhaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YWNkMGM3LThmMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDI7IPlqSDqzx+H4Y5xRfuaAU25nJ+i7Lxagl1gW/ixX2Gi3nBKShQ9SMbdR/9n ClSyFAIINUSeD1zyk0q33eDrGbWCm0NFk6ax3NEHLfnzllP3TkQA55VK2qj7J2ev kABnvQgbrXea81rdGl1MTwAOX8pMAF7cArlKWnrJ1XB8CPcOhezJ4WFkJjgVBG7J henIUViReERuxwuQTK30dHa7IYF1SpF4nMJIuM7LNq1ZQNY/x8EJSo9OAit2kWi0 m1gUHbmWUoPeUIWRw53NsGFLdU5uiwVkZQTpji3wFM3XuIjCoNJmbky4zZjPn1vs K17cH6MbWlgmEdZ5vClFuQjTAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQURQ/e3/wQ idKHvoshGdVH8hweyQMwHwYDVR0jBBgwFoAUYg05s6GDeXO9EyafKwasmyc4gg0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE2RjY4LzkyRTI1OTYyREYy MTExRUY4MzNGNEYyQ0M0RjlBRTAyL1lnMDVzNkdEZVhPOUV5YWZLd2FzbXljNGdn MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWWcwNXM2R0RlWE85RXlhZkt3YXNteWM0Z2cwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NkY2OC85MkUyNTk2MkRGMjExMUVGODMzRjRGMkNDNEY5QUUwMi9GMkNEMTlENkU5 NjAxMUVGODk0MDM2N0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl MCMwEgQCAAEwDAMEAiv6NAMEAmcpsDANBAIAAjAHAwUAJAZPwDANBgkqhkiG9w0B AQsFAAOCAQEAt0P82xWmql/izMvLV3qhoYL8GvrZxwwYmR9pjS6gi1uYmnj7FWT5 DH2LlpiMoBPK8CpdmfTmzwuimulNUtqWGnEzWM/pjayspjqt8OEmdDTADG9LkmID qyOWYaWUnL8LJN2PEyYsjSNGZp1PYi1C8ZLt/lTd1wTq0JTCE9TX/B7IvzaUY0A9 rsE3vAzySPqa4tOaQ28vWplPVJzq7UuRcP+rAgsCLg6p1ZSTK4RZruVaeTofFyk5 5fvYGzVUTNAgs5oX6bDSnai5WYhjymX3aqhDqN+loVwxg5Q3ognGiGIsj7zEVvxF dbZxuNuOrUmhWyqa0FESMP8NuCetW2T3Dw== -----END CERTIFICATE-----Generated at Sat Apr 12 02:22:17 2025 by rpki-client