$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/4DD0C31C0E2011F0A0825648C4F9AE02.roa File: 4DD0C31C0E2011F0A0825648C4F9AE02.roa (raw, json) Hash identifier: du376WMFOKD/a9uf3MGGL3VS5ZLCrCcq+s6a0CeqqJw= Subject key identifier: 66:50:82:53:F9:35:43:3A:04:6C:ED:A0:0B:55:62:94:58:D9:4D:E2 Certificate issuer: /CN=A91AA28B/serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Certificate serial: 0D39 Authority key identifier: 6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/4DD0C31C0E2011F0A0825648C4F9AE02.roa Signing time: Mon 31 Mar 2025 11:07:16 +0000 ROA not before: Mon 31 Mar 2025 11:07:16 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 58682 IP address blocks: 103.204.208.0/22 maxlen: 22 103.204.208.0/24 maxlen: 24 103.204.209.0/24 maxlen: 24 103.204.210.0/24 maxlen: 24 103.204.211.0/24 maxlen: 24 202.181.16.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 17:56:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3385 (0xd39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA28B Validity Not Before: Mar 31 11:07:16 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67ea7763-0ce1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:35:3f:fb:58:4d:85:f4:e3:52:21:fb:c2:d8: 3a:24:7e:4c:ef:57:e1:2c:42:fc:a7:b8:96:81:3b: d2:c0:60:42:4a:b2:22:f6:f9:46:07:0d:df:ac:36: 46:83:88:c5:a0:7b:21:c6:f1:39:07:e8:b0:4c:99: 94:2e:44:f5:11:b7:b6:12:c3:ba:4e:82:de:a3:15: 35:68:23:17:af:67:33:f7:52:f8:4c:18:59:62:ec: 44:91:d6:b0:8e:a7:26:13:d3:24:5f:2d:5c:ab:16: 85:0e:03:c8:c7:6f:ba:e2:93:a4:ed:f6:14:30:b3: 09:27:c7:cb:eb:5b:6f:90:32:fb:d6:c8:e5:f4:06: 43:52:96:c1:c0:ab:7d:8a:91:2a:73:ab:c6:cb:3c: 1e:0e:36:2f:f7:30:14:8e:fd:4b:c6:03:21:ec:a6: 32:a3:70:6a:25:de:15:45:2a:46:25:8b:33:8e:c6: b8:d8:40:cc:41:fb:fb:ba:90:68:61:cd:fb:ec:07: 51:6c:10:dc:10:1e:34:40:86:f9:f7:c5:81:43:66: 3d:19:36:63:52:72:41:f9:33:19:95:14:4f:20:92: ed:6a:bf:a1:26:2b:52:a0:a4:f6:34:94:90:72:c9: 60:10:8a:d4:5e:1f:f6:18:4b:a5:4c:93:fb:a5:51: 8b:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:50:82:53:F9:35:43:3A:04:6C:ED:A0:0B:55:62:94:58:D9:4D:E2 X509v3 Authority Key Identifier: keyid:6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/4DD0C31C0E2011F0A0825648C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.204.208.0/22 202.181.16.0/24 Signature Algorithm: sha256WithRSAEncryption 72:89:bf:57:b0:56:4e:66:aa:f7:ea:53:9f:90:3b:69:77:0e: 65:23:44:90:ea:b0:25:ef:5d:9a:4f:ba:ba:c8:23:17:d4:b5: 7d:42:33:57:09:db:9c:bf:87:72:b8:c3:80:e7:0b:d5:8f:25: b4:d0:90:8e:89:dd:26:c5:aa:de:a2:f2:32:50:46:92:ba:49: de:be:61:0f:33:cc:26:ef:8d:a7:b2:62:7a:0a:29:1a:d0:41: 79:02:0a:75:77:09:a3:9d:02:48:6d:4d:18:19:48:d0:af:8a: 05:be:b1:c5:62:87:cb:2e:56:5c:62:d0:c8:da:e0:91:63:6f: 7c:77:ec:8f:ea:53:88:d2:93:2e:44:38:30:90:19:7c:1a:5f: df:e6:86:d4:d3:ad:4c:77:87:2a:af:de:8b:55:74:45:40:0a: ac:22:e0:17:98:44:a1:75:0a:3b:63:00:a4:9a:63:0a:dd:24: 6b:d3:0b:9f:a8:df:7a:f5:9f:2c:15:e8:03:51:53:ad:50:b8: c2:42:b0:a3:5b:31:97:23:21:0c:3b:74:a3:9a:81:9e:ad:86: 17:5c:f9:be:28:86:c9:66:99:4d:fe:fd:a2:be:4a:1f:ff:f8: b2:b7:ee:e7:2a:63:ac:e8:36:fa:b6:ea:d6:31:1e:ce:4a:74: d9:b3:b6:2e -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICDTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUEyOEIxMTAvBgNVBAUTKDZGQzJFREYwQzUxMTUyQTNCRUMxMTQ5QTFCREIyRURC MjkzQzlEOTUwHhcNMjUwMzMxMTEwNzE2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2VhNzc2My0wY2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2TU/+1hNhfTjUiH7wtg6JH5M71fhLEL8p7iWgTvSwGBCSrIi9vlGBw3frDZG g4jFoHshxvE5B+iwTJmULkT1Ebe2EsO6ToLeoxU1aCMXr2cz91L4TBhZYuxEkdaw jqcmE9MkXy1cqxaFDgPIx2+64pOk7fYUMLMJJ8fL61tvkDL71sjl9AZDUpbBwKt9 ipEqc6vGyzweDjYv9zAUjv1LxgMh7KYyo3BqJd4VRSpGJYszjsa42EDMQfv7upBo Yc377AdRbBDcEB40QIb598WBQ2Y9GTZjUnJB+TMZlRRPIJLtar+hJitSoKT2NJSQ cslgEIrUXh/2GEulTJP7pVGL6wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGZQglP5 NUM6BGztoAtVYpRY2U3iMB8GA1UdIwQYMBaAFG/C7fDFEVKjvsEUmhvbLtspPJ2V MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTI4Qi8xRTAyNjRBQURC QzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVxTy13UlNhRzlzdTJ5azhu WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I4THQ4TVVSVXFPLXdSU2FHOXN1MnlrOG5aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUEyOEIvMUUwMjY0QUFEQkM4MTFFOUJFQTkxMDUxQzRGOUFFMDIvNEREMEMzMUMw RTIwMTFGMEEwODI1NjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnzNADBADKtRAwDQYJKoZIhvcNAQELBQADggEBAHKJv1ew Vk5mqvfqU5+QO2l3DmUjRJDqsCXvXZpPurrIIxfUtX1CM1cJ25y/h3K4w4DnC9WP JbTQkI6J3SbFqt6i8jJQRpK6Sd6+YQ8zzCbvjaeyYnoKKRrQQXkCCnV3CaOdAkht TRgZSNCvigW+scVih8suVlxi0Mja4JFjb3x37I/qU4jSky5EODCQGXwaX9/mhtTT rUx3hyqv3otVdEVACqwi4BeYRKF1CjtjAKSaYwrdJGvTC5+o33r1nywV6ANRU61Q uMJCsKNbMZcjIQw7dKOagZ6thhdc+b4ohslmmU3+/aK+Sh//+LK37ucqY6zoNvq2 6tYxHs5KdNmzti4= -----END CERTIFICATE-----Generated at Mon Apr 7 05:25:54 2025 by rpki-client