$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADFD3/1FD1A8BE948611E5AE0C8B72C4F9AE02/6880FA2C59D211EAB77C8C13C4F9AE02.roa File: 6880FA2C59D211EAB77C8C13C4F9AE02.roa (raw, json) Hash identifier: lXOFb0YJQZdFFX90oDPgUqBGFkT5p8wJoFtkhJ/Uo9A= Subject key identifier: 1D:FA:B0:EF:FC:12:B8:87:42:5E:81:53:1A:87:3B:A7:F4:31:DB:FE Certificate issuer: /CN=A91ADFD3/serialNumber=C6089EEBC556B77F64E44249A68B95D5BD941E40 Certificate serial: 22EC Authority key identifier: C6:08:9E:EB:C5:56:B7:7F:64:E4:42:49:A6:8B:95:D5:BD:94:1E:40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgie68VWt39k5EJJpouV1b2UHkA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ADFD3/1FD1A8BE948611E5AE0C8B72C4F9AE02/6880FA2C59D211EAB77C8C13C4F9AE02.roa Signing time: Tue 14 Jan 2025 15:52:51 +0000 ROA not before: Tue 14 Jan 2025 15:52:51 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 56017 IP address blocks: 43.249.176.0/22 maxlen: 24 103.4.72.0/22 maxlen: 24 113.197.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ADFD3/1FD1A8BE948611E5AE0C8B72C4F9AE02/xgie68VWt39k5EJJpouV1b2UHkA.crl rsync://rpki.apnic.net/member_repository/A91ADFD3/1FD1A8BE948611E5AE0C8B72C4F9AE02/xgie68VWt39k5EJJpouV1b2UHkA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgie68VWt39k5EJJpouV1b2UHkA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 15:52:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8940 (0x22ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ADFD3, serialNumber=C6089EEBC556B77F64E44249A68B95D5BD941E40 Validity Not Before: Jan 14 15:52:51 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67868853-27a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:2f:aa:af:5e:f9:22:1e:e8:83:35:99:fe:d7: f1:8d:e9:2b:a9:8d:76:89:3d:4f:b7:a1:32:d2:32: 53:1a:da:e1:07:9f:ff:5c:f5:3d:69:fe:5f:2b:85: 75:78:02:f4:39:cd:34:35:68:4a:4d:3b:0b:55:54: 4d:5d:c5:bb:d5:e8:88:34:01:6c:92:07:47:0b:1c: 08:e0:35:8a:fd:10:2a:b0:dc:88:bd:1f:06:9a:ff: e4:80:a4:69:cc:ff:a7:80:ba:cc:f6:a3:b0:27:ae: 39:a7:18:84:c3:95:e8:ff:cc:08:e1:13:b1:49:da: 8a:09:21:ca:2c:d4:84:4c:1f:eb:1a:1a:5d:83:64: 64:88:c4:2b:87:e6:de:b0:96:30:50:7d:c5:46:e3: e5:a8:b2:34:10:fe:1a:43:c2:eb:a0:87:47:ec:53: 65:0d:84:ec:09:f6:d8:da:56:8d:d5:08:44:ab:6f: e5:86:7c:a0:e6:06:e2:c3:e1:8c:10:e3:69:d2:76: 6f:8c:2e:81:47:69:2b:16:5f:35:fe:e1:e6:39:c6: 25:2d:f2:4a:b8:16:75:eb:3b:cf:4b:33:cb:67:c1: 34:9e:72:02:a3:d2:8f:d8:fa:ff:b9:e7:0d:f3:04: 40:7b:0f:f2:02:d8:18:0d:0e:16:29:dd:0c:8e:84: e2:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:FA:B0:EF:FC:12:B8:87:42:5E:81:53:1A:87:3B:A7:F4:31:DB:FE X509v3 Authority Key Identifier: keyid:C6:08:9E:EB:C5:56:B7:7F:64:E4:42:49:A6:8B:95:D5:BD:94:1E:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ADFD3/1FD1A8BE948611E5AE0C8B72C4F9AE02/xgie68VWt39k5EJJpouV1b2UHkA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgie68VWt39k5EJJpouV1b2UHkA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADFD3/1FD1A8BE948611E5AE0C8B72C4F9AE02/6880FA2C59D211EAB77C8C13C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.176.0/22 103.4.72.0/22 113.197.68.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:60:5e:35:d5:ef:18:bf:0d:a3:6f:9a:91:e2:17:a1:f5:0f: 81:b0:52:4d:8c:0e:99:0d:a6:e8:7d:52:68:e1:27:88:dc:cf: 53:85:98:4a:d7:21:06:4f:09:3c:45:b5:88:5e:15:81:c6:3f: 2d:d8:c8:be:44:7b:6b:93:65:01:1c:ca:a3:aa:09:29:4b:20: 49:82:c1:8b:01:11:2b:a5:28:0d:58:f4:c1:2a:72:a1:c7:26: fb:f2:d6:91:dd:8e:c7:1e:7c:7e:4c:cc:e6:89:77:ff:ac:6b: e9:f4:df:b8:03:a9:a8:e6:0a:38:6b:eb:49:25:0e:e9:5a:f3: e4:ef:bb:10:b3:a0:da:54:1a:b3:3d:7d:49:de:ac:b7:0b:e3: 86:3e:91:b8:fd:bc:19:2c:03:dd:4b:3c:90:aa:38:3d:9b:3f: 93:af:e6:fe:0d:c7:35:11:1e:d7:09:29:b3:e7:b6:a4:32:4a: 0a:ce:0f:70:f1:a9:72:c4:5e:69:74:ba:30:a4:a4:f8:6c:3c: ef:10:ac:7c:6a:ae:b6:6c:44:16:f0:57:b9:43:cd:f5:01:ec: 01:e2:15:35:5a:74:b6:92:46:2a:48:e0:a2:53:51:df:0a:84: 58:b9:57:67:01:ba:df:49:96:45:52:d6:28:a3:34:c0:8a:d9: 8f:5b:5d:f3 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICIuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QURGRDMxMTAvBgNVBAUTKEM2MDg5RUVCQzU1NkI3N0Y2NEU0NDI0OUE2OEI5NUQ1 QkQ5NDFFNDAwHhcNMjUwMTE0MTU1MjUxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzg2ODg1My0yN2E3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1S+qr175Ih7ogzWZ/tfxjekrqY12iT1Pt6Ey0jJTGtrhB5//XPU9af5fK4V1 eAL0Oc00NWhKTTsLVVRNXcW71eiINAFskgdHCxwI4DWK/RAqsNyIvR8Gmv/kgKRp zP+ngLrM9qOwJ645pxiEw5Xo/8wI4ROxSdqKCSHKLNSETB/rGhpdg2RkiMQrh+be sJYwUH3FRuPlqLI0EP4aQ8LroIdH7FNlDYTsCfbY2laN1QhEq2/lhnyg5gbiw+GM EONp0nZvjC6BR2krFl81/uHmOcYlLfJKuBZ16zvPSzPLZ8E0nnICo9KP2Pr/uecN 8wRAew/yAtgYDQ4WKd0MjoTiRQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFB36sO/8 EriHQl6BUxqHO6f0Mdv+MB8GA1UdIwQYMBaAFMYInuvFVrd/ZORCSaaLldW9lB5A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREZEMy8xRkQxQThCRTk0 ODYxMUU1QUUwQzhCNzJDNEY5QUUwMi94Z2llNjhWV3QzOWs1RUpKcG91VjFiMlVI a0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hnaWU2OFZXdDM5azVFSkpwb3VWMWIyVUhrQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QURGRDMvMUZEMUE4QkU5NDg2MTFFNUFFMEM4QjcyQzRGOUFFMDIvNjg4MEZBMkM1 OUQyMTFFQUI3N0M4QzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAIr+bADBAJnBEgDBAJxxUQwDQYJKoZIhvcNAQELBQADggEB AGpgXjXV7xi/DaNvmpHiF6H1D4GwUk2MDpkNpuh9UmjhJ4jcz1OFmErXIQZPCTxF tYheFYHGPy3YyL5Ee2uTZQEcyqOqCSlLIEmCwYsBESulKA1Y9MEqcqHHJvvy1pHd jscefH5MzOaJd/+sa+n037gDqajmCjhr60klDula8+TvuxCzoNpUGrM9fUnerLcL 44Y+kbj9vBksA91LPJCqOD2bP5Ov5v4NxzURHtcJKbPntqQySgrOD3DxqXLEXml0 ujCkpPhsPO8QrHxqrrZsRBbwV7lDzfUB7AHiFTVadLaSRipI4KJTUd8KhFi5V2cB ut9JlkVS1iijNMCK2Y9bXfM= -----END CERTIFICATE-----Generated at Wed Apr 16 04:59:00 2025 by rpki-client