$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/43E9CB90DFF511EF8E4E3982C4F9AE02.roa File: 43E9CB90DFF511EF8E4E3982C4F9AE02.roa (raw, json) Hash identifier: ed3VnRz1sRChg/cFQmGXFi6QslMtcDU5X1xXHCQiW6k= Subject key identifier: CE:2E:93:57:13:BF:E9:94:D2:7C:D8:9B:D1:88:72:0D:D5:C8:C6:AD Certificate issuer: /CN=A91AF145/serialNumber=70DA459191E90686BDB0AC47ABDA30A9C3E174FA Certificate serial: 0125 Authority key identifier: 70:DA:45:91:91:E9:06:86:BD:B0:AC:47:AB:DA:30:A9:C3:E1:74:FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNpFkZHpBoa9sKxHq9owqcPhdPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/43E9CB90DFF511EF8E4E3982C4F9AE02.roa Signing time: Fri 31 Jan 2025 17:03:45 +0000 ROA not before: Fri 31 Jan 2025 17:03:45 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 45814 IP address blocks: 103.156.136.0/24 maxlen: 24 103.156.137.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/cNpFkZHpBoa9sKxHq9owqcPhdPo.crl rsync://rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/cNpFkZHpBoa9sKxHq9owqcPhdPo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNpFkZHpBoa9sKxHq9owqcPhdPo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 03:49:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 293 (0x125) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF145 Validity Not Before: Jan 31 17:03:45 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=679d0271-b081 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:c1:62:36:c5:d7:28:37:ae:3a:0e:20:0b:12: b3:5f:bc:c4:f3:2a:9b:eb:54:d6:70:10:57:a5:e7: 6a:89:21:5a:df:d4:62:a2:a3:1c:15:6d:82:e8:b2: 4c:1c:bf:0a:3f:35:ba:bb:b9:a6:1e:a4:18:31:c8: c6:5e:c5:58:f4:48:b1:c6:d1:79:70:1b:72:c6:5b: 76:fd:b8:7d:19:1b:62:e2:ad:28:28:5b:0b:0a:0f: dc:39:a6:03:a7:07:dc:23:09:61:87:43:68:33:06: 51:95:fd:6c:3f:c6:1c:ec:3a:4a:77:d4:7d:95:78: fd:0d:5f:37:c7:31:8a:ab:a9:8e:13:5f:5e:f0:6a: 7f:5d:22:57:e1:0d:56:05:a7:bc:4d:90:62:7f:3d: 63:b7:f1:7c:3f:3c:fc:2b:fc:86:c5:15:dc:3e:d5: 15:de:22:d5:e8:ae:39:fb:c2:da:f0:86:54:9c:4b: 82:cf:e3:63:fd:42:a3:b4:e7:9f:ac:c2:52:1c:a7: a1:50:b2:18:23:04:ff:6c:0c:59:7a:88:44:f4:a0: 26:f0:38:bc:f5:b1:9d:72:a0:24:19:08:d5:9a:5d: b6:f6:58:c8:49:40:7c:e6:20:43:53:50:99:ea:f7: fd:4a:b7:f8:38:59:4e:56:b2:e0:53:af:d9:63:29: c5:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:2E:93:57:13:BF:E9:94:D2:7C:D8:9B:D1:88:72:0D:D5:C8:C6:AD X509v3 Authority Key Identifier: keyid:70:DA:45:91:91:E9:06:86:BD:B0:AC:47:AB:DA:30:A9:C3:E1:74:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/cNpFkZHpBoa9sKxHq9owqcPhdPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNpFkZHpBoa9sKxHq9owqcPhdPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/43E9CB90DFF511EF8E4E3982C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.156.136.0/23 Signature Algorithm: sha256WithRSAEncryption 17:df:b2:cd:0e:50:62:ec:0b:01:83:a0:ec:12:e5:2b:ad:c6: 45:85:1c:4e:28:ba:e3:67:d8:21:31:28:cd:35:17:cf:2e:2b: 97:a8:2d:a2:d4:e0:0c:0a:ae:b0:d9:a7:84:cf:a9:a2:a3:4a: bf:1a:7a:40:72:03:84:34:4b:e2:23:56:ff:4b:08:8c:af:cd: 83:12:7f:80:35:64:32:1b:22:70:0b:1b:08:ca:2e:18:5f:ce: 1e:46:e4:af:cb:7b:7c:be:c1:97:37:4a:64:5e:3d:0a:90:c7: 8c:ac:be:90:53:12:14:cd:49:77:2a:2d:55:df:85:06:9f:bb: 9b:4a:59:13:fb:e9:22:c7:7a:f0:4b:97:24:79:fd:d4:53:83: 84:4e:b8:3e:eb:c0:0a:45:72:f6:21:2b:e3:35:c3:42:a6:7b: aa:7c:15:d5:4a:bc:11:c5:ae:b8:a9:71:f7:87:b6:8c:b4:d3: 31:52:26:c2:9f:15:e1:80:71:90:f5:4a:bd:65:32:0b:36:dc: 83:57:e6:e2:6c:96:65:0d:91:81:af:53:37:34:0b:d2:1c:0d: 78:93:b7:3d:27:f8:6b:44:68:26:3d:e4:80:84:5f:10:bd:a2: ba:4e:16:04:d8:13:c5:c3:a8:9f:55:6c:92:be:21:9c:43:9a: 05:e7:a7:44 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICASUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYxNDUxMTAvBgNVBAUTKDcwREE0NTkxOTFFOTA2ODZCREIwQUM0N0FCREEzMEE5 QzNFMTc0RkEwHhcNMjUwMTMxMTcwMzQ1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzlkMDI3MS1iMDgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA18FiNsXXKDeuOg4gCxKzX7zE8yqb61TWcBBXpedqiSFa39RioqMcFW2C6LJM HL8KPzW6u7mmHqQYMcjGXsVY9EixxtF5cBtyxlt2/bh9GRti4q0oKFsLCg/cOaYD pwfcIwlhh0NoMwZRlf1sP8Yc7DpKd9R9lXj9DV83xzGKq6mOE19e8Gp/XSJX4Q1W Bae8TZBifz1jt/F8Pzz8K/yGxRXcPtUV3iLV6K45+8La8IZUnEuCz+Nj/UKjtOef rMJSHKehULIYIwT/bAxZeohE9KAm8Di89bGdcqAkGQjVml229ljISUB85iBDU1CZ 6vf9Srf4OFlOVrLgU6/ZYynF9QIDAQABo4IClTCCApEwHQYDVR0OBBYEFM4uk1cT v+mU0nzYm9GIcg3VyMatMB8GA1UdIwQYMBaAFHDaRZGR6QaGvbCsR6vaMKnD4XT6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjE0NS8yNzgwNzNDRTM2 RUExMUVFQUUxMEFBNDVDNEY5QUUwMi9jTnBGa1pIcEJvYTlzS3hIcTlvd3FjUGhk UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NOcEZrWkhwQm9hOXNLeEhxOW93cWNQaGRQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUYxNDUvMjc4MDczQ0UzNkVBMTFFRUFFMTBBQTQ1QzRGOUFFMDIvNDNFOUNCOTBE RkY1MTFFRjhFNEUzOTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnnIgwDQYJKoZIhvcNAQELBQADggEBABffss0OUGLsCwGD oOwS5SutxkWFHE4ouuNn2CExKM01F88uK5eoLaLU4AwKrrDZp4TPqaKjSr8aekBy A4Q0S+IjVv9LCIyvzYMSf4A1ZDIbInALGwjKLhhfzh5G5K/Le3y+wZc3SmRePQqQ x4ysvpBTEhTNSXcqLVXfhQafu5tKWRP76SLHevBLlyR5/dRTg4ROuD7rwApFcvYh K+M1w0Kme6p8FdVKvBHFrripcfeHtoy00zFSJsKfFeGAcZD1Sr1lMgs23INX5uJs lmUNkYGvUzc0C9IcDXiTtz0n+GtEaCY95ICEXxC9orpOFgTYE8XDqJ9VbJK+IZxD mgXnp0Q= -----END CERTIFICATE-----Generated at Sun Apr 6 01:46:53 2025 by rpki-client