$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/304DD002EFAB11EF97C9610FC4F9AE02.roa File: 304DD002EFAB11EF97C9610FC4F9AE02.roa (raw, json) Hash identifier: xsROjP2odAWh0kHafpV6U2yAzjD0YVmpO7HNKMKB17M= Subject key identifier: 75:3F:FB:AA:99:C6:5D:29:DD:4D:EB:8F:4F:5B:C3:EC:98:0C:6F:D1 Certificate issuer: /CN=A91B0F90/serialNumber=5C0A3523FD3645A7635AF2519ADCD002E132FBCE Certificate serial: 14 Authority key identifier: 5C:0A:35:23:FD:36:45:A7:63:5A:F2:51:9A:DC:D0:02:E1:32:FB:CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/304DD002EFAB11EF97C9610FC4F9AE02.roa Signing time: Thu 20 Feb 2025 16:53:42 +0000 ROA not before: Thu 20 Feb 2025 16:53:42 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 139077 IP address blocks: 103.139.104.0/23 maxlen: 24 202.4.28.0/23 maxlen: 24 2001:df0:7380::/48 maxlen: 48 2401:c4a0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.crl rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0F90 Validity Not Before: Feb 20 16:53:42 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67b75e16-263a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:26:8a:62:a6:ed:1b:91:13:f9:8b:38:e9:fd: b7:de:ad:6d:83:55:43:4c:e8:b0:b1:cf:2f:74:40: ea:f1:cd:44:55:08:19:14:f3:3b:ef:00:e0:f7:05: b3:fd:e2:00:4d:35:91:26:a4:b2:a5:0e:80:68:15: 8c:f6:7a:f2:f2:29:ff:b0:cb:c1:69:6e:37:dd:ac: a0:17:3c:f8:a7:93:d2:bb:6b:51:41:42:31:ac:f2: 20:f5:76:07:68:ea:4e:f3:d8:a6:c2:b7:04:2e:39: dc:0b:1a:01:8d:03:8a:1c:57:b8:0e:dd:ce:e0:c3: a1:ee:61:76:cd:d5:1d:82:d0:ab:9f:92:5c:8e:fc: 12:57:05:93:56:55:ff:ff:7f:53:ea:54:29:3c:68: 20:fb:9e:83:d1:67:96:d2:cf:a8:5c:61:30:3f:27: 01:dd:19:0d:64:cf:74:55:1e:31:41:81:0d:39:b9: e3:2e:5a:73:7b:61:32:f8:40:5d:3d:bf:b6:5b:3f: b4:90:55:5f:fb:19:f6:ae:1b:56:ac:a9:bd:17:56: 20:f2:e6:35:ca:45:3b:1d:ae:1b:6b:82:f8:0e:15: e5:0f:6c:9c:93:b3:ff:35:06:bd:cc:06:1d:58:40: 8d:26:fb:5c:c6:29:4f:0d:3d:79:b7:8d:1d:47:af: 39:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:3F:FB:AA:99:C6:5D:29:DD:4D:EB:8F:4F:5B:C3:EC:98:0C:6F:D1 X509v3 Authority Key Identifier: keyid:5C:0A:35:23:FD:36:45:A7:63:5A:F2:51:9A:DC:D0:02:E1:32:FB:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/XAo1I_02RadjWvJRmtzQAuEy-84.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAo1I_02RadjWvJRmtzQAuEy-84.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0F90/04779B9CED8111EFA0036616C4F9AE02/304DD002EFAB11EF97C9610FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.139.104.0/23 202.4.28.0/23 IPv6: 2001:df0:7380::/48 2401:c4a0::/32 Signature Algorithm: sha256WithRSAEncryption 9d:9e:2d:0d:cb:e8:88:74:a0:b7:f8:73:4d:d7:c0:da:2c:f7: ce:0d:2b:af:e6:50:08:70:75:00:ce:ca:0c:73:91:9d:74:9d: b0:3e:a7:b2:a0:a6:43:b8:4a:1b:16:bc:61:90:44:08:3b:f4: 12:a1:9b:32:4a:01:57:53:c8:07:7c:da:56:ed:e4:fc:69:12: 6e:ba:78:46:28:a1:41:a1:34:af:5a:8a:45:eb:85:36:6e:87: 3e:51:f1:3b:8a:3c:e1:69:10:94:6c:00:d6:e4:47:be:ad:ff: f3:d6:2f:c8:f8:87:21:3d:16:ed:bb:fc:f7:e4:3f:9d:ec:14: eb:f5:3f:96:9b:f7:47:54:b7:30:6a:7b:c3:71:ff:61:47:54: b9:d9:a3:ae:df:f2:0c:25:2f:15:e6:9d:13:81:2c:45:20:59: 26:c4:6b:0e:0c:88:00:c7:fd:50:87:38:0c:f5:c6:19:8f:44: 5b:4c:cf:b6:26:f6:61:d9:c7:14:58:c8:b9:c7:05:b4:b2:cd: d6:d8:de:9e:df:e0:f9:9e:44:bd:97:cb:dc:49:54:8c:b6:1f: 3b:b1:21:79:11:25:89:af:ee:17:25:84:a0:85:20:0e:32:92: 87:45:37:1f:2f:58:dd:cd:13:57:42:53:db:6c:ee:df:a7:03: eb:bf:5d:da -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MEY5MDExMC8GA1UEBRMoNUMwQTM1MjNGRDM2NDVBNzYzNUFGMjUxOUFEQ0QwMDJF MTMyRkJDRTAeFw0yNTAyMjAxNjUzNDJaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3Yjc1ZTE2LTI2M2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCeJopipu0bkRP5izjp/bferW2DVUNM6LCxzy90QOrxzURVCBkU8zvvAOD3BbP9 4gBNNZEmpLKlDoBoFYz2evLyKf+wy8FpbjfdrKAXPPink9K7a1FBQjGs8iD1dgdo 6k7z2KbCtwQuOdwLGgGNA4ocV7gO3c7gw6HuYXbN1R2C0KufklyO/BJXBZNWVf// f1PqVCk8aCD7noPRZ5bSz6hcYTA/JwHdGQ1kz3RVHjFBgQ05ueMuWnN7YTL4QF09 v7ZbP7SQVV/7GfauG1asqb0XViDy5jXKRTsdrhtrgvgOFeUPbJyTs/81Br3MBh1Y QI0m+1zGKU8NPXm3jR1HrzlXAgMBAAGjggKzMIICrzAdBgNVHQ4EFgQUdT/7qpnG XSndTeuPT1vD7JgMb9EwHwYDVR0jBBgwFoAUXAo1I/02RadjWvJRmtzQAuEy+84w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwRjkwLzA0Nzc5QjlDRUQ4 MTExRUZBMDAzNjYxNkM0RjlBRTAyL1hBbzFJXzAyUmFkald2SlJtdHpRQXVFeS04 NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWEFvMUlfMDJSYWRqV3ZKUm10elFBdUV5LTg0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MEY5MC8wNDc3OUI5Q0VEODExMUVGQTAwMzY2MTZDNEY5QUUwMi8zMDRERDAwMkVG QUIxMUVGOTdDOTYxMEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA9BggrBgEFBQcBBwEB/wQu MCwwEgQCAAEwDAMEAWeLaAMEAcoEHDAWBAIAAjAQAwcAIAEN8HOAAwUAJAHEoDAN BgkqhkiG9w0BAQsFAAOCAQEAnZ4tDcvoiHSgt/hzTdfA2iz3zg0rr+ZQCHB1AM7K DHORnXSdsD6nsqCmQ7hKGxa8YZBECDv0EqGbMkoBV1PIB3zaVu3k/GkSbrp4Riih QaE0r1qKReuFNm6HPlHxO4o84WkQlGwA1uRHvq3/89YvyPiHIT0W7bv89+Q/newU 6/U/lpv3R1S3MGp7w3H/YUdUudmjrt/yDCUvFeadE4EsRSBZJsRrDgyIAMf9UIc4 DPXGGY9EW0zPtib2YdnHFFjIuccFtLLN1tjent/g+Z5EvZfL3ElUjLYfO7EheREl ia/uFyWEoIUgDjKSh0U3Hy9Y3c0TV0JT22zu36cD679d2g== -----END CERTIFICATE-----Generated at Sat Apr 5 03:53:29 2025 by rpki-client