$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/CE67353C70C411EF9CC65F6BC4F9AE02.roa File: CE67353C70C411EF9CC65F6BC4F9AE02.roa (raw, json) Hash identifier: EYu/tMocRs70Hb99NoIzVinC6cgIHyg0wu81VqC7jcU= Subject key identifier: CC:16:D2:DA:20:88:EA:DD:73:82:38:73:CE:EE:F0:54:1C:A1:78:57 Certificate issuer: /CN=A91B3D30/serialNumber=01EE089DD4867B2CB276582AA97B318F509EA6EE Certificate serial: 0AD7 Authority key identifier: 01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/CE67353C70C411EF9CC65F6BC4F9AE02.roa Signing time: Mon 02 Dec 2024 19:38:14 +0000 ROA not before: Mon 02 Dec 2024 19:38:14 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 9311 IP address blocks: 43.239.107.0/24 maxlen: 24 103.244.221.0/24 maxlen: 24 103.244.223.0/24 maxlen: 24 103.249.184.0/24 maxlen: 24 103.249.186.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.crl rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 19:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2775 (0xad7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B3D30 Validity Not Before: Dec 2 19:38:14 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=674e0ca5-b887 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d7:38:b3:38:cd:5c:36:e7:26:da:6c:aa:1d: 52:8b:9f:98:10:b6:3c:86:52:0f:59:41:e4:67:d6: b4:5e:d4:c9:fd:fb:a4:37:e6:0b:4c:d6:93:26:f2: 8d:ac:78:da:5f:99:fd:9a:5b:45:1f:fb:b8:a9:3e: 49:50:ed:7c:ad:59:87:ae:81:18:1b:e1:81:23:23: eb:bf:17:ff:55:74:c0:a8:db:b2:0c:50:3f:56:01: 56:cc:3e:dd:ba:4c:46:b3:8c:55:ce:a8:dd:50:9d: 48:97:ee:6b:f0:72:41:b2:ab:80:d5:ae:99:47:6a: 59:88:8b:b7:75:0d:42:95:ad:44:38:91:c1:5f:58: 2f:21:27:66:09:56:a0:24:37:59:32:1a:04:44:37: 98:38:33:ab:5b:fc:4c:18:06:a3:60:7a:7d:9c:75: ae:19:d4:dc:2c:34:38:f5:d7:ad:1b:af:ed:77:86: 6f:10:24:fd:da:31:f2:d6:3b:e4:ab:39:b9:c2:4c: 59:9c:4b:94:0e:4c:0e:ca:e7:e0:f9:b9:1f:a0:32: 58:ac:d7:2a:87:46:cc:79:de:bc:5a:2d:41:c5:5f: 9a:1f:51:3a:11:1b:a5:0b:37:d1:7e:ad:e4:fd:c2: 54:a8:c5:64:99:06:9d:6d:e9:0e:de:1e:80:cc:e1: 28:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:16:D2:DA:20:88:EA:DD:73:82:38:73:CE:EE:F0:54:1C:A1:78:57 X509v3 Authority Key Identifier: keyid:01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/CE67353C70C411EF9CC65F6BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.107.0/24 103.244.221.0/24 103.244.223.0/24 103.249.184.0/24 103.249.186.0/24 Signature Algorithm: sha256WithRSAEncryption b8:7d:12:ff:72:d3:b9:fd:87:ea:08:8d:30:d7:8a:ae:bc:e7: 4c:a9:d2:89:95:03:7d:c3:01:83:3d:e5:c0:b0:de:91:10:16: c2:76:f8:3a:83:5f:59:ac:aa:c2:94:ea:f7:64:36:13:f5:0c: fc:dc:d4:55:1c:53:63:ef:e0:39:15:0c:95:21:57:20:0c:77: ae:4d:a8:62:1b:d6:15:8b:3d:39:91:56:d8:62:93:8c:6c:58: af:0e:d0:94:3b:a3:55:05:30:52:54:a7:4d:8f:b3:88:81:1d: 89:af:34:68:9e:e0:d7:51:4b:22:d0:47:f9:6b:ca:e1:ef:e3: 3c:af:d9:cd:0f:0d:f5:0d:f4:8d:7c:f6:52:5d:6d:00:8d:49: dc:34:bd:d1:a6:30:89:89:57:2f:69:45:66:4d:0f:19:ab:8d: 3e:8b:3a:73:c9:08:e4:77:e2:f2:22:ed:0c:f5:1f:b0:4b:92: c1:40:24:a0:0a:22:e1:42:1d:6b:c5:39:7d:84:74:d1:1f:79: cf:3e:8c:81:1a:f0:90:e1:22:dc:d4:68:0e:64:6d:e0:64:70: 2b:be:f8:bb:81:82:e7:ca:81:e0:c8:7f:9c:45:c6:58:1b:5e: 0a:5c:cc:b5:0e:a5:bc:c0:99:9e:c3:48:96:59:07:91:9d:89: 84:dc:85:a4 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICCtcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjNEMzAxMTAvBgNVBAUTKDAxRUUwODlERDQ4NjdCMkNCMjc2NTgyQUE5N0IzMThG NTA5RUE2RUUwHhcNMjQxMjAyMTkzODE0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzRlMGNhNS1iODg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvtc4szjNXDbnJtpsqh1Si5+YELY8hlIPWUHkZ9a0XtTJ/fukN+YLTNaTJvKN rHjaX5n9mltFH/u4qT5JUO18rVmHroEYG+GBIyPrvxf/VXTAqNuyDFA/VgFWzD7d ukxGs4xVzqjdUJ1Il+5r8HJBsquA1a6ZR2pZiIu3dQ1Cla1EOJHBX1gvISdmCVag JDdZMhoERDeYODOrW/xMGAajYHp9nHWuGdTcLDQ49detG6/td4ZvECT92jHy1jvk qzm5wkxZnEuUDkwOyufg+bkfoDJYrNcqh0bMed68Wi1BxV+aH1E6ERulCzfRfq3k /cJUqMVkmQadbekO3h6AzOEoKQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFMwW0tog iOrdc4I4c87u8FQcoXhXMB8GA1UdIwQYMBaAFAHuCJ3UhnsssnZYKql7MY9Qnqbu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0QzMC9FM0RGNDY5QzQx NjgxMUVBQUU4QTc3NTBDNEY5QUUwMi9BZTRJbmRTR2V5eXlkbGdxcVhzeGoxQ2Vw dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FlNEluZFNHZXl5eWRsZ3FxWHN4ajFDZXB1NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjNEMzAvRTNERjQ2OUM0MTY4MTFFQUFFOEE3NzUwQzRGOUFFMDIvQ0U2NzM1M0M3 MEM0MTFFRjlDQzY1RjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAAr72sDBABn9N0DBABn9N8DBABn+bgDBABn+bowDQYJKoZI hvcNAQELBQADggEBALh9Ev9y07n9h+oIjTDXiq6850yp0omVA33DAYM95cCw3pEQ FsJ2+DqDX1msqsKU6vdkNhP1DPzc1FUcU2Pv4DkVDJUhVyAMd65NqGIb1hWLPTmR Vthik4xsWK8O0JQ7o1UFMFJUp02Ps4iBHYmvNGie4NdRSyLQR/lryuHv4zyv2c0P DfUN9I189lJdbQCNSdw0vdGmMImJVy9pRWZNDxmrjT6LOnPJCOR34vIi7Qz1H7BL ksFAJKAKIuFCHWvFOX2EdNEfec8+jIEa8JDhItzUaA5kbeBkcCu++LuBgufKgeDI f5xFxlgbXgpczLUOpbzAmZ7DSJZZB5GdiYTchaQ= -----END CERTIFICATE-----Generated at Sat Apr 12 10:31:48 2025 by rpki-client