$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/70638510630E11ECB30DB557C4F9AE02.roa File: 70638510630E11ECB30DB557C4F9AE02.roa (raw, json) Hash identifier: ZALlhJBTLI4BjBMPBnHu5MEZWPef4Y4mZVh7l9q61P0= Subject key identifier: C6:04:0E:45:F1:BA:FA:B9:90:EC:BF:D4:28:1F:17:38:12:2E:88:55 Certificate issuer: /CN=A91B8D56/serialNumber=CF15AD102EEDDFBCCA68585A6F5C3817FE8A18D5 Certificate serial: 0401 Authority key identifier: CF:15:AD:10:2E:ED:DF:BC:CA:68:58:5A:6F:5C:38:17:FE:8A:18:D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zxWtEC7t37zKaFhab1w4F_6KGNU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/70638510630E11ECB30DB557C4F9AE02.roa Signing time: Tue 11 Feb 2025 00:43:08 +0000 ROA not before: Tue 11 Feb 2025 00:43:08 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 134177 IP address blocks: 45.113.64.0/23 maxlen: 23 45.113.64.0/24 maxlen: 24 45.113.65.0/24 maxlen: 24 45.113.66.0/23 maxlen: 23 45.113.66.0/24 maxlen: 24 45.113.67.0/24 maxlen: 24 103.52.208.0/23 maxlen: 23 103.52.208.0/24 maxlen: 24 103.52.209.0/24 maxlen: 24 103.52.210.0/23 maxlen: 23 103.52.210.0/24 maxlen: 24 103.52.211.0/24 maxlen: 24 203.26.234.0/24 maxlen: 24 2402:2480::/48 maxlen: 48 2402:2480:1::/48 maxlen: 48 2402:2480:2::/48 maxlen: 48 2402:2480:3::/48 maxlen: 48 2402:2480:4::/48 maxlen: 48 2402:2480:5::/48 maxlen: 48 2402:2480:6::/48 maxlen: 48 2402:2480:7::/48 maxlen: 48 2402:2480:8::/48 maxlen: 48 2402:2480:9::/48 maxlen: 48 2402:2480:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/zxWtEC7t37zKaFhab1w4F_6KGNU.crl rsync://rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/zxWtEC7t37zKaFhab1w4F_6KGNU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zxWtEC7t37zKaFhab1w4F_6KGNU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 00:33:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1025 (0x401) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B8D56 Validity Not Before: Feb 11 00:43:08 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67aa9d1c-9866 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1f:b7:67:c0:3b:6b:e8:10:5e:4e:9b:24:6f: 19:15:27:8f:2e:4d:0c:a6:2b:f8:46:df:60:27:e9: d0:7f:e8:b4:10:7e:a9:bc:53:85:2d:f6:65:f8:2e: 22:3c:08:12:85:3b:eb:80:4f:27:b9:e9:50:5f:8b: 0d:17:ef:8c:f4:83:ed:c4:4c:f3:d2:1d:a3:ab:ea: 88:eb:ba:41:20:10:43:fd:e3:b5:f2:59:9f:a4:d9: 01:c3:e3:a2:ca:4c:51:89:a9:a3:1b:ee:d4:e4:7f: 4a:7d:70:09:1f:36:6a:cb:91:ae:dc:9b:5a:a4:4b: 12:bf:9e:49:37:f1:f5:df:5a:6d:cb:43:b2:3b:3f: 6b:66:40:3e:31:57:21:42:f5:d3:c2:01:28:d5:23: 20:c0:be:1d:e0:ac:d0:89:6f:ea:3d:cf:d5:09:14: 88:20:ed:76:1e:09:40:7d:3e:90:b2:d5:12:f1:7e: 05:cb:23:16:05:b1:57:77:5d:c0:f7:6a:9a:10:73: 3f:88:de:11:58:13:09:c1:5e:c4:9f:80:5d:cf:3b: f9:e5:b7:f7:99:c0:18:c5:e5:26:1f:c9:14:38:87: 95:25:a3:ab:27:a3:f7:00:d9:f5:24:91:89:9e:70: ef:4a:f8:1f:f7:e8:74:da:98:c5:41:01:04:09:0b: 11:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:04:0E:45:F1:BA:FA:B9:90:EC:BF:D4:28:1F:17:38:12:2E:88:55 X509v3 Authority Key Identifier: keyid:CF:15:AD:10:2E:ED:DF:BC:CA:68:58:5A:6F:5C:38:17:FE:8A:18:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/zxWtEC7t37zKaFhab1w4F_6KGNU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zxWtEC7t37zKaFhab1w4F_6KGNU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8D56/1BC8E1B6630A11ECAAA1414EC4F9AE02/70638510630E11ECB30DB557C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.113.64.0/22 103.52.208.0/22 203.26.234.0/24 IPv6: 2402:2480::-2402:2480:a:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 15:0d:9a:db:30:7f:a4:23:93:43:a6:82:dd:76:d1:68:fd:11: 02:db:28:d9:aa:b2:82:27:84:7f:e3:2a:c0:ba:c7:67:10:2a: b5:c5:99:9a:e8:34:93:d9:da:1f:94:3d:df:5b:19:7e:72:48: 37:8f:f7:f6:d5:44:e2:ca:ca:5c:e4:8f:26:0a:8a:64:d7:01: 17:ea:56:19:04:35:2b:79:ce:fe:f0:bd:7c:03:c7:13:ae:5e: 28:45:aa:9f:fe:8f:af:9c:bc:ba:81:ff:2e:6f:68:7a:0a:5a: 4f:af:36:a6:69:72:82:fb:24:2c:92:85:97:aa:a4:97:10:e8: be:97:b7:5e:3a:0f:ce:84:e3:81:76:58:09:89:34:f7:f1:8e: be:87:60:6b:70:fe:40:ae:12:7b:32:e7:c3:39:ea:03:94:19: 41:82:2c:cc:55:77:93:d1:65:8d:c6:fd:15:d3:78:1f:bc:25: bd:01:88:64:59:5e:f8:11:cf:46:e3:a6:1d:9f:00:41:65:f3: fc:63:df:1d:7d:0e:5d:3d:a5:3a:36:b7:64:79:32:15:f9:26: 5a:e5:a0:4f:42:da:49:25:05:c7:0d:1c:82:79:83:3a:15:ca: e2:34:d6:4f:de:f4:79:22:75:6f:da:ae:10:19:47:71:24:45: 1d:84:45:4d -----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgICBAEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjhENTYxMTAvBgNVBAUTKENGMTVBRDEwMkVFRERGQkNDQTY4NTg1QTZGNUMzODE3 RkU4QTE4RDUwHhcNMjUwMjExMDA0MzA4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2FhOWQxYy05ODY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzh+3Z8A7a+gQXk6bJG8ZFSePLk0Mpiv4Rt9gJ+nQf+i0EH6pvFOFLfZl+C4i PAgShTvrgE8nuelQX4sNF++M9IPtxEzz0h2jq+qI67pBIBBD/eO18lmfpNkBw+Oi ykxRiamjG+7U5H9KfXAJHzZqy5Gu3JtapEsSv55JN/H131pty0OyOz9rZkA+MVch QvXTwgEo1SMgwL4d4KzQiW/qPc/VCRSIIO12HglAfT6QstUS8X4FyyMWBbFXd13A 92qaEHM/iN4RWBMJwV7En4Bdzzv55bf3mcAYxeUmH8kUOIeVJaOrJ6P3ANn1JJGJ nnDvSvgf9+h02pjFQQEECQsREQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFMYEDkXx uvq5kOy/1CgfFzgSLohVMB8GA1UdIwQYMBaAFM8VrRAu7d+8ymhYWm9cOBf+ihjV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOEQ1Ni8xQkM4RTFCNjYz MEExMUVDQUFBMTQxNEVDNEY5QUUwMi96eFd0RUM3dDM3ekthRmhhYjF3NEZfNktH TlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3p4V3RFQzd0Mzd6S2FGaGFiMXc0Rl82S0dOVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjhENTYvMUJDOEUxQjY2MzBBMTFFQ0FBQTE0MTRFQzRGOUFFMDIvNzA2Mzg1MTA2 MzBFMTFFQ0IzMERCNTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E NjA0MBgEAgABMBIDBAItcUADBAJnNNADBADLGuowGAQCAAIwEjAQAwUHJAIkgAMH ACQCJIAACjANBgkqhkiG9w0BAQsFAAOCAQEAFQ2a2zB/pCOTQ6aC3XbRaP0RAtso 2aqygieEf+MqwLrHZxAqtcWZmug0k9naH5Q931sZfnJIN4/39tVE4srKXOSPJgqK ZNcBF+pWGQQ1K3nO/vC9fAPHE65eKEWqn/6Pr5y8uoH/Lm9oegpaT682pmlygvsk LJKFl6qklxDovpe3XjoPzoTjgXZYCYk09/GOvodga3D+QK4SezLnwznqA5QZQYIs zFV3k9Fljcb9FdN4H7wlvQGIZFle+BHPRuOmHZ8AQWXz/GPfHX0OXT2lOja3ZHky FfkmWuWgT0LaSSUFxw0cgnmDOhXK4jTWT970eSJ1b9quEBlHcSRFHYRFTQ== -----END CERTIFICATE-----Generated at Sat Apr 5 06:12:17 2025 by rpki-client