$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/98845C5C54EC11E791C3F825C4F9AE02.roa File: 98845C5C54EC11E791C3F825C4F9AE02.roa (raw, json) Hash identifier: XWmzI2yeMf3apt5DHsKgv60jONcTAI6E+TZgl5OMpW8= Subject key identifier: 04:52:B1:E4:CE:A6:60:99:CE:18:D5:62:FF:C5:77:5D:18:7C:17:08 Certificate issuer: /CN=A91BAE17/serialNumber=B64B1108E98EEC87FB6B0C28BE01645C708B4AC5 Certificate serial: 2921 Authority key identifier: B6:4B:11:08:E9:8E:EC:87:FB:6B:0C:28:BE:01:64:5C:70:8B:4A:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tksRCOmO7If7awwovgFkXHCLSsU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/98845C5C54EC11E791C3F825C4F9AE02.roa Signing time: Wed 12 Feb 2025 15:52:11 +0000 ROA not before: Wed 12 Feb 2025 15:52:11 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 58473 IP address blocks: 103.28.72.0/24 maxlen: 24 103.60.132.0/23 maxlen: 24 103.240.132.0/24 maxlen: 24 2402:df80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/tksRCOmO7If7awwovgFkXHCLSsU.crl rsync://rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/tksRCOmO7If7awwovgFkXHCLSsU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tksRCOmO7If7awwovgFkXHCLSsU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 15:39:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10529 (0x2921) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAE17 Validity Not Before: Feb 12 15:52:11 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67acc3ab-0921 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1b:0e:36:81:b7:13:a3:8f:ef:b5:37:b1:3a: b0:45:2f:09:af:4f:23:ba:00:76:24:f0:5f:2a:36: c3:68:1a:01:b7:98:72:a3:3c:cf:76:ab:20:3c:60: 01:ae:10:31:f5:7d:60:97:c2:f9:3d:e7:56:2d:49: ba:ad:2b:0f:ba:45:b0:4b:98:44:1c:9a:2f:de:7d: 08:76:af:8d:07:33:c0:b5:8e:27:0a:7f:75:4a:5e: ee:0e:79:d0:1f:f7:c2:1a:4f:1c:ee:36:27:cd:ef: 66:eb:d6:e8:fc:19:62:fc:27:b0:bc:32:64:40:19: f2:18:85:0d:c1:30:50:0b:ef:b4:42:76:da:6d:d0: 95:ae:b9:61:3a:48:f6:b3:ea:a0:78:22:15:79:c6: 53:4c:86:c0:97:fb:bc:2a:eb:c3:14:7a:97:a3:3c: cf:16:e4:1a:b4:46:81:ab:5f:84:e1:4e:f8:a1:b5: 26:de:6e:12:f5:fa:d9:c5:b9:c9:e7:bd:2e:70:a2: 4a:37:b6:92:e0:b3:d2:bb:ea:fb:c1:4a:c5:11:82: 96:06:f4:f2:8f:82:b3:23:6e:9f:27:cc:51:f0:93: 7f:ef:0b:21:7b:66:55:8d:5c:77:36:bf:b8:ad:f1: b5:1c:ee:97:a1:b1:3c:c3:26:1d:80:fc:b6:3a:ac: c6:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:52:B1:E4:CE:A6:60:99:CE:18:D5:62:FF:C5:77:5D:18:7C:17:08 X509v3 Authority Key Identifier: keyid:B6:4B:11:08:E9:8E:EC:87:FB:6B:0C:28:BE:01:64:5C:70:8B:4A:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/tksRCOmO7If7awwovgFkXHCLSsU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tksRCOmO7If7awwovgFkXHCLSsU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAE17/445EE09458BD11E49383AB76C4F9AE02/98845C5C54EC11E791C3F825C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.28.72.0/24 103.60.132.0/23 103.240.132.0/24 IPv6: 2402:df80::/32 Signature Algorithm: sha256WithRSAEncryption 93:81:13:8f:70:4c:36:d8:f1:f4:8d:a9:db:0c:19:86:c9:84: a2:ec:a2:88:94:e6:42:fa:c4:73:9a:e5:d7:6d:a5:66:1b:e9: 61:8b:5b:b2:6c:cf:66:d5:d1:ba:6a:4a:52:86:73:18:b3:b6: 14:36:a9:af:af:6a:2d:40:d0:25:e9:e3:96:a2:4a:e2:c8:40: e2:61:cd:c6:c2:d4:bf:e7:b6:32:30:67:8b:1a:e0:55:6f:04: 03:17:da:0b:08:58:b6:00:3a:e0:e1:5b:5d:a3:30:7e:09:cd: 30:c1:b7:26:1c:e6:d4:74:5a:4a:7d:ed:53:97:b7:14:1b:15: 20:79:99:36:a2:09:24:48:13:ec:f8:bb:96:56:46:5a:d9:04: ff:27:3d:3b:5c:09:9e:72:f9:d6:c2:1d:53:68:d6:39:5e:23: 9f:68:02:8c:60:1f:3a:e8:d3:6a:3e:83:b9:8a:d5:9c:24:ae: 7e:b7:9d:d2:a3:a6:a2:0d:00:1f:ef:82:76:a8:b1:ce:94:df: 53:d0:8c:48:3f:a8:53:7d:6d:7d:ec:3e:2a:f5:8d:5e:a1:15: 6e:59:39:ad:89:a9:30:45:e7:02:b4:58:33:cf:50:7a:0a:ce: f6:40:ea:5a:95:5b:54:a6:6c:b1:0d:fa:0f:02:71:eb:e3:c3: 0b:45:0a:20 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICKSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFFMTcxMTAvBgNVBAUTKEI2NEIxMTA4RTk4RUVDODdGQjZCMEMyOEJFMDE2NDVD NzA4QjRBQzUwHhcNMjUwMjEyMTU1MjExWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2FjYzNhYi0wOTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtxsONoG3E6OP77U3sTqwRS8Jr08jugB2JPBfKjbDaBoBt5hyozzPdqsgPGAB rhAx9X1gl8L5PedWLUm6rSsPukWwS5hEHJov3n0Idq+NBzPAtY4nCn91Sl7uDnnQ H/fCGk8c7jYnze9m69bo/Bli/CewvDJkQBnyGIUNwTBQC++0QnbabdCVrrlhOkj2 s+qgeCIVecZTTIbAl/u8KuvDFHqXozzPFuQatEaBq1+E4U74obUm3m4S9frZxbnJ 570ucKJKN7aS4LPSu+r7wUrFEYKWBvTyj4KzI26fJ8xR8JN/7wshe2ZVjVx3Nr+4 rfG1HO6XobE8wyYdgPy2OqzGMwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFARSseTO pmCZzhjVYv/Fd10YfBcIMB8GA1UdIwQYMBaAFLZLEQjpjuyH+2sMKL4BZFxwi0rF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUUxNy80NDVFRTA5NDU4 QkQxMUU0OTM4M0FCNzZDNEY5QUUwMi90a3NSQ09tTzdJZjdhd3dvdmdGa1hIQ0xT c1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Rrc1JDT21PN0lmN2F3d292Z0ZrWEhDTFNzVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkFFMTcvNDQ1RUUwOTQ1OEJEMTFFNDkzODNBQjc2QzRGOUFFMDIvOTg4NDVDNUM1 NEVDMTFFNzkxQzNGODI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBABnHEgDBAFnPIQDBABn8IQwDQQCAAIwBwMFACQC34AwDQYJ KoZIhvcNAQELBQADggEBAJOBE49wTDbY8fSNqdsMGYbJhKLsooiU5kL6xHOa5ddt pWYb6WGLW7Jsz2bV0bpqSlKGcxizthQ2qa+vai1A0CXp45aiSuLIQOJhzcbC1L/n tjIwZ4sa4FVvBAMX2gsIWLYAOuDhW12jMH4JzTDBtyYc5tR0Wkp97VOXtxQbFSB5 mTaiCSRIE+z4u5ZWRlrZBP8nPTtcCZ5y+dbCHVNo1jleI59oAoxgHzro02o+g7mK 1Zwkrn63ndKjpqINAB/vgnaosc6U31PQjEg/qFN9bX3sPir1jV6hFW5ZOa2JqTBF 5wK0WDPPUHoKzvZA6lqVW1SmbLEN+g8CcevjwwtFCiA= -----END CERTIFICATE-----Generated at Sat Apr 5 02:20:17 2025 by rpki-client