$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC039/BB5323E825C211ECB499D158C4F9AE02/B0A2E01225C411EC88466E59C4F9AE02.roa File: B0A2E01225C411EC88466E59C4F9AE02.roa (raw, json) Hash identifier: 8z4FQ3P4ffexi4IqxjF16x9Xr0QlwFMb8TffrA8dnxw= Subject key identifier: 8F:4A:5E:0A:9D:C4:6D:65:BC:00:E0:C5:34:C0:1C:67:A3:7D:E6:DA Certificate issuer: /CN=A91BC039/serialNumber=CB6C85E752D569DFCF1DE904C9CBE71E483EF5F2 Certificate serial: 0478 Authority key identifier: CB:6C:85:E7:52:D5:69:DF:CF:1D:E9:04:C9:CB:E7:1E:48:3E:F5:F2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y2yF51LVad_PHekEycvnHkg-9fI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC039/BB5323E825C211ECB499D158C4F9AE02/B0A2E01225C411EC88466E59C4F9AE02.roa Signing time: Mon 02 Dec 2024 23:52:44 +0000 ROA not before: Mon 02 Dec 2024 23:52:44 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 133120 IP address blocks: 103.40.109.0/24 maxlen: 24 103.80.20.0/23 maxlen: 24 103.243.110.0/24 maxlen: 24 182.161.64.0/23 maxlen: 24 203.31.65.0/24 maxlen: 24 203.55.90.0/24 maxlen: 24 203.55.91.0/24 maxlen: 24 2407:d080::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC039/BB5323E825C211ECB499D158C4F9AE02/y2yF51LVad_PHekEycvnHkg-9fI.crl rsync://rpki.apnic.net/member_repository/A91BC039/BB5323E825C211ECB499D158C4F9AE02/y2yF51LVad_PHekEycvnHkg-9fI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y2yF51LVad_PHekEycvnHkg-9fI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1144 (0x478) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC039 Validity Not Before: Dec 2 23:52:44 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=674e484b-57ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:af:0e:8c:fa:9c:a2:ff:7c:7d:3b:ff:a1:29: 2e:a1:c6:de:aa:1d:80:7b:26:1f:8b:0e:35:c8:27: 77:20:62:6e:b6:36:aa:74:cf:e1:2a:ae:19:33:e8: 74:03:5d:27:f4:24:97:0b:87:85:dd:4a:57:ae:67: f1:4a:8d:85:91:66:cb:db:8d:6b:38:a8:35:d5:94: d0:e3:50:08:3c:d9:b1:4b:28:cb:86:5e:d6:7b:59: 65:e7:f5:d1:8b:e5:5a:fc:6b:95:62:47:fa:cc:c5: eb:98:6b:85:55:d9:fa:16:9b:77:2e:7d:f7:b1:90: db:33:8e:b1:f0:c8:1f:eb:a6:cf:37:45:be:64:29: f7:a6:0a:01:c5:6f:61:c4:61:c9:40:88:5c:cb:94: 20:eb:22:69:d8:01:36:53:52:5e:5b:1a:2d:4e:48: 5a:f7:b6:2e:38:81:59:6c:21:f1:cc:c1:3a:a4:0e: 95:cd:b2:64:ee:cd:2b:32:bc:c2:23:8c:43:30:76: 0e:c0:78:4d:60:f1:9d:24:2a:21:d7:21:2f:1b:eb: 8e:8a:f6:f0:77:3c:4a:74:fd:0f:0e:10:29:f0:1b: 35:02:2e:5d:71:d3:8f:11:5f:3b:6e:9b:d4:bd:2e: 19:a2:d2:f2:bd:03:7b:f2:7d:36:a3:80:ee:8d:a9: b7:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:4A:5E:0A:9D:C4:6D:65:BC:00:E0:C5:34:C0:1C:67:A3:7D:E6:DA X509v3 Authority Key Identifier: keyid:CB:6C:85:E7:52:D5:69:DF:CF:1D:E9:04:C9:CB:E7:1E:48:3E:F5:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC039/BB5323E825C211ECB499D158C4F9AE02/y2yF51LVad_PHekEycvnHkg-9fI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y2yF51LVad_PHekEycvnHkg-9fI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC039/BB5323E825C211ECB499D158C4F9AE02/B0A2E01225C411EC88466E59C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.40.109.0/24 103.80.20.0/23 103.243.110.0/24 182.161.64.0/23 203.31.65.0/24 203.55.90.0/23 IPv6: 2407:d080::/32 Signature Algorithm: sha256WithRSAEncryption 9f:40:95:bb:51:6a:83:ff:f9:fe:11:57:fd:f2:c2:aa:4e:f9: 1d:49:b2:8b:e8:21:e4:7f:94:fa:92:e8:90:89:ca:05:00:85: ea:c2:0c:94:54:9d:3f:29:05:ca:aa:15:7c:f9:55:71:ac:5d: ec:4b:e9:9e:f5:84:02:6e:5e:d0:23:b2:22:12:30:30:71:f2: 9a:f2:f6:ee:ac:c4:f7:ca:a2:02:b4:98:d7:49:c8:7e:de:85: bb:44:d4:8d:6a:65:29:11:93:20:80:ae:04:58:7b:b5:70:78: b1:f7:e8:db:6d:75:df:77:ea:cb:d8:ad:59:35:5b:73:58:01: 4d:dd:bc:72:b2:fd:73:7c:80:5f:b4:07:73:6b:85:5c:62:5e: 55:c7:10:a1:18:bb:32:01:4e:e2:40:dc:56:5c:eb:46:4b:b0: ef:9b:71:06:ac:10:67:62:46:00:fb:84:2a:e6:d2:76:2d:c1: 69:8f:bd:01:b7:30:15:66:89:80:7c:97:ad:5d:69:ff:a1:9c: 31:da:be:a9:d8:39:f5:de:f4:ad:55:05:2e:09:e0:1a:ee:ab: 66:5a:90:c4:c8:e3:5b:09:aa:63:ca:63:68:97:ed:10:5b:fe: 40:af:40:5c:13:9b:54:e5:77:67:29:57:f7:3c:87:55:be:b3: 97:86:cd:39 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgICBHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkMwMzkxMTAvBgNVBAUTKENCNkM4NUU3NTJENTY5REZDRjFERTkwNEM5Q0JFNzFF NDgzRUY1RjIwHhcNMjQxMjAyMjM1MjQ0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzRlNDg0Yi01N2ZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwK8OjPqcov98fTv/oSkuocbeqh2AeyYfiw41yCd3IGJutjaqdM/hKq4ZM+h0 A10n9CSXC4eF3UpXrmfxSo2FkWbL241rOKg11ZTQ41AIPNmxSyjLhl7We1ll5/XR i+Va/GuVYkf6zMXrmGuFVdn6Fpt3Ln33sZDbM46x8Mgf66bPN0W+ZCn3pgoBxW9h xGHJQIhcy5Qg6yJp2AE2U1JeWxotTkha97YuOIFZbCHxzME6pA6VzbJk7s0rMrzC I4xDMHYOwHhNYPGdJCoh1yEvG+uOivbwdzxKdP0PDhAp8Bs1Ai5dcdOPEV87bpvU vS4ZotLyvQN78n02o4Dujam3oQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFI9KXgqd xG1lvADgxTTAHGejfebaMB8GA1UdIwQYMBaAFMtshedS1Wnfzx3pBMnL5x5IPvXy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzAzOS9CQjUzMjNFODI1 QzIxMUVDQjQ5OUQxNThDNEY5QUUwMi95MnlGNTFMVmFkX1BIZWtFeWN2bkhrZy05 ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3kyeUY1MUxWYWRfUEhla0V5Y3ZuSGtnLTlmSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkMwMzkvQkI1MzIzRTgyNUMyMTFFQ0I0OTlEMTU4QzRGOUFFMDIvQjBBMkUwMTIy NUM0MTFFQzg4NDY2RTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E PTA7MCoEAgABMCQDBABnKG0DBAFnUBQDBABn824DBAG2oUADBADLH0EDBAHLN1ow DQQCAAIwBwMFACQH0IAwDQYJKoZIhvcNAQELBQADggEBAJ9AlbtRaoP/+f4RV/3y wqpO+R1JsovoIeR/lPqS6JCJygUAherCDJRUnT8pBcqqFXz5VXGsXexL6Z71hAJu XtAjsiISMDBx8pry9u6sxPfKogK0mNdJyH7ehbtE1I1qZSkRkyCArgRYe7VweLH3 6Nttdd936svYrVk1W3NYAU3dvHKy/XN8gF+0B3NrhVxiXlXHEKEYuzIBTuJA3FZc 60ZLsO+bcQasEGdiRgD7hCrm0nYtwWmPvQG3MBVmiYB8l61daf+hnDHavqnYOfXe 9K1VBS4J4Bruq2ZakMTI41sJqmPKY2iX7RBb/kCvQFwTm1Tld2cpV/c8h1W+s5eG zTk= -----END CERTIFICATE-----Generated at Sat Apr 5 07:18:46 2025 by rpki-client