$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/CFF0FDEC025911EDA0A85765C4F9AE02.roa File: CFF0FDEC025911EDA0A85765C4F9AE02.roa (raw, json) Hash identifier: fWJ7cRsTCAW0U+0r1+X1xY7gsboVcmoNdt+pkuhh4IE= Subject key identifier: 67:2A:59:A6:94:FA:20:DA:4A:1A:15:9E:02:8E:44:82:91:92:37:19 Certificate issuer: /CN=A91BEA2A/serialNumber=23559E9A7157E7AE7F604C428837292DE03309A0 Certificate serial: 0240 Authority key identifier: 23:55:9E:9A:71:57:E7:AE:7F:60:4C:42:88:37:29:2D:E0:33:09:A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I1WemnFX565_YExCiDcpLeAzCaA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/CFF0FDEC025911EDA0A85765C4F9AE02.roa Signing time: Tue 03 Dec 2024 01:45:23 +0000 ROA not before: Tue 03 Dec 2024 01:45:23 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 139200 IP address blocks: 103.123.109.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.crl rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I1WemnFX565_YExCiDcpLeAzCaA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 01:47:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 576 (0x240) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEA2A Validity Not Before: Dec 3 01:45:23 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=674e62b3-9bae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:77:41:45:e2:c9:59:2a:ed:ee:8a:ab:05:50: 59:e7:89:e9:67:f7:98:5c:de:01:5a:cc:8c:9e:da: 3f:28:70:fc:aa:2a:b2:1a:88:c3:ec:46:a6:dc:d7: cb:4d:d7:01:47:92:13:d7:f9:10:5c:31:68:42:b1: b9:02:2f:e1:08:35:9d:af:d7:ad:6c:b6:bc:f5:7f: 56:0a:dc:f2:d3:ca:7e:64:4a:dc:61:ba:21:cc:d5: b4:53:61:da:2e:32:29:c0:d9:8f:c8:18:2b:69:09: 59:1d:52:db:a8:a1:23:b3:8a:7b:e7:16:2a:d4:5a: 56:a6:ee:aa:91:ac:5a:94:31:2d:25:de:b4:ec:2d: ae:92:68:c6:88:18:19:4a:cc:33:96:e0:82:4a:a9: ef:85:a2:b0:49:85:59:cc:ba:33:2e:50:29:e5:0c: 29:ea:b5:aa:02:4a:6b:27:21:e5:ee:1f:c1:ad:fc: 11:2f:9e:32:ac:f6:32:0d:20:83:a3:95:e6:b5:5e: df:07:d2:33:c7:3d:c8:cb:34:06:b5:b8:88:00:d5: 08:c7:e6:f3:61:00:6f:ca:79:6c:06:0a:cb:98:d1: de:35:2e:f8:01:e4:07:27:14:f9:5a:31:27:55:6b: 0e:7d:3a:ee:cb:a2:e9:51:1e:dc:65:56:8c:5d:df: 7f:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:2A:59:A6:94:FA:20:DA:4A:1A:15:9E:02:8E:44:82:91:92:37:19 X509v3 Authority Key Identifier: keyid:23:55:9E:9A:71:57:E7:AE:7F:60:4C:42:88:37:29:2D:E0:33:09:A0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I1WemnFX565_YExCiDcpLeAzCaA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/CFF0FDEC025911EDA0A85765C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.123.109.0/24 Signature Algorithm: sha256WithRSAEncryption 81:2d:a3:92:6e:e8:07:33:60:a4:ff:67:82:79:0b:92:bb:c5: 03:3c:1e:90:4a:a0:6a:2e:46:19:a3:cd:4f:fc:28:fd:eb:08: 5f:9c:99:36:31:e4:3b:90:26:e5:5f:ff:26:d1:1a:d9:2c:ff: 41:1e:7e:9e:7d:8b:c4:c4:67:91:1e:f3:9b:ff:39:55:68:db: 95:38:01:06:f6:4a:33:f2:92:66:1f:f1:ba:b1:50:a0:a4:29: 25:76:03:8d:ee:02:ae:05:99:8c:71:7a:f3:49:9f:f0:67:05: bb:4d:78:41:87:80:ee:d3:d1:14:87:dc:33:45:81:9c:6e:c3: ff:2f:0c:d9:a3:fd:9e:f7:d8:90:0e:c6:51:96:83:8a:d4:d4: d5:39:a2:e9:25:ab:48:ec:be:59:ba:d5:22:e7:a3:e4:70:20: 55:9a:4f:93:f2:c2:b9:29:54:9c:b2:1b:8c:cc:fc:6d:36:df: ce:a2:c8:db:5c:a0:ae:06:dd:c5:bc:7d:99:13:91:7a:98:6d: b4:b9:b7:61:c6:e3:fa:bb:2b:2d:70:4f:e4:1c:fb:dc:21:0d: 01:6b:d6:46:9d:77:43:2f:ff:d7:9c:13:53:c5:94:38:92:56: 59:9a:c0:7d:53:23:cf:6f:c8:dd:e0:d3:48:e6:1c:91:4b:0a: f7:df:78:b9 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAkAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkVBMkExMTAvBgNVBAUTKDIzNTU5RTlBNzE1N0U3QUU3RjYwNEM0Mjg4MzcyOTJE RTAzMzA5QTAwHhcNMjQxMjAzMDE0NTIzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzRlNjJiMy05YmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvXdBReLJWSrt7oqrBVBZ54npZ/eYXN4BWsyMnto/KHD8qiqyGojD7Eam3NfL TdcBR5IT1/kQXDFoQrG5Ai/hCDWdr9etbLa89X9WCtzy08p+ZErcYbohzNW0U2Ha LjIpwNmPyBgraQlZHVLbqKEjs4p75xYq1FpWpu6qkaxalDEtJd607C2ukmjGiBgZ SswzluCCSqnvhaKwSYVZzLozLlAp5Qwp6rWqAkprJyHl7h/BrfwRL54yrPYyDSCD o5XmtV7fB9Izxz3IyzQGtbiIANUIx+bzYQBvynlsBgrLmNHeNS74AeQHJxT5WjEn VWsOfTruy6LpUR7cZVaMXd9/2QIDAQABo4IClTCCApEwHQYDVR0OBBYEFGcqWaaU +iDaShoVngKORIKRkjcZMB8GA1UdIwQYMBaAFCNVnppxV+euf2BMQog3KS3gMwmg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRUEyQS8zRDM1MEZEMjAy NTYxMUVEQTEzMjJENURDNEY5QUUwMi9JMVdlbW5GWDU2NV9ZRXhDaURjcExlQXpD YUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0kxV2VtbkZYNTY1X1lFeENpRGNwTGVBekNhQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkVBMkEvM0QzNTBGRDIwMjU2MTFFREExMzIyRDVEQzRGOUFFMDIvQ0ZGMEZERUMw MjU5MTFFREEwQTg1NzY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBABne20wDQYJKoZIhvcNAQELBQADggEBAIEto5Ju6AczYKT/ Z4J5C5K7xQM8HpBKoGouRhmjzU/8KP3rCF+cmTYx5DuQJuVf/ybRGtks/0Eefp59 i8TEZ5Ee85v/OVVo25U4AQb2SjPykmYf8bqxUKCkKSV2A43uAq4FmYxxevNJn/Bn BbtNeEGHgO7T0RSH3DNFgZxuw/8vDNmj/Z732JAOxlGWg4rU1NU5ouklq0jsvlm6 1SLno+RwIFWaT5PywrkpVJyyG4zM/G02386iyNtcoK4G3cW8fZkTkXqYbbS5t2HG 4/q7Ky1wT+Qc+9whDQFr1kadd0Mv/9ecE1PFlDiSVlmawH1TI89vyN3g00jmHJFL CvffeLk= -----END CERTIFICATE-----Generated at Sat Apr 5 21:21:01 2025 by rpki-client