$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7AC5/A3EB5C00C0D511EA908C0178C4F9AE02/5BC42F286E9F11EC90A66E2BC4F9AE02.roa File: 5BC42F286E9F11EC90A66E2BC4F9AE02.roa (raw, json) Hash identifier: lBT7uRCySISPj1eQO8mZRZSLeeGbhioMqzJ80ai10hM= Subject key identifier: 5D:3D:17:4A:A7:7F:AF:ED:9E:5F:BA:C6:DC:C2:E7:58:93:83:6A:68 Certificate issuer: /CN=A91C7AC5/serialNumber=BF3FBC0DA96E2E513AAA58812C694BCD07B8DD77 Certificate serial: 0837 Authority key identifier: BF:3F:BC:0D:A9:6E:2E:51:3A:AA:58:81:2C:69:4B:CD:07:B8:DD:77 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vz-8DaluLlE6qliBLGlLzQe43Xc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7AC5/A3EB5C00C0D511EA908C0178C4F9AE02/5BC42F286E9F11EC90A66E2BC4F9AE02.roa Signing time: Thu 28 Nov 2024 20:40:11 +0000 ROA not before: Thu 28 Nov 2024 20:40:11 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 55822 IP address blocks: 103.214.196.0/22 maxlen: 24 144.48.144.0/22 maxlen: 24 218.100.44.0/24 maxlen: 24 218.100.75.0/24 maxlen: 24 2001:de8:10::/48 maxlen: 48 2001:de8:13::/48 maxlen: 48 2001:de8:13:1::/64 maxlen: 64 2001:de8:13:2::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7AC5/A3EB5C00C0D511EA908C0178C4F9AE02/vz-8DaluLlE6qliBLGlLzQe43Xc.crl rsync://rpki.apnic.net/member_repository/A91C7AC5/A3EB5C00C0D511EA908C0178C4F9AE02/vz-8DaluLlE6qliBLGlLzQe43Xc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vz-8DaluLlE6qliBLGlLzQe43Xc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 20:50:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2103 (0x837) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7AC5 Validity Not Before: Nov 28 20:40:11 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=6748d52b-2d70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:aa:97:57:a8:66:7e:77:3a:6e:da:8f:2b:12: 59:5f:e1:bd:65:e8:06:94:39:f7:9c:9d:e8:30:77: f4:6f:65:13:f3:cc:47:3d:11:40:86:c7:0b:ad:c4: f2:2e:b5:6b:1a:59:8c:29:b0:3a:78:31:70:6e:a2: ab:a5:95:30:05:fb:3a:46:56:ee:8c:4a:03:69:cb: 69:5f:71:70:99:05:54:78:90:22:8a:b8:43:7e:3d: c5:3b:81:90:26:0e:bb:1a:97:70:3f:0b:f0:67:7c: 4b:d2:25:db:81:26:b4:2d:bc:1c:43:c2:2b:0d:99: 57:e4:a9:c4:74:31:82:03:12:68:57:6c:3e:f6:8c: 87:76:e3:65:58:27:80:65:f8:c8:4c:bc:ae:ce:19: 68:5c:94:7f:52:1c:58:31:79:0f:87:38:89:0c:8e: f2:32:09:ac:fd:99:09:a0:83:20:04:a9:1b:ed:28: f4:24:9a:b5:e6:ee:b9:f0:ea:c9:b1:da:d5:e4:74: c2:ec:e8:1f:fc:25:04:10:10:62:e0:29:bc:75:b3: fa:c2:0f:22:b7:46:49:d8:4f:bf:10:05:15:c8:f2: 2e:0e:67:07:7b:9e:4e:15:1e:73:d2:77:d9:f0:51: f8:b7:d0:2a:67:37:40:93:2c:3a:d4:67:54:76:45: 06:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:3D:17:4A:A7:7F:AF:ED:9E:5F:BA:C6:DC:C2:E7:58:93:83:6A:68 X509v3 Authority Key Identifier: keyid:BF:3F:BC:0D:A9:6E:2E:51:3A:AA:58:81:2C:69:4B:CD:07:B8:DD:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7AC5/A3EB5C00C0D511EA908C0178C4F9AE02/vz-8DaluLlE6qliBLGlLzQe43Xc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vz-8DaluLlE6qliBLGlLzQe43Xc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7AC5/A3EB5C00C0D511EA908C0178C4F9AE02/5BC42F286E9F11EC90A66E2BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.214.196.0/22 144.48.144.0/22 218.100.44.0/24 218.100.75.0/24 IPv6: 2001:de8:10::/48 2001:de8:13::/48 Signature Algorithm: sha256WithRSAEncryption 27:0e:0c:66:3d:c4:41:0d:2f:d1:4b:45:77:8d:0d:8b:fe:29: b4:51:5f:5a:05:05:14:75:1b:8f:26:ec:71:53:f2:10:c4:19: a5:b9:cd:99:a0:dd:0f:2f:a3:28:0c:eb:d8:69:2c:ee:37:ca: 53:8a:16:1f:b5:bc:33:dc:b7:e0:a6:10:a4:c7:b0:d2:c8:00: f1:91:5e:62:d7:38:c1:f0:60:52:40:ac:9a:1e:93:d8:af:84: 03:b6:ff:59:8d:69:8d:07:d3:aa:af:45:1e:03:ad:8c:0f:19: a5:10:67:ed:b9:05:05:3b:8e:b6:12:74:6d:18:bd:f0:07:c4: c8:b0:fd:6d:29:53:16:4d:03:15:82:64:9a:9e:69:a7:bc:72: f4:66:a3:04:cc:d2:8a:47:30:76:44:b5:a9:c5:f4:40:b4:5f: 1f:e5:eb:78:d1:df:bd:22:4c:80:ac:ff:e6:ca:c2:f4:1e:53: 35:34:88:ce:8f:40:5b:29:be:3b:8b:4a:6f:1e:5f:ea:49:8c: 22:5b:cb:e2:e9:f1:cd:1d:dd:f1:7a:dc:c2:1a:11:52:49:f5: 84:cf:42:02:a3:fd:ae:4a:29:41:4e:05:9b:af:9e:ec:1b:9c: 1d:1c:a6:b9:6e:1d:a7:fc:94:0a:8e:67:bb:5f:70:d4:8b:95: 33:d7:2e:04 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICCDcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzdBQzUxMTAvBgNVBAUTKEJGM0ZCQzBEQTk2RTJFNTEzQUFBNTg4MTJDNjk0QkNE MDdCOERENzcwHhcNMjQxMTI4MjA0MDExWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzQ4ZDUyYi0yZDcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuaqXV6hmfnc6btqPKxJZX+G9ZegGlDn3nJ3oMHf0b2UT88xHPRFAhscLrcTy LrVrGlmMKbA6eDFwbqKrpZUwBfs6RlbujEoDactpX3FwmQVUeJAiirhDfj3FO4GQ Jg67GpdwPwvwZ3xL0iXbgSa0LbwcQ8IrDZlX5KnEdDGCAxJoV2w+9oyHduNlWCeA ZfjITLyuzhloXJR/UhxYMXkPhziJDI7yMgms/ZkJoIMgBKkb7Sj0JJq15u658OrJ sdrV5HTC7Ogf/CUEEBBi4Cm8dbP6wg8it0ZJ2E+/EAUVyPIuDmcHe55OFR5z0nfZ 8FH4t9AqZzdAkyw61GdUdkUGIwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFF09F0qn f6/tnl+6xtzC51iTg2poMB8GA1UdIwQYMBaAFL8/vA2pbi5ROqpYgSxpS80HuN13 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0FDNS9BM0VCNUMwMEMw RDUxMUVBOTA4QzAxNzhDNEY5QUUwMi92ei04RGFsdUxsRTZxbGlCTEdsTHpRZTQz WGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3Z6LThEYWx1TGxFNnFsaUJMR2xMelFlNDNYYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzdBQzUvQTNFQjVDMDBDMEQ1MTFFQTkwOEMwMTc4QzRGOUFFMDIvNUJDNDJGMjg2 RTlGMTFFQzkwQTY2RTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MB4EAgABMBgDBAJn1sQDBAKQMJADBADaZCwDBADaZEswGAQCAAIwEgMHACAB DegAEAMHACABDegAEzANBgkqhkiG9w0BAQsFAAOCAQEAJw4MZj3EQQ0v0UtFd40N i/4ptFFfWgUFFHUbjybscVPyEMQZpbnNmaDdDy+jKAzr2Gks7jfKU4oWH7W8M9y3 4KYQpMew0sgA8ZFeYtc4wfBgUkCsmh6T2K+EA7b/WY1pjQfTqq9FHgOtjA8ZpRBn 7bkFBTuOthJ0bRi98AfEyLD9bSlTFk0DFYJkmp5pp7xy9GajBMzSikcwdkS1qcX0 QLRfH+XreNHfvSJMgKz/5srC9B5TNTSIzo9AWym+O4tKbx5f6kmMIlvL4unxzR3d 8XrcwhoRUkn1hM9CAqP9rkopQU4Fm6+e7BucHRymuW4dp/yUCo5nu19w1IuVM9cu BA== -----END CERTIFICATE-----Generated at Sun Apr 6 05:30:04 2025 by rpki-client