$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/54AD60AE0C2E11EABBBFA158C4F9AE02.roa File: 54AD60AE0C2E11EABBBFA158C4F9AE02.roa (raw, json) Hash identifier: /1zN6Gwwi0zP2Xs45slEdMpw3TT72EUNYyQ6n/qRBPQ= Subject key identifier: F0:1F:82:D8:79:BD:D5:49:C5:2F:FA:91:3F:5D:0B:D5:E7:60:2A:42 Certificate issuer: /CN=A91CD174/serialNumber=95DCE21B5ECADEB069DC81B92405D474DE41C206 Certificate serial: 0C0B Authority key identifier: 95:DC:E2:1B:5E:CA:DE:B0:69:DC:81:B9:24:05:D4:74:DE:41:C2:06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldziG17K3rBp3IG5JAXUdN5BwgY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/54AD60AE0C2E11EABBBFA158C4F9AE02.roa Signing time: Thu 20 Mar 2025 18:57:45 +0000 ROA not before: Thu 20 Mar 2025 18:57:45 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 133430 IP address blocks: 103.228.120.0/22 maxlen: 22 103.228.120.0/23 maxlen: 23 103.228.120.0/24 maxlen: 24 103.228.121.0/24 maxlen: 24 103.228.122.0/24 maxlen: 24 103.228.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.crl rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldziG17K3rBp3IG5JAXUdN5BwgY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 18:28:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3083 (0xc0b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD174, serialNumber=95DCE21B5ECADEB069DC81B92405D474DE41C206 Validity Not Before: Mar 20 18:57:45 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67dc6528-c230 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:40:9f:78:86:17:bb:5b:a2:cf:7d:af:d3:b2: 0a:88:9f:49:18:42:70:24:9c:82:f5:8e:bf:d3:ac: ae:05:03:cb:7c:7f:72:f9:5b:fc:3f:f2:07:78:98: eb:1c:e3:2f:54:ee:4c:b3:7a:db:72:8b:c9:2d:3c: c6:70:08:aa:ad:e3:52:84:16:52:0e:c3:c1:cb:a7: 8d:b0:b6:ac:e3:8f:6d:75:f8:b4:5f:f3:c4:87:50: d5:06:45:aa:3c:4c:77:bb:22:d3:f9:2a:db:9a:55: d6:97:59:97:cf:ca:27:b0:a5:cf:e5:1d:44:b6:03: 70:78:dc:a5:c5:29:41:c7:ac:38:ea:f9:37:e9:e6: 8e:68:f4:e8:07:60:32:4a:a9:f4:60:a0:60:a1:4a: 9b:84:d1:06:56:1a:50:a9:6a:2f:47:f1:fc:71:cd: cc:fe:e7:3d:43:ad:e3:3b:c1:a0:86:5e:cb:2d:1d: 89:93:22:0e:ab:e6:a5:d4:a4:6b:42:c9:9e:20:19: cc:67:3c:39:5c:a7:17:27:70:23:3d:11:2b:df:b5: 1c:d2:3a:af:f7:24:d7:47:4b:a1:52:d0:cf:e0:b9: 6f:79:e3:1b:04:79:55:9e:d8:21:54:36:97:d6:81: 01:b5:58:fe:9c:cf:31:c1:92:a5:96:f6:60:ba:f5: 2b:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:1F:82:D8:79:BD:D5:49:C5:2F:FA:91:3F:5D:0B:D5:E7:60:2A:42 X509v3 Authority Key Identifier: keyid:95:DC:E2:1B:5E:CA:DE:B0:69:DC:81:B9:24:05:D4:74:DE:41:C2:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldziG17K3rBp3IG5JAXUdN5BwgY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/54AD60AE0C2E11EABBBFA158C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.228.120.0/22 Signature Algorithm: sha256WithRSAEncryption 0e:14:01:c0:7c:b8:d1:69:72:98:4c:5a:24:e9:de:cb:0e:62: f6:69:2d:96:07:b0:bb:20:47:ae:00:05:3b:b0:c7:05:2d:d9: 44:a4:9e:4f:d4:fc:a5:c9:1b:64:58:1b:b9:8a:c1:74:c4:87: 60:a7:ff:53:aa:38:a7:20:74:3e:d5:f6:ca:0a:a1:d1:98:4f: e2:4a:c0:7b:f3:61:ae:6f:94:d9:b5:2f:8c:c9:93:34:db:fb: 27:6e:99:1a:5e:88:f2:2e:76:60:73:28:75:7f:18:ce:2a:ee: ff:60:ca:4d:bf:e5:21:53:14:c9:43:a8:d4:ca:23:04:39:ef: fa:41:3c:b0:65:85:3b:28:19:a8:9c:be:78:13:e7:b3:3d:2f: 14:4c:1d:b2:5e:2b:85:eb:c1:88:1e:28:76:21:00:54:79:45: c3:74:e2:97:ed:dd:36:6f:32:1a:98:1b:d5:86:8f:82:dd:89: 6a:0b:08:a4:fd:4e:63:dc:5f:44:4b:f0:08:df:2d:1d:c4:fa: d9:88:61:d6:b1:42:9e:00:b5:02:8f:ee:99:24:68:29:4c:34: 77:1a:e5:50:85:37:ee:02:c8:81:83:76:e6:2c:2f:0a:d6:18: 9f:b8:eb:93:ee:6b:b9:82:75:3e:a3:9c:90:77:86:d3:4f:de: 98:a7:04:c5 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICDAswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0QxNzQxMTAvBgNVBAUTKDk1RENFMjFCNUVDQURFQjA2OURDODFCOTI0MDVENDc0 REU0MUMyMDYwHhcNMjUwMzIwMTg1NzQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2RjNjUyOC1jMjMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAykCfeIYXu1uiz32v07IKiJ9JGEJwJJyC9Y6/06yuBQPLfH9y+Vv8P/IHeJjr HOMvVO5Ms3rbcovJLTzGcAiqreNShBZSDsPBy6eNsLas449tdfi0X/PEh1DVBkWq PEx3uyLT+SrbmlXWl1mXz8onsKXP5R1EtgNweNylxSlBx6w46vk36eaOaPToB2Ay Sqn0YKBgoUqbhNEGVhpQqWovR/H8cc3M/uc9Q63jO8Gghl7LLR2JkyIOq+al1KRr QsmeIBnMZzw5XKcXJ3AjPREr37Uc0jqv9yTXR0uhUtDP4LlveeMbBHlVntghVDaX 1oEBtVj+nM8xwZKllvZguvUr5wIDAQABo4IClTCCApEwHQYDVR0OBBYEFPAfgth5 vdVJxS/6kT9dC9XnYCpCMB8GA1UdIwQYMBaAFJXc4hteyt6wadyBuSQF1HTeQcIG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDE3NC81MUMzRTU0ODBC NEQxMUVBOTJDMjhGMjBDNEY5QUUwMi9sZHppRzE3SzNyQnAzSUc1SkFYVWRONUJ3 Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xkemlHMTdLM3JCcDNJRzVKQVhVZE41QndnWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0QxNzQvNTFDM0U1NDgwQjREMTFFQTkyQzI4RjIwQzRGOUFFMDIvNTRBRDYwQUUw QzJFMTFFQUJCQkZBMTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJn5HgwDQYJKoZIhvcNAQELBQADggEBAA4UAcB8uNFpcphM WiTp3ssOYvZpLZYHsLsgR64ABTuwxwUt2USknk/U/KXJG2RYG7mKwXTEh2Cn/1Oq OKcgdD7V9soKodGYT+JKwHvzYa5vlNm1L4zJkzTb+ydumRpeiPIudmBzKHV/GM4q 7v9gyk2/5SFTFMlDqNTKIwQ57/pBPLBlhTsoGaicvngT57M9LxRMHbJeK4XrwYge KHYhAFR5RcN04pft3TZvMhqYG9WGj4LdiWoLCKT9TmPcX0RL8AjfLR3E+tmIYdax Qp4AtQKP7pkkaClMNHca5VCFN+4CyIGDduYsLwrWGJ+465Pua7mCdT6jnJB3htNP 3pinBMU= -----END CERTIFICATE-----Generated at Tue Apr 22 16:47:49 2025 by rpki-client