$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/96F093D4BEA011EB8CAD965FC4F9AE02.roa File: 96F093D4BEA011EB8CAD965FC4F9AE02.roa (raw, json) Hash identifier: NpLkQ/NypmNX/0X8ZR0aPK3YWZwmOShkZdvPXd4fivY= Subject key identifier: B8:68:4D:B9:30:B9:DE:1B:EF:31:91:6C:E6:9B:D6:13:AC:13:70:DA Certificate issuer: /CN=A91CEA40/serialNumber=2C3D235A1B219F416610900B003B8ABFDC1702A2 Certificate serial: 05C7 Authority key identifier: 2C:3D:23:5A:1B:21:9F:41:66:10:90:0B:00:3B:8A:BF:DC:17:02:A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LD0jWhshn0FmEJALADuKv9wXAqI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/96F093D4BEA011EB8CAD965FC4F9AE02.roa Signing time: Sat 04 Jan 2025 22:32:05 +0000 ROA not before: Sat 04 Jan 2025 22:32:05 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 139898 IP address blocks: 43.245.56.0/22 maxlen: 24 103.25.140.0/22 maxlen: 24 103.116.88.0/23 maxlen: 24 103.146.200.0/23 maxlen: 24 125.254.50.0/23 maxlen: 24 2405:9f40::/32 maxlen: 40 2405:9f40::/41 maxlen: 48 2405:9f40:80::/41 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.crl rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LD0jWhshn0FmEJALADuKv9wXAqI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 23:08:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1479 (0x5c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEA40 Validity Not Before: Jan 4 22:32:05 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6779b6e5-2ab5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ad:97:46:32:5b:54:bc:f9:f2:12:29:32:e1: db:4c:3f:c6:07:12:80:9c:dd:19:fa:a3:27:e8:a5: 5b:36:ea:8a:f0:46:0c:a4:cb:4e:da:47:ea:20:cb: 24:0b:46:19:00:99:60:61:c9:79:f3:47:fd:16:0e: 61:fa:ee:dc:22:2f:84:4d:2e:fc:fb:5e:92:2d:97: 9b:6c:11:31:f4:c4:83:53:ae:4a:91:27:58:d2:44: fc:7b:76:f3:d1:86:10:c2:ae:31:4d:c3:74:93:7a: 20:03:30:a3:33:27:e7:b9:d6:c3:f9:7f:89:ac:74: 64:f1:f7:ab:a7:c9:9f:7d:fe:08:17:e2:78:54:ce: 29:e4:58:42:bc:a0:53:65:a0:4e:89:e1:16:ab:f4: 6e:e2:38:fc:62:49:f6:93:62:5b:32:96:e1:b8:9d: 32:f8:8f:9b:1b:07:0f:3f:99:6d:18:e1:72:4e:b2: b3:af:d3:db:66:a5:5f:d3:b5:9b:9c:f8:79:00:c8: 74:1c:fb:23:46:42:27:c0:cf:58:c6:e1:22:ee:68: 41:92:2c:10:12:28:5d:42:fe:f8:92:91:8c:a7:6d: 48:37:a8:d5:7f:ee:53:aa:af:b9:20:62:76:b3:c3: 67:49:c8:ff:9d:3f:9e:6f:09:cf:70:23:30:b6:76: e9:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:68:4D:B9:30:B9:DE:1B:EF:31:91:6C:E6:9B:D6:13:AC:13:70:DA X509v3 Authority Key Identifier: keyid:2C:3D:23:5A:1B:21:9F:41:66:10:90:0B:00:3B:8A:BF:DC:17:02:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/LD0jWhshn0FmEJALADuKv9wXAqI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LD0jWhshn0FmEJALADuKv9wXAqI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEA40/8E964BCEAF7911EB84217A58C4F9AE02/96F093D4BEA011EB8CAD965FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.56.0/22 103.25.140.0/22 103.116.88.0/23 103.146.200.0/23 125.254.50.0/23 IPv6: 2405:9f40::/32 Signature Algorithm: sha256WithRSAEncryption 7e:64:98:bc:f6:b6:7e:94:d7:36:fa:34:68:4d:d2:2f:8f:ea: 54:29:1a:81:2f:68:f0:e4:14:bc:eb:70:fd:3a:7a:2e:e9:76: b8:93:e4:1f:a2:3a:d4:f2:f5:83:30:68:20:83:63:36:2f:76: 0c:1d:e0:e8:3a:3b:8a:19:55:aa:b5:ac:60:af:23:7e:32:28: 7a:3f:e5:ed:92:f1:07:ef:20:bf:67:f4:73:e7:b7:19:47:2a: 15:2b:9c:ca:73:96:98:cc:89:5d:b0:03:b7:51:80:f5:1f:d9: 49:d3:c6:bb:17:cf:14:21:21:b4:eb:a3:bf:dc:00:7b:48:4f: 2a:dc:48:79:88:e8:b3:92:45:a4:1e:23:92:11:3e:f4:a2:b9: 90:c4:d2:de:b3:4d:79:fd:da:4e:b4:5c:14:02:01:58:39:97: 3c:0f:1a:ca:16:94:d0:36:cf:e0:01:4f:be:08:d0:ac:a2:f6: 37:ed:d8:61:fa:22:29:83:e9:7d:ec:f7:e4:57:3d:a0:36:59: 29:07:37:f2:17:cf:c1:9a:fa:91:cd:6c:ff:8b:63:2c:9f:2a: aa:f5:51:81:bb:d2:db:ca:d3:5d:a8:0f:76:ba:a8:8c:67:5a: 26:de:de:aa:00:8f:c6:d1:18:9c:2c:e1:41:f1:72:c3:79:40: 9e:60:48:ae -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICBccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VBNDAxMTAvBgNVBAUTKDJDM0QyMzVBMUIyMTlGNDE2NjEwOTAwQjAwM0I4QUJG REMxNzAyQTIwHhcNMjUwMTA0MjIzMjA1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzc5YjZlNS0yYWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt62XRjJbVLz58hIpMuHbTD/GBxKAnN0Z+qMn6KVbNuqK8EYMpMtO2kfqIMsk C0YZAJlgYcl580f9Fg5h+u7cIi+ETS78+16SLZebbBEx9MSDU65KkSdY0kT8e3bz 0YYQwq4xTcN0k3ogAzCjMyfnudbD+X+JrHRk8ferp8mfff4IF+J4VM4p5FhCvKBT ZaBOieEWq/Ru4jj8Ykn2k2JbMpbhuJ0y+I+bGwcPP5ltGOFyTrKzr9PbZqVf07Wb nPh5AMh0HPsjRkInwM9YxuEi7mhBkiwQEihdQv74kpGMp21IN6jVf+5Tqq+5IGJ2 s8NnScj/nT+ebwnPcCMwtnbpmwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFLhoTbkw ud4b7zGRbOab1hOsE3DaMB8GA1UdIwQYMBaAFCw9I1obIZ9BZhCQCwA7ir/cFwKi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUE0MC84RTk2NEJDRUFG NzkxMUVCODQyMTdBNThDNEY5QUUwMi9MRDBqV2hzaG4wRm1FSkFMQUR1S3Y5d1hB cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xEMGpXaHNobjBGbUVKQUxBRHVLdjl3WEFxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0VBNDAvOEU5NjRCQ0VBRjc5MTFFQjg0MjE3QTU4QzRGOUFFMDIvOTZGMDkzRDRC RUEwMTFFQjhDQUQ5NjVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr9TgDBAJnGYwDBAFndFgDBAFnksgDBAF9/jIwDQQCAAIw BwMFACQFn0AwDQYJKoZIhvcNAQELBQADggEBAH5kmLz2tn6U1zb6NGhN0i+P6lQp GoEvaPDkFLzrcP06ei7pdriT5B+iOtTy9YMwaCCDYzYvdgwd4Og6O4oZVaq1rGCv I34yKHo/5e2S8QfvIL9n9HPntxlHKhUrnMpzlpjMiV2wA7dRgPUf2UnTxrsXzxQh IbTro7/cAHtITyrcSHmI6LOSRaQeI5IRPvSiuZDE0t6zTXn92k60XBQCAVg5lzwP GsoWlNA2z+ABT74I0Kyi9jft2GH6IimD6X3s9+RXPaA2WSkHN/IXz8Ga+pHNbP+L YyyfKqr1UYG70tvK012oD3a6qIxnWibe3qoAj8bRGJws4UHxcsN5QJ5gSK4= -----END CERTIFICATE-----Generated at Sat Apr 5 19:26:48 2025 by rpki-client