$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/DC83478EEB0311ED875DD72EC4F9AE02.roa File: DC83478EEB0311ED875DD72EC4F9AE02.roa (raw, json) Hash identifier: wC4P834uMCwewPqC4AzB3L42gf9vs93AMppygyyTSdg= Subject key identifier: 4A:9D:D7:97:D8:B4:FF:00:3F:F0:98:7A:EA:2B:8A:5B:DA:59:36:C7 Certificate issuer: /CN=A91CF285/serialNumber=3E29CE6F6A7DB94B6D09133B73FED52DDEE12DAB Certificate serial: 1046 Authority key identifier: 3E:29:CE:6F:6A:7D:B9:4B:6D:09:13:3B:73:FE:D5:2D:DE:E1:2D:AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PinOb2p9uUttCRM7c_7VLd7hLas.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/DC83478EEB0311ED875DD72EC4F9AE02.roa Signing time: Wed 29 Jan 2025 22:34:16 +0000 ROA not before: Wed 29 Jan 2025 22:34:16 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 137271 IP address blocks: 103.209.4.0/23 maxlen: 23 103.209.4.0/24 maxlen: 24 103.209.5.0/24 maxlen: 24 2406:bf00:1::/48 maxlen: 48 2406:bf00:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/PinOb2p9uUttCRM7c_7VLd7hLas.crl rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/PinOb2p9uUttCRM7c_7VLd7hLas.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PinOb2p9uUttCRM7c_7VLd7hLas.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:27:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4166 (0x1046) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF285 Validity Not Before: Jan 29 22:34:16 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=679aace8-1e54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:09:e8:70:aa:30:37:1d:53:be:fc:6d:44:a0: 7a:61:d7:c9:ea:35:d6:1d:9b:b1:bc:49:50:b8:61: c3:aa:a9:00:3f:4c:f1:d6:bf:5c:9c:cb:a1:a5:aa: 9d:69:68:64:23:3a:1e:d1:2f:d7:31:56:3d:93:5b: 93:1e:88:c8:64:c2:af:73:db:ee:e0:36:01:6c:16: c3:6b:d5:3a:35:ae:47:03:5b:e0:08:e3:16:e2:49: b3:ed:a3:35:85:c1:bd:cd:0e:f6:4d:5c:24:7c:a2: cf:08:9b:5b:6a:87:6f:68:98:0b:6a:1d:01:6b:db: b3:83:b9:b3:3d:19:52:d0:75:c3:45:f2:f7:93:c7: 2b:1f:f7:18:ea:3a:b1:17:a2:05:80:bb:2c:63:12: 28:86:38:31:bb:e4:b9:25:91:58:76:59:a1:eb:1d: c3:dc:ba:fc:93:8e:61:77:20:a6:e2:e8:42:8e:86: 97:c8:6f:a8:99:aa:e4:11:72:81:55:63:35:8d:24: 2e:d4:7b:77:08:0f:98:fd:1e:08:53:2f:ca:43:62: a8:ce:8e:57:d5:3c:ed:76:b4:19:6c:41:46:c8:f4: 18:2d:44:aa:4b:aa:bb:63:cd:a6:76:b9:57:29:43: 16:14:08:2b:9c:0f:50:18:64:75:2e:c8:b1:1e:2b: e5:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:9D:D7:97:D8:B4:FF:00:3F:F0:98:7A:EA:2B:8A:5B:DA:59:36:C7 X509v3 Authority Key Identifier: keyid:3E:29:CE:6F:6A:7D:B9:4B:6D:09:13:3B:73:FE:D5:2D:DE:E1:2D:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/PinOb2p9uUttCRM7c_7VLd7hLas.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PinOb2p9uUttCRM7c_7VLd7hLas.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF285/FD64F0B8340C11E9966C5A76C4F9AE02/DC83478EEB0311ED875DD72EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.209.4.0/23 IPv6: 2406:bf00:1::-2406:bf00:2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 0b:bd:a2:2f:98:62:59:f2:b9:de:c8:3f:2c:e3:6a:0f:75:4d: 1f:c8:f1:63:de:31:a5:5f:69:36:ff:a6:41:90:aa:96:21:03: 29:df:8b:fe:ed:03:cd:31:7a:53:d1:a6:e9:c8:c4:7f:de:97: 3c:b6:b9:cf:1b:13:64:13:bc:13:be:51:f9:37:de:ae:cf:a1: d9:02:98:4b:d9:6f:a0:18:f6:a8:87:2a:8b:93:7c:f6:3c:04: 14:c0:a2:79:c3:dd:7a:cb:28:dd:8c:4a:53:17:52:4c:64:5b: 74:d7:61:84:6b:d3:24:76:60:1f:5d:36:5e:fc:ba:56:db:95: ca:15:c7:ed:a0:f3:27:7b:50:98:29:9d:e0:2f:0b:fd:ce:4a: 5d:8a:02:a6:07:e7:5a:80:df:ff:48:cc:8b:08:73:52:13:c1: d9:58:46:b1:66:85:de:5e:63:df:dc:3c:9a:d9:be:ac:2c:62: d4:00:31:05:a4:38:c7:51:c8:21:fe:ac:fe:00:2c:0f:c6:dc: 23:0e:c5:61:c4:4c:70:91:95:2c:30:89:ea:95:51:03:a4:8f: 0b:18:dc:2d:12:9e:56:72:07:24:e1:ab:3d:1d:c0:a0:ee:41: f7:d9:76:68:ad:c5:2b:fe:7c:b9:fa:0b:97:96:40:f5:00:5d: 8c:64:45:de -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICEEYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0YyODUxMTAvBgNVBAUTKDNFMjlDRTZGNkE3REI5NEI2RDA5MTMzQjczRkVENTJE REVFMTJEQUIwHhcNMjUwMTI5MjIzNDE2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzlhYWNlOC0xZTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAygnocKowNx1TvvxtRKB6YdfJ6jXWHZuxvElQuGHDqqkAP0zx1r9cnMuhpaqd aWhkIzoe0S/XMVY9k1uTHojIZMKvc9vu4DYBbBbDa9U6Na5HA1vgCOMW4kmz7aM1 hcG9zQ72TVwkfKLPCJtbaodvaJgLah0Ba9uzg7mzPRlS0HXDRfL3k8crH/cY6jqx F6IFgLssYxIohjgxu+S5JZFYdlmh6x3D3Lr8k45hdyCm4uhCjoaXyG+omarkEXKB VWM1jSQu1Ht3CA+Y/R4IUy/KQ2Kozo5X1TztdrQZbEFGyPQYLUSqS6q7Y82mdrlX KUMWFAgrnA9QGGR1LsixHivliQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFEqd15fY tP8AP/CYeuorilvaWTbHMB8GA1UdIwQYMBaAFD4pzm9qfblLbQkTO3P+1S3e4S2r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjI4NS9GRDY0RjBCODM0 MEMxMUU5OTY2QzVBNzZDNEY5QUUwMi9QaW5PYjJwOXVVdHRDUk03Y183VkxkN2hM YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Bpbk9iMnA5dVV0dENSTTdjXzdWTGQ3aExhcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0YyODUvRkQ2NEYwQjgzNDBDMTFFOTk2NkM1QTc2QzRGOUFFMDIvREM4MzQ3OEVF QjAzMTFFRDg3NURENzJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMAwEAgABMAYDBAFn0QQwGgQCAAIwFDASAwcAJAa/AAABAwcAJAa/AAACMA0G CSqGSIb3DQEBCwUAA4IBAQALvaIvmGJZ8rneyD8s42oPdU0fyPFj3jGlX2k2/6ZB kKqWIQMp34v+7QPNMXpT0abpyMR/3pc8trnPGxNkE7wTvlH5N96uz6HZAphL2W+g GPaohyqLk3z2PAQUwKJ5w916yyjdjEpTF1JMZFt012GEa9MkdmAfXTZe/LpW25XK FcftoPMne1CYKZ3gLwv9zkpdigKmB+dagN//SMyLCHNSE8HZWEaxZoXeXmPf3Dya 2b6sLGLUADEFpDjHUcgh/qz+ACwPxtwjDsVhxExwkZUsMInqlVEDpI8LGNwtEp5W cgck4as9HcCg7kH32XZorcUr/ny5+guXlkD1AF2MZEXe -----END CERTIFICATE-----Generated at Sat Apr 5 21:58:41 2025 by rpki-client