$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa File: 596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa (raw, json) Hash identifier: ctAElc1BM1zI8owbq6eyFwFyuzNUp7IAey45t5f8jpA= Subject key identifier: E1:AF:EC:DE:84:FF:23:55:90:3C:AA:DE:66:D9:11:53:50:AC:FE:21 Certificate issuer: /CN=A91CFAB9/serialNumber=DD8A2B88654C3366FFE7FCF6556A9786002AA65B Certificate serial: 0375 Authority key identifier: DD:8A:2B:88:65:4C:33:66:FF:E7:FC:F6:55:6A:97:86:00:2A:A6:5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa Signing time: Wed 05 Mar 2025 02:17:34 +0000 ROA not before: Wed 05 Mar 2025 02:17:34 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 135069 IP address blocks: 103.208.140.0/22 maxlen: 22 103.208.140.0/24 maxlen: 24 103.208.141.0/24 maxlen: 24 103.208.142.0/24 maxlen: 24 103.208.143.0/24 maxlen: 24 163.47.109.0/24 maxlen: 24 180.235.104.0/22 maxlen: 22 180.235.104.0/24 maxlen: 24 180.235.105.0/24 maxlen: 24 180.235.106.0/24 maxlen: 24 180.235.107.0/24 maxlen: 24 203.28.247.0/24 maxlen: 24 223.26.24.0/22 maxlen: 22 223.26.24.0/24 maxlen: 24 223.26.25.0/24 maxlen: 24 223.26.26.0/24 maxlen: 24 223.26.27.0/24 maxlen: 24 2404:4880::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/3YoriGVMM2b_5_z2VWqXhgAqpls.crl rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/3YoriGVMM2b_5_z2VWqXhgAqpls.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 00:54:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 885 (0x375) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFAB9 Validity Not Before: Mar 5 02:17:34 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67c7b43e-d8bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:04:2a:75:2b:85:f1:b6:1b:5e:2b:f1:53:20: e5:4c:a7:7f:37:52:15:92:76:a3:10:84:be:0a:da: ec:73:a2:62:e2:36:6e:8d:00:f1:a2:5a:93:bc:ae: e6:da:71:18:ec:d4:39:af:5b:86:34:00:c9:cc:8e: e3:f9:7b:b3:63:46:09:07:70:86:58:2e:ed:71:6e: 0c:28:10:7d:16:0f:9f:8b:75:aa:ab:ca:6b:56:ad: 44:ff:a4:18:21:90:6c:d3:37:dd:e6:7d:c5:27:da: 7a:51:41:ad:4e:8c:90:8c:89:a3:4e:62:d6:51:6a: 9d:38:03:ee:90:c1:a6:98:bf:0f:8d:6b:4a:8b:89: 0a:23:46:3d:6c:ee:94:02:13:3f:61:8d:94:1c:0e: d5:ea:1c:df:59:16:64:cc:ee:1a:12:01:fa:7a:29: 63:07:18:7b:49:38:7f:9d:b1:21:73:fb:86:bf:13: 7b:e9:67:ad:94:c4:af:d1:fe:ff:85:fb:06:c9:d6: 6f:84:c2:3b:e8:8f:1a:54:2e:f2:36:57:ea:f2:d5: 39:88:9a:d3:fc:f3:d0:06:20:44:54:d0:0c:84:50: ab:6b:8e:12:e2:41:02:2f:d9:b6:85:6d:87:5a:1b: 94:c7:3f:7c:d4:19:80:83:54:d5:f5:40:1c:c7:33: dd:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:AF:EC:DE:84:FF:23:55:90:3C:AA:DE:66:D9:11:53:50:AC:FE:21 X509v3 Authority Key Identifier: keyid:DD:8A:2B:88:65:4C:33:66:FF:E7:FC:F6:55:6A:97:86:00:2A:A6:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/3YoriGVMM2b_5_z2VWqXhgAqpls.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3YoriGVMM2b_5_z2VWqXhgAqpls.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/E853382C9F1311EC9E45D572C4F9AE02/596CCC4E9F1911EC8FDFEA7DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.208.140.0/22 163.47.109.0/24 180.235.104.0/22 203.28.247.0/24 223.26.24.0/22 IPv6: 2404:4880::/32 Signature Algorithm: sha256WithRSAEncryption 7d:88:8c:b4:e6:a0:eb:3f:7a:49:5b:5d:43:ae:89:21:5a:4a: d5:4c:00:5c:fe:29:be:60:b1:5e:e4:ee:b7:12:82:4d:b4:14: f0:f7:27:27:a7:d6:85:42:53:59:c0:60:22:55:c9:47:86:64: 65:7b:58:eb:4f:9b:ad:b9:39:8a:34:df:2d:06:2a:a2:3f:69: 2a:92:be:4d:77:b1:65:20:3a:f8:e4:96:13:9b:81:16:be:b8: 5c:8e:d2:0e:9d:71:c0:28:74:47:3a:bf:ff:57:b4:37:d3:59: 44:2d:6e:d1:b3:96:91:62:50:9e:97:a6:c5:c9:0e:19:31:22: 70:f2:93:12:ac:f3:91:d5:fc:9f:f6:36:58:e8:dd:c7:34:da: 89:0a:5e:4d:b1:ce:51:2b:82:dd:3a:97:73:4a:de:63:aa:f2: 89:04:f5:97:fd:25:4c:c0:48:dc:3d:6e:16:54:a2:fa:ef:b9: 06:84:41:3c:8d:9f:09:87:bb:11:81:cc:69:90:56:46:32:07: ec:43:be:21:f5:cb:7e:58:89:c4:24:c2:7a:7c:92:5b:02:dd: 51:15:85:0b:77:b0:3c:31:ba:ba:cb:15:fe:71:a1:2f:cc:a0: d5:a6:7f:4a:ae:6a:5d:59:11:b7:c6:51:95:10:ac:1f:d6:92: 64:e1:0f:06 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICA3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBQjkxMTAvBgNVBAUTKEREOEEyQjg4NjU0QzMzNjZGRkU3RkNGNjU1NkE5Nzg2 MDAyQUE2NUIwHhcNMjUwMzA1MDIxNzM0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2M3YjQzZS1kOGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxwQqdSuF8bYbXivxUyDlTKd/N1IVknajEIS+Ctrsc6Ji4jZujQDxolqTvK7m 2nEY7NQ5r1uGNADJzI7j+XuzY0YJB3CGWC7tcW4MKBB9Fg+fi3Wqq8prVq1E/6QY IZBs0zfd5n3FJ9p6UUGtToyQjImjTmLWUWqdOAPukMGmmL8PjWtKi4kKI0Y9bO6U AhM/YY2UHA7V6hzfWRZkzO4aEgH6eiljBxh7STh/nbEhc/uGvxN76WetlMSv0f7/ hfsGydZvhMI76I8aVC7yNlfq8tU5iJrT/PPQBiBEVNAMhFCra44S4kECL9m2hW2H WhuUxz981BmAg1TV9UAcxzPd6QIDAQABo4ICvDCCArgwHQYDVR0OBBYEFOGv7N6E /yNVkDyq3mbZEVNQrP4hMB8GA1UdIwQYMBaAFN2KK4hlTDNm/+f89lVql4YAKqZb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkFCOS9FODUzMzgyQzlG MTMxMUVDOUU0NUQ1NzJDNEY5QUUwMi8zWW9yaUdWTU0yYl81X3oyVldxWGhnQXFw bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNZb3JpR1ZNTTJiXzVfejJWV3FYaGdBcXBscy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZBQjkvRTg1MzM4MkM5RjEzMTFFQzlFNDVENTcyQzRGOUFFMDIvNTk2Q0NDNEU5 RjE5MTFFQzhGREZFQTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAJn0IwDBACjL20DBAK062gDBADLHPcDBALfGhgwDQQCAAIw BwMFACQESIAwDQYJKoZIhvcNAQELBQADggEBAH2IjLTmoOs/eklbXUOuiSFaStVM AFz+Kb5gsV7k7rcSgk20FPD3Jyen1oVCU1nAYCJVyUeGZGV7WOtPm625OYo03y0G KqI/aSqSvk13sWUgOvjklhObgRa+uFyO0g6dccAodEc6v/9XtDfTWUQtbtGzlpFi UJ6XpsXJDhkxInDykxKs85HV/J/2Nljo3cc02okKXk2xzlErgt06l3NK3mOq8okE 9Zf9JUzASNw9bhZUovrvuQaEQTyNnwmHuxGBzGmQVkYyB+xDviH1y35YicQkwnp8 klsC3VEVhQt3sDwxurrLFf5xoS/MoNWmf0qual1ZEbfGUZUQrB/WkmThDwY= -----END CERTIFICATE-----Generated at Sat Apr 5 02:37:08 2025 by rpki-client