$ rpki-client -vvf rpki.apnic.net/member_repository/A91D2706/04D457C2330611EBA282D30AC4F9AE02/35D4363E330711EB9D3AA60BC4F9AE02.roa File: 35D4363E330711EB9D3AA60BC4F9AE02.roa (raw, json) Hash identifier: M4Gqzd39PMwr7C0nKPOIDqHHsIaRLfcCY3hCq+E40tY= Subject key identifier: 9A:8F:35:2B:02:C8:C4:A2:D3:C0:04:4D:2B:8B:83:2E:28:49:E7:29 Certificate issuer: /CN=A91D2706/serialNumber=639239063917EE92C099E46AD3696C2ECA7C510A Certificate serial: 06DF Authority key identifier: 63:92:39:06:39:17:EE:92:C0:99:E4:6A:D3:69:6C:2E:CA:7C:51:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y5I5BjkX7pLAmeRq02lsLsp8UQo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D2706/04D457C2330611EBA282D30AC4F9AE02/35D4363E330711EB9D3AA60BC4F9AE02.roa Signing time: Wed 18 Dec 2024 22:11:31 +0000 ROA not before: Wed 18 Dec 2024 22:11:31 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 134797 IP address blocks: 103.199.216.0/22 maxlen: 22 103.199.216.0/24 maxlen: 24 103.199.217.0/24 maxlen: 24 103.199.218.0/24 maxlen: 24 103.199.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D2706/04D457C2330611EBA282D30AC4F9AE02/Y5I5BjkX7pLAmeRq02lsLsp8UQo.crl rsync://rpki.apnic.net/member_repository/A91D2706/04D457C2330611EBA282D30AC4F9AE02/Y5I5BjkX7pLAmeRq02lsLsp8UQo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y5I5BjkX7pLAmeRq02lsLsp8UQo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 21:31:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1759 (0x6df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D2706 Validity Not Before: Dec 18 22:11:31 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67634893-d762 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:dc:2f:0d:19:63:21:76:91:99:5f:41:8c:83: 49:a1:2e:7b:3d:0c:73:df:aa:d8:0d:74:d0:44:e4: 37:b6:32:50:2b:c5:c5:e0:cb:da:4c:ae:21:ce:f5: f0:8f:4d:e7:9b:b2:5b:18:12:0a:99:5e:ec:3b:99: d4:30:1a:5d:3e:a0:bd:1a:ba:12:ab:84:c2:64:a2: cf:d7:80:73:b4:72:e9:eb:e5:5f:a1:06:da:78:ec: 70:2e:b0:af:79:cf:3b:fb:f7:d3:19:60:03:bd:c6: 5a:0e:52:e0:90:f3:9c:e8:4f:8d:d2:91:48:95:e1: f2:e3:ae:25:ac:b2:44:5b:04:82:73:7c:d3:f7:b7: 40:7b:09:6f:94:5b:50:43:dd:3a:d5:38:92:8e:99: 06:5e:e7:96:65:cd:84:3f:67:52:54:40:64:49:80: ad:2b:e7:5b:72:9f:4f:f2:98:3f:8c:5a:e5:54:77: ed:7c:a4:a5:f7:5f:59:a8:43:cf:7c:dc:77:e3:4d: 19:e3:b5:6b:f6:24:48:83:c7:c3:56:1e:09:61:68: 0e:0f:a1:fb:18:33:23:1e:59:e0:b8:36:16:db:f1: 6a:df:af:50:67:56:ea:c9:db:f6:eb:cf:d4:8f:db: ff:50:08:3c:61:52:83:e4:df:ef:14:05:9b:16:db: 84:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:8F:35:2B:02:C8:C4:A2:D3:C0:04:4D:2B:8B:83:2E:28:49:E7:29 X509v3 Authority Key Identifier: keyid:63:92:39:06:39:17:EE:92:C0:99:E4:6A:D3:69:6C:2E:CA:7C:51:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D2706/04D457C2330611EBA282D30AC4F9AE02/Y5I5BjkX7pLAmeRq02lsLsp8UQo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y5I5BjkX7pLAmeRq02lsLsp8UQo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D2706/04D457C2330611EBA282D30AC4F9AE02/35D4363E330711EB9D3AA60BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.199.216.0/22 Signature Algorithm: sha256WithRSAEncryption 06:d2:4f:15:1a:1b:75:b9:5d:c5:1c:24:7e:a3:1f:b2:a6:bf: 42:47:2b:e5:dd:7a:c6:fe:5c:46:98:c9:49:7d:fe:12:a1:22: 0a:07:e4:26:da:73:50:f8:6f:8e:5d:a3:40:0e:39:f4:06:07: aa:29:44:7d:75:c6:2c:35:83:00:75:7f:23:d2:32:55:33:5e: 73:d1:5e:36:3b:30:46:95:3e:89:25:53:35:3a:b9:57:eb:db: fc:15:5c:63:21:d0:e3:08:ff:b0:fd:4d:31:f7:b1:60:ba:ad: b8:28:24:13:37:b3:2b:7e:5b:73:ad:af:9c:e2:f0:c1:ff:69: 52:50:d9:6f:2f:8d:44:48:5a:39:6d:15:97:33:51:94:73:f7: c5:c4:8d:64:cd:e3:ed:fe:bd:eb:01:a1:e7:03:89:11:3d:fe: b8:63:9d:ce:11:32:6a:61:e2:51:ed:a9:c2:1b:56:99:f7:de: ce:ba:dd:cb:db:f8:96:db:75:31:26:75:d0:9c:1c:c7:a9:25: 77:3e:57:e4:1d:97:26:ff:96:17:48:71:00:f4:f4:fa:55:d6: c4:fb:ef:8c:ce:93:f7:5e:ea:3f:9c:3d:23:c5:70:bc:5e:f6: 39:a2:33:20:0a:2c:50:a2:41:d0:8a:9c:c7:a8:5d:08:15:b3: 93:67:43:88 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBt8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI3MDYxMTAvBgNVBAUTKDYzOTIzOTA2MzkxN0VFOTJDMDk5RTQ2QUQzNjk2QzJF Q0E3QzUxMEEwHhcNMjQxMjE4MjIxMTMxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzYzNDg5My1kNzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3dwvDRljIXaRmV9BjINJoS57PQxz36rYDXTQROQ3tjJQK8XF4MvaTK4hzvXw j03nm7JbGBIKmV7sO5nUMBpdPqC9GroSq4TCZKLP14BztHLp6+VfoQbaeOxwLrCv ec87+/fTGWADvcZaDlLgkPOc6E+N0pFIleHy464lrLJEWwSCc3zT97dAewlvlFtQ Q9061TiSjpkGXueWZc2EP2dSVEBkSYCtK+dbcp9P8pg/jFrlVHftfKSl919ZqEPP fNx3400Z47Vr9iRIg8fDVh4JYWgOD6H7GDMjHlnguDYW2/Fq369QZ1bqydv268/U j9v/UAg8YVKD5N/vFAWbFtuEUQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJqPNSsC yMSi08AETSuLgy4oSecpMB8GA1UdIwQYMBaAFGOSOQY5F+6SwJnkatNpbC7KfFEK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjcwNi8wNEQ0NTdDMjMz MDYxMUVCQTI4MkQzMEFDNEY5QUUwMi9ZNUk1QmprWDdwTEFtZVJxMDJsc0xzcDhV UW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1k1STVCamtYN3BMQW1lUnEwMmxzTHNwOFVRby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDI3MDYvMDRENDU3QzIzMzA2MTFFQkEyODJEMzBBQzRGOUFFMDIvMzVENDM2M0Uz MzA3MTFFQjlEM0FBNjBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJnx9gwDQYJKoZIhvcNAQELBQADggEBAAbSTxUaG3W5XcUc JH6jH7Kmv0JHK+Xdesb+XEaYyUl9/hKhIgoH5Cbac1D4b45do0AOOfQGB6opRH11 xiw1gwB1fyPSMlUzXnPRXjY7MEaVPoklUzU6uVfr2/wVXGMh0OMI/7D9TTH3sWC6 rbgoJBM3syt+W3Otr5zi8MH/aVJQ2W8vjURIWjltFZczUZRz98XEjWTN4+3+vesB oecDiRE9/rhjnc4RMmph4lHtqcIbVpn33s663cvb+JbbdTEmddCcHMepJXc+V+Qd lyb/lhdIcQD09PpV1sT774zOk/de6j+cPSPFcLxe9jmiMyAKLFCiQdCKnMeoXQgV s5NnQ4g= -----END CERTIFICATE-----Generated at Mon Apr 7 05:03:09 2025 by rpki-client