$ rpki-client -vvf rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/0C9FD154619611EEADD97F70C4F9AE02.roa File: 0C9FD154619611EEADD97F70C4F9AE02.roa (raw, json) Hash identifier: 6tys2kBORt2e9LfTgwSygjIdDqVtnmqGXLJS1SjEsWs= Subject key identifier: 73:A8:8D:45:F7:13:5D:F8:2D:BB:94:B0:C3:B1:7B:5B:E6:3A:1C:EB Certificate issuer: /CN=A91D53AC/serialNumber=4B767FE304D4F27F5111864BA743B9479CE14A7B Certificate serial: 3431 Authority key identifier: 4B:76:7F:E3:04:D4:F2:7F:51:11:86:4B:A7:43:B9:47:9C:E1:4A:7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3Z_4wTU8n9REYZLp0O5R5zhSns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/0C9FD154619611EEADD97F70C4F9AE02.roa Signing time: Fri 06 Dec 2024 15:00:56 +0000 ROA not before: Fri 06 Dec 2024 15:00:56 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 38891 IP address blocks: 103.198.84.0/22 maxlen: 24 103.242.16.0/22 maxlen: 24 202.176.12.0/24 maxlen: 24 203.99.136.0/22 maxlen: 24 223.25.248.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.crl rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3Z_4wTU8n9REYZLp0O5R5zhSns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 14:50:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13361 (0x3431) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D53AC, serialNumber=4B767FE304D4F27F5111864BA743B9479CE14A7B Validity Not Before: Dec 6 15:00:56 2024 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=675311a8-d7d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:e3:a6:89:6f:eb:89:06:fd:5c:7b:09:50:07: c0:61:14:a3:36:01:72:f3:de:70:6a:cb:ae:30:63: c7:04:f1:e4:d9:90:ca:d3:da:ba:bc:36:3d:6a:50: 05:ba:a6:2d:19:e8:33:14:7b:60:21:bf:9c:5d:d5: dd:03:70:ce:a4:fd:14:c1:17:f5:05:75:ff:98:fc: 05:c4:d4:e0:00:22:03:a4:ac:e6:2a:77:10:46:9c: d9:10:61:3f:1e:ba:ba:31:9f:dc:1c:85:1b:cd:43: 41:04:09:75:38:a1:e5:4c:fc:7a:91:0d:d6:b9:77: ec:a0:34:e1:0a:84:58:dc:34:a3:73:b3:11:07:52: 02:bb:84:9d:08:6c:b6:a9:24:a4:3c:05:df:bc:e3: 14:0b:7b:5f:d0:dc:8d:3e:7a:15:c7:37:91:21:50: cd:ea:f2:80:d4:a9:46:03:70:e4:95:42:9f:32:45: 98:7f:07:a3:95:1a:ab:b0:b9:ae:2a:69:4e:f3:00: 63:45:19:ad:23:a7:4e:8d:71:b4:7f:da:b8:02:86: dc:0c:c5:80:0a:ec:d9:cf:75:71:0d:d3:33:83:01: 05:48:c0:8a:3c:61:a5:56:2f:5d:26:8a:10:db:d0: 60:77:d7:5a:d9:d7:65:84:bd:f2:df:5e:30:cd:b8: 1a:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:A8:8D:45:F7:13:5D:F8:2D:BB:94:B0:C3:B1:7B:5B:E6:3A:1C:EB X509v3 Authority Key Identifier: keyid:4B:76:7F:E3:04:D4:F2:7F:51:11:86:4B:A7:43:B9:47:9C:E1:4A:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/S3Z_4wTU8n9REYZLp0O5R5zhSns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S3Z_4wTU8n9REYZLp0O5R5zhSns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D53AC/03168C4E1D9711E28B6C008008B02CD2/0C9FD154619611EEADD97F70C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.198.84.0/22 103.242.16.0/22 202.176.12.0/24 203.99.136.0/22 223.25.248.0/22 Signature Algorithm: sha256WithRSAEncryption 5e:5b:08:31:8b:a6:0d:59:f4:a2:08:e9:a5:59:86:ed:db:2f: bf:2e:66:ad:ec:9e:41:95:09:db:6f:86:9e:05:8f:b9:3c:ae: fb:c7:29:44:f0:7f:6a:8f:66:d0:85:a1:e9:79:c9:99:a1:cc: b5:61:97:00:97:71:0a:ee:43:a0:08:3a:8f:ff:c0:fb:d9:71: 95:69:ed:6e:f8:c5:1a:6c:de:d0:27:6f:11:8a:81:ec:86:d4: 1f:f7:36:cb:99:7c:ea:c3:69:d0:69:36:d5:6c:e4:16:d1:a0: b2:be:7c:46:6b:5e:ac:e3:bb:16:25:4d:d3:2c:f5:e5:f3:50: 0a:84:1c:49:48:44:ff:95:64:ac:da:d5:ec:4e:e4:17:bf:ff: 36:f9:f7:c3:cb:62:7e:7a:ba:75:9d:5f:62:50:0f:62:35:85: 7b:84:75:46:af:c5:2f:cd:d6:bf:c0:42:f1:c1:d0:b7:ef:5f: e8:68:48:85:ed:fd:aa:9c:c8:74:f5:52:79:66:7f:7a:9b:05: f5:d5:92:f9:fd:c0:84:aa:be:5e:76:a9:40:a0:3c:ad:06:64: 23:c6:03:75:03:e8:80:09:e0:5e:78:3c:2f:1e:fd:d4:f0:7f: 5a:bb:87:a1:be:97:bb:b5:9e:43:68:0e:18:0f:0a:83:74:91: 0e:de:d5:21 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICNDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDUzQUMxMTAvBgNVBAUTKDRCNzY3RkUzMDRENEYyN0Y1MTExODY0QkE3NDNCOTQ3 OUNFMTRBN0IwHhcNMjQxMjA2MTUwMDU2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzUzMTFhOC1kN2Q3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0OOmiW/riQb9XHsJUAfAYRSjNgFy895wasuuMGPHBPHk2ZDK09q6vDY9alAF uqYtGegzFHtgIb+cXdXdA3DOpP0UwRf1BXX/mPwFxNTgACIDpKzmKncQRpzZEGE/ Hrq6MZ/cHIUbzUNBBAl1OKHlTPx6kQ3WuXfsoDThCoRY3DSjc7MRB1ICu4SdCGy2 qSSkPAXfvOMUC3tf0NyNPnoVxzeRIVDN6vKA1KlGA3DklUKfMkWYfwejlRqrsLmu KmlO8wBjRRmtI6dOjXG0f9q4AobcDMWACuzZz3VxDdMzgwEFSMCKPGGlVi9dJooQ 29Bgd9da2ddlhL3y314wzbgalwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFHOojUX3 E134LbuUsMOxe1vmOhzrMB8GA1UdIwQYMBaAFEt2f+ME1PJ/URGGS6dDuUec4Up7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTNBQy8wMzE2OEM0RTFE OTcxMUUyOEI2QzAwODAwOEIwMkNEMi9TM1pfNHdUVThuOVJFWVpMcDBPNVI1emhT bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1MzWl80d1RVOG45UkVZWkxwME81UjV6aFNucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDUzQUMvMDMxNjhDNEUxRDk3MTFFMjhCNkMwMDgwMDhCMDJDRDIvMEM5RkQxNTQ2 MTk2MTFFRUFERDk3RjcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAJnxlQDBAJn8hADBADKsAwDBALLY4gDBALfGfgwDQYJKoZI hvcNAQELBQADggEBAF5bCDGLpg1Z9KII6aVZhu3bL78uZq3snkGVCdtvhp4Fj7k8 rvvHKUTwf2qPZtCFoel5yZmhzLVhlwCXcQruQ6AIOo//wPvZcZVp7W74xRps3tAn bxGKgeyG1B/3NsuZfOrDadBpNtVs5BbRoLK+fEZrXqzjuxYlTdMs9eXzUAqEHElI RP+VZKza1exO5Be//zb598PLYn56unWdX2JQD2I1hXuEdUavxS/N1r/AQvHB0Lfv X+hoSIXt/aqcyHT1Unlmf3qbBfXVkvn9wISqvl52qUCgPK0GZCPGA3UD6IAJ4F54 PC8e/dTwf1q7h6G+l7u1nkNoDhgPCoN0kQ7e1SE= -----END CERTIFICATE-----Generated at Tue Apr 22 03:25:29 2025 by rpki-client