$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9F0A/E86021D6A23C11E88A6FE66CC4F9AE02/3F6E94ACF5CF11EF90104A57C4F9AE02.roa File: 3F6E94ACF5CF11EF90104A57C4F9AE02.roa (raw, json) Hash identifier: 7uQFFcgxthASWlrUTTAafSbuld5eAvVIoBe4dcMvHgg= Subject key identifier: 88:95:10:95:A2:DE:EC:C4:E2:5F:92:FA:B2:7F:17:07:5A:BD:13:1D Certificate issuer: /CN=A91D9F0A/serialNumber=E46BBF01768956E866AEC443F2BB13501F2E7379 Certificate serial: 137E Authority key identifier: E4:6B:BF:01:76:89:56:E8:66:AE:C4:43:F2:BB:13:50:1F:2E:73:79 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Gu_AXaJVuhmrsRD8rsTUB8uc3k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9F0A/E86021D6A23C11E88A6FE66CC4F9AE02/3F6E94ACF5CF11EF90104A57C4F9AE02.roa Signing time: Fri 28 Feb 2025 12:29:33 +0000 ROA not before: Fri 28 Feb 2025 12:29:33 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 138043 IP address blocks: 103.130.196.0/23 maxlen: 23 103.130.196.0/24 maxlen: 24 103.130.197.0/24 maxlen: 24 2400:9860::/32 maxlen: 32 2400:9860::/35 maxlen: 35 2400:9860:2000::/35 maxlen: 35 2400:9860:4000::/35 maxlen: 35 2400:9860:6000::/35 maxlen: 35 2400:9860:8000::/35 maxlen: 35 2400:9860:a000::/35 maxlen: 35 2400:9860:c000::/35 maxlen: 35 2400:9860:e000::/35 maxlen: 35 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9F0A/E86021D6A23C11E88A6FE66CC4F9AE02/5Gu_AXaJVuhmrsRD8rsTUB8uc3k.crl rsync://rpki.apnic.net/member_repository/A91D9F0A/E86021D6A23C11E88A6FE66CC4F9AE02/5Gu_AXaJVuhmrsRD8rsTUB8uc3k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Gu_AXaJVuhmrsRD8rsTUB8uc3k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:05:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4990 (0x137e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9F0A Validity Not Before: Feb 28 12:29:33 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67c1ac2d-f773 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:3b:6f:33:56:26:83:fd:9c:02:95:0b:68:d5: 76:1f:f0:dc:50:9b:1f:59:70:e3:a1:81:50:81:0b: 59:94:17:21:07:f0:b8:80:d2:9d:f0:08:dd:1e:00: ec:99:3d:1d:4f:65:f5:86:aa:64:33:4e:17:67:35: e4:36:64:e8:75:ca:37:4a:f8:d6:58:d0:1e:be:69: 2c:fb:fb:cb:0e:ea:39:9c:99:e3:e7:a6:d9:bf:d4: b7:8b:ac:20:f0:d4:43:ac:d4:83:1e:d2:5c:20:5d: e1:cb:24:50:80:90:b4:f2:90:4d:1d:33:4a:86:94: 1c:42:92:1b:94:27:00:d0:ff:c9:d2:0a:17:46:9d: fe:0d:36:b9:eb:68:fa:e1:e0:69:37:50:c1:a3:e2: ec:16:36:2e:1c:e5:66:7f:9c:9a:0f:e0:2a:ae:ab: 5b:e8:16:ed:7e:e9:9f:21:e6:01:fa:d5:6c:8b:66: fd:eb:8d:18:56:3b:f8:43:d1:e2:ea:bc:e2:2a:6f: a2:9a:6f:fa:73:9a:f4:f8:65:74:20:a8:91:36:90: b2:63:42:6b:84:9a:0d:41:52:51:26:0e:5a:3d:a6: da:f5:9a:91:40:63:71:50:20:5f:82:19:97:2d:fd: 59:ab:0b:b0:d3:d4:b9:08:88:34:74:59:4d:d6:86: 9e:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:95:10:95:A2:DE:EC:C4:E2:5F:92:FA:B2:7F:17:07:5A:BD:13:1D X509v3 Authority Key Identifier: keyid:E4:6B:BF:01:76:89:56:E8:66:AE:C4:43:F2:BB:13:50:1F:2E:73:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9F0A/E86021D6A23C11E88A6FE66CC4F9AE02/5Gu_AXaJVuhmrsRD8rsTUB8uc3k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Gu_AXaJVuhmrsRD8rsTUB8uc3k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9F0A/E86021D6A23C11E88A6FE66CC4F9AE02/3F6E94ACF5CF11EF90104A57C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.130.196.0/23 IPv6: 2400:9860::/32 Signature Algorithm: sha256WithRSAEncryption 26:14:6b:ab:26:d0:fb:86:1e:e1:67:77:e4:8a:ab:c3:b5:00: fb:d0:17:38:f8:e4:49:83:e3:1b:b0:50:10:10:d3:c4:c8:3a: a2:2b:a3:1a:fb:0f:d1:8d:84:6a:cc:99:43:2d:6e:ff:60:b4: 80:e6:af:62:6b:30:cf:93:44:c2:7c:6c:b4:73:6e:b8:9e:87: c6:ac:f5:5a:63:ae:21:f0:96:34:6e:78:64:8d:21:c0:37:4a: ca:10:92:82:af:a1:15:6f:e2:d0:b7:00:05:96:e2:7f:48:c2: bb:86:4e:74:bd:4a:6b:e9:cd:cd:fa:db:6e:72:89:39:a4:3d: b8:41:9f:aa:ad:d9:b4:37:62:95:f7:92:c0:c7:18:51:1c:b5: e4:b0:63:6e:c2:8b:ea:8a:11:92:40:88:bf:10:3b:f3:1b:ce: d3:b6:6e:a8:eb:41:1c:6d:58:70:39:f0:df:bc:d6:4f:af:d2: 6c:a1:dc:3b:c4:f1:5c:56:9e:1b:32:ad:75:dd:a0:83:e6:be: 3e:0d:63:de:89:91:03:1f:cf:fb:1f:e9:c3:f0:0b:72:58:5f: d1:d9:08:04:14:1c:3d:f5:21:b0:3b:ce:53:78:7f:6d:9b:66: ec:2f:11:cf:75:74:e2:41:f2:6d:ef:0c:a2:6e:af:c6:bf:e6: ab:f5:17:d2 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICE34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlGMEExMTAvBgNVBAUTKEU0NkJCRjAxNzY4OTU2RTg2NkFFQzQ0M0YyQkIxMzUw MUYyRTczNzkwHhcNMjUwMjI4MTIyOTMzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MxYWMyZC1mNzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2TtvM1Ymg/2cApULaNV2H/DcUJsfWXDjoYFQgQtZlBchB/C4gNKd8AjdHgDs mT0dT2X1hqpkM04XZzXkNmTodco3SvjWWNAevmks+/vLDuo5nJnj56bZv9S3i6wg 8NRDrNSDHtJcIF3hyyRQgJC08pBNHTNKhpQcQpIblCcA0P/J0goXRp3+DTa562j6 4eBpN1DBo+LsFjYuHOVmf5yaD+Aqrqtb6BbtfumfIeYB+tVsi2b9640YVjv4Q9Hi 6rziKm+imm/6c5r0+GV0IKiRNpCyY0JrhJoNQVJRJg5aPaba9ZqRQGNxUCBfghmX Lf1Zqwuw09S5CIg0dFlN1oae+wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIiVEJWi 3uzE4l+S+rJ/FwdavRMdMB8GA1UdIwQYMBaAFORrvwF2iVboZq7EQ/K7E1AfLnN5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUYwQS9FODYwMjFENkEy M0MxMUU4OEE2RkU2NkNDNEY5QUUwMi81R3VfQVhhSlZ1aG1yc1JEOHJzVFVCOHVj M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVHdV9BWGFKVnVobXJzUkQ4cnNUVUI4dWMzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDlGMEEvRTg2MDIxRDZBMjNDMTFFODhBNkZFNjZDQzRGOUFFMDIvM0Y2RTk0QUNG NUNGMTFFRjkwMTA0QTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFngsQwDQQCAAIwBwMFACQAmGAwDQYJKoZIhvcNAQELBQAD ggEBACYUa6sm0PuGHuFnd+SKq8O1APvQFzj45EmD4xuwUBAQ08TIOqIroxr7D9GN hGrMmUMtbv9gtIDmr2JrMM+TRMJ8bLRzbrieh8as9VpjriHwljRueGSNIcA3SsoQ koKvoRVv4tC3AAWW4n9IwruGTnS9Smvpzc36225yiTmkPbhBn6qt2bQ3YpX3ksDH GFEcteSwY27Ci+qKEZJAiL8QO/MbztO2bqjrQRxtWHA58N+81k+v0myh3DvE8VxW nhsyrXXdoIPmvj4NY96JkQMfz/sf6cPwC3JYX9HZCAQUHD31IbA7zlN4f22bZuwv Ec91dOJB8m3vDKJur8a/5qv1F9I= -----END CERTIFICATE-----Generated at Sat Apr 5 02:07:46 2025 by rpki-client