$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC2A9/D8DDC1A634C611EEB4EBB070C4F9AE02/9908BDDE1CAA11EF80E3BB87C4F9AE02.roa File: 9908BDDE1CAA11EF80E3BB87C4F9AE02.roa (raw, json) Hash identifier: 0UTp5Ayv/ftDBInci/moVW1XbBA3xfvlEMb4Bw4foQE= Subject key identifier: F7:06:21:63:64:2C:D9:54:1A:0D:CD:80:A9:7C:D6:77:06:33:9C:A0 Certificate issuer: /CN=A91DC2A9/serialNumber=3F996261AB3D1EF041661B3AEF7D8932B5702637 Certificate serial: 0140 Authority key identifier: 3F:99:62:61:AB:3D:1E:F0:41:66:1B:3A:EF:7D:89:32:B5:70:26:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P5liYas9HvBBZhs6732JMrVwJjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC2A9/D8DDC1A634C611EEB4EBB070C4F9AE02/9908BDDE1CAA11EF80E3BB87C4F9AE02.roa Signing time: Wed 19 Mar 2025 03:48:51 +0000 ROA not before: Wed 19 Mar 2025 03:48:51 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 7477 IP address blocks: 103.206.236.0/22 maxlen: 24 114.129.160.0/20 maxlen: 24 114.129.176.0/21 maxlen: 24 180.181.128.0/19 maxlen: 24 210.16.68.0/22 maxlen: 24 2401:a400::/32 maxlen: 32 2401:a400:100::/40 maxlen: 40 2401:a400:200::/40 maxlen: 40 2401:a400:300::/40 maxlen: 40 2401:a400:400::/40 maxlen: 40 2401:a400:500::/40 maxlen: 40 2401:a400:2000::/36 maxlen: 36 2401:a400:3000::/36 maxlen: 36 2401:a400:4000::/36 maxlen: 36 2401:a400:5000::/36 maxlen: 36 2401:a400:6000::/36 maxlen: 36 2401:a400:7000::/36 maxlen: 36 2401:a400:c200::/40 maxlen: 40 2401:a400:c300::/40 maxlen: 40 2401:a400:c400::/40 maxlen: 40 2401:a400:c500::/40 maxlen: 40 2401:a400:c600::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC2A9/D8DDC1A634C611EEB4EBB070C4F9AE02/P5liYas9HvBBZhs6732JMrVwJjc.crl rsync://rpki.apnic.net/member_repository/A91DC2A9/D8DDC1A634C611EEB4EBB070C4F9AE02/P5liYas9HvBBZhs6732JMrVwJjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P5liYas9HvBBZhs6732JMrVwJjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Apr 2025 03:17:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 320 (0x140) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC2A9, serialNumber=3F996261AB3D1EF041661B3AEF7D8932B5702637 Validity Not Before: Mar 19 03:48:51 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67da3ea3-c381 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:57:ff:50:df:2b:cc:09:8f:f8:0f:fa:2b:08: 29:5f:22:12:70:79:b5:f0:63:95:2a:0a:f9:e2:d0: de:2d:54:db:0f:e8:e0:a8:b6:d9:81:bb:8a:13:49: a0:2f:50:b0:49:25:a4:56:e3:3e:ac:42:c3:3f:4b: 7a:18:55:36:78:3f:46:e5:11:6f:e7:22:0e:24:dc: 69:15:d9:5b:e9:34:ea:5b:0c:55:64:ce:6a:c0:5e: 1c:3f:bc:bd:38:12:95:82:6a:26:d7:63:15:db:1a: ea:eb:bb:83:b9:77:52:fe:f9:32:6c:4d:ec:63:91: 5e:1f:51:09:f3:1c:9f:87:59:16:06:22:53:6f:a0: 94:64:af:e8:9a:a6:c7:a7:8c:18:41:8d:b7:62:72: f7:69:ae:d0:49:0f:6d:cd:83:58:a6:0d:58:5c:e7: 30:fa:1f:97:14:4e:be:6c:09:cd:90:83:e1:4f:4f: ca:73:ab:f6:4b:3e:a5:43:73:ed:c1:6a:69:18:7b: 10:de:8a:15:54:7a:0e:53:37:b1:23:e1:d9:52:32: 0b:f0:10:f9:28:48:93:55:79:82:55:3d:8e:c6:3e: 77:cd:65:a7:8e:6d:b6:e4:ea:5f:4f:a6:b0:29:b5: c7:af:d4:93:93:c8:a6:c4:97:68:62:c2:ec:55:57: 43:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:06:21:63:64:2C:D9:54:1A:0D:CD:80:A9:7C:D6:77:06:33:9C:A0 X509v3 Authority Key Identifier: keyid:3F:99:62:61:AB:3D:1E:F0:41:66:1B:3A:EF:7D:89:32:B5:70:26:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC2A9/D8DDC1A634C611EEB4EBB070C4F9AE02/P5liYas9HvBBZhs6732JMrVwJjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P5liYas9HvBBZhs6732JMrVwJjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC2A9/D8DDC1A634C611EEB4EBB070C4F9AE02/9908BDDE1CAA11EF80E3BB87C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.206.236.0/22 114.129.160.0-114.129.183.255 180.181.128.0/19 210.16.68.0/22 IPv6: 2401:a400::/32 Signature Algorithm: sha256WithRSAEncryption ce:67:cd:f6:20:2e:f3:e0:00:a4:8c:e0:54:99:27:61:1d:50: d5:ed:71:43:6f:3b:4e:b6:45:40:0f:6e:0d:fd:7b:cd:a4:b6: b6:03:d1:98:65:31:0a:73:2e:b1:54:ef:28:8c:26:44:58:ab: fb:b9:bd:51:11:26:13:75:a4:ed:91:56:eb:a4:ac:6d:30:e2: 8d:5e:0c:0e:93:ed:b0:50:8c:a2:bd:bb:15:5c:14:7c:69:01: aa:12:ae:8c:6f:8f:9a:9e:ce:ed:31:ef:45:ee:e6:e2:bc:03: ee:7a:b2:6c:88:fa:51:05:80:db:fd:57:cf:03:c2:3a:5d:45: 87:6d:b7:0c:bd:34:15:ef:fd:4d:2f:64:b8:cc:28:7b:67:5b: 7c:6a:47:55:44:d3:4a:27:0a:9b:0f:d4:d7:5d:1c:e9:95:76: 42:83:32:7e:6b:d8:84:cb:7a:df:3b:6e:2d:91:db:0c:4c:39: b4:18:41:e8:2f:e3:30:bd:9f:e4:fc:fe:f6:ed:86:17:41:9e: 41:29:06:d8:f0:73:08:14:25:51:42:29:47:7f:df:b5:48:85: 45:13:80:51:39:02:5b:71:ef:3c:73:25:3f:4c:33:ad:c2:25: 17:af:68:25:5d:5f:d3:14:fd:15:c2:dc:3a:00:0e:b4:b6:7b: e6:f8:bd:ac -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgICAUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REMyQTkxMTAvBgNVBAUTKDNGOTk2MjYxQUIzRDFFRjA0MTY2MUIzQUVGN0Q4OTMy QjU3MDI2MzcwHhcNMjUwMzE5MDM0ODUxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2RhM2VhMy1jMzgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAulf/UN8rzAmP+A/6KwgpXyIScHm18GOVKgr54tDeLVTbD+jgqLbZgbuKE0mg L1CwSSWkVuM+rELDP0t6GFU2eD9G5RFv5yIOJNxpFdlb6TTqWwxVZM5qwF4cP7y9 OBKVgmom12MV2xrq67uDuXdS/vkybE3sY5FeH1EJ8xyfh1kWBiJTb6CUZK/omqbH p4wYQY23YnL3aa7QSQ9tzYNYpg1YXOcw+h+XFE6+bAnNkIPhT0/Kc6v2Sz6lQ3Pt wWppGHsQ3ooVVHoOUzexI+HZUjIL8BD5KEiTVXmCVT2Oxj53zWWnjm225OpfT6aw KbXHr9STk8imxJdoYsLsVVdDUwIDAQABo4ICvjCCArowHQYDVR0OBBYEFPcGIWNk LNlUGg3NgKl81ncGM5ygMB8GA1UdIwQYMBaAFD+ZYmGrPR7wQWYbOu99iTK1cCY3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzJBOS9EOEREQzFBNjM0 QzYxMUVFQjRFQkIwNzBDNEY5QUUwMi9QNWxpWWFzOUh2QkJaaHM2NzMySk1yVndK amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1A1bGlZYXM5SHZCQlpoczY3MzJKTXJWd0pqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REMyQTkvRDhEREMxQTYzNEM2MTFFRUI0RUJCMDcwQzRGOUFFMDIvOTkwOEJEREUx Q0FBMTFFRjgwRTNCQjg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E OTA3MCYEAgABMCADBAJnzuwwDAMEBXKBoAMEA3KBsAMEBbS1gAMEAtIQRDANBAIA AjAHAwUAJAGkADANBgkqhkiG9w0BAQsFAAOCAQEAzmfN9iAu8+AApIzgVJknYR1Q 1e1xQ287TrZFQA9uDf17zaS2tgPRmGUxCnMusVTvKIwmRFir+7m9UREmE3Wk7ZFW 66SsbTDijV4MDpPtsFCMor27FVwUfGkBqhKujG+Pmp7O7THvRe7m4rwD7nqybIj6 UQWA2/1XzwPCOl1Fh223DL00Fe/9TS9kuMwoe2dbfGpHVUTTSicKmw/U110c6ZV2 QoMyfmvYhMt63ztuLZHbDEw5tBhB6C/jML2f5Pz+9u2GF0GeQSkG2PBzCBQlUUIp R3/ftUiFRROAUTkCW3HvPHMlP0wzrcIlF69oJV1f0xT9FcLcOgAOtLZ75vi9rA== -----END CERTIFICATE-----Generated at Fri Apr 18 02:26:13 2025 by rpki-client