$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2042/0AEC1D0C63B411EEB65D2B7BC4F9AE02/A4E0754863B411EEAADB3A7CC4F9AE02.roa File: A4E0754863B411EEAADB3A7CC4F9AE02.roa (raw, json) Hash identifier: Lj0YroS2X8LOR4hY25qUmswSSH1A4SRoLTfz7csDQJc= Subject key identifier: 7E:35:DC:4A:E5:90:1C:AA:EB:41:4D:74:24:60:CB:83:BD:00:A9:E5 Certificate issuer: /CN=A91E2042/serialNumber=87CF1D01604551E86C24409E481DAF9C66594BF4 Certificate serial: 011A Authority key identifier: 87:CF:1D:01:60:45:51:E8:6C:24:40:9E:48:1D:AF:9C:66:59:4B:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h88dAWBFUehsJECeSB2vnGZZS_Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2042/0AEC1D0C63B411EEB65D2B7BC4F9AE02/A4E0754863B411EEAADB3A7CC4F9AE02.roa Signing time: Mon 24 Mar 2025 07:37:24 +0000 ROA not before: Mon 24 Mar 2025 07:37:24 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 151820 IP address blocks: 103.204.42.0/23 maxlen: 23 103.204.42.0/24 maxlen: 24 103.204.43.0/24 maxlen: 24 2401:ec20::/32 maxlen: 32 2401:ec20::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2042/0AEC1D0C63B411EEB65D2B7BC4F9AE02/h88dAWBFUehsJECeSB2vnGZZS_Q.crl rsync://rpki.apnic.net/member_repository/A91E2042/0AEC1D0C63B411EEB65D2B7BC4F9AE02/h88dAWBFUehsJECeSB2vnGZZS_Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h88dAWBFUehsJECeSB2vnGZZS_Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 04:02:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 282 (0x11a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2042 Validity Not Before: Mar 24 07:37:24 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67e10bb3-1d8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:0a:10:9a:0b:e0:7d:c6:7b:ab:44:84:4b:0c: 4f:de:1a:00:eb:4b:e3:fa:88:da:47:63:13:d0:4b: 54:b3:a2:41:9c:8f:1c:0b:06:8a:d2:7c:a2:32:03: 42:17:23:8b:a2:79:72:47:ca:4b:0b:03:f5:38:3c: eb:8c:70:48:3a:e1:9f:7a:f2:28:4c:fa:d5:fa:73: 49:e6:a0:2f:1f:cf:67:5d:0c:a2:fb:c8:bb:ba:d5: 36:3d:8d:8f:b9:03:1f:e8:61:3f:c7:f2:7a:c4:f6: 65:2c:dc:af:fe:b4:be:3b:be:8e:8f:e1:a5:dd:b1: 78:fc:35:6b:70:20:63:b8:fe:bd:ba:21:c1:c3:78: 2b:6b:ef:e3:ae:b8:27:39:5b:e8:86:0b:13:f9:e9: d1:40:ba:e3:fb:2c:cd:b7:6c:2e:9d:6d:67:2e:f9: dc:50:c0:a9:a0:52:9a:a8:fb:96:b3:22:73:01:22: 38:68:34:08:d5:1b:52:a3:69:3d:eb:f1:be:92:a0: 6e:20:23:33:32:8b:fb:c9:3d:41:91:f7:56:a4:6a: 65:1b:4d:4d:da:78:5c:ee:18:e1:67:3b:31:0b:eb: 65:a3:6d:0f:c7:67:62:b5:13:29:63:50:95:49:fc: 81:4a:99:f6:32:ba:dd:b6:c5:67:23:2b:71:a0:bb: 60:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:35:DC:4A:E5:90:1C:AA:EB:41:4D:74:24:60:CB:83:BD:00:A9:E5 X509v3 Authority Key Identifier: keyid:87:CF:1D:01:60:45:51:E8:6C:24:40:9E:48:1D:AF:9C:66:59:4B:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2042/0AEC1D0C63B411EEB65D2B7BC4F9AE02/h88dAWBFUehsJECeSB2vnGZZS_Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h88dAWBFUehsJECeSB2vnGZZS_Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2042/0AEC1D0C63B411EEB65D2B7BC4F9AE02/A4E0754863B411EEAADB3A7CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.204.42.0/23 IPv6: 2401:ec20::/32 Signature Algorithm: sha256WithRSAEncryption a2:be:4d:ed:4f:0f:36:c9:ef:4d:90:dc:39:b1:76:c1:4e:03: d1:d5:7a:01:c1:94:9b:05:94:de:6e:5f:9d:77:4a:84:b1:2d: 7e:24:2a:ff:3d:c5:90:0a:ee:7c:65:ab:08:76:aa:b8:47:a5: 4d:19:68:e1:d5:d3:f9:36:b3:f8:74:04:c0:40:d1:73:87:25: ba:c5:d7:79:74:ff:27:2b:6b:38:d1:e1:eb:e0:48:ea:f1:06: 23:be:df:98:67:6c:55:d2:21:9c:47:21:25:00:e8:df:df:6d: 4d:cf:63:b3:be:cb:17:c9:71:7b:8f:cf:62:83:69:46:d8:47: 34:fd:df:a1:13:f8:8c:8e:06:11:4b:b1:99:fb:2c:3a:6d:bd: 32:13:7b:35:cf:4c:1e:bb:e9:53:c6:1f:a9:10:3f:3d:e0:eb: e7:c7:75:f6:92:ad:8a:2b:9f:a6:39:24:7c:00:dd:2e:df:cf: 42:dd:f5:bf:f7:03:e6:68:26:9b:a7:ef:87:0b:00:cd:41:9d: 4c:94:31:8f:21:b7:7a:4b:b9:3d:39:7d:7f:d5:c8:09:62:db: b8:8d:5b:f3:58:a9:68:a2:a2:ba:b5:75:a4:61:14:46:6f:9f: 5d:3b:dc:90:0f:0c:4f:71:92:de:49:90:8d:f1:52:0d:f6:e5: 96:e3:91:d0 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICARowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTIwNDIxMTAvBgNVBAUTKDg3Q0YxRDAxNjA0NTUxRTg2QzI0NDA5RTQ4MURBRjlD NjY1OTRCRjQwHhcNMjUwMzI0MDczNzI0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2UxMGJiMy0xZDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0goQmgvgfcZ7q0SESwxP3hoA60vj+ojaR2MT0EtUs6JBnI8cCwaK0nyiMgNC FyOLonlyR8pLCwP1ODzrjHBIOuGfevIoTPrV+nNJ5qAvH89nXQyi+8i7utU2PY2P uQMf6GE/x/J6xPZlLNyv/rS+O76Oj+Gl3bF4/DVrcCBjuP69uiHBw3gra+/jrrgn OVvohgsT+enRQLrj+yzNt2wunW1nLvncUMCpoFKaqPuWsyJzASI4aDQI1RtSo2k9 6/G+kqBuICMzMov7yT1BkfdWpGplG01N2nhc7hjhZzsxC+tlo20Px2ditRMpY1CV SfyBSpn2MrrdtsVnIytxoLtgQwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFH413Erl kByq60FNdCRgy4O9AKnlMB8GA1UdIwQYMBaAFIfPHQFgRVHobCRAnkgdr5xmWUv0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjA0Mi8wQUVDMUQwQzYz QjQxMUVFQjY1RDJCN0JDNEY5QUUwMi9oODhkQVdCRlVlaHNKRUNlU0Iydm5HWlpT X1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2g4OGRBV0JGVWVoc0pFQ2VTQjJ2bkdaWlNfUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTIwNDIvMEFFQzFEMEM2M0I0MTFFRUI2NUQyQjdCQzRGOUFFMDIvQTRFMDc1NDg2 M0I0MTFFRUFBREIzQTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnzCowDQQCAAIwBwMFACQB7CAwDQYJKoZIhvcNAQELBQAD ggEBAKK+Te1PDzbJ702Q3DmxdsFOA9HVegHBlJsFlN5uX513SoSxLX4kKv89xZAK 7nxlqwh2qrhHpU0ZaOHV0/k2s/h0BMBA0XOHJbrF13l0/ycrazjR4evgSOrxBiO+ 35hnbFXSIZxHISUA6N/fbU3PY7O+yxfJcXuPz2KDaUbYRzT936ET+IyOBhFLsZn7 LDptvTITezXPTB676VPGH6kQPz3g6+fHdfaSrYorn6Y5JHwA3S7fz0Ld9b/3A+Zo Jpun74cLAM1BnUyUMY8ht3pLuT05fX/VyAli27iNW/NYqWiiorq1daRhFEZvn107 3JAPDE9xkt5JkI3xUg325ZbjkdA= -----END CERTIFICATE-----Generated at Sat Apr 5 01:06:37 2025 by rpki-client