$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa File: 43E9842C185A11EF9D0C4338C4F9AE02.roa (raw, json) Hash identifier: irpR0h3jscaijLl59Cc3m/8UUXHvczEBFVSowrAT4Uk= Subject key identifier: A3:2D:2C:67:6B:2D:9E:CE:27:B5:EB:B6:4C:4F:B5:52:14:48:35:29 Certificate issuer: /CN=A91EFBA1/serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6 Certificate serial: 18C8 Authority key identifier: 41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa Signing time: Fri 04 Apr 2025 16:45:35 +0000 ROA not before: Fri 04 Apr 2025 16:45:35 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 136435 IP address blocks: 103.87.248.0/23 maxlen: 23 103.87.248.0/24 maxlen: 24 103.87.249.0/24 maxlen: 24 203.96.225.0/24 maxlen: 24 203.96.226.0/23 maxlen: 23 203.96.226.0/24 maxlen: 24 203.96.227.0/24 maxlen: 24 2400:dac0::/48 maxlen: 48 2400:dac0:1::/48 maxlen: 48 2400:dac0:2::/48 maxlen: 48 2400:dac0:3::/48 maxlen: 48 2400:dac0:4::/48 maxlen: 48 2400:dac0:5::/48 maxlen: 48 2400:dac0:6::/48 maxlen: 48 2400:dac0:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.crl rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 16:45:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6344 (0x18c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EFBA1 Validity Not Before: Apr 4 16:45:35 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67f00caf-0d3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:42:50:3a:cc:72:5f:da:8b:80:2f:a7:e4:89: 9d:69:49:34:5b:c6:ab:ff:00:cb:d4:03:9a:31:7f: 02:f9:c4:61:6e:8b:dd:7e:65:67:ae:a9:30:d9:4d: de:20:f5:79:63:40:b7:9f:4a:3c:7b:9f:77:bd:bb: 15:39:ef:bf:5f:5b:3b:4a:ef:ff:d2:da:7f:87:23: 25:a8:16:f6:e2:53:b7:27:57:42:60:c3:2e:3e:f6: 09:4e:e0:35:0a:53:1b:8c:81:93:40:6a:a9:3b:df: eb:cc:ae:30:e6:a1:a3:9e:41:f9:af:67:a1:3d:22: d3:90:e2:9c:38:4b:82:28:f0:b8:1a:ec:f0:31:9a: a3:49:b9:35:aa:80:b5:d7:fb:0d:90:4f:7c:82:2f: 23:79:14:ab:24:ad:f1:fa:56:61:26:28:b4:bf:48: e9:12:07:56:7a:ca:26:f2:9e:3a:62:2d:ef:2c:a0: 11:f5:b4:2f:61:12:ec:06:15:e3:8a:21:03:88:7e: 9b:92:24:5e:cc:bf:98:9f:fb:93:f3:1b:d7:92:c6: 8c:42:d4:6e:22:72:f0:92:e4:31:9a:22:fb:12:c3: 89:6b:50:5d:0e:74:64:30:0f:5f:bf:cb:78:3c:20: f4:67:03:af:1f:c1:2f:1f:86:53:03:8c:c2:9e:40: fc:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:2D:2C:67:6B:2D:9E:CE:27:B5:EB:B6:4C:4F:B5:52:14:48:35:29 X509v3 Authority Key Identifier: keyid:41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/43E9842C185A11EF9D0C4338C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.87.248.0/23 203.96.225.0-203.96.227.255 IPv6: 2400:dac0::/45 Signature Algorithm: sha256WithRSAEncryption bf:d8:17:81:ff:7a:c4:5d:11:42:2d:3a:bc:f3:c9:b1:f0:2d: 07:87:a7:16:e5:ff:57:c2:a5:c2:f1:84:ef:2a:d5:64:5f:b1: bd:3a:fe:63:64:d0:5a:3e:d6:4f:63:3f:a0:3c:a0:00:cc:c7: ce:1e:f8:83:ef:df:bb:48:69:d1:d7:16:da:ad:a9:89:ef:4d: 75:c0:77:aa:ac:d0:6e:3d:19:93:12:2c:a4:85:d6:b6:a2:ee: cc:23:cb:31:34:d1:8b:1e:48:63:1a:8d:5b:9a:1e:39:59:95: da:bb:d5:9b:e4:7d:ed:44:fc:44:56:14:91:27:8f:ee:85:18: 09:0d:65:4d:cf:bf:96:e8:ed:c9:35:93:10:30:50:68:cd:c9: 2c:b1:f0:bb:31:a3:ab:a0:a9:7e:57:15:54:fc:96:9a:3f:7f: 73:a8:6c:c0:b1:fa:29:cc:92:18:50:91:8c:ae:f6:f4:c1:b5: 90:43:8a:ca:85:3c:50:b9:53:51:e1:78:69:4f:d1:36:2b:58: 66:c5:3e:93:85:00:20:bd:5a:a5:ed:83:25:b6:2a:6b:00:e8: 61:c3:95:db:a2:41:6f:14:73:9f:f2:fb:65:ae:a3:90:fb:b7: 04:f0:58:9f:a4:10:71:ab:cc:bd:70:07:fd:4f:e3:53:09:f2: b3:3c:5a:9b -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgICGMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUZCQTExMTAvBgNVBAUTKDQxNTQwNkVEODBCNEQ5MjdBNDc5QThCQTA0MjExNkFF MkQxMUExQTYwHhcNMjUwNDA0MTY0NTM1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2YwMGNhZi0wZDNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp0JQOsxyX9qLgC+n5ImdaUk0W8ar/wDL1AOaMX8C+cRhbovdfmVnrqkw2U3e IPV5Y0C3n0o8e593vbsVOe+/X1s7Su//0tp/hyMlqBb24lO3J1dCYMMuPvYJTuA1 ClMbjIGTQGqpO9/rzK4w5qGjnkH5r2ehPSLTkOKcOEuCKPC4GuzwMZqjSbk1qoC1 1/sNkE98gi8jeRSrJK3x+lZhJii0v0jpEgdWesom8p46Yi3vLKAR9bQvYRLsBhXj iiEDiH6bkiRezL+Yn/uT8xvXksaMQtRuInLwkuQxmiL7EsOJa1BdDnRkMA9fv8t4 PCD0ZwOvH8EvH4ZTA4zCnkD8hwIDAQABo4ICtDCCArAwHQYDVR0OBBYEFKMtLGdr LZ7OJ7XrtkxPtVIUSDUpMB8GA1UdIwQYMBaAFEFUBu2AtNknpHmougQhFq4tEaGm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkJBMS8yQUQ1MUY0Qzk5 MDMxMUU3QTVFOTVDNkZDNEY5QUUwMi9RVlFHN1lDMDJTZWtlYWk2QkNFV3JpMFJv YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FWUUc3WUMwMlNla2VhaTZCQ0VXcmkwUm9hWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUZCQTEvMkFENTFGNEM5OTAzMTFFN0E1RTk1QzZGQzRGOUFFMDIvNDNFOTg0MkMx ODVBMTFFRjlEMEM0MzM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E LzAtMBoEAgABMBQDBAFnV/gwDAMEAMtg4QMEAstg4DAPBAIAAjAJAwcDJADawAAA MA0GCSqGSIb3DQEBCwUAA4IBAQC/2BeB/3rEXRFCLTq888mx8C0Hh6cW5f9XwqXC 8YTvKtVkX7G9Ov5jZNBaPtZPYz+gPKAAzMfOHviD79+7SGnR1xbaramJ7011wHeq rNBuPRmTEiykhda2ou7MI8sxNNGLHkhjGo1bmh45WZXau9Wb5H3tRPxEVhSRJ4/u hRgJDWVNz7+W6O3JNZMQMFBozckssfC7MaOroKl+VxVU/JaaP39zqGzAsfopzJIY UJGMrvb0wbWQQ4rKhTxQuVNR4XhpT9E2K1hmxT6ThQAgvVql7YMltiprAOhhw5Xb okFvFHOf8vtlrqOQ+7cE8FifpBBxq8y9cAf9T+NTCfKzPFqb -----END CERTIFICATE-----Generated at Sat Apr 5 02:00:25 2025 by rpki-client