$ rpki-client -vvf rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/FB675E140F0311E997412A4EC4F9AE02.roa File: FB675E140F0311E997412A4EC4F9AE02.roa (raw, json) Hash identifier: nR4PLCRvWUgAotRGtX9lE5KuM6BWBXj0rPbeaYR4XNg= Subject key identifier: C9:40:52:FC:3A:14:B4:2C:8B:DA:52:1B:FA:C8:D4:62:57:8B:04:A5 Certificate issuer: /CN=A91F67BB/serialNumber=1BF5A8D94CE06CE301FC35D869F70D740D709752 Certificate serial: 1105 Authority key identifier: 1B:F5:A8:D9:4C:E0:6C:E3:01:FC:35:D8:69:F7:0D:74:0D:70:97:52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_Wo2UzgbOMB_DXYafcNdA1wl1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/FB675E140F0311E997412A4EC4F9AE02.roa Signing time: Tue 10 Dec 2024 17:45:30 +0000 ROA not before: Tue 10 Dec 2024 17:45:30 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 133136 IP address blocks: 45.119.156.0/24 maxlen: 24 103.6.149.0/24 maxlen: 24 103.7.202.0/24 maxlen: 24 223.25.88.0/24 maxlen: 24 223.25.89.0/24 maxlen: 24 223.25.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/G_Wo2UzgbOMB_DXYafcNdA1wl1I.crl rsync://rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/G_Wo2UzgbOMB_DXYafcNdA1wl1I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_Wo2UzgbOMB_DXYafcNdA1wl1I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:22:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4357 (0x1105) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F67BB Validity Not Before: Dec 10 17:45:30 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67587e3a-184e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:56:42:13:e8:e8:7a:da:bb:ba:44:1e:07:29: cb:1e:11:df:52:1f:f2:d5:f7:cd:2e:8b:e4:96:20: d9:ff:6f:a3:cc:13:89:6e:55:72:74:9d:b8:64:a1: 21:c7:48:4c:3f:29:75:04:04:a8:2a:9e:f0:79:f3: 77:4c:cf:f5:f1:4c:26:38:01:37:f7:f9:1f:80:bd: 10:96:23:26:4e:77:d3:e7:c7:fe:11:59:88:f1:55: f3:68:76:11:f7:a2:0c:f5:de:2b:b5:f0:f2:50:cd: bb:00:07:b9:3b:4d:96:12:9e:22:39:f9:de:74:7f: 58:ff:b8:73:8f:a4:4a:04:cd:9d:17:4a:61:cd:aa: fd:3f:3a:44:f1:98:47:7b:97:b3:65:69:6c:5c:55: 17:d2:18:b5:2a:39:1f:5d:1b:e7:cd:72:d9:d5:5b: ba:8b:c4:62:4e:9e:11:0c:1f:48:1f:82:3f:cf:82: ee:fc:e0:e6:98:4d:74:cc:61:78:ef:c0:8d:c1:07: e4:77:15:ca:5c:c7:70:f3:23:f3:03:d4:ad:0d:af: b8:8e:19:a5:a9:2e:e3:36:e0:4e:c4:b5:ce:0f:97: 0d:f0:8c:9f:5b:d9:cc:05:de:e5:b6:79:f0:6e:61: a1:a2:ad:d8:62:cb:ca:3e:de:fe:de:30:bc:2c:ed: 75:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:40:52:FC:3A:14:B4:2C:8B:DA:52:1B:FA:C8:D4:62:57:8B:04:A5 X509v3 Authority Key Identifier: keyid:1B:F5:A8:D9:4C:E0:6C:E3:01:FC:35:D8:69:F7:0D:74:0D:70:97:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/G_Wo2UzgbOMB_DXYafcNdA1wl1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_Wo2UzgbOMB_DXYafcNdA1wl1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F67BB/C9DB89EE0E3E11E9836F4014C4F9AE02/FB675E140F0311E997412A4EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.119.156.0/24 103.6.149.0/24 103.7.202.0/24 223.25.88.0/23 223.25.93.0/24 Signature Algorithm: sha256WithRSAEncryption 69:87:96:55:f8:70:e5:01:02:9e:d2:d2:8f:a2:29:b7:49:b3: 11:91:9c:14:56:a4:d3:22:09:7e:a3:ce:76:48:a8:3d:b5:29: 54:6f:e0:ae:4a:83:4e:75:ac:e9:82:f5:ea:74:e2:9e:15:59: 03:b2:ec:ba:61:9c:6b:00:33:3d:a1:f8:70:16:3a:38:f8:40: 63:c8:78:60:6b:2b:14:68:6a:d3:0b:64:22:ba:3c:44:3c:30: df:8a:81:bc:3e:7b:4b:d2:36:19:8a:a2:70:ed:80:7f:d8:8c: f8:75:7a:ee:50:52:25:55:f4:e5:96:fe:a3:42:cf:52:f2:3e: fc:3b:19:05:c2:e9:7d:da:b4:1c:df:51:12:de:d1:df:7e:3b: 9c:dc:0b:de:44:8c:e3:2a:59:7b:79:a3:f9:fe:4a:f1:f6:42: cb:00:cd:cc:82:c1:8d:09:01:90:4e:95:c9:7a:82:c4:4b:c1: c8:18:fd:af:29:0c:83:6f:ef:c2:7d:1f:80:1f:76:8f:2a:de: 1a:ee:1f:6e:0a:34:ed:53:40:99:a7:90:42:53:74:65:4c:78: 49:13:ed:2d:c8:be:ae:6a:95:2e:4a:f4:b6:57:89:7b:67:7c: d0:c8:db:d7:7c:26:a9:7c:55:cc:be:0e:be:21:e9:c2:68:e2: 45:d5:a7:f2 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICEQUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjY3QkIxMTAvBgNVBAUTKDFCRjVBOEQ5NENFMDZDRTMwMUZDMzVEODY5RjcwRDc0 MEQ3MDk3NTIwHhcNMjQxMjEwMTc0NTMwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzU4N2UzYS0xODRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvVZCE+joetq7ukQeBynLHhHfUh/y1ffNLovkliDZ/2+jzBOJblVydJ24ZKEh x0hMPyl1BASoKp7wefN3TM/18UwmOAE39/kfgL0QliMmTnfT58f+EVmI8VXzaHYR 96IM9d4rtfDyUM27AAe5O02WEp4iOfnedH9Y/7hzj6RKBM2dF0phzar9PzpE8ZhH e5ezZWlsXFUX0hi1KjkfXRvnzXLZ1Vu6i8RiTp4RDB9IH4I/z4Lu/ODmmE10zGF4 78CNwQfkdxXKXMdw8yPzA9StDa+4jhmlqS7jNuBOxLXOD5cN8IyfW9nMBd7ltnnw bmGhoq3YYsvKPt7+3jC8LO11SwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFMlAUvw6 FLQsi9pSG/rI1GJXiwSlMB8GA1UdIwQYMBaAFBv1qNlM4GzjAfw12Gn3DXQNcJdS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjdCQi9DOURCODlFRTBF M0UxMUU5ODM2RjQwMTRDNEY5QUUwMi9HX1dvMlV6Z2JPTUJfRFhZYWZjTmRBMXds MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dfV28yVXpnYk9NQl9EWFlhZmNOZEExd2wxSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjY3QkIvQzlEQjg5RUUwRTNFMTFFOTgzNkY0MDE0QzRGOUFFMDIvRkI2NzVFMTQw RjAzMTFFOTk3NDEyQTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAAtd5wDBABnBpUDBABnB8oDBAHfGVgDBADfGV0wDQYJKoZI hvcNAQELBQADggEBAGmHllX4cOUBAp7S0o+iKbdJsxGRnBRWpNMiCX6jznZIqD21 KVRv4K5Kg051rOmC9ep04p4VWQOy7LphnGsAMz2h+HAWOjj4QGPIeGBrKxRoatML ZCK6PEQ8MN+Kgbw+e0vSNhmKonDtgH/YjPh1eu5QUiVV9OWW/qNCz1LyPvw7GQXC 6X3atBzfURLe0d9+O5zcC95EjOMqWXt5o/n+SvH2QssAzcyCwY0JAZBOlcl6gsRL wcgY/a8pDINv78J9H4Afdo8q3hruH24KNO1TQJmnkEJTdGVMeEkT7S3Ivq5qlS5K 9LZXiXtnfNDI29d8Jql8Vcy+Dr4h6cJo4kXVp/I= -----END CERTIFICATE-----Generated at Sat Apr 5 11:45:33 2025 by rpki-client