$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/0FB07E54D28311EDB1655152C4F9AE02.roa File: 0FB07E54D28311EDB1655152C4F9AE02.roa (raw, json) Hash identifier: V6pTdi9Go4VZBEN3XXIn2lnRjqLUf2zngAhmgO8tgA0= Subject key identifier: 2D:13:4E:C9:B5:5D:4C:A4:09:61:1E:A6:CB:D1:C7:13:54:65:A5:71 Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60 Certificate serial: 217A Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/0FB07E54D28311EDB1655152C4F9AE02.roa Signing time: Tue 04 Mar 2025 16:33:13 +0000 ROA not before: Tue 04 Mar 2025 16:33:13 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 137549 IP address blocks: 43.230.176.0/22 maxlen: 24 103.80.120.0/22 maxlen: 22 103.80.120.0/23 maxlen: 23 103.80.122.0/23 maxlen: 23 103.100.28.0/22 maxlen: 24 103.226.104.0/22 maxlen: 24 116.206.184.0/22 maxlen: 24 202.40.0.0/22 maxlen: 24 2401:b740::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 15:57:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8570 (0x217a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDD4D Validity Not Before: Mar 4 16:33:13 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c72b49-abab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d4:ce:f9:d2:34:72:1f:52:6f:06:8c:50:40: 93:7f:de:75:c1:76:a3:e6:2b:06:99:35:ac:47:e8: a6:06:fb:02:4b:52:f2:6a:85:32:1d:91:e0:89:91: 0d:13:0d:c4:df:55:dc:0f:dd:a0:c9:d7:ff:0f:ef: fa:e4:50:fe:b0:fa:c2:28:8b:c0:7c:bb:cb:d8:19: c7:42:be:7a:05:0c:9a:b5:bf:97:1a:f1:f3:dc:2c: 74:9b:c0:dd:db:f5:58:af:0c:1c:c9:6c:28:fe:52: 23:74:f1:35:8d:33:69:4c:df:23:fb:d3:81:b4:94: 9c:2c:ca:58:57:11:95:88:e8:22:32:89:c2:22:d0: 29:e6:e2:a5:1e:f1:79:34:c0:9d:f7:78:82:5d:81: 73:20:91:4b:98:ba:86:7e:7c:4e:fd:55:eb:83:c3: 6e:5e:53:a9:b7:db:df:9b:02:5f:af:4c:c4:86:ca: f7:12:8e:d4:1f:8f:6d:bb:10:c8:c7:6b:21:ce:78: cd:9d:15:bf:0e:6e:e2:5c:8d:ef:3b:85:34:f8:10: ac:52:1e:f7:c4:81:cd:71:35:7e:15:35:03:92:36: f0:41:ec:48:88:90:af:e2:08:6d:e0:fa:e5:4d:f2: f2:88:73:03:44:e9:e5:ec:ec:4c:d7:5c:e5:ec:76: bc:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:13:4E:C9:B5:5D:4C:A4:09:61:1E:A6:CB:D1:C7:13:54:65:A5:71 X509v3 Authority Key Identifier: keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/0FB07E54D28311EDB1655152C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.176.0/22 103.80.120.0/22 103.100.28.0/22 103.226.104.0/22 116.206.184.0/22 202.40.0.0/22 IPv6: 2401:b740::/32 Signature Algorithm: sha256WithRSAEncryption be:8e:87:62:d7:7f:52:ee:f2:bd:94:16:4f:ae:eb:8d:ec:62: 84:f4:5f:48:03:41:a2:6f:16:69:ed:f1:2b:45:08:18:f7:ca: 45:ba:51:18:3f:83:4a:e1:f6:d9:f5:f8:9d:97:9b:2b:8d:93: 06:3a:b4:db:d1:0f:69:74:e6:e6:4d:83:30:35:3a:9b:23:8e: eb:61:61:b4:b8:d0:3a:51:76:6b:9e:1e:51:d4:40:7d:e4:24: 42:5b:0e:99:14:b1:d2:7b:20:2b:74:3b:ea:48:c6:86:e4:cc: 9e:7d:7e:66:e1:a4:3e:ca:93:a3:37:cf:b8:19:8b:15:92:4c: 68:08:64:2e:37:6b:5b:28:87:f9:96:d2:29:20:9c:f4:f6:81: 06:86:b9:f6:5a:0d:a3:29:ea:c3:a1:cc:06:b9:7f:79:9d:7c: f4:28:27:51:4b:49:a2:4a:76:35:35:03:3f:ad:5b:4c:e9:35: 5f:52:e2:b6:09:6b:82:68:18:79:82:e7:48:08:9f:f1:a4:8b: 4c:a7:77:fc:dc:29:5c:8e:42:ba:a9:9a:e9:e1:28:4f:d5:9f: c1:fb:37:d3:5e:4b:25:cb:ae:0d:31:af:ed:40:4b:7f:e2:a9: ff:4e:17:6b:0e:d0:c6:a7:72:e5:5a:ba:c3:2d:f4:79:ce:eb: 66:6b:da:87 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgICIXowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF QTNFNDFFNjAwHhcNMjUwMzA0MTYzMzEzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2M3MmI0OS1hYmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz9TO+dI0ch9SbwaMUECTf951wXaj5isGmTWsR+imBvsCS1LyaoUyHZHgiZEN Ew3E31XcD92gydf/D+/65FD+sPrCKIvAfLvL2BnHQr56BQyatb+XGvHz3Cx0m8Dd 2/VYrwwcyWwo/lIjdPE1jTNpTN8j+9OBtJScLMpYVxGViOgiMonCItAp5uKlHvF5 NMCd93iCXYFzIJFLmLqGfnxO/VXrg8NuXlOpt9vfmwJfr0zEhsr3Eo7UH49tuxDI x2shznjNnRW/Dm7iXI3vO4U0+BCsUh73xIHNcTV+FTUDkjbwQexIiJCv4ght4Prl TfLyiHMDROnl7OxM11zl7Ha8XwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFC0TTsm1 XUykCWEepsvRxxNUZaVxMB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkRENEQvQkFFMTA4QzRFQTYwMTFFNTg4MTU3NzBDQzRGOUFFMDIvMEZCMDdFNTRE MjgzMTFFREIxNjU1MTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E PTA7MCoEAgABMCQDBAIr5rADBAJnUHgDBAJnZBwDBAJn4mgDBAJ0zrgDBALKKAAw DQQCAAIwBwMFACQBt0AwDQYJKoZIhvcNAQELBQADggEBAL6Oh2LXf1Lu8r2UFk+u 643sYoT0X0gDQaJvFmnt8StFCBj3ykW6URg/g0rh9tn1+J2XmyuNkwY6tNvRD2l0 5uZNgzA1OpsjjuthYbS40DpRdmueHlHUQH3kJEJbDpkUsdJ7ICt0O+pIxobkzJ59 fmbhpD7Kk6M3z7gZixWSTGgIZC43a1soh/mW0ikgnPT2gQaGufZaDaMp6sOhzAa5 f3mdfPQoJ1FLSaJKdjU1Az+tW0zpNV9S4rYJa4JoGHmC50gIn/Gki0ynd/zcKVyO QrqpmunhKE/Vn8H7N9NeSyXLrg0xr+1AS3/iqf9OF2sO0MancuVausMt9HnO62Zr 2oc= -----END CERTIFICATE-----Generated at Fri Apr 11 18:57:33 2025 by rpki-client