$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/7AFCC818E38611EB8BC17765C4F9AE02.roa File: 7AFCC818E38611EB8BC17765C4F9AE02.roa (raw, json) Hash identifier: y9I4QX5XGSB6iUvcZDPrGaic3ZUxSX19Mm6eM5SYEI8= Subject key identifier: 5B:DD:3F:C0:84:00:43:44:28:EB:C8:48:E0:FC:01:3D:50:00:F9:B2 Certificate issuer: /CN=A91FF5E4/serialNumber=85EE9038FFC3541ABDFB7DD9ED33F2AAE372E78C Certificate serial: 0542 Authority key identifier: 85:EE:90:38:FF:C3:54:1A:BD:FB:7D:D9:ED:33:F2:AA:E3:72:E7:8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/7AFCC818E38611EB8BC17765C4F9AE02.roa Signing time: Tue 04 Feb 2025 23:13:24 +0000 ROA not before: Tue 04 Feb 2025 23:13:24 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 7551 IP address blocks: 103.82.108.0/24 maxlen: 24 103.82.109.0/24 maxlen: 24 111.125.177.0/24 maxlen: 24 111.125.178.0/24 maxlen: 24 111.125.181.0/24 maxlen: 24 111.125.184.0/24 maxlen: 24 111.125.185.0/24 maxlen: 24 119.63.209.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.crl rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 23:24:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1346 (0x542) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF5E4, serialNumber=85EE9038FFC3541ABDFB7DD9ED33F2AAE372E78C Validity Not Before: Feb 4 23:13:24 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67a29f14-713c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:1e:35:ef:a5:21:37:4e:9f:f4:23:ae:45:17: d2:60:6a:34:07:7a:3f:5c:80:67:ea:25:e1:43:58: c8:6c:0c:1b:fb:39:40:f9:fe:11:96:e8:85:30:e0: bb:c1:5a:d9:eb:f0:52:c2:84:68:13:f2:3e:ac:ee: 40:e7:07:05:3d:55:a3:be:c5:49:8d:68:7e:76:80: 3c:53:7f:ca:29:cc:dd:07:ae:7b:0e:f5:9b:df:52: cd:69:67:e4:2f:99:0c:34:86:dc:ad:d9:91:fe:7d: ea:cb:61:52:0b:52:f8:fc:61:26:ae:d2:4b:9c:a3: 96:7d:a1:0e:61:77:df:41:0a:1f:7a:77:5e:b0:63: 21:4b:e2:fa:0c:8b:c6:cb:dc:0b:21:5b:e6:9f:a6: c8:83:32:50:1c:48:d0:d4:ce:63:5f:07:87:9f:2e: ae:cd:b7:6f:3a:df:c0:fa:91:b9:a2:0b:0a:4d:8b: f9:25:20:80:ae:7f:b2:63:d6:44:95:ac:84:4d:a5: eb:47:6a:c4:63:d6:b7:7a:9f:ac:f9:28:1f:ad:c5: 6c:a4:3e:77:a4:89:d9:23:06:7e:e2:31:52:88:3c: a0:f5:d9:b6:a2:a2:02:fc:21:0d:b2:ad:3a:be:0c: be:6b:73:c6:e2:62:3e:8e:28:f3:10:04:5e:2e:38: 53:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:DD:3F:C0:84:00:43:44:28:EB:C8:48:E0:FC:01:3D:50:00:F9:B2 X509v3 Authority Key Identifier: keyid:85:EE:90:38:FF:C3:54:1A:BD:FB:7D:D9:ED:33:F2:AA:E3:72:E7:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/he6QOP_DVBq9-33Z7TPyquNy54w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/he6QOP_DVBq9-33Z7TPyquNy54w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF5E4/ED079DFEE38411EBA8593B65C4F9AE02/7AFCC818E38611EB8BC17765C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.82.108.0/23 111.125.177.0-111.125.178.255 111.125.181.0/24 111.125.184.0/23 119.63.209.0/24 Signature Algorithm: sha256WithRSAEncryption 5e:db:e6:c9:35:cd:d5:a0:8b:0b:5f:6e:80:2c:6b:af:39:f6: c7:ac:b7:98:02:24:47:2f:10:8f:bf:81:d2:36:aa:13:4b:71: 03:5d:33:f1:ba:41:aa:b1:1e:83:8d:ca:e5:d8:07:ea:0d:ae: e2:32:f2:e1:e0:68:15:de:49:7f:73:45:fa:1c:a4:9c:ad:06: 66:b7:26:5f:9f:0c:0a:10:7d:57:19:b4:c5:51:15:d3:6e:9b: 49:25:b5:fd:1c:f9:7e:ce:4c:e7:fe:8d:3c:20:9c:e8:4c:48: a1:3d:a9:e7:c3:94:75:35:4a:01:f4:9d:9a:c4:37:64:61:5f: b0:4f:7c:33:cf:24:a7:9e:d1:ec:f1:9d:6b:19:f3:b8:8e:88: 69:d8:cc:f5:4a:9c:e1:48:b7:53:a1:3f:14:4c:7e:22:16:aa: 7d:95:79:d1:79:d7:0c:fc:4b:4e:f6:4f:bc:21:76:26:dc:1d: b0:25:f3:d9:19:98:7d:7e:54:0f:27:0a:e4:e9:69:a7:52:7b: 04:5c:92:74:53:c0:e3:1b:e4:1b:07:74:44:ae:30:61:39:cb: 3d:19:0f:a6:2a:9f:e1:fe:53:c9:61:0e:f5:6b:e2:8e:69:6a: 43:cf:0f:54:71:6a:64:a3:7d:82:95:b1:6d:2f:71:7f:e6:62: dc:b6:17:bf -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICBUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkY1RTQxMTAvBgNVBAUTKDg1RUU5MDM4RkZDMzU0MUFCREZCN0REOUVEMzNGMkFB RTM3MkU3OEMwHhcNMjUwMjA0MjMxMzI0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2EyOWYxNC03MTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyx4176UhN06f9COuRRfSYGo0B3o/XIBn6iXhQ1jIbAwb+zlA+f4RluiFMOC7 wVrZ6/BSwoRoE/I+rO5A5wcFPVWjvsVJjWh+doA8U3/KKczdB657DvWb31LNaWfk L5kMNIbcrdmR/n3qy2FSC1L4/GEmrtJLnKOWfaEOYXffQQofendesGMhS+L6DIvG y9wLIVvmn6bIgzJQHEjQ1M5jXweHny6uzbdvOt/A+pG5ogsKTYv5JSCArn+yY9ZE layETaXrR2rEY9a3ep+s+SgfrcVspD53pInZIwZ+4jFSiDyg9dm2oqIC/CENsq06 vgy+a3PG4mI+jijzEAReLjhTTQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFFvdP8CE AENEKOvISOD8AT1QAPmyMB8GA1UdIwQYMBaAFIXukDj/w1Qavft92e0z8qrjcueM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjVFNC9FRDA3OURGRUUz ODQxMUVCQTg1OTNCNjVDNEY5QUUwMi9oZTZRT1BfRFZCcTktMzNaN1RQeXF1Tnk1 NHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hlNlFPUF9EVkJxOS0zM1o3VFB5cXVOeTU0dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkY1RTQvRUQwNzlERkVFMzg0MTFFQkE4NTkzQjY1QzRGOUFFMDIvN0FGQ0M4MThF Mzg2MTFFQjhCQzE3NzY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBAFnUmwwDAMEAG99sQMEAG99sgMEAG99tQMEAW99uAMEAHc/ 0TANBgkqhkiG9w0BAQsFAAOCAQEAXtvmyTXN1aCLC19ugCxrrzn2x6y3mAIkRy8Q j7+B0jaqE0txA10z8bpBqrEeg43K5dgH6g2u4jLy4eBoFd5Jf3NF+hyknK0GZrcm X58MChB9Vxm0xVEV026bSSW1/Rz5fs5M5/6NPCCc6ExIoT2p58OUdTVKAfSdmsQ3 ZGFfsE98M88kp57R7PGdaxnzuI6IadjM9Uqc4Ui3U6E/FEx+IhaqfZV50XnXDPxL TvZPvCF2JtwdsCXz2RmYfX5UDycK5Olpp1J7BFySdFPA4xvkGwd0RK4wYTnLPRkP piqf4f5TyWEO9WvijmlqQ88PVHFqZKN9gpWxbS9xf+Zi3LYXvw== -----END CERTIFICATE-----Generated at Sat Apr 19 14:37:07 2025 by rpki-client