$ rpki-client -vvf rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/31AFACDC349211F0BA15B357C4F9AE02.roa File: 31AFACDC349211F0BA15B357C4F9AE02.roa (raw, json) Hash identifier: PUqEA442AAa7n+fxZ3wZ6UWoFba4yC5gZ7zTzgopBgo= Subject key identifier: F4:DC:8D:86:AE:03:E6:B4:9D:DB:4D:34:41:DF:DF:A8:9A:66:6F:02 Certificate issuer: /CN=A911E509/serialNumber=AA8E1BE3624240DC3302047FB41A7D4E47808EF8 Certificate serial: 0951 Authority key identifier: AA:8E:1B:E3:62:42:40:DC:33:02:04:7F:B4:1A:7D:4E:47:80:8E:F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/31AFACDC349211F0BA15B357C4F9AE02.roa Signing time: Tue 20 May 2025 15:56:57 +0000 ROA not before: Tue 20 May 2025 15:56:57 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 135391 IP address blocks: 43.230.88.0/22 maxlen: 24 45.253.246.0/23 maxlen: 24 61.29.240.0/22 maxlen: 24 61.29.248.0/24 maxlen: 24 61.29.249.0/24 maxlen: 24 61.29.250.0/23 maxlen: 24 103.49.132.0/22 maxlen: 24 103.211.230.0/23 maxlen: 24 103.216.100.0/22 maxlen: 24 146.196.76.0/23 maxlen: 24 157.119.232.0/22 maxlen: 24 2405:fd80:1000::/40 maxlen: 40 2405:fd80:1000::/48 maxlen: 48 2405:fd80:1003::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.crl rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:25:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2385 (0x951) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E509, serialNumber=AA8E1BE3624240DC3302047FB41A7D4E47808EF8 Validity Not Before: May 20 15:56:57 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=682ca649-b625 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:3f:28:b6:11:c1:80:cf:47:41:80:5b:1c:2d: 5e:4b:79:1d:28:65:ac:12:8f:3b:f9:3d:a5:1c:fe: 4c:e0:5b:d1:6f:d3:df:29:1f:13:95:13:45:95:8b: d3:be:da:79:05:e7:ed:be:0c:93:8d:54:fe:28:c7: ad:98:92:55:57:67:a8:ea:0d:b8:6e:00:5a:a1:0a: b8:19:34:15:56:7d:6e:4e:94:03:5e:bf:f6:09:28: 2b:13:cb:42:31:7d:65:ca:bd:e3:a1:50:de:79:1b: ee:5a:5b:f3:62:ee:66:53:91:c3:46:79:c9:ad:ca: 60:92:6a:84:81:d8:b5:03:40:a1:10:93:04:86:c7: a0:7c:60:f4:2a:50:f2:31:e4:08:5e:26:55:d9:da: e9:28:f6:4b:2d:f6:66:37:c5:55:cf:59:d8:09:26: 4a:36:9d:db:3b:05:ac:c8:74:7f:90:23:48:90:55: e7:d1:49:fa:ab:7e:3f:19:1a:84:f3:8c:45:45:f7: 85:b3:59:58:14:72:38:02:40:ed:4f:f5:d1:fe:c1: af:01:16:d0:ad:34:88:ee:0a:e0:3a:83:c9:78:cb: 56:63:1c:57:8e:1c:cf:b1:b6:f8:36:df:ae:32:ec: 44:fe:91:9b:77:79:cb:7e:a3:51:2f:e4:ca:48:c4: 6a:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:DC:8D:86:AE:03:E6:B4:9D:DB:4D:34:41:DF:DF:A8:9A:66:6F:02 X509v3 Authority Key Identifier: keyid:AA:8E:1B:E3:62:42:40:DC:33:02:04:7F:B4:1A:7D:4E:47:80:8E:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/31AFACDC349211F0BA15B357C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.88.0/22 45.253.246.0/23 61.29.240.0/22 61.29.248.0/22 103.49.132.0/22 103.211.230.0/23 103.216.100.0/22 146.196.76.0/23 157.119.232.0/22 IPv6: 2405:fd80:1000::/40 Signature Algorithm: sha256WithRSAEncryption 9c:c9:62:65:c8:b6:b6:3d:c1:c8:4f:67:62:44:46:53:15:32: 68:fe:22:62:d7:69:f3:2f:ee:8e:3c:f7:da:35:48:3d:89:4f: 00:6c:0c:65:ff:0a:aa:19:c3:2f:f5:81:77:a9:2b:79:c8:3f: 2b:70:b5:5d:c2:11:86:83:ae:e8:34:9f:41:7e:2a:45:5a:54: 74:64:71:26:58:d2:e5:c2:b3:aa:de:90:a0:1b:24:18:51:21: 9f:70:ad:2f:c7:c6:c8:c1:1b:a2:f6:c9:3a:ef:81:d4:a2:7b: 60:b0:11:30:a4:17:69:4d:eb:ae:3e:f3:91:32:7b:ae:fa:9a: c7:ba:56:b0:e7:e4:7d:92:d8:33:49:ac:cd:b2:09:69:50:60: 22:35:11:72:75:33:02:6b:da:8d:3e:fa:45:80:88:ee:59:51: 8b:92:8f:3d:4a:c5:fb:e0:74:23:13:51:86:48:5b:bb:12:da: 65:12:78:a0:fb:fc:c2:39:f9:9d:2b:af:b1:d4:f2:cf:fe:0b: 19:21:02:93:77:5d:9a:96:39:ad:05:41:84:ea:a4:40:d4:e5: 92:a0:61:ca:50:ed:71:ad:02:17:de:da:8e:7c:f9:c5:4f:cd: d9:fa:74:10:7b:9e:53:56:7b:14:91:3d:3e:28:70:56:94:8b: 58:31:2c:a2 -----BEGIN CERTIFICATE----- MIIFsTCCBJmgAwIBAgICCVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUU1MDkxMTAvBgNVBAUTKEFBOEUxQkUzNjI0MjQwREMzMzAyMDQ3RkI0MUE3RDRF NDc4MDhFRjgwHhcNMjUwNTIwMTU1NjU3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJjYTY0OS1iNjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2j8othHBgM9HQYBbHC1eS3kdKGWsEo87+T2lHP5M4FvRb9PfKR8TlRNFlYvT vtp5BeftvgyTjVT+KMetmJJVV2eo6g24bgBaoQq4GTQVVn1uTpQDXr/2CSgrE8tC MX1lyr3joVDeeRvuWlvzYu5mU5HDRnnJrcpgkmqEgdi1A0ChEJMEhsegfGD0KlDy MeQIXiZV2drpKPZLLfZmN8VVz1nYCSZKNp3bOwWsyHR/kCNIkFXn0Un6q34/GRqE 84xFRfeFs1lYFHI4AkDtT/XR/sGvARbQrTSI7grgOoPJeMtWYxxXjhzPsbb4Nt+u MuxE/pGbd3nLfqNRL+TKSMRqJwIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFPTcjYau A+a0ndtNNEHf36iaZm8CMB8GA1UdIwQYMBaAFKqOG+NiQkDcMwIEf7QafU5HgI74 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTUwOS83OUVBNTkxRUE3 QkQxMUVBQUFBNjI5NDhDNEY5QUUwMi9xbzRiNDJKQ1FOd3pBZ1JfdEJwOVRrZUFq dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FvNGI0MkpDUU53ekFnUl90QnA5VGtlQWp2Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUU1MDkvNzlFQTU5MUVBN0JEMTFFQUFBQTYyOTQ4QzRGOUFFMDIvMzFBRkFDREMz NDkyMTFGMEJBMTVCMzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E UDBOMDwEAgABMDYDBAIr5lgDBAEt/fYDBAI9HfADBAI9HfgDBAJnMYQDBAFn0+YD BAJn2GQDBAGSxEwDBAKdd+gwDgQCAAIwCAMGACQF/YAQMA0GCSqGSIb3DQEBCwUA A4IBAQCcyWJlyLa2PcHIT2diREZTFTJo/iJi12nzL+6OPPfaNUg9iU8AbAxl/wqq GcMv9YF3qSt5yD8rcLVdwhGGg67oNJ9BfipFWlR0ZHEmWNLlwrOq3pCgGyQYUSGf cK0vx8bIwRui9sk674HUontgsBEwpBdpTeuuPvORMnuu+prHulaw5+R9ktgzSazN sglpUGAiNRFydTMCa9qNPvpFgIjuWVGLko89SsX74HQjE1GGSFu7EtplEnig+/zC OfmdK6+x1PLP/gsZIQKTd12aljmtBUGE6qRA1OWSoGHKUO1xrQIX3tqOfPnFT83Z +nQQe55TVnsUkT0+KHBWlItYMSyi -----END CERTIFICATE-----Generated at Mon Jun 2 06:54:51 2025 by rpki-client