$ rpki-client -vvf rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/58C5CA92AF9411EE9774D74CC4F9AE02.roa File: 58C5CA92AF9411EE9774D74CC4F9AE02.roa (raw, json) Hash identifier: kZ7lGqUSa7QDbdQn5Phtug9wEvqAopDp24gkxncZqms= Subject key identifier: 05:A2:87:FE:ED:92:B2:F1:E6:F8:E3:C6:80:DE:BE:C0:71:CD:D7:C3 Certificate issuer: /CN=A91325FD/serialNumber=2E8DAF49E27E4FC12BE05EF7DF1A82BB287126A1 Certificate serial: 34C6 Authority key identifier: 2E:8D:AF:49:E2:7E:4F:C1:2B:E0:5E:F7:DF:1A:82:BB:28:71:26:A1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/58C5CA92AF9411EE9774D74CC4F9AE02.roa Signing time: Thu 30 Jan 2025 14:30:13 +0000 ROA not before: Thu 30 Jan 2025 14:30:13 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 19905 IP address blocks: 43.224.36.0/22 maxlen: 22 103.43.76.0/22 maxlen: 22 103.240.240.0/22 maxlen: 22 115.84.64.0/18 maxlen: 18 202.137.128.0/19 maxlen: 19 202.144.184.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.crl rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13510 (0x34c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91325FD Validity Not Before: Jan 30 14:30:13 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=679b8cf4-cd16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:df:ff:26:2f:18:e5:0a:d6:12:c7:7f:cd:ce: bc:e0:ec:a2:66:94:05:e0:8e:c3:61:c7:f2:41:20: 60:2b:72:94:9e:40:de:64:80:d4:8b:3f:83:40:15: f2:73:bc:30:73:8e:d4:f3:cf:89:95:c6:a3:4d:77: 58:53:52:9b:3f:a3:8c:6a:fc:8b:68:6c:15:f9:b3: f6:33:19:66:c1:36:2b:04:68:db:d9:d0:fc:28:27: 76:c8:e9:69:f2:0a:93:bc:1a:01:6b:b0:00:d4:d9: 17:52:52:a4:4c:10:f4:40:d2:6d:be:c9:58:0f:67: 35:a8:11:bb:e0:96:81:ed:12:3c:31:af:e0:53:50: 75:4a:6d:48:52:07:44:96:0a:a2:0b:72:ab:be:e0: 7b:57:30:f0:ce:cf:65:ed:95:5b:a4:8f:77:ab:05: 37:1f:16:5e:d7:08:83:00:29:99:6f:12:f4:c5:1a: c8:a0:b5:bd:4e:2a:77:66:22:ff:27:31:8b:d3:60: fb:56:0b:e9:10:8f:b6:11:e9:c5:2d:58:3e:dc:e2: 21:33:54:40:a8:40:88:6d:67:05:68:bc:84:e5:c1: ab:33:bb:e1:e5:bc:d9:7a:e9:a4:46:ff:28:f1:e5: 5b:94:f4:1a:2f:1b:fb:15:77:ad:ec:81:07:67:a5: 18:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:A2:87:FE:ED:92:B2:F1:E6:F8:E3:C6:80:DE:BE:C0:71:CD:D7:C3 X509v3 Authority Key Identifier: keyid:2E:8D:AF:49:E2:7E:4F:C1:2B:E0:5E:F7:DF:1A:82:BB:28:71:26:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/58C5CA92AF9411EE9774D74CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.36.0/22 103.43.76.0/22 103.240.240.0/22 115.84.64.0/18 202.137.128.0/19 202.144.184.0/21 Signature Algorithm: sha256WithRSAEncryption 2b:4b:07:5a:f1:42:c1:65:13:3d:57:e2:3d:ee:8e:0a:06:58: e2:28:16:d5:c4:f7:03:35:27:09:9b:cf:50:58:e3:90:29:80: 60:90:be:20:08:73:da:7e:0f:76:d6:fa:08:ba:4f:82:f4:b2: 5e:c6:c1:87:03:d9:64:fc:f2:8a:d7:c7:b9:48:28:71:51:8c: 88:5c:23:0a:78:d5:2c:09:01:8b:52:61:27:46:e6:9b:15:f9: cf:95:07:6c:59:6a:83:26:ac:98:49:1c:39:ef:1b:33:55:4f: cf:05:91:63:2d:2d:e9:21:ae:ed:6a:91:4d:f8:34:2d:7e:cd: 20:78:8e:f4:33:6d:10:5c:5d:c1:2c:53:35:9b:f3:2e:98:85: 75:02:a2:a3:fc:c4:da:39:89:f3:47:41:a5:18:27:af:1f:b0: 02:4d:2e:10:b6:dd:0d:10:73:0d:31:f3:77:6e:58:0f:3b:86: 20:dc:2f:f0:25:c0:4c:6b:c0:9d:5c:48:a8:6e:d2:ba:af:5b: 51:78:f3:a0:e9:57:d5:29:13:36:b9:5f:1a:1c:66:b2:4a:e4: 6d:1b:f8:67:be:62:8c:92:c2:fd:25:d4:2b:ab:43:4a:44:85: 6d:b4:fc:7e:0a:ed:03:e7:e7:87:96:1f:ae:e8:c4:44:86:72: 54:83:93:96 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICNMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzI1RkQxMTAvBgNVBAUTKDJFOERBRjQ5RTI3RTRGQzEyQkUwNUVGN0RGMUE4MkJC Mjg3MTI2QTEwHhcNMjUwMTMwMTQzMDEzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NzliOGNmNC1jZDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0N//Ji8Y5QrWEsd/zc684OyiZpQF4I7DYcfyQSBgK3KUnkDeZIDUiz+DQBXy c7wwc47U88+JlcajTXdYU1KbP6OMavyLaGwV+bP2MxlmwTYrBGjb2dD8KCd2yOlp 8gqTvBoBa7AA1NkXUlKkTBD0QNJtvslYD2c1qBG74JaB7RI8Ma/gU1B1Sm1IUgdE lgqiC3KrvuB7VzDwzs9l7ZVbpI93qwU3HxZe1wiDACmZbxL0xRrIoLW9Tip3ZiL/ JzGL02D7VgvpEI+2EenFLVg+3OIhM1RAqECIbWcFaLyE5cGrM7vh5bzZeumkRv8o 8eVblPQaLxv7FXet7IEHZ6UYWQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFAWih/7t krLx5vjjxoDevsBxzdfDMB8GA1UdIwQYMBaAFC6Nr0nifk/BK+Be998agrsocSah MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjVGRC9CQ0U0RDEwQTFE NjgxMUUyQUQ2NDk0QTUwOEIwMkNEMi9MbzJ2U2VKLVQ4RXI0RjczM3hxQ3V5aHhK cUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xvMnZTZUotVDhFcjRGNzMzeHFDdXloeEpxRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzI1RkQvQkNFNEQxMEExRDY4MTFFMkFENjQ5NEE1MDhCMDJDRDIvNThDNUNBOTJB Rjk0MTFFRTk3NzRENzRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAIr4CQDBAJnK0wDBAJn8PADBAZzVEADBAXKiYADBAPKkLgw DQYJKoZIhvcNAQELBQADggEBACtLB1rxQsFlEz1X4j3ujgoGWOIoFtXE9wM1Jwmb z1BY45ApgGCQviAIc9p+D3bW+gi6T4L0sl7GwYcD2WT88orXx7lIKHFRjIhcIwp4 1SwJAYtSYSdG5psV+c+VB2xZaoMmrJhJHDnvGzNVT88FkWMtLekhru1qkU34NC1+ zSB4jvQzbRBcXcEsUzWb8y6YhXUCoqP8xNo5ifNHQaUYJ68fsAJNLhC23Q0Qcw0x 83duWA87hiDcL/AlwExrwJ1cSKhu0rqvW1F486DpV9UpEza5XxocZrJK5G0b+Ge+ YoySwv0l1CurQ0pEhW20/H4K7QPn54eWH67oxESGclSDk5Y= -----END CERTIFICATE-----Generated at Sun Feb 16 15:11:29 2025 by rpki-client