$ rpki-client -vvf rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/1070E6CA9A8311EF8BE0F826C4F9AE02.roa File: 1070E6CA9A8311EF8BE0F826C4F9AE02.roa (raw, json) Hash identifier: 5usMHuwC29/GKSbCm/Fabiikjfpjet0V04t/dPRj3vM= Subject key identifier: EE:1A:DA:95:7F:8A:CE:74:1A:A7:02:27:22:5C:E5:D7:6C:A0:D9:BD Certificate issuer: /CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD Certificate serial: 07CE Authority key identifier: D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/1070E6CA9A8311EF8BE0F826C4F9AE02.roa Signing time: Mon 24 Mar 2025 21:31:47 +0000 ROA not before: Mon 24 Mar 2025 21:31:47 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 55933 IP address blocks: 43.240.12.0/22 maxlen: 24 45.125.12.0/22 maxlen: 24 45.125.32.0/22 maxlen: 24 103.39.108.0/22 maxlen: 24 103.51.144.0/22 maxlen: 24 103.193.148.0/22 maxlen: 24 103.246.244.0/22 maxlen: 24 123.108.108.0/22 maxlen: 24 123.254.104.0/21 maxlen: 24 182.237.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 21:23:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1998 (0x7ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91397C2 Validity Not Before: Mar 24 21:31:47 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67e1cf42-1893 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c1:59:c6:56:aa:51:1f:2c:d5:f8:c8:17:67: 34:79:4d:0f:2c:e0:86:e6:4c:95:1d:c1:2d:b3:1f: d2:86:24:63:0e:f6:fb:79:87:a2:5c:8c:58:29:71: b6:1b:b6:38:ba:eb:85:da:e9:6a:79:0b:f4:4e:e9: eb:81:cd:57:c2:72:3c:32:54:20:92:00:c6:81:91: fd:9c:6e:f9:7b:0c:68:26:02:4b:10:46:4f:ff:c7: 5b:dc:8e:cf:83:c9:73:1b:8d:3e:39:9e:8b:34:ca: d4:b4:b6:e9:3c:13:fc:4b:5d:d5:6c:5b:54:c7:aa: 0d:d6:89:ed:22:1f:7b:1e:f8:37:79:8b:e4:b3:e6: 07:11:de:31:48:02:36:b4:7a:5c:3a:2a:cf:6d:69: 22:0d:0c:4d:7d:fe:6a:36:15:56:65:2b:7f:f3:90: 17:f8:d9:fc:a7:9e:8d:29:48:9c:dd:09:b8:4d:29: 80:cb:58:6b:7c:0c:b8:a8:69:79:78:60:e6:14:bf: b0:7f:a5:39:34:ff:71:46:38:b2:3b:85:c7:19:c6: b2:cc:03:3d:53:a9:b6:21:5f:4a:e8:d3:2b:94:3b: e8:8b:8b:4d:01:ef:22:c0:e9:84:e2:6e:d4:4d:2c: 85:73:77:b6:84:61:ae:27:21:77:69:f2:5f:10:81: 4b:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:1A:DA:95:7F:8A:CE:74:1A:A7:02:27:22:5C:E5:D7:6C:A0:D9:BD X509v3 Authority Key Identifier: keyid:D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/1070E6CA9A8311EF8BE0F826C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.240.12.0/22 45.125.12.0/22 45.125.32.0/22 103.39.108.0/22 103.51.144.0/22 103.193.148.0/22 103.246.244.0/22 123.108.108.0/22 123.254.104.0/21 182.237.0.0/22 Signature Algorithm: sha256WithRSAEncryption 6b:ef:1e:e8:08:39:1f:17:25:2a:e6:4e:a3:5d:fe:2c:61:0b: c4:cb:c8:b2:ca:ba:4e:82:be:9c:98:18:dd:b9:eb:0a:f4:27: 17:d5:97:8d:29:40:f1:c1:8a:05:e0:e3:7b:62:93:76:53:c7: a3:34:75:bb:e2:1b:c8:9d:b8:6b:34:da:88:19:32:70:86:59: 6b:3a:5b:c5:70:17:45:54:d1:2b:46:62:fa:62:40:08:a7:1b: 9a:1c:4c:de:9d:a3:7c:8e:3f:3e:9d:77:96:1c:17:af:5b:17: 74:bf:c3:d0:e7:fc:0b:84:38:4f:e4:4b:71:b3:41:bb:15:75: 2f:82:d8:2a:b0:9c:81:8a:0b:96:4e:38:c6:f5:62:a0:15:46: 81:0c:29:13:1c:97:58:9b:4b:8a:6a:15:00:55:f9:43:14:8c: 20:74:5f:d2:8a:08:1a:b3:6f:99:13:ab:7e:af:3b:b0:a0:37: b1:82:75:ce:36:a0:c8:1a:dd:d4:f1:ff:2c:46:62:57:a3:7c: 6a:fc:fa:07:90:83:bc:cd:53:c7:9f:81:3a:ae:77:1d:d8:9b: 0f:5a:97:27:ea:b9:51:50:d7:39:8a:92:b0:2d:aa:50:6c:79: 46:48:21:8c:4c:ae:e2:90:30:72:81:bc:8c:30:93:5c:3f:ca: b6:8d:80:8a -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgICB84wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk3QzIxMTAvBgNVBAUTKEQzRDE1QUVFOUE0RjhBRTVDMjgxMTA4QTdEMkQzQUQ4 MUQ0RTc5Q0QwHhcNMjUwMzI0MjEzMTQ3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2UxY2Y0Mi0xODkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyMFZxlaqUR8s1fjIF2c0eU0PLOCG5kyVHcEtsx/ShiRjDvb7eYeiXIxYKXG2 G7Y4uuuF2ulqeQv0Tunrgc1XwnI8MlQgkgDGgZH9nG75ewxoJgJLEEZP/8db3I7P g8lzG40+OZ6LNMrUtLbpPBP8S13VbFtUx6oN1ontIh97Hvg3eYvks+YHEd4xSAI2 tHpcOirPbWkiDQxNff5qNhVWZSt/85AX+Nn8p56NKUic3Qm4TSmAy1hrfAy4qGl5 eGDmFL+wf6U5NP9xRjiyO4XHGcayzAM9U6m2IV9K6NMrlDvoi4tNAe8iwOmE4m7U TSyFc3e2hGGuJyF3afJfEIFLDwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFO4a2pV/ is50GqcCJyJc5ddsoNm9MB8GA1UdIwQYMBaAFNPRWu6aT4rlwoEQin0tOtgdTnnN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTdDMi80RTQyNkRFOEZC RUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1WENnUkNLZlMwNjJCMU9l YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA5RmE3cHBQaXVYQ2dSQ0tmUzA2MkIxT2VjMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mzk3QzIvNEU0MjZERThGQkVBMTFFQTk0MEExRDE5QzRGOUFFMDIvMTA3MEU2Q0E5 QTgzMTFFRjhCRTBGODI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E RjBEMEIEAgABMDwDBAIr8AwDBAItfQwDBAItfSADBAJnJ2wDBAJnM5ADBAJnwZQD BAJn9vQDBAJ7bGwDBAN7/mgDBAK27QAwDQYJKoZIhvcNAQELBQADggEBAGvvHugI OR8XJSrmTqNd/ixhC8TLyLLKuk6CvpyYGN256wr0JxfVl40pQPHBigXg43tik3ZT x6M0dbviG8iduGs02ogZMnCGWWs6W8VwF0VU0StGYvpiQAinG5ocTN6do3yOPz6d d5YcF69bF3S/w9Dn/AuEOE/kS3GzQbsVdS+C2CqwnIGKC5ZOOMb1YqAVRoEMKRMc l1ibS4pqFQBV+UMUjCB0X9KKCBqzb5kTq36vO7CgN7GCdc42oMga3dTx/yxGYlej fGr8+geQg7zNU8efgTqudx3Ymw9alyfquVFQ1zmKkrAtqlBseUZIIYxMruKQMHKB vIwwk1w/yraNgIo= -----END CERTIFICATE-----Generated at Sat Apr 5 07:18:19 2025 by rpki-client