$ rpki-client -vvf rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/BFFF6C4A07D911EDA41A0B25C4F9AE02.roa File: BFFF6C4A07D911EDA41A0B25C4F9AE02.roa (raw, json) Hash identifier: dwJddnm1ntnsj4XMzYCHtwqdcwWHva5rTpsA08hxqqs= Subject key identifier: 9C:A7:44:C2:99:D9:5F:46:1C:20:DB:24:80:69:8B:08:B7:3D:BA:4B Certificate issuer: /CN=A9145D25/serialNumber=C2F28E9D188439C4FE69F63A4CAA6DA42496291D Certificate serial: 049F Authority key identifier: C2:F2:8E:9D:18:84:39:C4:FE:69:F6:3A:4C:AA:6D:A4:24:96:29:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/BFFF6C4A07D911EDA41A0B25C4F9AE02.roa Signing time: Tue 03 Sep 2024 01:15:46 +0000 ROA not before: Tue 03 Sep 2024 01:15:46 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 135074 IP address blocks: 103.204.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.crl rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1183 (0x49f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145D25 Validity Not Before: Sep 3 01:15:46 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66d66342-5590 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:27:13:90:84:3c:c9:92:88:e2:e6:81:7d:10: 83:b4:f2:ae:5e:63:01:c1:b6:1c:9e:d2:a7:3d:a1: 33:5e:19:5e:95:80:ba:56:02:44:0a:b0:f0:11:e6: 6d:27:68:5d:da:20:a4:1e:ec:8e:9b:b4:b0:0b:78: ee:cf:03:b1:4f:db:b0:42:ca:75:71:9a:b1:62:7c: b3:13:0a:ea:76:99:91:4b:4f:fd:ba:3c:c7:5f:b5: 9c:63:75:5e:66:ac:72:b6:74:5c:68:67:e8:01:7c: ed:d5:6b:1a:e0:0b:87:83:d3:cd:bd:2e:b8:b2:5b: 4b:f6:8f:71:36:e0:05:b9:9f:60:0d:0c:20:9a:ba: c5:f1:56:2b:fc:16:95:59:51:e4:1c:ce:36:24:58: 70:f1:3a:83:4f:a4:60:18:7e:17:14:da:3a:c9:80: a1:49:b0:c5:09:22:b4:47:12:d8:66:41:c5:b4:8d: ae:e5:88:5f:18:6c:49:6f:32:95:6c:db:aa:86:b9: 59:0c:f8:00:1f:86:e5:37:fc:bc:75:b3:07:46:b6: f1:b4:f1:db:d7:81:1e:3b:5d:49:fb:78:f4:71:b9: ff:dc:a6:fb:fd:a6:3d:92:82:f4:5c:f5:a9:a4:7c: 5c:45:0b:23:73:72:b3:41:3d:57:71:98:21:5d:49: 53:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:A7:44:C2:99:D9:5F:46:1C:20:DB:24:80:69:8B:08:B7:3D:BA:4B X509v3 Authority Key Identifier: keyid:C2:F2:8E:9D:18:84:39:C4:FE:69:F6:3A:4C:AA:6D:A4:24:96:29:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/BFFF6C4A07D911EDA41A0B25C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.204.13.0/24 Signature Algorithm: sha256WithRSAEncryption 25:b6:3a:c3:c3:4b:32:44:75:7e:bf:c2:0c:78:49:5a:47:e7: e3:50:7e:7c:c6:cc:95:3b:bf:62:6f:db:79:c6:60:32:9c:2f: 18:d8:f0:a9:6e:fa:da:6d:f4:86:ff:10:36:62:08:ee:9d:e4: e1:ae:56:cc:f7:33:0f:fe:b2:fd:78:8d:5c:da:f0:84:28:e1: 65:3d:27:f3:c6:e0:76:72:0b:1a:86:b9:38:7a:cd:14:04:ec: 98:29:0f:92:06:ff:64:a2:37:47:5a:b2:2e:68:20:29:52:f4: 20:06:90:4f:67:30:7c:7d:b4:a2:67:57:13:11:00:85:82:67: 10:7d:93:39:7f:b9:f6:cc:dd:06:f1:f1:f6:f4:86:75:09:ed: 92:8a:dc:c5:4e:3d:bf:03:a7:68:1d:18:a3:63:ca:5e:07:5f: dc:61:a9:e0:5b:b4:84:cd:6b:58:e8:93:fe:b0:46:c8:40:b2: 7d:e2:1b:26:bf:4e:ee:bf:10:92:a4:83:e4:51:4a:a2:29:77: 33:13:96:c7:42:36:7c:07:03:12:b0:28:14:ae:50:7b:99:79: b3:a2:dd:44:ea:b1:44:ab:56:35:02:a9:d3:26:c6:21:ac:9a: 8e:ce:5a:d7:cf:8a:ad:22:88:ef:79:17:79:53:2c:d9:fe:a1: 13:d9:bb:dc -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDVEMjUxMTAvBgNVBAUTKEMyRjI4RTlEMTg4NDM5QzRGRTY5RjYzQTRDQUE2REE0 MjQ5NjI5MUQwHhcNMjQwOTAzMDExNTQ2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ2NjM0Mi01NTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3ycTkIQ8yZKI4uaBfRCDtPKuXmMBwbYcntKnPaEzXhlelYC6VgJECrDwEeZt J2hd2iCkHuyOm7SwC3juzwOxT9uwQsp1cZqxYnyzEwrqdpmRS0/9ujzHX7WcY3Ve ZqxytnRcaGfoAXzt1Wsa4AuHg9PNvS64sltL9o9xNuAFuZ9gDQwgmrrF8VYr/BaV WVHkHM42JFhw8TqDT6RgGH4XFNo6yYChSbDFCSK0RxLYZkHFtI2u5YhfGGxJbzKV bNuqhrlZDPgAH4blN/y8dbMHRrbxtPHb14EeO11J+3j0cbn/3Kb7/aY9koL0XPWp pHxcRQsjc3KzQT1XcZghXUlTQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJynRMKZ 2V9GHCDbJIBpiwi3PbpLMB8GA1UdIwQYMBaAFMLyjp0YhDnE/mn2OkyqbaQklikd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NUQyNS82N0YyQjBEODBC RDIxMUVDQkFBNDgwNkFDNEY5QUUwMi93dktPblJpRU9jVC1hZlk2VEtwdHBDU1dL UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3d2S09uUmlFT2NULWFmWTZUS3B0cENTV0tSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDVEMjUvNjdGMkIwRDgwQkQyMTFFQ0JBQTQ4MDZBQzRGOUFFMDIvQkZGRjZDNEEw N0Q5MTFFREE0MUEwQjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBABnzA0wDQYJKoZIhvcNAQELBQADggEBACW2OsPDSzJEdX6/ wgx4SVpH5+NQfnzGzJU7v2Jv23nGYDKcLxjY8Klu+tpt9Ib/EDZiCO6d5OGuVsz3 Mw/+sv14jVza8IQo4WU9J/PG4HZyCxqGuTh6zRQE7JgpD5IG/2SiN0dasi5oIClS 9CAGkE9nMHx9tKJnVxMRAIWCZxB9kzl/ufbM3Qbx8fb0hnUJ7ZKK3MVOPb8Dp2gd GKNjyl4HX9xhqeBbtITNa1jok/6wRshAsn3iGya/Tu6/EJKkg+RRSqIpdzMTlsdC NnwHAxKwKBSuUHuZebOi3UTqsUSrVjUCqdMmxiGsmo7OWtfPiq0iiO95F3lTLNn+ oRPZu9w= -----END CERTIFICATE-----Generated at Sun Feb 16 22:17:08 2025 by rpki-client