$ rpki-client -vvf rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/096A1DB6D2BA11ED8E06CC13C4F9AE02.roa File: 096A1DB6D2BA11ED8E06CC13C4F9AE02.roa (raw, json) Hash identifier: BWLI/lFMOk0gs1uM9uMc8V3aTl6ezInYU2HutDGOR1Y= Subject key identifier: A8:9C:11:F9:34:A1:91:61:05:A5:7D:1A:79:0D:72:58:C7:5C:45:F4 Certificate issuer: /CN=A9160D0A/serialNumber=AC6385ED563E1FD6A66B3E4B510DCC6930CD4B0C Certificate serial: 016E Authority key identifier: AC:63:85:ED:56:3E:1F:D6:A6:6B:3E:4B:51:0D:CC:69:30:CD:4B:0C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGOF7VY-H9amaz5LUQ3MaTDNSww.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/096A1DB6D2BA11ED8E06CC13C4F9AE02.roa Signing time: Tue 31 Dec 2024 02:56:40 +0000 ROA not before: Tue 31 Dec 2024 02:56:40 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 4755 IP address blocks: 103.120.104.0/24 maxlen: 24 103.120.105.0/24 maxlen: 24 103.120.106.0/24 maxlen: 24 103.120.107.0/24 maxlen: 24 175.100.160.0/24 maxlen: 24 175.100.161.0/24 maxlen: 24 175.100.162.0/24 maxlen: 24 175.100.163.0/24 maxlen: 24 2405:a100:10::/44 maxlen: 44 2405:a100:20::/44 maxlen: 44 2405:a100:30::/44 maxlen: 44 2405:a100:40::/44 maxlen: 44 2405:a100:50::/44 maxlen: 44 2405:a100:60::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/rGOF7VY-H9amaz5LUQ3MaTDNSww.crl rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/rGOF7VY-H9amaz5LUQ3MaTDNSww.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGOF7VY-H9amaz5LUQ3MaTDNSww.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Mar 2025 02:40:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 366 (0x16e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9160D0A Validity Not Before: Dec 31 02:56:40 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67735d68-9892 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:24:d8:bf:c6:14:e8:e3:e8:c9:32:78:85:d4: fe:ee:ea:0f:e4:a7:aa:c8:10:ab:38:86:3d:0b:e8: c8:e9:ad:ab:51:5b:6d:31:26:a3:45:2c:a0:c2:b3: dd:0d:f0:c8:3f:5b:d3:fb:b5:ec:9d:37:2d:8b:0a: dc:27:d9:a0:52:81:06:c9:0f:b5:d6:14:74:6f:ab: 30:d3:ef:5d:0d:d7:16:03:1a:1f:32:7c:af:ac:f7: f9:e2:da:ff:1d:86:a1:7c:91:fa:94:21:76:e2:5b: eb:5b:42:37:b9:69:e3:4c:be:b1:f9:be:3a:97:9f: fa:d9:69:27:3e:68:76:46:4a:ca:b6:23:ba:65:a2: 24:1d:c3:06:d7:98:cd:e1:23:61:e4:ca:43:f7:eb: 03:91:4a:1d:2c:5c:14:08:1a:02:7d:a4:04:c3:81: da:e5:7a:0d:bc:f3:18:59:a6:78:1d:c1:8d:76:2a: dc:67:be:ed:87:e8:4e:27:01:6f:63:b3:8d:7e:84: 0a:4d:29:ff:50:31:5b:87:f9:28:a4:29:39:fd:8d: f3:9a:b4:1d:c5:41:0b:76:7f:c8:e9:7f:25:a4:a9: 9b:ca:15:0c:5d:c4:15:c1:b3:f2:d7:08:31:8e:6f: de:1b:3c:fd:4a:96:67:07:3f:50:6d:63:d4:95:fe: cb:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:9C:11:F9:34:A1:91:61:05:A5:7D:1A:79:0D:72:58:C7:5C:45:F4 X509v3 Authority Key Identifier: keyid:AC:63:85:ED:56:3E:1F:D6:A6:6B:3E:4B:51:0D:CC:69:30:CD:4B:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/rGOF7VY-H9amaz5LUQ3MaTDNSww.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGOF7VY-H9amaz5LUQ3MaTDNSww.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9160D0A/564A135ED22211ED9A206C46C4F9AE02/096A1DB6D2BA11ED8E06CC13C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.120.104.0/22 175.100.160.0/22 IPv6: 2405:a100:10::-2405:a100:6f:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 9b:81:81:2a:4e:d5:59:e8:16:ca:2a:82:73:e7:00:76:f7:9c: 42:f7:ea:c4:2d:7c:e8:12:da:7e:da:35:92:f4:e4:d8:5b:59: 78:25:43:e5:28:82:14:f4:44:d3:52:1d:fe:54:01:e9:08:51: ae:9d:36:73:b9:1a:ed:4c:45:16:8b:52:99:5c:a5:60:99:fb: 34:90:90:12:2b:83:11:48:fb:7a:39:74:6c:6a:87:52:85:83: 2b:05:06:66:53:79:49:b1:19:11:bf:1a:a4:37:ec:27:a3:a8: 99:89:2b:80:37:35:e8:82:30:e1:34:93:0d:08:e4:f3:bf:bf: 01:94:1a:64:2f:f4:49:8f:8b:c3:3e:6a:d2:41:f8:95:5f:ef: 06:ab:40:22:be:a3:37:1a:e5:e5:d3:09:56:c0:1c:17:73:2f: 02:c7:ef:b9:da:d0:bc:5f:09:4c:ad:35:68:71:6f:e9:8c:3e: e2:a3:f8:7a:59:3a:b8:a1:db:75:10:57:99:59:a9:3c:11:3f: 1e:67:d5:6f:fb:1c:00:d9:ba:0c:0b:ba:22:e2:22:0d:63:58: 02:26:87:2d:1d:18:b8:ee:1d:3a:bb:4e:c1:34:0b:53:70:e4: 3e:66:b3:bc:ad:58:e9:d0:d5:bd:b7:ab:2e:06:91:2e:96:eb: 6b:a3:d5:ca -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICAW4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjBEMEExMTAvBgNVBAUTKEFDNjM4NUVENTYzRTFGRDZBNjZCM0U0QjUxMERDQzY5 MzBDRDRCMEMwHhcNMjQxMjMxMDI1NjQwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzczNWQ2OC05ODkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAryTYv8YU6OPoyTJ4hdT+7uoP5KeqyBCrOIY9C+jI6a2rUVttMSajRSygwrPd DfDIP1vT+7XsnTctiwrcJ9mgUoEGyQ+11hR0b6sw0+9dDdcWAxofMnyvrPf54tr/ HYahfJH6lCF24lvrW0I3uWnjTL6x+b46l5/62WknPmh2RkrKtiO6ZaIkHcMG15jN 4SNh5MpD9+sDkUodLFwUCBoCfaQEw4Ha5XoNvPMYWaZ4HcGNdircZ77th+hOJwFv Y7ONfoQKTSn/UDFbh/kopCk5/Y3zmrQdxUELdn/I6X8lpKmbyhUMXcQVwbPy1wgx jm/eGzz9SpZnBz9QbWPUlf7LpQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFKicEfk0 oZFhBaV9GnkNcljHXEX0MB8GA1UdIwQYMBaAFKxjhe1WPh/Wpms+S1ENzGkwzUsM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MEQwQS81NjRBMTM1RUQy MjIxMUVEOUEyMDZDNDZDNEY5QUUwMi9yR09GN1ZZLUg5YW1hejVMVVEzTWFURE5T d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JHT0Y3VlktSDlhbWF6NUxVUTNNYVRETlN3dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjBEMEEvNTY0QTEzNUVEMjIyMTFFRDlBMjA2QzQ2QzRGOUFFMDIvMDk2QTFEQjZE MkJBMTFFRDhFMDZDQzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMBIEAgABMAwDBAJneGgDBAKvZKAwGgQCAAIwFDASAwcEJAWhAAAQAwcEJAWh AABgMA0GCSqGSIb3DQEBCwUAA4IBAQCbgYEqTtVZ6BbKKoJz5wB295xC9+rELXzo Etp+2jWS9OTYW1l4JUPlKIIU9ETTUh3+VAHpCFGunTZzuRrtTEUWi1KZXKVgmfs0 kJASK4MRSPt6OXRsaodShYMrBQZmU3lJsRkRvxqkN+wno6iZiSuANzXogjDhNJMN COTzv78BlBpkL/RJj4vDPmrSQfiVX+8Gq0AivqM3GuXl0wlWwBwXcy8Cx++52tC8 XwlMrTVocW/pjD7io/h6WTq4odt1EFeZWak8ET8eZ9Vv+xwA2boMC7oi4iINY1gC JoctHRi47h06u07BNAtTcOQ+ZrO8rVjp0NW9t6suBpEulutro9XK -----END CERTIFICATE-----Generated at Thu Mar 13 21:52:32 2025 by rpki-client