$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/35831FCE937011EA8A795583C4F9AE02.roa File: 35831FCE937011EA8A795583C4F9AE02.roa (raw, json) Hash identifier: N79J5/addSjvuTRJUjHpGEDoonJ5OZtfdl2v8Aonsr8= Subject key identifier: 63:33:8E:FE:BB:80:AC:2D:60:58:76:B0:0E:BF:14:12:DB:ED:B3:0A Certificate issuer: /CN=A91ACFEB/serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Certificate serial: 0939 Authority key identifier: 53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/35831FCE937011EA8A795583C4F9AE02.roa Signing time: Fri 24 Jan 2025 20:10:07 +0000 ROA not before: Fri 24 Jan 2025 20:10:07 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 32242 IP address blocks: 103.6.4.0/24 maxlen: 24 103.6.5.0/24 maxlen: 24 103.6.6.0/24 maxlen: 24 103.6.7.0/24 maxlen: 24 113.20.20.0/24 maxlen: 24 113.20.21.0/24 maxlen: 24 113.20.22.0/24 maxlen: 24 113.20.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 19:58:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2361 (0x939) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACFEB Validity Not Before: Jan 24 20:10:07 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6793f39e-6f87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:b1:a4:d1:ad:f2:8e:b2:38:c5:44:29:a5:a0: d0:6d:9f:9c:37:6c:ac:31:e8:85:b7:ef:d5:ef:68: ec:29:53:4e:52:b4:74:6d:7d:6c:e6:b0:b2:d1:fc: 48:8a:db:6a:03:8e:4c:f8:05:23:d8:21:aa:2d:ca: a1:9c:bc:03:84:7a:e7:79:db:8e:a1:02:21:7e:89: a2:bc:2d:28:e8:58:b6:fa:73:e2:2f:0b:53:db:90: ac:50:6f:f9:f2:3a:51:09:25:9b:84:8a:0e:07:ee: 9a:8a:02:01:bd:d4:31:9a:27:6c:8d:7e:00:9d:d0: 0b:74:58:9c:b9:7b:25:36:aa:ae:4b:ca:7d:1e:68: 42:2d:2b:6b:17:2e:27:5a:93:ee:be:12:1f:92:93: 26:07:ee:b1:9b:aa:b3:fb:8c:ef:1c:d7:0c:37:37: 42:3e:79:cd:43:55:2d:6e:f6:26:fb:bd:46:4e:55: 6a:37:25:97:94:d2:a9:dc:a0:c1:2d:68:3b:91:f9: ad:fc:96:43:32:80:f9:22:2b:27:3e:eb:42:c6:ab: 20:34:4b:3a:4b:d1:b4:ea:65:b0:c6:b0:24:e9:75: 44:bf:da:b2:4c:a9:77:a1:3d:b3:ba:93:76:ea:a9: f1:b1:4c:7e:c8:9c:5c:b3:2f:f5:24:46:7a:ef:74: 18:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:33:8E:FE:BB:80:AC:2D:60:58:76:B0:0E:BF:14:12:DB:ED:B3:0A X509v3 Authority Key Identifier: keyid:53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/35831FCE937011EA8A795583C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.6.4.0/22 113.20.20.0/22 Signature Algorithm: sha256WithRSAEncryption 58:5d:ce:b4:64:34:8c:86:16:15:11:53:c8:0e:d0:32:3a:2a: 4e:2d:81:15:95:69:fc:36:e0:51:1c:b2:c3:33:be:fe:9e:d1: 70:fa:da:02:92:a3:74:05:04:7a:a7:55:cc:64:97:3a:55:a0: 59:18:43:e4:82:7e:40:34:3c:66:97:6a:6b:06:d8:e5:8c:e5: be:1a:27:1f:1f:47:75:1d:a9:81:65:73:20:98:43:ae:30:fb: f6:99:c6:d7:cc:5b:22:1f:d7:cc:08:af:de:38:5c:1e:d7:bc: 65:bf:64:54:99:5e:de:fd:d0:bd:2b:2d:97:7a:f8:04:36:51: fa:34:56:ee:77:41:2a:79:05:99:4e:fb:58:8e:9f:f9:72:5c: 31:59:2a:6a:1b:0a:0d:44:05:99:95:7b:a1:9f:aa:60:35:4a: e1:73:b4:00:cb:81:22:26:66:de:b2:6c:36:a7:d4:4b:58:c9: 0d:58:17:ec:4f:2b:3c:12:4d:1c:b0:65:b8:8a:c7:b6:0a:32: 45:28:9e:da:11:44:fe:80:13:43:4c:c3:65:c6:7d:92:06:7d: 36:67:88:f3:ef:4e:63:fd:d9:fe:5c:0d:f8:0b:66:d9:1e:87: 72:f9:c4:4a:22:9a:5b:1e:4f:e1:66:09:38:a1:21:da:81:22: d3:7c:5f:6a -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNGRUIxMTAvBgNVBAUTKDUzODVFMTNBMUI1ODQ1RkI0NENFRUI2QkVEOERFQjRF ODlBRjM4MjkwHhcNMjUwMTI0MjAxMDA3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzkzZjM5ZS02Zjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArbGk0a3yjrI4xUQppaDQbZ+cN2ysMeiFt+/V72jsKVNOUrR0bX1s5rCy0fxI ittqA45M+AUj2CGqLcqhnLwDhHrneduOoQIhfomivC0o6Fi2+nPiLwtT25CsUG/5 8jpRCSWbhIoOB+6aigIBvdQxmidsjX4AndALdFicuXslNqquS8p9HmhCLStrFy4n WpPuvhIfkpMmB+6xm6qz+4zvHNcMNzdCPnnNQ1UtbvYm+71GTlVqNyWXlNKp3KDB LWg7kfmt/JZDMoD5IisnPutCxqsgNEs6S9G06mWwxrAk6XVEv9qyTKl3oT2zupN2 6qnxsUx+yJxcsy/1JEZ673QY5wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGMzjv67 gKwtYFh2sA6/FBLb7bMKMB8GA1UdIwQYMBaAFFOF4TobWEX7RM7ra+2N606Jrzgp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0ZFQi9DQjJDMzNFNjkz NkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJmdEV6dXRyN1kzclRvbXZP Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0WGhPaHRZUmZ0RXp1dHI3WTNyVG9tdk9Day5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUNGRUIvQ0IyQzMzRTY5MzZFMTFFQUE1RTU2QjdFQzRGOUFFMDIvMzU4MzFGQ0U5 MzcwMTFFQThBNzk1NTgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnBgQDBAJxFBQwDQYJKoZIhvcNAQELBQADggEBAFhdzrRk NIyGFhURU8gO0DI6Kk4tgRWVafw24FEcssMzvv6e0XD62gKSo3QFBHqnVcxklzpV oFkYQ+SCfkA0PGaXamsG2OWM5b4aJx8fR3UdqYFlcyCYQ64w+/aZxtfMWyIf18wI r944XB7XvGW/ZFSZXt790L0rLZd6+AQ2Ufo0Vu53QSp5BZlO+1iOn/lyXDFZKmob Cg1EBZmVe6GfqmA1SuFztADLgSImZt6ybDan1EtYyQ1YF+xPKzwSTRywZbiKx7YK MkUontoRRP6AE0NMw2XGfZIGfTZniPPvTmP92f5cDfgLZtkeh3L5xEoimlseT+Fm CTihIdqBItN8X2o= -----END CERTIFICATE-----Generated at Mon Apr 7 11:09:48 2025 by rpki-client