$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4D1F/B3342916FFC511E9A96CD070C4F9AE02/5AF669B4FFC811E9B70CA176C4F9AE02.roa File: 5AF669B4FFC811E9B70CA176C4F9AE02.roa (raw, json) Hash identifier: yPNuIBhOcR1Mr6lLidK3MeZlRO1wbqE9iAxDy/a++Gk= Subject key identifier: D9:17:89:F7:48:51:2A:7B:64:9C:9E:BC:5A:A6:71:86:05:43:48:9D Certificate issuer: /CN=A91B4D1F/serialNumber=24F8CA0BE08E1C61EC8F7B7A8A9C5CC53DD14534 Certificate serial: 0C5E Authority key identifier: 24:F8:CA:0B:E0:8E:1C:61:EC:8F:7B:7A:8A:9C:5C:C5:3D:D1:45:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JPjKC-COHGHsj3t6ipxcxT3RRTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4D1F/B3342916FFC511E9A96CD070C4F9AE02/5AF669B4FFC811E9B70CA176C4F9AE02.roa Signing time: Mon 12 May 2025 18:42:46 +0000 ROA not before: Mon 12 May 2025 18:42:46 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 136514 IP address blocks: 103.91.128.0/22 maxlen: 24 123.253.36.0/22 maxlen: 24 2401:6c0::/32 maxlen: 32 2401:6c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4D1F/B3342916FFC511E9A96CD070C4F9AE02/JPjKC-COHGHsj3t6ipxcxT3RRTQ.crl rsync://rpki.apnic.net/member_repository/A91B4D1F/B3342916FFC511E9A96CD070C4F9AE02/JPjKC-COHGHsj3t6ipxcxT3RRTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JPjKC-COHGHsj3t6ipxcxT3RRTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 18:16:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3166 (0xc5e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4D1F, serialNumber=24F8CA0BE08E1C61EC8F7B7A8A9C5CC53DD14534 Validity Not Before: May 12 18:42:46 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68224126-097a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ef:d6:1a:09:c0:e2:e5:ec:70:74:b5:b0:2b: 79:c5:07:49:92:5f:60:99:f8:c7:15:88:db:bc:c6: bd:a7:dc:d0:27:c5:55:d3:c1:25:5e:66:97:1b:8b: 5d:8d:a4:0b:eb:6d:69:03:19:96:ac:02:4e:72:3b: 8a:de:78:e6:e4:41:2f:5e:c4:f5:da:b8:e0:81:b8: 4b:37:34:89:f0:1e:48:7e:aa:b7:8d:c4:4c:a6:33: 2d:73:00:fc:4f:80:d6:f7:f4:37:e4:68:0d:47:fa: b2:64:2e:cc:f3:11:cc:33:0f:2b:35:1f:1b:8c:1d: 66:5e:1c:b9:1c:4a:b9:bb:b2:ba:d4:a4:94:2d:e8: e7:d1:b4:16:3f:53:73:de:80:f1:ea:a1:ec:9a:9d: 88:01:21:f0:db:fd:1b:26:67:23:4a:ee:5f:6e:7d: 1f:ab:3a:81:79:9e:f0:bc:fa:37:ee:b9:07:8e:f3: e7:16:d3:b2:85:fb:b7:cc:bd:5f:32:f8:0f:44:62: 1d:6f:cb:e3:7e:4d:4e:92:1d:af:2f:fb:68:d1:12: cb:38:b4:2d:9d:27:5a:b2:65:fa:a2:5c:c2:bc:06: b8:94:31:a4:9f:6a:d8:55:26:3a:d1:d2:ef:3c:b2: 24:f6:34:30:7f:b0:b0:9b:71:99:b4:ba:28:70:14: 58:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:17:89:F7:48:51:2A:7B:64:9C:9E:BC:5A:A6:71:86:05:43:48:9D X509v3 Authority Key Identifier: keyid:24:F8:CA:0B:E0:8E:1C:61:EC:8F:7B:7A:8A:9C:5C:C5:3D:D1:45:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4D1F/B3342916FFC511E9A96CD070C4F9AE02/JPjKC-COHGHsj3t6ipxcxT3RRTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JPjKC-COHGHsj3t6ipxcxT3RRTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4D1F/B3342916FFC511E9A96CD070C4F9AE02/5AF669B4FFC811E9B70CA176C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.91.128.0/22 123.253.36.0/22 IPv6: 2401:6c0::/32 Signature Algorithm: sha256WithRSAEncryption 7b:ff:8a:57:84:42:67:1c:0e:cc:ce:8a:1a:d0:dc:4c:ef:cd: f7:37:99:22:3a:a0:8f:01:8e:f2:ad:ea:99:55:2d:0e:37:b2: 87:b1:57:fe:be:9a:b7:f7:e2:9c:51:ad:0a:be:07:a0:88:70: c0:12:ed:1e:d1:1b:46:11:bf:ac:e4:3d:96:3d:31:c6:33:a8: 99:83:c1:db:ab:fa:99:53:64:c6:f3:f4:df:df:f8:d1:5e:d3: 4a:c5:0c:c4:30:84:7f:32:4f:a3:d4:08:0b:3d:ee:fd:63:12: cf:4b:4d:f8:ba:71:61:c2:b7:bb:66:d2:8b:68:ba:98:03:d4: ff:8d:12:a1:dd:66:95:6a:a4:74:c1:5b:96:23:9e:d6:a1:cc: 5d:f5:db:3b:7d:33:90:84:7b:9c:77:35:68:c9:15:da:f6:e7: 54:e5:6b:3c:d6:55:c8:8c:9c:d4:84:38:f4:e1:02:fb:64:1e: 5a:85:fb:05:1d:66:b8:c2:b1:2d:c7:75:63:49:41:f3:2f:6b: e8:ef:0e:18:cd:f4:a7:ff:70:49:63:07:86:60:c9:4b:a0:41: 4d:fc:9d:e5:c9:c4:ea:cf:62:76:34:7c:bd:5e:63:24:f3:28: b7:51:c3:8e:58:c5:fc:c2:2d:23:65:5a:04:ca:e5:e1:ce:41: 0b:e2:67:d1 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDF4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjREMUYxMTAvBgNVBAUTKDI0RjhDQTBCRTA4RTFDNjFFQzhGN0I3QThBOUM1Q0M1 M0REMTQ1MzQwHhcNMjUwNTEyMTg0MjQ2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODIyNDEyNi0wOTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAue/WGgnA4uXscHS1sCt5xQdJkl9gmfjHFYjbvMa9p9zQJ8VV08ElXmaXG4td jaQL621pAxmWrAJOcjuK3njm5EEvXsT12rjggbhLNzSJ8B5Ifqq3jcRMpjMtcwD8 T4DW9/Q35GgNR/qyZC7M8xHMMw8rNR8bjB1mXhy5HEq5u7K61KSULejn0bQWP1Nz 3oDx6qHsmp2IASHw2/0bJmcjSu5fbn0fqzqBeZ7wvPo37rkHjvPnFtOyhfu3zL1f MvgPRGIdb8vjfk1Okh2vL/to0RLLOLQtnSdasmX6olzCvAa4lDGkn2rYVSY60dLv PLIk9jQwf7Cwm3GZtLoocBRYfwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNkXifdI USp7ZJyevFqmcYYFQ0idMB8GA1UdIwQYMBaAFCT4ygvgjhxh7I97eoqcXMU90UU0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNEQxRi9CMzM0MjkxNkZG QzUxMUU5QTk2Q0QwNzBDNEY5QUUwMi9KUGpLQy1DT0hHSHNqM3Q2aXB4Y3hUM1JS VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pQaktDLUNPSEdIc2ozdDZpcHhjeFQzUlJUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjREMUYvQjMzNDI5MTZGRkM1MTFFOUE5NkNEMDcwQzRGOUFFMDIvNUFGNjY5QjRG RkM4MTFFOUI3MENBMTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnW4ADBAJ7/SQwDQQCAAIwBwMFACQBBsAwDQYJKoZIhvcN AQELBQADggEBAHv/ileEQmccDszOihrQ3Ezvzfc3mSI6oI8BjvKt6plVLQ43soex V/6+mrf34pxRrQq+B6CIcMAS7R7RG0YRv6zkPZY9McYzqJmDwdur+plTZMbz9N/f +NFe00rFDMQwhH8yT6PUCAs97v1jEs9LTfi6cWHCt7tm0otoupgD1P+NEqHdZpVq pHTBW5YjntahzF312zt9M5CEe5x3NWjJFdr251TlazzWVciMnNSEOPThAvtkHlqF +wUdZrjCsS3HdWNJQfMva+jvDhjN9Kf/cEljB4ZgyUugQU38neXJxOrPYnY0fL1e YyTzKLdRw45YxfzCLSNlWgTK5eHOQQviZ9E= -----END CERTIFICATE-----Generated at Thu Jun 5 19:14:05 2025 by rpki-client