$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/568554A2493411EF859C1D49C4F9AE02.roa File: 568554A2493411EF859C1D49C4F9AE02.roa (raw, json) Hash identifier: t/ROOpg/IwC6W3DYUfJyZ4y/FXhn7ZuftkL+LfoKWRk= Subject key identifier: 23:87:1F:F1:73:1C:D8:F1:48:9A:B7:2D:97:69:B7:9A:B9:3C:AF:94 Certificate issuer: /CN=A91C9350/serialNumber=CF706D8147D779207D99AF9AD39DD5F2DFE59DE4 Certificate serial: 347F Authority key identifier: CF:70:6D:81:47:D7:79:20:7D:99:AF:9A:D3:9D:D5:F2:DF:E5:9D:E4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3BtgUfXeSB9ma-a053V8t_lneQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/568554A2493411EF859C1D49C4F9AE02.roa Signing time: Thu 27 Mar 2025 10:04:21 +0000 ROA not before: Thu 27 Mar 2025 10:04:20 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 14618 IP address blocks: 103.195.128.0/24 maxlen: 24 103.195.129.0/24 maxlen: 24 103.195.130.0/24 maxlen: 24 103.212.169.0/24 maxlen: 24 103.212.170.0/24 maxlen: 24 160.202.137.0/24 maxlen: 24 160.202.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/z3BtgUfXeSB9ma-a053V8t_lneQ.crl rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/z3BtgUfXeSB9ma-a053V8t_lneQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3BtgUfXeSB9ma-a053V8t_lneQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 14:28:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13439 (0x347f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9350 Validity Not Before: Mar 27 10:04:20 2025 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=67e522a4-b828 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:79:ab:45:6d:7e:49:e6:a8:49:8e:d0:28:85: 2c:85:a9:8f:fe:5c:f6:9b:6c:0c:f8:a6:57:8a:ea: 66:0a:d9:e2:85:c1:25:a5:79:fd:1a:84:8f:bf:36: f8:5a:bc:d6:f3:08:d2:52:19:75:99:2d:86:1b:27: 31:f8:3c:ce:48:5f:56:c8:0e:21:08:0e:ed:1a:ed: 5b:ab:01:76:e1:99:28:76:77:c2:72:f3:24:0a:f9: 81:df:83:7e:ec:df:16:57:c7:3b:a9:5a:de:d5:92: 55:38:22:c3:be:27:67:e2:0a:29:18:17:80:2f:57: 3c:c0:fc:f2:fb:3e:07:34:63:bf:dc:18:9a:cd:4b: 53:ce:65:9b:a1:24:80:e4:19:8d:39:d3:a0:2d:5a: ff:1a:0a:33:de:b2:97:7d:05:d2:e9:2a:7b:37:8b: 40:09:8d:67:85:ab:38:0c:3d:6a:0a:93:0a:bd:00: 4b:bf:3f:3c:8b:ee:85:0c:28:e4:4b:d2:20:5d:66: 5b:3d:43:3b:4a:1c:7d:46:72:07:dd:3a:99:e9:79: 2b:08:24:1c:b2:d9:65:2c:29:15:ef:63:4c:95:77: 67:03:93:6e:be:8d:ea:77:9c:13:cd:ce:a0:0a:14: 90:42:e7:df:4f:96:90:b5:24:09:74:f1:e5:a8:45: 23:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:87:1F:F1:73:1C:D8:F1:48:9A:B7:2D:97:69:B7:9A:B9:3C:AF:94 X509v3 Authority Key Identifier: keyid:CF:70:6D:81:47:D7:79:20:7D:99:AF:9A:D3:9D:D5:F2:DF:E5:9D:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/z3BtgUfXeSB9ma-a053V8t_lneQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3BtgUfXeSB9ma-a053V8t_lneQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9350/3913BCA01D8711E2B42B02DF08B02CD2/568554A2493411EF859C1D49C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.195.128.0-103.195.130.255 103.212.169.0-103.212.170.255 160.202.137.0-160.202.138.255 Signature Algorithm: sha256WithRSAEncryption a2:70:0d:fd:1b:6d:18:12:72:b0:ed:53:c3:cc:03:20:52:3e: 8c:d2:79:de:23:15:f3:28:5c:6c:dd:c8:53:25:e2:8c:3b:37: 79:48:98:ae:17:a9:19:9b:b9:1f:f3:b1:a2:7d:aa:ed:18:ce: da:df:70:dd:ab:14:57:ed:ce:0c:b2:5f:e6:cc:1a:18:0c:71: 75:61:c6:a2:c9:3e:cf:41:02:33:ee:4c:00:5b:d7:27:7b:88: f6:92:49:b1:d9:f9:28:d3:d2:45:e0:f1:3f:92:7e:02:5c:25: ec:05:99:a9:ac:25:df:69:c7:01:8d:3a:9f:58:b7:93:5b:22: 0c:2b:04:f4:20:4f:70:e1:6f:37:0c:58:ed:6c:f1:73:e8:c6: 00:17:2a:cf:05:a8:ee:cf:29:1e:2a:64:af:6c:27:bc:a0:bd: ad:eb:2a:3d:c7:72:9c:72:5f:e7:62:eb:23:e4:4c:89:5f:9d: 54:80:db:88:99:31:10:0c:15:6a:a7:df:4e:7c:c0:93:35:0a: 83:08:b0:48:9d:6e:41:21:c3:50:17:67:f6:4e:f7:7b:04:54: 22:1e:c7:b1:22:60:14:30:a9:b6:b1:d0:e9:74:3a:6c:6e:7d: 48:92:a2:56:b8:a5:5b:ad:df:c1:84:8b:fc:7f:b6:24:97:4a: d7:c1:2f:bd -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICNH8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzkzNTAxMTAvBgNVBAUTKENGNzA2RDgxNDdENzc5MjA3RDk5QUY5QUQzOURENUYy REZFNTlERTQwHhcNMjUwMzI3MTAwNDIwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2U1MjJhNC1iODI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7XmrRW1+SeaoSY7QKIUshamP/lz2m2wM+KZXiupmCtnihcElpXn9GoSPvzb4 WrzW8wjSUhl1mS2GGycx+DzOSF9WyA4hCA7tGu1bqwF24ZkodnfCcvMkCvmB34N+ 7N8WV8c7qVre1ZJVOCLDvidn4gopGBeAL1c8wPzy+z4HNGO/3BiazUtTzmWboSSA 5BmNOdOgLVr/Ggoz3rKXfQXS6Sp7N4tACY1nhas4DD1qCpMKvQBLvz88i+6FDCjk S9IgXWZbPUM7Shx9RnIH3TqZ6XkrCCQcstllLCkV72NMlXdnA5Nuvo3qd5wTzc6g ChSQQuffT5aQtSQJdPHlqEUj5wIDAQABo4ICuTCCArUwHQYDVR0OBBYEFCOHH/Fz HNjxSJq3LZdpt5q5PK+UMB8GA1UdIwQYMBaAFM9wbYFH13kgfZmvmtOd1fLf5Z3k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTM1MC8zOTEzQkNBMDFE ODcxMUUyQjQyQjAyREYwOEIwMkNEMi96M0J0Z1VmWGVTQjltYS1hMDUzVjh0X2xu ZVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ozQnRnVWZYZVNCOW1hLWEwNTNWOHRfbG5lUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzkzNTAvMzkxM0JDQTAxRDg3MTFFMkI0MkIwMkRGMDhCMDJDRDIvNTY4NTU0QTI0 OTM0MTFFRjg1OUMxRDQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMDAEAgABMCowDAMEB2fDgAMEAGfDgjAMAwQAZ9SpAwQAZ9SqMAwDBACgyokD BACgyoowDQYJKoZIhvcNAQELBQADggEBAKJwDf0bbRgScrDtU8PMAyBSPozSed4j FfMoXGzdyFMl4ow7N3lImK4XqRmbuR/zsaJ9qu0YztrfcN2rFFftzgyyX+bMGhgM cXVhxqLJPs9BAjPuTABb1yd7iPaSSbHZ+SjT0kXg8T+SfgJcJewFmamsJd9pxwGN Op9Yt5NbIgwrBPQgT3DhbzcMWO1s8XPoxgAXKs8FqO7PKR4qZK9sJ7ygva3rKj3H cpxyX+di6yPkTIlfnVSA24iZMRAMFWqn3058wJM1CoMIsEidbkEhw1AXZ/ZO93sE VCIex7EiYBQwqbax0Ol0OmxufUiSola4pVut38GEi/x/tiSXStfBL70= -----END CERTIFICATE-----Generated at Fri Apr 4 23:58:32 2025 by rpki-client