$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/2D81FF3680BB11EC8FD7663DC4F9AE02.roa File: 2D81FF3680BB11EC8FD7663DC4F9AE02.roa (raw, json) Hash identifier: 03QgKXxeVhyZFOfohBjqcW0vK1f3sUZMJYpV9kpUL1Y= Subject key identifier: 47:3A:42:25:CE:0F:97:3C:A4:12:2F:6F:62:31:1B:FC:50:29:58:8F Certificate issuer: /CN=A91CE4A1/serialNumber=15473EFB3C5AE8A0C47647B7E0FDE5886B6B1FA3 Certificate serial: 03AA Authority key identifier: 15:47:3E:FB:3C:5A:E8:A0:C4:76:47:B7:E0:FD:E5:88:6B:6B:1F:A3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUc--zxa6KDEdke34P3liGtrH6M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/2D81FF3680BB11EC8FD7663DC4F9AE02.roa Signing time: Thu 26 Dec 2024 11:47:00 +0000 ROA not before: Thu 26 Dec 2024 11:47:00 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 139029 IP address blocks: 103.138.172.0/23 maxlen: 23 103.138.172.0/24 maxlen: 24 103.138.173.0/24 maxlen: 24 2406:6fc0::/32 maxlen: 32 2406:6fc0::/48 maxlen: 48 2406:6fc0:1::/48 maxlen: 48 2406:6fc0:2::/48 maxlen: 48 2406:6fc0:3::/48 maxlen: 48 2406:6fc0:4::/48 maxlen: 48 2406:6fc0:5::/48 maxlen: 48 2406:6fc0:6::/48 maxlen: 48 2406:6fc0:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/FUc--zxa6KDEdke34P3liGtrH6M.crl rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/FUc--zxa6KDEdke34P3liGtrH6M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUc--zxa6KDEdke34P3liGtrH6M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Mar 2025 00:16:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 938 (0x3aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE4A1 Validity Not Before: Dec 26 11:47:00 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=676d4234-235c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:52:f1:82:fc:5b:14:69:33:f1:f1:62:e0:e5: a1:6e:9e:9a:df:a3:71:1c:37:4c:d0:c7:f3:50:1f: 00:cb:d3:32:7e:33:0f:78:88:91:24:86:58:e6:dc: 4e:8b:00:d4:91:3e:31:d0:ae:51:4b:1c:de:4d:c8: 6e:21:bc:ec:43:ae:01:92:7c:4d:7d:ed:f4:9b:30: e3:62:a2:fa:c6:fd:0f:e3:fb:5a:83:33:d8:6a:a5: 63:c6:9e:11:bd:be:dd:c8:7b:1f:75:29:15:d8:76: 06:61:31:27:b4:20:95:6b:3a:b7:d6:52:01:55:c5: e2:3f:d2:21:ad:ad:d7:b1:83:e9:8d:df:02:76:9f: b7:de:6a:80:a0:61:7b:4d:09:36:34:4d:d8:4d:42: 96:28:d5:fd:28:64:00:23:27:33:5f:a3:1a:4a:94: d7:1c:7a:6c:ff:1a:a6:88:66:81:23:9b:e5:1f:1b: 0e:2d:fb:80:3a:cd:c0:97:01:40:4e:ca:26:dc:89: f0:1d:c8:06:3e:ef:5a:7a:4f:b6:80:83:c8:ba:22: 57:75:31:ac:08:95:0d:f3:06:04:da:9b:f7:f9:c7: be:2c:1c:5c:8b:37:cc:6f:ca:7a:3e:b1:42:36:8a: e5:44:fd:e6:b6:58:31:b5:e1:3d:5c:90:14:5b:a6: ec:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:3A:42:25:CE:0F:97:3C:A4:12:2F:6F:62:31:1B:FC:50:29:58:8F X509v3 Authority Key Identifier: keyid:15:47:3E:FB:3C:5A:E8:A0:C4:76:47:B7:E0:FD:E5:88:6B:6B:1F:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/FUc--zxa6KDEdke34P3liGtrH6M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FUc--zxa6KDEdke34P3liGtrH6M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE4A1/85FA0CE880B711EC9FEB2C67C4F9AE02/2D81FF3680BB11EC8FD7663DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.172.0/23 IPv6: 2406:6fc0::/32 Signature Algorithm: sha256WithRSAEncryption 5c:4f:2d:82:f0:58:4f:a4:d6:6f:c8:66:90:21:91:e7:9d:2f: 92:1e:9a:78:f5:0b:2f:68:c9:68:d2:c4:f3:15:8b:68:d2:d6: b5:ac:29:f3:76:7e:72:39:ab:83:eb:54:d8:87:9e:a4:3d:e5: 8a:56:44:1b:1e:f3:54:0e:73:ec:4b:c8:99:52:a1:61:d1:a1: 99:93:ed:43:34:6e:a5:4b:3c:70:4c:ce:97:e7:b5:cd:91:6e: 79:a7:1b:07:e9:ab:41:9d:ad:6c:0c:86:fe:99:ba:b7:6e:f2: 6e:c3:8f:a5:bf:fd:c3:35:ff:33:23:84:c9:13:7e:e5:cc:9e: eb:af:e5:02:e7:db:9c:07:40:a1:4f:42:97:59:b1:c8:10:93: 49:13:f2:0b:aa:e9:67:73:cf:a2:17:27:86:96:d5:72:4a:de: 3a:88:e2:ac:d2:8c:43:b5:78:10:19:dc:25:b6:5b:d2:41:01: c6:d2:c3:33:74:33:35:aa:97:95:aa:2e:17:22:83:e5:47:3b: 61:2c:41:35:af:5b:ff:02:96:40:38:41:c0:e2:c8:5a:70:91: 37:b4:9e:db:b4:ed:e2:ca:bd:92:20:71:40:d7:a0:72:f5:f9: bb:3d:3d:4a:c5:c8:75:fb:0d:fe:53:ed:31:b7:c8:49:c8:04: 96:1f:f6:74 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICA6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U0QTExMTAvBgNVBAUTKDE1NDczRUZCM0M1QUU4QTBDNDc2NDdCN0UwRkRFNTg4 NkI2QjFGQTMwHhcNMjQxMjI2MTE0NzAwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzZkNDIzNC0yMzVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo1LxgvxbFGkz8fFi4OWhbp6a36NxHDdM0MfzUB8Ay9MyfjMPeIiRJIZY5txO iwDUkT4x0K5RSxzeTchuIbzsQ64BknxNfe30mzDjYqL6xv0P4/tagzPYaqVjxp4R vb7dyHsfdSkV2HYGYTEntCCVazq31lIBVcXiP9Ihra3XsYPpjd8Cdp+33mqAoGF7 TQk2NE3YTUKWKNX9KGQAIyczX6MaSpTXHHps/xqmiGaBI5vlHxsOLfuAOs3AlwFA Tsom3InwHcgGPu9aek+2gIPIuiJXdTGsCJUN8wYE2pv3+ce+LBxcizfMb8p6PrFC NorlRP3mtlgxteE9XJAUW6bs2QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEc6QiXO D5c8pBIvb2IxG/xQKViPMB8GA1UdIwQYMBaAFBVHPvs8WuigxHZHt+D95Yhrax+j MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTRBMS84NUZBMENFODgw QjcxMUVDOUZFQjJDNjdDNEY5QUUwMi9GVWMtLXp4YTZLREVka2UzNFAzbGlHdHJI Nk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZVYy0tenhhNktERWRrZTM0UDNsaUd0ckg2TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0U0QTEvODVGQTBDRTg4MEI3MTFFQzlGRUIyQzY3QzRGOUFFMDIvMkQ4MUZGMzY4 MEJCMTFFQzhGRDc2NjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFniqwwDQQCAAIwBwMFACQGb8AwDQYJKoZIhvcNAQELBQAD ggEBAFxPLYLwWE+k1m/IZpAhkeedL5Iemnj1Cy9oyWjSxPMVi2jS1rWsKfN2fnI5 q4PrVNiHnqQ95YpWRBse81QOc+xLyJlSoWHRoZmT7UM0bqVLPHBMzpfntc2Rbnmn Gwfpq0GdrWwMhv6Zurdu8m7Dj6W//cM1/zMjhMkTfuXMnuuv5QLn25wHQKFPQpdZ scgQk0kT8guq6Wdzz6IXJ4aW1XJK3jqI4qzSjEO1eBAZ3CW2W9JBAcbSwzN0MzWq l5WqLhcig+VHO2EsQTWvW/8ClkA4QcDiyFpwkTe0ntu07eLKvZIgcUDXoHL1+bs9 PUrFyHX7Df5T7TG3yEnIBJYf9nQ= -----END CERTIFICATE-----Generated at Thu Mar 13 21:49:19 2025 by rpki-client