$ rpki-client -vvf rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/21028CF67EF811EAAD47CD30C4F9AE02.roa File: 21028CF67EF811EAAD47CD30C4F9AE02.roa (raw, json) Hash identifier: +gB8ZHO5MMKVGP2yT3GNNhFPo53EwfTpImIrJ+ySljI= Subject key identifier: 4E:83:DC:E0:43:AF:41:C7:1C:FF:15:AD:6F:DF:56:8F:E0:9E:A1:80 Certificate issuer: /CN=A91A459D/serialNumber=52B21995429C44F8A7F4EC99E53040870D6D385B Certificate serial: 09C6 Authority key identifier: 52:B2:19:95:42:9C:44:F8:A7:F4:EC:99:E5:30:40:87:0D:6D:38:5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/21028CF67EF811EAAD47CD30C4F9AE02.roa Signing time: Tue 22 Apr 2025 20:20:17 +0000 ROA not before: Tue 22 Apr 2025 20:20:17 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 138684 IP address blocks: 103.136.132.0/22 maxlen: 22 103.136.132.0/24 maxlen: 24 103.136.133.0/24 maxlen: 24 103.136.134.0/24 maxlen: 24 103.136.135.0/24 maxlen: 24 2404:93c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.crl rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:47:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2502 (0x9c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A459D, serialNumber=52B21995429C44F8A7F4EC99E53040870D6D385B Validity Not Before: Apr 22 20:20:17 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=6807fa01-34a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b0:85:1d:14:34:b2:b1:4f:69:a9:81:c0:07: 9c:35:d0:d6:c2:97:bc:48:a6:2c:12:1b:78:09:a7: c3:9d:4f:a4:d4:67:65:a9:f2:06:34:8a:e4:0f:74: a1:47:8a:04:82:76:ce:fd:02:b8:e0:db:45:59:c9: fc:4e:7b:22:2d:2d:bd:68:c7:d8:ad:76:ee:17:62: 08:90:1c:c7:de:74:14:21:52:b4:18:05:25:b0:f7: 2f:5c:3d:01:1f:f6:fd:3b:62:01:68:3a:0c:37:ea: f6:70:45:0b:4c:6c:96:0d:9f:e2:c9:f0:90:ab:dd: 82:4e:16:a0:86:10:79:24:44:5f:ab:af:3e:46:64: e1:5b:49:e8:f6:80:93:0c:b7:ba:b8:f9:f4:25:f0: e7:61:69:5d:74:79:54:db:3a:df:d7:fa:93:8f:78: de:ef:8b:5c:e2:c9:5c:6d:98:6b:f6:cf:82:35:34: 48:b4:84:3d:82:07:33:f4:ee:cb:3f:02:86:43:82: 72:c0:c5:07:ae:50:b3:da:54:e2:3d:b8:55:00:9d: a2:ab:1f:89:3f:57:10:d8:d8:24:9f:f4:3b:b2:a0: 10:d6:a8:72:37:ee:ba:a0:85:ef:c8:b5:06:81:c0: f3:11:75:20:c7:ff:c9:69:e0:13:68:9c:f7:1c:1b: 68:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:83:DC:E0:43:AF:41:C7:1C:FF:15:AD:6F:DF:56:8F:E0:9E:A1:80 X509v3 Authority Key Identifier: keyid:52:B2:19:95:42:9C:44:F8:A7:F4:EC:99:E5:30:40:87:0D:6D:38:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/UrIZlUKcRPin9OyZ5TBAhw1tOFs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UrIZlUKcRPin9OyZ5TBAhw1tOFs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A459D/5FAB972E7EF611EAA979A32DC4F9AE02/21028CF67EF811EAAD47CD30C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.136.132.0/22 IPv6: 2404:93c0::/32 Signature Algorithm: sha256WithRSAEncryption 33:8b:fe:b9:2b:98:9d:bd:7b:63:96:83:6c:98:3e:03:d7:df: 9f:ff:62:ae:ce:0d:03:f8:04:c7:15:86:44:97:99:71:f0:13: e2:d8:cd:dc:4a:57:85:35:66:e1:7b:4f:71:ab:f7:b2:e7:c5: 09:2b:c2:45:d1:fe:b4:9c:11:d8:1d:fe:a8:43:ac:bc:8d:f4: 01:49:4e:12:97:44:40:96:2e:83:bb:49:52:e4:85:59:8c:67: 5b:50:83:4e:94:5b:e7:14:23:de:b7:4a:20:4f:5a:f0:2d:b1: d0:4f:96:65:50:83:5f:a0:57:8f:64:b2:26:75:a8:ca:4b:94: 03:46:58:55:93:2e:02:d5:83:92:b7:66:56:f3:2d:99:d8:25: c2:5c:42:91:69:31:b5:09:08:01:33:65:ad:c2:de:e6:31:01: c7:39:d5:ac:56:43:a4:10:84:32:0d:5d:ea:9e:a8:77:b4:43: 3a:c6:6a:50:e5:ea:91:98:62:3b:57:d1:06:de:14:b3:1d:22: 95:1d:38:14:25:80:2a:89:01:ad:97:03:aa:a8:86:ad:2d:c8: de:81:72:0e:3f:ef:ec:7d:a0:c4:3a:d8:cc:3b:be:76:ad:d2: 52:dc:0f:55:87:1f:ed:a2:19:1e:9b:f6:d5:1f:b5:dc:a4:47: 35:69:f5:f6 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ1OUQxMTAvBgNVBAUTKDUyQjIxOTk1NDI5QzQ0RjhBN0Y0RUM5OUU1MzA0MDg3 MEQ2RDM4NUIwHhcNMjUwNDIyMjAyMDE3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02ODA3ZmEwMS0zNGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1rCFHRQ0srFPaamBwAecNdDWwpe8SKYsEht4CafDnU+k1GdlqfIGNIrkD3Sh R4oEgnbO/QK44NtFWcn8TnsiLS29aMfYrXbuF2IIkBzH3nQUIVK0GAUlsPcvXD0B H/b9O2IBaDoMN+r2cEULTGyWDZ/iyfCQq92CThaghhB5JERfq68+RmThW0no9oCT DLe6uPn0JfDnYWlddHlU2zrf1/qTj3je74tc4slcbZhr9s+CNTRItIQ9ggcz9O7L PwKGQ4JywMUHrlCz2lTiPbhVAJ2iqx+JP1cQ2Ngkn/Q7sqAQ1qhyN+66oIXvyLUG gcDzEXUgx//JaeATaJz3HBtoRwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFE6D3OBD r0HHHP8VrW/fVo/gnqGAMB8GA1UdIwQYMBaAFFKyGZVCnET4p/TsmeUwQIcNbThb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDU5RC81RkFCOTcyRTdF RjYxMUVBQTk3OUEzMkRDNEY5QUUwMi9VcklabFVLY1JQaW45T3laNVRCQWh3MXRP RnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VySVpsVUtjUlBpbjlPeVo1VEJBaHcxdE9Gcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTQ1OUQvNUZBQjk3MkU3RUY2MTFFQUE5NzlBMzJEQzRGOUFFMDIvMjEwMjhDRjY3 RUY4MTFFQUFENDdDRDMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJniIQwDQQCAAIwBwMFACQEk8AwDQYJKoZIhvcNAQELBQAD ggEBADOL/rkrmJ29e2OWg2yYPgPX35//Yq7ODQP4BMcVhkSXmXHwE+LYzdxKV4U1 ZuF7T3Gr97LnxQkrwkXR/rScEdgd/qhDrLyN9AFJThKXRECWLoO7SVLkhVmMZ1tQ g06UW+cUI963SiBPWvAtsdBPlmVQg1+gV49ksiZ1qMpLlANGWFWTLgLVg5K3Zlbz LZnYJcJcQpFpMbUJCAEzZa3C3uYxAcc51axWQ6QQhDINXeqeqHe0QzrGalDl6pGY YjtX0QbeFLMdIpUdOBQlgCqJAa2XA6qohq0tyN6Bcg4/7+x9oMQ62Mw7vnat0lLc D1WHH+2iGR6b9tUftdykRzVp9fY= -----END CERTIFICATE-----Generated at Wed May 14 18:23:27 2025 by rpki-client