$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/68DA14E65BB211E9BF474F16C4F9AE02.roa File: 68DA14E65BB211E9BF474F16C4F9AE02.roa (raw, json) Hash identifier: +yhzJzGn+WxW2d4EtUHBstgfBIaoIoaYoJwg0N+/u2I= Subject key identifier: B2:F8:0D:E4:30:06:A8:F7:2E:6E:A9:7B:8A:65:70:87:B3:B4:DA:F0 Certificate issuer: /CN=A91AAE16/serialNumber=394EA086895C6F17D936548A32238B82CF79294D Certificate serial: 0FAE Authority key identifier: 39:4E:A0:86:89:5C:6F:17:D9:36:54:8A:32:23:8B:82:CF:79:29:4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OU6gholcbxfZNlSKMiOLgs95KU0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/68DA14E65BB211E9BF474F16C4F9AE02.roa Signing time: Tue 06 May 2025 17:56:37 +0000 ROA not before: Tue 06 May 2025 17:56:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 1828 IP address blocks: 103.38.152.0/24 maxlen: 24 103.38.153.0/24 maxlen: 24 103.38.154.0/24 maxlen: 24 103.38.155.0/24 maxlen: 24 111.221.56.0/22 maxlen: 22 202.58.136.0/21 maxlen: 21 2401:5dc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/OU6gholcbxfZNlSKMiOLgs95KU0.crl rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/OU6gholcbxfZNlSKMiOLgs95KU0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OU6gholcbxfZNlSKMiOLgs95KU0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 23 May 2025 17:46:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4014 (0xfae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAE16, serialNumber=394EA086895C6F17D936548A32238B82CF79294D Validity Not Before: May 6 17:56:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681a4d54-052f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:62:b7:6d:82:f9:76:62:32:1b:a1:3b:53:c6: 7c:65:aa:36:29:e1:c5:49:e4:38:77:c4:61:68:1f: b1:f1:ae:5b:d2:81:67:99:95:01:b5:e4:e7:ab:bf: a5:4a:f7:31:07:c8:3f:7c:97:82:0f:f5:ab:f7:16: fa:ac:3c:31:a7:47:73:44:ba:d1:90:8d:34:df:17: a6:95:6e:4f:c5:65:ec:3f:49:6f:ea:e8:98:3d:cc: bb:8b:46:59:11:81:a5:a8:df:ff:5a:a4:b6:03:a9: a1:65:e1:9e:a5:2f:bc:e9:c6:f4:5b:66:50:19:c9: 63:a5:15:4c:04:09:d6:5e:90:af:08:67:64:f5:3e: 52:68:51:5c:11:06:f7:79:6b:e8:4d:1e:bc:f9:82: 05:74:6c:50:d3:30:c7:1b:93:b4:c2:0c:56:13:2d: 64:eb:63:fb:e6:27:a8:46:7e:fa:9c:a8:fb:6f:ea: 17:22:81:99:46:a7:e5:37:3a:5c:84:a1:9f:5f:d0: 63:ef:0a:b4:0a:a2:b7:b4:bc:b5:f2:1a:bc:35:75: 6a:fa:de:51:ee:6b:5d:95:d6:df:76:8e:61:ec:70: 58:45:bc:22:26:7b:0c:79:87:1a:7d:92:b6:cd:09: 9c:88:42:1b:73:be:54:2d:0b:08:02:60:09:f5:6e: 8e:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:F8:0D:E4:30:06:A8:F7:2E:6E:A9:7B:8A:65:70:87:B3:B4:DA:F0 X509v3 Authority Key Identifier: keyid:39:4E:A0:86:89:5C:6F:17:D9:36:54:8A:32:23:8B:82:CF:79:29:4D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/OU6gholcbxfZNlSKMiOLgs95KU0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OU6gholcbxfZNlSKMiOLgs95KU0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAE16/174885505BB111E98B103B13C4F9AE02/68DA14E65BB211E9BF474F16C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.38.152.0/22 111.221.56.0/22 202.58.136.0/21 IPv6: 2401:5dc0::/32 Signature Algorithm: sha256WithRSAEncryption 70:b3:07:1a:32:1e:35:55:41:7b:ec:1a:26:c2:01:7c:7f:a2: 45:fa:ac:bc:e0:0a:7d:c4:9e:03:ad:cf:a4:ea:f5:e9:5d:7e: f6:68:96:ca:1c:39:2d:f4:b6:6d:fc:71:aa:03:c1:9b:03:31: cf:78:17:96:2f:8d:1f:b2:43:71:db:9c:2e:b8:cd:1a:04:c5: c4:a1:0f:e2:53:88:8e:ec:19:49:b5:54:48:ce:f0:2d:16:91: 92:ba:3b:6e:9d:56:34:8a:4b:09:5f:6e:ec:72:79:22:c6:70: e5:43:16:70:f0:df:ff:67:09:aa:e4:dc:62:39:f4:e8:a4:96: 10:4b:e8:6b:e5:a2:41:dc:79:34:3b:81:20:cc:e0:b8:e0:8e: aa:d8:14:e7:8f:0b:c8:fa:60:ea:b3:bc:50:ed:49:5e:9d:84: 95:e9:ed:73:e8:98:9b:91:62:cf:54:fa:84:df:11:91:81:28: c3:ed:fa:7c:31:7f:10:42:17:be:f1:2e:e0:24:ae:50:e7:04: 71:12:36:10:95:23:ad:b9:1e:2e:f9:07:49:a8:c4:7d:88:94: 84:c9:08:74:77:0b:0a:e9:80:79:03:a5:46:48:3b:1b:1a:99: b9:d4:3d:5a:46:59:f3:a8:3f:4a:fb:d3:da:71:d8:31:63:b7: c5:a5:08:a7 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICD64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFFMTYxMTAvBgNVBAUTKDM5NEVBMDg2ODk1QzZGMTdEOTM2NTQ4QTMyMjM4Qjgy Q0Y3OTI5NEQwHhcNMjUwNTA2MTc1NjM3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFhNGQ1NC0wNTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv2K3bYL5dmIyG6E7U8Z8Zao2KeHFSeQ4d8RhaB+x8a5b0oFnmZUBteTnq7+l SvcxB8g/fJeCD/Wr9xb6rDwxp0dzRLrRkI003xemlW5PxWXsP0lv6uiYPcy7i0ZZ EYGlqN//WqS2A6mhZeGepS+86cb0W2ZQGcljpRVMBAnWXpCvCGdk9T5SaFFcEQb3 eWvoTR68+YIFdGxQ0zDHG5O0wgxWEy1k62P75ieoRn76nKj7b+oXIoGZRqflNzpc hKGfX9Bj7wq0CqK3tLy18hq8NXVq+t5R7mtdldbfdo5h7HBYRbwiJnsMeYcafZK2 zQmciEIbc75ULQsIAmAJ9W6OZQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFLL4DeQw Bqj3Lm6pe4plcIeztNrwMB8GA1UdIwQYMBaAFDlOoIaJXG8X2TZUijIji4LPeSlN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUUxNi8xNzQ4ODU1MDVC QjExMUU5OEIxMDNCMTNDNEY5QUUwMi9PVTZnaG9sY2J4ZlpObFNLTWlPTGdzOTVL VTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09VNmdob2xjYnhmWk5sU0tNaU9MZ3M5NUtVMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUFFMTYvMTc0ODg1NTA1QkIxMTFFOThCMTAzQjEzQzRGOUFFMDIvNjhEQTE0RTY1 QkIyMTFFOUJGNDc0RjE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnJpgDBAJv3TgDBAPKOogwDQQCAAIwBwMFACQBXcAwDQYJ KoZIhvcNAQELBQADggEBAHCzBxoyHjVVQXvsGibCAXx/okX6rLzgCn3EngOtz6Tq 9eldfvZolsocOS30tm38caoDwZsDMc94F5YvjR+yQ3HbnC64zRoExcShD+JTiI7s GUm1VEjO8C0WkZK6O26dVjSKSwlfbuxyeSLGcOVDFnDw3/9nCark3GI59OiklhBL 6GvlokHceTQ7gSDM4LjgjqrYFOePC8j6YOqzvFDtSV6dhJXp7XPomJuRYs9U+oTf EZGBKMPt+nwxfxBCF77xLuAkrlDnBHESNhCVI625Hi75B0moxH2IlITJCHR3Cwrp gHkDpUZIOxsambnUPVpGWfOoP0r709px2DFjt8WlCKc= -----END CERTIFICATE-----Generated at Sat May 17 00:05:17 2025 by rpki-client