$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/D2A57AD8DDF111EF969ABC1CC4F9AE02.roa File: D2A57AD8DDF111EF969ABC1CC4F9AE02.roa (raw, json) Hash identifier: oVUb29+C/dpDmyrIQ/S9XmPyQiqyJJ84om1g2jTlU5s= Subject key identifier: 06:7A:F1:2F:B3:5F:E1:69:6C:84:69:16:A7:00:11:53:BF:EB:05:04 Certificate issuer: /CN=A91C9A8D/serialNumber=82D818861DD4A70F7708D205E4B89E8514CA1F6C Certificate serial: 02 Authority key identifier: 82:D8:18:86:1D:D4:A7:0F:77:08:D2:05:E4:B8:9E:85:14:CA:1F:6C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gtgYhh3Upw93CNIF5LiehRTKH2w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/D2A57AD8DDF111EF969ABC1CC4F9AE02.roa Signing time: Wed 29 Jan 2025 03:33:36 +0000 ROA not before: Wed 29 Jan 2025 03:33:36 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 135594 IP address blocks: 103.67.165.0/24 maxlen: 24 103.152.4.0/24 maxlen: 24 2001:df3:4a00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/gtgYhh3Upw93CNIF5LiehRTKH2w.crl rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/gtgYhh3Upw93CNIF5LiehRTKH2w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gtgYhh3Upw93CNIF5LiehRTKH2w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 00:13:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9A8D, serialNumber=82D818861DD4A70F7708D205E4B89E8514CA1F6C Validity Not Before: Jan 29 03:33:36 2025 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=6799a190-53eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:92:45:94:74:ba:c0:09:1e:93:ec:04:a0:6e: f5:64:0c:f1:d1:b4:24:b8:6b:59:66:ef:7d:1f:9d: 62:f4:72:20:63:30:70:3a:fe:55:a9:8c:64:dc:84: 16:df:37:83:09:9d:e1:7a:d1:90:f3:21:b5:03:13: 2a:0d:7a:73:60:9d:3a:67:05:67:a8:69:a0:e9:85: 5b:08:69:0f:47:1d:d4:78:b3:a5:14:d9:79:66:ef: 22:dc:3c:68:fe:22:34:35:d4:ea:5c:f8:58:08:06: 52:4a:e0:9a:b5:17:93:2e:12:c1:74:4f:34:90:ec: 40:ec:87:a2:06:17:b6:42:b3:1c:3b:96:57:ec:33: e0:01:13:69:1e:00:9c:0e:26:08:f2:be:71:7c:b9: 60:9c:24:d9:c8:76:a6:a8:b6:32:ed:17:0c:18:be: 12:bf:f4:e3:b7:6d:ef:22:5b:d1:ec:29:fb:ab:4c: b1:b4:12:45:16:a5:d9:40:be:84:01:87:30:2f:46: 58:da:3d:c5:fb:d2:97:34:a9:d6:08:f8:0c:db:66: de:53:6b:74:de:60:f4:12:30:d4:fa:9f:f2:a9:ae: c0:34:3f:d7:fa:d9:99:78:9c:f1:9a:70:30:87:8b: 42:7f:e7:1e:7b:0b:27:4a:ba:d1:63:09:f6:ba:72: 8f:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:7A:F1:2F:B3:5F:E1:69:6C:84:69:16:A7:00:11:53:BF:EB:05:04 X509v3 Authority Key Identifier: keyid:82:D8:18:86:1D:D4:A7:0F:77:08:D2:05:E4:B8:9E:85:14:CA:1F:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/gtgYhh3Upw93CNIF5LiehRTKH2w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gtgYhh3Upw93CNIF5LiehRTKH2w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/D2A57AD8DDF111EF969ABC1CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.67.165.0/24 103.152.4.0/24 IPv6: 2001:df3:4a00::/48 Signature Algorithm: sha256WithRSAEncryption 9c:96:f1:b4:fa:77:3d:48:0c:bc:c1:01:69:3e:74:92:02:36: fc:0b:b7:4c:a0:49:ae:4a:80:1e:6c:32:f9:b6:aa:4e:97:54: 01:ba:f5:e9:57:7b:42:1b:22:67:14:a0:ca:e2:4c:02:c8:f9: 29:a2:3d:09:97:17:59:39:d5:7e:3b:75:ff:4c:11:1b:48:0c: d3:80:00:84:8a:ea:2a:9a:26:49:29:4f:1f:12:b9:dd:28:43: 49:7b:ec:d1:6b:9a:f6:56:87:8f:52:90:81:7a:ad:1f:da:03: ca:9f:e5:2e:cb:a3:64:0a:90:b0:d6:ce:57:d9:78:5a:f6:95: c1:ed:7e:77:40:64:58:57:cd:bc:52:2b:93:3d:dd:58:5c:9a: 27:c4:2d:88:06:ea:53:f5:28:d2:84:31:6e:a5:83:0e:86:04: d3:17:ea:2d:c0:aa:2d:25:ab:07:ae:ef:18:72:50:47:a0:70: e5:2a:4b:91:e4:91:4e:2f:3f:a3:1a:dc:71:70:9b:f6:b1:c4: 59:24:b1:92:48:00:68:1a:fb:b4:97:51:60:b6:3c:50:69:27: 2c:28:a0:9f:ca:60:5f:42:88:c1:3c:4f:0e:39:b7:e4:8b:86: 8f:58:66:62:13:70:f1:a2:7c:1f:99:5b:09:1b:0b:0a:0a:ca: c9:12:3c:a6 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD OUE4RDExMC8GA1UEBRMoODJEODE4ODYxREQ0QTcwRjc3MDhEMjA1RTRCODlFODUx NENBMUY2QzAeFw0yNTAxMjkwMzMzMzZaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3OTlhMTkwLTUzZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDCkkWUdLrACR6T7ASgbvVkDPHRtCS4a1lm730fnWL0ciBjMHA6/lWpjGTchBbf N4MJneF60ZDzIbUDEyoNenNgnTpnBWeoaaDphVsIaQ9HHdR4s6UU2Xlm7yLcPGj+ IjQ11Opc+FgIBlJK4Jq1F5MuEsF0TzSQ7EDsh6IGF7ZCsxw7llfsM+ABE2keAJwO JgjyvnF8uWCcJNnIdqaotjLtFwwYvhK/9OO3be8iW9HsKfurTLG0EkUWpdlAvoQB hzAvRljaPcX70pc0qdYI+AzbZt5Ta3TeYPQSMNT6n/KprsA0P9f62Zl4nPGacDCH i0J/5x57CydKutFjCfa6co/7AgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUBnrxL7Nf 4WlshGkWpwARU7/rBQQwHwYDVR0jBBgwFoAUgtgYhh3Upw93CNIF5LiehRTKH2ww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5QThELzMyRjFGNEMyODNF OTExRUNCODczQzg3MUM0RjlBRTAyL2d0Z1loaDNVcHc5M0NOSUY1TGllaFJUS0gy dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZ3RnWWhoM1VwdzkzQ05JRjVMaWVoUlRLSDJ3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OUE4RC8zMkYxRjRDMjgzRTkxMUVDQjg3M0M4NzFDNEY5QUUwMi9EMkE1N0FEOERE RjExMUVGOTY5QUJDMUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn MCUwEgQCAAEwDAMEAGdDpQMEAGeYBDAPBAIAAjAJAwcAIAEN80oAMA0GCSqGSIb3 DQEBCwUAA4IBAQCclvG0+nc9SAy8wQFpPnSSAjb8C7dMoEmuSoAebDL5tqpOl1QB uvXpV3tCGyJnFKDK4kwCyPkpoj0JlxdZOdV+O3X/TBEbSAzTgACEiuoqmiZJKU8f ErndKENJe+zRa5r2VoePUpCBeq0f2gPKn+Uuy6NkCpCw1s5X2Xha9pXB7X53QGRY V828UiuTPd1YXJonxC2IBupT9SjShDFupYMOhgTTF+otwKotJasHru8YclBHoHDl KkuR5JFOLz+jGtxxcJv2scRZJLGSSABoGvu0l1FgtjxQaScsKKCfymBfQojBPE8O Obfki4aPWGZiE3DxonwfmVsJGwsKCsrJEjym -----END CERTIFICATE-----Generated at Mon May 5 05:03:32 2025 by rpki-client