$ rpki-client -vvf rpki.apnic.net/member_repository/A91D09D4/60289CEE084711EB94AF0C1CC4F9AE02/484CDD48084B11EBA5FDD126C4F9AE02.roa File: 484CDD48084B11EBA5FDD126C4F9AE02.roa (raw, json) Hash identifier: nzgpiC5NFO3V3nVcBmKQWNZmNLyB+jOBtWw1RfrIB+w= Subject key identifier: 50:AB:88:A3:93:63:9C:9D:D4:26:4D:32:25:FE:4B:E7:62:EB:1F:6C Certificate issuer: /CN=A91D09D4/serialNumber=49ACD3ECD327F02356C5F8817018F3D9F209F41E Certificate serial: 079B Authority key identifier: 49:AC:D3:EC:D3:27:F0:23:56:C5:F8:81:70:18:F3:D9:F2:09:F4:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SazT7NMn8CNWxfiBcBjz2fIJ9B4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D09D4/60289CEE084711EB94AF0C1CC4F9AE02/484CDD48084B11EBA5FDD126C4F9AE02.roa Signing time: Tue 06 May 2025 21:32:15 +0000 ROA not before: Tue 06 May 2025 21:32:15 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 55720 IP address blocks: 103.91.64.0/24 maxlen: 24 103.91.65.0/24 maxlen: 24 103.91.66.0/24 maxlen: 24 103.91.67.0/24 maxlen: 24 123.253.32.0/24 maxlen: 24 123.253.33.0/24 maxlen: 24 123.253.34.0/24 maxlen: 24 123.253.35.0/24 maxlen: 24 2401:340::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D09D4/60289CEE084711EB94AF0C1CC4F9AE02/SazT7NMn8CNWxfiBcBjz2fIJ9B4.crl rsync://rpki.apnic.net/member_repository/A91D09D4/60289CEE084711EB94AF0C1CC4F9AE02/SazT7NMn8CNWxfiBcBjz2fIJ9B4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SazT7NMn8CNWxfiBcBjz2fIJ9B4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 21:08:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1947 (0x79b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D09D4, serialNumber=49ACD3ECD327F02356C5F8817018F3D9F209F41E Validity Not Before: May 6 21:32:15 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=681a7fde-6ed9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:cc:55:1a:21:e8:f7:4b:af:d3:c8:86:32:e8: 9d:f4:fb:3f:39:af:38:d4:4e:18:d3:0f:03:2b:b4: ac:bd:c6:63:d6:fc:54:48:1b:66:c7:fa:a3:32:19: 1f:ac:c0:aa:43:ab:ed:bd:a4:0a:4b:be:eb:8a:d0: e3:cc:54:2e:c1:de:6a:74:6b:b9:cd:c9:f9:f2:24: 08:ee:c1:7b:44:33:ae:9c:12:6f:e9:22:27:f1:e3: 7b:0f:18:01:f8:1f:75:8f:d0:33:51:74:71:7d:3d: a2:51:72:6a:0d:10:1c:b3:5a:d3:ca:0d:d0:01:ec: 34:b4:aa:1f:51:28:67:55:1b:ba:f6:e6:ac:10:a5: f0:4c:cf:f3:f1:09:58:ce:3e:e7:a2:60:fb:7a:3a: d2:7d:42:c4:79:dd:0e:ee:7e:9f:8a:07:31:76:95: 4c:3f:b3:54:47:44:b0:88:2d:55:da:ca:a6:7f:4e: 2d:dd:dc:1b:fd:52:9d:25:d6:5c:5a:52:1a:21:7c: 4e:a1:ef:68:12:2d:f7:b5:11:33:4e:62:9d:99:2c: 7e:d9:d2:f5:95:92:60:a2:ee:bd:f5:54:ea:4d:2a: ce:74:c1:f1:9d:27:f9:ef:ae:82:d0:98:92:ab:23: 99:70:01:4f:0b:0f:31:78:34:d0:94:46:eb:91:ae: 4f:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:AB:88:A3:93:63:9C:9D:D4:26:4D:32:25:FE:4B:E7:62:EB:1F:6C X509v3 Authority Key Identifier: keyid:49:AC:D3:EC:D3:27:F0:23:56:C5:F8:81:70:18:F3:D9:F2:09:F4:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D09D4/60289CEE084711EB94AF0C1CC4F9AE02/SazT7NMn8CNWxfiBcBjz2fIJ9B4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SazT7NMn8CNWxfiBcBjz2fIJ9B4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D09D4/60289CEE084711EB94AF0C1CC4F9AE02/484CDD48084B11EBA5FDD126C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.91.64.0/22 123.253.32.0/22 IPv6: 2401:340::/32 Signature Algorithm: sha256WithRSAEncryption 00:97:8b:ff:b6:5e:eb:73:8e:84:18:3f:9a:e3:81:eb:eb:95: 25:29:fd:88:18:e8:0b:dc:36:d7:ca:ee:3b:14:25:9e:30:f1: a0:1f:3b:d4:6b:72:c4:60:f9:54:78:65:1e:3f:4a:02:37:8a: 39:ed:70:21:af:9f:41:ee:8f:79:21:37:04:9b:12:d1:b6:66: 4a:46:30:20:55:35:01:5c:8b:a1:c5:5e:87:72:50:c0:80:f0: d8:5d:a3:17:7e:d5:60:51:b5:e5:f9:76:b5:53:0f:1d:33:da: a6:42:d8:fd:cd:6e:f3:4e:57:df:eb:26:c6:84:40:5c:d1:7b: 6a:82:a9:98:63:b4:4c:4c:49:16:cb:6e:77:2c:0d:15:7d:7f: 5c:12:99:c6:d1:5e:b6:ed:24:fb:98:20:96:f9:05:00:35:94: f6:0f:fb:0b:91:78:23:3c:f5:04:eb:a0:4b:49:6c:fa:d7:67: 20:67:a1:91:61:88:65:34:d7:b5:ad:6a:27:e5:8c:e0:f6:ab: 53:2f:83:82:73:d3:2b:28:78:8b:8b:cb:3d:98:f9:9d:fd:2c: 3a:22:a1:98:25:8a:02:10:43:86:f7:02:43:08:b4:6e:42:b4: 3c:fc:42:b8:e1:f8:e1:59:92:86:c2:1a:c6:70:28:f5:7d:68: 31:16:68:7e -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICB5swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDA5RDQxMTAvBgNVBAUTKDQ5QUNEM0VDRDMyN0YwMjM1NkM1Rjg4MTcwMThGM0Q5 RjIwOUY0MUUwHhcNMjUwNTA2MjEzMjE1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFhN2ZkZS02ZWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxMxVGiHo90uv08iGMuid9Ps/Oa841E4Y0w8DK7SsvcZj1vxUSBtmx/qjMhkf rMCqQ6vtvaQKS77ritDjzFQuwd5qdGu5zcn58iQI7sF7RDOunBJv6SIn8eN7DxgB +B91j9AzUXRxfT2iUXJqDRAcs1rTyg3QAew0tKofUShnVRu69uasEKXwTM/z8QlY zj7nomD7ejrSfULEed0O7n6figcxdpVMP7NUR0SwiC1V2sqmf04t3dwb/VKdJdZc WlIaIXxOoe9oEi33tREzTmKdmSx+2dL1lZJgou699VTqTSrOdMHxnSf5766C0JiS qyOZcAFPCw8xeDTQlEbrka5PVQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFCriKOT Y5yd1CZNMiX+S+di6x9sMB8GA1UdIwQYMBaAFEms0+zTJ/AjVsX4gXAY89nyCfQe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDlENC82MDI4OUNFRTA4 NDcxMUVCOTRBRjBDMUNDNEY5QUUwMi9TYXpUN05NbjhDTld4ZmlCY0JqejJmSUo5 QjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NhelQ3Tk1uOENOV3hmaUJjQmp6MmZJSjlCNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDA5RDQvNjAyODlDRUUwODQ3MTFFQjk0QUYwQzFDQzRGOUFFMDIvNDg0Q0RENDgw ODRCMTFFQkE1RkREMTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnW0ADBAJ7/SAwDQQCAAIwBwMFACQBA0AwDQYJKoZIhvcN AQELBQADggEBAACXi/+2XutzjoQYP5rjgevrlSUp/YgY6AvcNtfK7jsUJZ4w8aAf O9RrcsRg+VR4ZR4/SgI3ijntcCGvn0Huj3khNwSbEtG2ZkpGMCBVNQFci6HFXody UMCA8Nhdoxd+1WBRteX5drVTDx0z2qZC2P3NbvNOV9/rJsaEQFzRe2qCqZhjtExM SRbLbncsDRV9f1wSmcbRXrbtJPuYIJb5BQA1lPYP+wuReCM89QTroEtJbPrXZyBn oZFhiGU017WtaifljOD2q1Mvg4Jz0ysoeIuLyz2Y+Z39LDoioZgligIQQ4b3AkMI tG5CtDz8Qrjh+OFZkobCGsZwKPV9aDEWaH4= -----END CERTIFICATE-----Generated at Wed May 14 07:12:56 2025 by rpki-client