$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/2DE1069C050311EA93648E33C4F9AE02.roa File: 2DE1069C050311EA93648E33C4F9AE02.roa (raw, json) Hash identifier: lPRimtAIP991qjg2zYQ9MB+u2MSznOVIg7X2f5y/SnM= Subject key identifier: 1A:97:ED:22:1F:57:31:2C:18:19:13:1D:69:BD:3F:EA:6D:8D:FC:E6 Certificate issuer: /CN=A91D3D50/serialNumber=F51DC669DB596184D0BF94AA1E41E5DE159E8DA5 Certificate serial: 0C44 Authority key identifier: F5:1D:C6:69:DB:59:61:84:D0:BF:94:AA:1E:41:E5:DE:15:9E:8D:A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9R3GadtZYYTQv5SqHkHl3hWejaU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/2DE1069C050311EA93648E33C4F9AE02.roa Signing time: Mon 28 Apr 2025 18:58:13 +0000 ROA not before: Mon 28 Apr 2025 18:58:13 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 135895 IP address blocks: 103.17.232.0/22 maxlen: 24 103.220.225.0/24 maxlen: 24 116.206.216.0/22 maxlen: 24 2402:4280::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/9R3GadtZYYTQv5SqHkHl3hWejaU.crl rsync://rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/9R3GadtZYYTQv5SqHkHl3hWejaU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9R3GadtZYYTQv5SqHkHl3hWejaU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 18:35:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3140 (0xc44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3D50, serialNumber=F51DC669DB596184D0BF94AA1E41E5DE159E8DA5 Validity Not Before: Apr 28 18:58:13 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=680fcfc5-c225 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:0b:89:da:bd:d3:72:3f:bd:a9:ea:8c:38:1c: b6:7e:6b:dc:69:8c:3a:32:e0:52:24:a6:d9:6a:53: 11:26:4f:d0:49:0b:3e:4e:7b:06:af:b0:ca:e9:20: 16:08:19:3d:7d:48:55:a5:2b:21:d8:fa:a0:01:91: 2d:3d:53:4b:8c:b7:b1:aa:9a:a9:13:a3:54:84:30: 7e:44:73:da:3d:71:ea:af:f7:8e:75:dd:8a:57:a6: 6a:d1:81:ff:83:f2:e2:b1:02:26:3f:62:c8:f7:1e: d7:92:74:58:02:21:8e:a0:ab:f0:a8:59:58:e7:a5: e1:6b:b3:e8:49:7a:d5:e2:91:68:d5:5d:fe:18:77: a1:0c:8c:e8:69:4a:44:4a:60:12:b0:e2:71:17:e6: 4e:cd:3f:0f:34:27:64:83:7d:a5:c6:db:a6:f7:78: 03:84:37:05:e6:ae:10:62:00:63:79:c5:b2:bb:0e: a8:f4:e1:24:8c:1f:00:84:6a:d4:86:2d:0a:b7:be: f5:09:38:ad:84:94:76:a4:08:72:ab:f2:bd:50:59: 81:d2:7c:c2:c8:43:63:7b:30:bf:6d:df:d7:4b:85: bc:80:21:c1:fb:1a:09:07:8a:b6:16:e3:14:31:a1: 52:8e:6d:d7:db:cf:8a:bd:e0:e0:d4:4f:8b:81:f0: 4c:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:97:ED:22:1F:57:31:2C:18:19:13:1D:69:BD:3F:EA:6D:8D:FC:E6 X509v3 Authority Key Identifier: keyid:F5:1D:C6:69:DB:59:61:84:D0:BF:94:AA:1E:41:E5:DE:15:9E:8D:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/9R3GadtZYYTQv5SqHkHl3hWejaU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9R3GadtZYYTQv5SqHkHl3hWejaU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3D50/15464FD6050111EAAD97252CC4F9AE02/2DE1069C050311EA93648E33C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.17.232.0/22 103.220.225.0/24 116.206.216.0/22 IPv6: 2402:4280::/32 Signature Algorithm: sha256WithRSAEncryption 69:b0:b0:c3:36:2a:12:28:43:cf:d5:71:2f:4a:91:11:0a:af: 44:51:f2:f2:99:68:b3:4e:67:64:e7:e2:4e:ba:d2:1a:8e:14: d3:90:76:88:9a:df:f1:93:ff:74:e6:62:06:d9:ba:a1:fb:67: 90:a7:09:e2:74:c7:61:51:97:06:4d:32:52:bc:28:d0:bb:51: 28:03:fa:c6:f7:9e:18:b2:b1:25:84:f2:c3:71:fd:31:cd:6e: 3e:51:5b:cb:3b:70:79:44:e2:12:ee:ed:57:3b:a8:58:97:c8: ff:45:21:49:ff:e0:37:fd:88:1b:75:ad:d4:47:3d:66:b6:02: 34:df:c8:9b:fe:15:41:20:88:1d:b2:1c:78:6b:d6:4e:14:c5: f6:9a:19:1d:ad:f5:f1:84:4e:f8:0e:27:f2:7a:74:96:83:7c: 9c:76:85:c6:9c:94:c2:3c:c3:0a:f1:fe:4e:c2:22:08:f7:c0: 4f:82:97:67:d8:6f:2e:c3:5f:94:6e:d7:5b:45:ca:65:f8:6b: c0:49:6a:48:03:e5:d0:37:ce:ae:27:c5:1f:00:3a:17:16:b6: ce:85:49:83:ef:63:bf:d4:91:e1:3a:c8:72:c4:30:91:98:d4: 87:40:78:1f:17:59:d6:14:9e:01:aa:7d:5f:24:7d:d3:6e:16: 47:f5:09:4f -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICDEQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDNENTAxMTAvBgNVBAUTKEY1MURDNjY5REI1OTYxODREMEJGOTRBQTFFNDFFNURF MTU5RThEQTUwHhcNMjUwNDI4MTg1ODEzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODBmY2ZjNS1jMjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqwuJ2r3Tcj+9qeqMOBy2fmvcaYw6MuBSJKbZalMRJk/QSQs+TnsGr7DK6SAW CBk9fUhVpSsh2PqgAZEtPVNLjLexqpqpE6NUhDB+RHPaPXHqr/eOdd2KV6Zq0YH/ g/LisQImP2LI9x7XknRYAiGOoKvwqFlY56Xha7PoSXrV4pFo1V3+GHehDIzoaUpE SmASsOJxF+ZOzT8PNCdkg32lxtum93gDhDcF5q4QYgBjecWyuw6o9OEkjB8AhGrU hi0Kt771CTithJR2pAhyq/K9UFmB0nzCyENjezC/bd/XS4W8gCHB+xoJB4q2FuMU MaFSjm3X28+KveDg1E+LgfBMfwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFBqX7SIf VzEsGBkTHWm9P+ptjfzmMB8GA1UdIwQYMBaAFPUdxmnbWWGE0L+Uqh5B5d4Vno2l MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0Q1MC8xNTQ2NEZENjA1 MDExMUVBQUQ5NzI1MkNDNEY5QUUwMi85UjNHYWR0WllZVFF2NVNxSGtIbDNoV2Vq YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlSM0dhZHRaWVlUUXY1U3FIa0hsM2hXZWphVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDNENTAvMTU0NjRGRDYwNTAxMTFFQUFEOTcyNTJDQzRGOUFFMDIvMkRFMTA2OUMw NTAzMTFFQTkzNjQ4RTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnEegDBABn3OEDBAJ0ztgwDQQCAAIwBwMFACQCQoAwDQYJ KoZIhvcNAQELBQADggEBAGmwsMM2KhIoQ8/VcS9KkREKr0RR8vKZaLNOZ2Tn4k66 0hqOFNOQdoia3/GT/3TmYgbZuqH7Z5CnCeJ0x2FRlwZNMlK8KNC7USgD+sb3nhiy sSWE8sNx/THNbj5RW8s7cHlE4hLu7Vc7qFiXyP9FIUn/4Df9iBt1rdRHPWa2AjTf yJv+FUEgiB2yHHhr1k4UxfaaGR2t9fGETvgOJ/J6dJaDfJx2hcaclMI8wwrx/k7C Igj3wE+Cl2fYby7DX5Ru11tFymX4a8BJakgD5dA3zq4nxR8AOhcWts6FSYPvY7/U keE6yHLEMJGY1IdAeB8XWdYUngGqfV8kfdNuFkf1CU8= -----END CERTIFICATE-----Generated at Wed May 14 21:18:43 2025 by rpki-client