$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6499/9F836C52780911EBA16AE156C4F9AE02/A96F9914F1D811EFA3152963C4F9AE02.roa File: A96F9914F1D811EFA3152963C4F9AE02.roa (raw, json) Hash identifier: GbZWi9q6UX7D+oMHHFTd4plXypkHkfSoO+ds1DieM3U= Subject key identifier: 1E:A6:1F:22:BD:19:E6:0B:B2:95:58:4D:4D:42:57:AA:D2:F7:9B:78 Certificate issuer: /CN=A91D6499/serialNumber=0BDF5D7BF6C0ADC36F23012836D8C2DC2427933C Certificate serial: 0687 Authority key identifier: 0B:DF:5D:7B:F6:C0:AD:C3:6F:23:01:28:36:D8:C2:DC:24:27:93:3C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C99de_bArcNvIwEoNtjC3CQnkzw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D6499/9F836C52780911EBA16AE156C4F9AE02/A96F9914F1D811EFA3152963C4F9AE02.roa Signing time: Tue 13 May 2025 15:26:12 +0000 ROA not before: Tue 13 May 2025 15:26:12 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 139769 IP address blocks: 43.251.8.0/24 maxlen: 24 43.251.9.0/24 maxlen: 24 43.251.10.0/24 maxlen: 24 43.251.11.0/24 maxlen: 24 103.42.104.0/24 maxlen: 24 103.42.105.0/24 maxlen: 24 103.42.106.0/24 maxlen: 24 103.42.107.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D6499/9F836C52780911EBA16AE156C4F9AE02/C99de_bArcNvIwEoNtjC3CQnkzw.crl rsync://rpki.apnic.net/member_repository/A91D6499/9F836C52780911EBA16AE156C4F9AE02/C99de_bArcNvIwEoNtjC3CQnkzw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C99de_bArcNvIwEoNtjC3CQnkzw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 22:22:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1671 (0x687) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D6499, serialNumber=0BDF5D7BF6C0ADC36F23012836D8C2DC2427933C Validity Not Before: May 13 15:26:12 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68236494-9c38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:af:b1:8b:9c:44:34:a5:13:fc:97:34:38:64: 96:06:6f:b9:f7:48:05:62:da:0e:00:d5:42:8a:c0: 85:26:5d:f8:49:a4:91:80:1d:7c:53:8e:0f:72:5e: 46:5b:78:4f:31:a6:a1:6a:bd:ae:ec:47:cf:e2:d8: 89:60:56:9a:39:80:f5:c8:5c:85:62:f3:70:29:24: 1d:4b:5c:2c:2c:82:3a:8c:d9:4c:f1:76:88:30:58: 91:83:93:7a:eb:46:17:71:d1:67:5d:fe:ec:33:48: 70:83:cd:16:15:f6:22:e3:42:b8:08:db:1c:3d:f2: 2e:e9:3f:74:ca:02:8b:ab:ac:66:2e:68:6c:55:aa: b9:61:4b:b3:f8:b9:00:4a:73:b8:89:55:73:ca:d5: 00:91:5c:71:67:00:ad:f0:4e:0a:42:40:de:82:0a: 67:ef:06:12:bb:97:43:ef:5b:88:1f:e6:41:e6:c6: b1:83:c5:67:50:97:d9:a9:9f:19:3d:41:04:b3:b5: 9b:03:6d:76:57:9b:9a:e9:04:dd:7e:8a:77:36:52: f5:93:6a:39:58:66:8f:d3:d4:44:21:92:68:0e:79: 2a:d6:b6:2c:f3:5e:5f:ee:f1:60:3e:ef:eb:3a:41: a6:8d:0e:54:4b:48:d1:0b:ab:38:97:7a:33:b6:1b: 5a:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:A6:1F:22:BD:19:E6:0B:B2:95:58:4D:4D:42:57:AA:D2:F7:9B:78 X509v3 Authority Key Identifier: keyid:0B:DF:5D:7B:F6:C0:AD:C3:6F:23:01:28:36:D8:C2:DC:24:27:93:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D6499/9F836C52780911EBA16AE156C4F9AE02/C99de_bArcNvIwEoNtjC3CQnkzw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C99de_bArcNvIwEoNtjC3CQnkzw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6499/9F836C52780911EBA16AE156C4F9AE02/A96F9914F1D811EFA3152963C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.251.8.0/22 103.42.104.0/22 Signature Algorithm: sha256WithRSAEncryption 22:cc:9b:4a:ed:94:99:9a:58:49:a7:5f:1c:8d:b6:ef:9f:3b: ef:62:24:b4:d3:99:8d:a0:3e:c5:ef:11:ee:1a:d3:c4:60:f8: e2:5c:58:da:b5:d0:87:8d:ed:7b:2d:7f:52:3c:30:57:9d:5f: 38:eb:97:a6:48:52:48:67:a2:c3:90:a4:47:7f:9b:33:f7:7a: 31:70:b1:d5:d8:e8:99:2e:ae:b9:83:75:f4:1a:eb:62:7d:7d: b8:dc:ad:34:01:94:f0:5b:01:50:aa:62:af:f6:b7:a0:0d:47: fa:82:4f:ba:c5:86:62:d9:eb:45:b6:f2:c4:9e:63:05:69:76: c2:9f:c2:0b:47:18:70:37:fd:9e:e3:a8:4c:19:76:10:95:6a: 43:6c:ed:df:87:d8:e4:2c:e0:07:a4:0b:2b:2c:73:35:84:97: 28:57:7d:d1:2d:10:8f:8f:18:7e:e8:42:af:ef:fd:6b:37:be: f9:fc:4b:de:8f:fd:2f:6c:27:3b:43:af:a5:d3:38:e4:81:2a: 0a:92:3a:36:4f:10:a3:da:13:f1:51:ed:31:c8:36:89:c7:cb: 41:03:92:b9:18:31:91:b9:ae:46:e1:44:9c:d4:76:47:05:79: 7c:8c:68:4c:e5:5c:76:90:19:22:ac:77:56:6e:2a:38:9e:c0: 77:77:8a:f7 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDY0OTkxMTAvBgNVBAUTKDBCREY1RDdCRjZDMEFEQzM2RjIzMDEyODM2RDhDMkRD MjQyNzkzM0MwHhcNMjUwNTEzMTUyNjEyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODIzNjQ5NC05YzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnq+xi5xENKUT/Jc0OGSWBm+590gFYtoOANVCisCFJl34SaSRgB18U44Pcl5G W3hPMaahar2u7EfP4tiJYFaaOYD1yFyFYvNwKSQdS1wsLII6jNlM8XaIMFiRg5N6 60YXcdFnXf7sM0hwg80WFfYi40K4CNscPfIu6T90ygKLq6xmLmhsVaq5YUuz+LkA SnO4iVVzytUAkVxxZwCt8E4KQkDeggpn7wYSu5dD71uIH+ZB5saxg8VnUJfZqZ8Z PUEEs7WbA212V5ua6QTdfop3NlL1k2o5WGaP09REIZJoDnkq1rYs815f7vFgPu/r OkGmjQ5US0jRC6s4l3ozthtaDwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFB6mHyK9 GeYLspVYTU1CV6rS95t4MB8GA1UdIwQYMBaAFAvfXXv2wK3DbyMBKDbYwtwkJ5M8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjQ5OS85RjgzNkM1Mjc4 MDkxMUVCQTE2QUUxNTZDNEY5QUUwMi9DOTlkZV9iQXJjTnZJd0VvTnRqQzNDUW5r encuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0M5OWRlX2JBcmNOdkl3RW9OdGpDM0NRbmt6dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDY0OTkvOUY4MzZDNTI3ODA5MTFFQkExNkFFMTU2QzRGOUFFMDIvQTk2Rjk5MTRG MUQ4MTFFRkEzMTUyOTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr+wgDBAJnKmgwDQYJKoZIhvcNAQELBQADggEBACLMm0rt lJmaWEmnXxyNtu+fO+9iJLTTmY2gPsXvEe4a08Rg+OJcWNq10IeN7Xstf1I8MFed Xzjrl6ZIUkhnosOQpEd/mzP3ejFwsdXY6JkurrmDdfQa62J9fbjcrTQBlPBbAVCq Yq/2t6ANR/qCT7rFhmLZ60W28sSeYwVpdsKfwgtHGHA3/Z7jqEwZdhCVakNs7d+H 2OQs4AekCyssczWElyhXfdEtEI+PGH7oQq/v/Ws3vvn8S96P/S9sJztDr6XTOOSB KgqSOjZPEKPaE/FR7THINonHy0EDkrkYMZG5rkbhRJzUdkcFeXyMaEzlXHaQGSKs d1ZuKjiewHd3ivc= -----END CERTIFICATE-----Generated at Thu May 15 21:26:22 2025 by rpki-client