$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/920126A625F011E7AB40BB69C4F9AE02.roa File: 920126A625F011E7AB40BB69C4F9AE02.roa (raw, json) Hash identifier: VGx79HjfctMAH3951trK9IBgyFBPVt62lhijc0hOVt4= Subject key identifier: 55:3D:57:1E:37:8C:7F:FF:AA:0E:AD:E7:8E:52:EF:ED:7C:67:EE:53 Certificate issuer: /CN=A91DC4E1/serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E Certificate serial: 1B4F Authority key identifier: DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/920126A625F011E7AB40BB69C4F9AE02.roa Signing time: Sun 04 May 2025 16:24:31 +0000 ROA not before: Sun 04 May 2025 16:24:31 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 64269 IP address blocks: 103.89.140.0/22 maxlen: 22 103.89.140.0/24 maxlen: 24 103.89.141.0/24 maxlen: 24 103.89.142.0/24 maxlen: 24 103.89.143.0/24 maxlen: 24 202.14.204.0/22 maxlen: 22 202.14.204.0/24 maxlen: 24 202.14.205.0/24 maxlen: 24 202.14.206.0/24 maxlen: 24 202.14.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 16:14:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6991 (0x1b4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC4E1, serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E Validity Not Before: May 4 16:24:31 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681794bf-75df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:a7:82:4e:33:af:56:4e:e0:48:fd:5d:90:5c: bc:56:b7:e8:1b:c7:48:fb:2e:e4:b5:f9:74:e3:02: 06:c9:a1:a4:e8:01:d7:8c:e1:3e:e1:c9:25:f5:61: e8:19:21:3e:17:03:ea:6a:0a:ac:83:a7:5c:4a:9f: d8:4a:ba:e0:45:68:4d:56:45:ba:c7:25:1d:f0:32: 36:06:55:68:cb:21:dc:4e:31:a3:a8:2b:60:04:8b: 99:4f:92:6d:bd:70:51:b9:a8:83:4c:5f:b4:e4:e3: 97:d8:ca:ad:53:cc:54:56:1e:92:e3:e5:de:94:6c: 35:58:87:1d:98:33:2d:78:13:be:f5:ae:07:fd:34: ca:a9:32:eb:32:1d:d1:83:6f:98:c0:5c:26:f9:1c: 25:f1:28:1b:f0:08:ce:e1:c8:0e:ec:b5:b3:21:2d: 74:0e:fb:a7:43:d8:55:bd:17:d4:30:0b:81:01:08: bd:82:c7:6d:8c:19:e7:76:5b:6c:ae:ed:a6:f3:d7: 34:db:dd:59:f1:a5:e2:bd:1d:a4:f4:28:ee:54:10: 00:94:ef:52:d9:0e:24:81:19:4d:1a:a6:e6:b2:c7: 82:e9:1b:3b:7b:14:d8:0c:b6:13:71:f0:b5:79:d6: 4e:d6:6c:1a:54:76:59:2d:19:27:a8:1c:56:e5:4d: 95:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:3D:57:1E:37:8C:7F:FF:AA:0E:AD:E7:8E:52:EF:ED:7C:67:EE:53 X509v3 Authority Key Identifier: keyid:DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/920126A625F011E7AB40BB69C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.140.0/22 202.14.204.0/22 Signature Algorithm: sha256WithRSAEncryption 9e:ca:9f:b9:38:d2:f2:31:a3:7d:82:6a:19:8b:09:9e:81:47: 25:45:92:f8:32:58:d3:ad:36:be:75:1d:b0:46:8d:b9:53:08: c6:d8:74:a2:50:d1:e8:69:18:74:d0:0e:53:39:a2:63:d5:78: d1:00:20:19:ee:9a:e3:c5:75:e7:81:d0:65:9e:cc:3d:36:d3: e5:b7:b8:a4:b7:0b:2b:f3:a4:32:89:e3:97:4d:fb:2d:88:07: 22:5d:79:73:27:ae:a2:54:7b:79:5d:e3:fe:4f:ab:94:60:22: cb:c1:8b:8c:09:9e:03:5a:ac:98:15:59:04:50:ad:07:c6:56: 7d:4a:b2:2a:f0:47:73:9e:da:40:13:55:a8:23:7f:6e:67:cf: 25:58:23:e1:e3:7b:d7:46:8a:16:07:ad:1d:20:e5:53:7b:42: 04:5a:85:78:f1:20:52:db:3a:9d:02:6b:95:31:e6:f5:87:ad: ce:0f:ca:13:25:57:e6:dd:ab:70:ee:ad:66:03:af:02:8c:3d: 58:7c:89:bd:c6:f5:f6:23:a6:a2:0a:22:df:37:f0:a9:e0:4e: ad:14:57:b1:df:13:52:13:58:da:2d:db:14:10:87:5d:af:0b: 8f:b5:bb:26:82:ba:c3:92:1d:e2:7d:2d:a9:33:02:79:9e:27: d0:20:83:b2 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICG08wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0RTExMTAvBgNVBAUTKERDMUIzOUI1NEY2MDg5MUFDNzc4QTkzMTZENzFCMEJF ODAwNjM5NkUwHhcNMjUwNTA0MTYyNDMxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE3OTRiZi03NWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA76eCTjOvVk7gSP1dkFy8VrfoG8dI+y7ktfl04wIGyaGk6AHXjOE+4ckl9WHo GSE+FwPqagqsg6dcSp/YSrrgRWhNVkW6xyUd8DI2BlVoyyHcTjGjqCtgBIuZT5Jt vXBRuaiDTF+05OOX2MqtU8xUVh6S4+XelGw1WIcdmDMteBO+9a4H/TTKqTLrMh3R g2+YwFwm+Rwl8Sgb8AjO4cgO7LWzIS10DvunQ9hVvRfUMAuBAQi9gsdtjBnndlts ru2m89c0291Z8aXivR2k9CjuVBAAlO9S2Q4kgRlNGqbmsseC6Rs7exTYDLYTcfC1 edZO1mwaVHZZLRknqBxW5U2VUQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFU9Vx43 jH//qg6t545S7+18Z+5TMB8GA1UdIwQYMBaAFNwbObVPYIkax3ipMW1xsL6ABjlu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzRFMS8yMDA0RjE0NDE2 MDExMUU3QThBQzIyNURDNEY5QUUwMi8zQnM1dFU5Z2lSckhlS2t4YlhHd3ZvQUdP VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNCczV0VTlnaVJySGVLa3hiWEd3dm9BR09XNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REM0RTEvMjAwNEYxNDQxNjAxMTFFN0E4QUMyMjVEQzRGOUFFMDIvOTIwMTI2QTYy NUYwMTFFN0FCNDBCQjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnWYwDBALKDswwDQYJKoZIhvcNAQELBQADggEBAJ7Kn7k4 0vIxo32CahmLCZ6BRyVFkvgyWNOtNr51HbBGjblTCMbYdKJQ0ehpGHTQDlM5omPV eNEAIBnumuPFdeeB0GWezD020+W3uKS3CyvzpDKJ45dN+y2IByJdeXMnrqJUe3ld 4/5Pq5RgIsvBi4wJngNarJgVWQRQrQfGVn1KsirwR3Oe2kATVagjf25nzyVYI+Hj e9dGihYHrR0g5VN7QgRahXjxIFLbOp0Ca5Ux5vWHrc4PyhMlV+bdq3DurWYDrwKM PVh8ib3G9fYjpqIKIt838KngTq0UV7HfE1ITWNot2xQQh12vC4+1uyaCusOSHeJ9 LakzAnmeJ9Agg7I= -----END CERTIFICATE-----Generated at Tue May 13 01:05:02 2025 by rpki-client