$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17F6/ED93CEE8F2B511EA9A3F6341C4F9AE02/AF95E6D8F2B711EAA1C01744C4F9AE02.roa File: AF95E6D8F2B711EAA1C01744C4F9AE02.roa (raw, json) Hash identifier: X3Zxmzy65RFAr4wRuSkQChvufHFA8zifcOkEqKI8dKg= Subject key identifier: 3A:E1:27:6D:9F:EF:6B:9F:B5:43:D4:77:DF:DC:91:45:4F:D5:E9:F9 Certificate issuer: /CN=A91F17F6/serialNumber=52D5D6FFBDA88F545E51BAF99F7DACE193C06E57 Certificate serial: 07CA Authority key identifier: 52:D5:D6:FF:BD:A8:8F:54:5E:51:BA:F9:9F:7D:AC:E1:93:C0:6E:57 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UtXW_72oj1ReUbr5n32s4ZPAblc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F17F6/ED93CEE8F2B511EA9A3F6341C4F9AE02/AF95E6D8F2B711EAA1C01744C4F9AE02.roa Signing time: Fri 02 May 2025 21:33:15 +0000 ROA not before: Fri 02 May 2025 21:33:15 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 56229 IP address blocks: 43.231.72.0/24 maxlen: 24 43.231.73.0/24 maxlen: 24 43.231.74.0/24 maxlen: 24 43.231.75.0/24 maxlen: 24 103.3.72.0/24 maxlen: 24 103.3.73.0/24 maxlen: 24 103.3.74.0/24 maxlen: 24 103.3.75.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F17F6/ED93CEE8F2B511EA9A3F6341C4F9AE02/UtXW_72oj1ReUbr5n32s4ZPAblc.crl rsync://rpki.apnic.net/member_repository/A91F17F6/ED93CEE8F2B511EA9A3F6341C4F9AE02/UtXW_72oj1ReUbr5n32s4ZPAblc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UtXW_72oj1ReUbr5n32s4ZPAblc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:46:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1994 (0x7ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F17F6, serialNumber=52D5D6FFBDA88F545E51BAF99F7DACE193C06E57 Validity Not Before: May 2 21:33:15 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68153a1b-b674 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:fd:e5:14:8d:5f:4c:7b:03:81:f4:c5:f6:1c: ee:ea:eb:79:fb:e7:d3:57:e7:e1:80:3b:fa:70:57: 6c:c4:d0:94:8a:42:c8:86:dd:4b:83:74:25:c2:9d: 23:5a:b0:b3:e8:2b:47:a9:d8:cf:21:f4:89:b4:ed: 7f:68:27:f3:98:ee:dc:91:f7:00:1e:46:26:d2:b6: 35:aa:f8:79:e5:af:06:cf:e3:f6:48:eb:a8:f0:39: 30:15:51:76:15:bb:16:77:a8:7b:f3:2b:b0:00:13: b7:45:fd:26:5b:18:50:0d:cd:51:ed:da:30:dd:6a: bb:12:6e:d1:a2:a9:a4:d9:83:8c:9d:f9:6e:cb:e5: 8e:9a:07:ca:11:5c:91:db:96:19:e8:02:bc:3e:ce: 13:08:c4:47:a1:3a:8b:0c:1c:52:f2:74:5c:09:7e: 10:db:70:55:0c:17:4c:ee:49:9b:d3:16:f1:77:6e: 42:80:ba:55:70:b0:b8:a5:af:98:4a:58:90:7b:88: 50:93:5c:cd:13:e6:0a:f2:46:68:dd:1e:84:2f:e7: 23:3a:ab:1b:80:f0:7c:8b:8a:bd:83:7b:bb:82:19: 58:d1:45:dc:9d:86:54:f0:9e:a8:2e:ae:e4:a4:e0: 53:8f:28:25:18:fa:b3:de:eb:d8:f1:b0:d7:5d:15: 05:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:E1:27:6D:9F:EF:6B:9F:B5:43:D4:77:DF:DC:91:45:4F:D5:E9:F9 X509v3 Authority Key Identifier: keyid:52:D5:D6:FF:BD:A8:8F:54:5E:51:BA:F9:9F:7D:AC:E1:93:C0:6E:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F17F6/ED93CEE8F2B511EA9A3F6341C4F9AE02/UtXW_72oj1ReUbr5n32s4ZPAblc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UtXW_72oj1ReUbr5n32s4ZPAblc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17F6/ED93CEE8F2B511EA9A3F6341C4F9AE02/AF95E6D8F2B711EAA1C01744C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.231.72.0/22 103.3.72.0/22 Signature Algorithm: sha256WithRSAEncryption 82:1c:ad:a8:fb:07:8d:3d:85:4d:f5:7d:d9:ed:54:2a:87:d2: 9e:2f:3d:66:38:51:d9:d1:ec:eb:95:71:4e:47:56:9b:31:81: 90:44:26:45:cb:69:7d:e3:96:1f:70:86:0c:c2:42:c0:58:9c: 68:b2:1c:ad:d8:b6:5e:b0:e7:37:93:3e:5b:22:95:36:2f:72: 08:d5:da:a3:f0:13:ed:9c:1c:26:85:1c:76:6c:56:45:f7:43: 59:14:05:5f:25:35:9c:6d:e3:43:45:87:5f:b1:38:f9:7b:16: 5a:9c:cf:d7:81:93:f4:b0:6c:b2:99:fd:8b:cd:2f:d1:78:37: 61:bc:ea:8d:e6:6f:ce:12:5d:b7:f5:0c:08:3f:ba:d0:a4:1e: 55:01:f7:4f:b6:94:6a:a5:0f:76:1a:be:63:bf:ac:b1:0d:90: 2e:e9:f2:09:21:94:f0:8f:86:0e:90:bc:b9:73:27:d8:77:a1: 42:7e:26:0b:65:0c:3a:ae:3e:2d:f0:c7:a2:4d:7f:a9:27:3d: 08:31:3e:dc:f0:d0:5a:7b:21:18:23:be:b3:d9:ad:3c:ed:ea: 6e:8d:37:49:57:4c:40:bc:86:db:7e:1e:2f:11:70:6e:c4:d9: 10:48:03:7a:f9:f4:fc:46:b1:c0:b8:6c:62:bf:14:4d:da:18: 03:09:95:f2 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICB8owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjE3RjYxMTAvBgNVBAUTKDUyRDVENkZGQkRBODhGNTQ1RTUxQkFGOTlGN0RBQ0Ux OTNDMDZFNTcwHhcNMjUwNTAyMjEzMzE1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE1M2ExYi1iNjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuv3lFI1fTHsDgfTF9hzu6ut5++fTV+fhgDv6cFdsxNCUikLIht1Lg3Qlwp0j WrCz6CtHqdjPIfSJtO1/aCfzmO7ckfcAHkYm0rY1qvh55a8Gz+P2SOuo8DkwFVF2 FbsWd6h78yuwABO3Rf0mWxhQDc1R7dow3Wq7Em7Roqmk2YOMnfluy+WOmgfKEVyR 25YZ6AK8Ps4TCMRHoTqLDBxS8nRcCX4Q23BVDBdM7kmb0xbxd25CgLpVcLC4pa+Y SliQe4hQk1zNE+YK8kZo3R6EL+cjOqsbgPB8i4q9g3u7ghlY0UXcnYZU8J6oLq7k pOBTjyglGPqz3uvY8bDXXRUFVwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDrhJ22f 72uftUPUd9/ckUVP1en5MB8GA1UdIwQYMBaAFFLV1v+9qI9UXlG6+Z99rOGTwG5X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdGNi9FRDkzQ0VFOEYy QjUxMUVBOUEzRjYzNDFDNEY5QUUwMi9VdFhXXzcyb2oxUmVVYnI1bjMyczRaUEFi bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1V0WFdfNzJvajFSZVVicjVuMzJzNFpQQWJsYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjE3RjYvRUQ5M0NFRThGMkI1MTFFQTlBM0Y2MzQxQzRGOUFFMDIvQUY5NUU2RDhG MkI3MTFFQUExQzAxNzQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr50gDBAJnA0gwDQYJKoZIhvcNAQELBQADggEBAIIcraj7 B409hU31fdntVCqH0p4vPWY4UdnR7OuVcU5HVpsxgZBEJkXLaX3jlh9whgzCQsBY nGiyHK3Ytl6w5zeTPlsilTYvcgjV2qPwE+2cHCaFHHZsVkX3Q1kUBV8lNZxt40NF h1+xOPl7Flqcz9eBk/SwbLKZ/YvNL9F4N2G86o3mb84SXbf1DAg/utCkHlUB90+2 lGqlD3YavmO/rLENkC7p8gkhlPCPhg6QvLlzJ9h3oUJ+JgtlDDquPi3wx6JNf6kn PQgxPtzw0Fp7IRgjvrPZrTzt6m6NN0lXTEC8htt+Hi8RcG7E2RBIA3r59PxGscC4 bGK/FE3aGAMJlfI= -----END CERTIFICATE-----Generated at Sun May 11 16:50:41 2025 by rpki-client