$ rpki-client -vvf rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/BA3A46C28D3211EB9BFE873BC4F9AE02.roa File: BA3A46C28D3211EB9BFE873BC4F9AE02.roa (raw, json) Hash identifier: ETZXfLUU8V3KJwKDLSCPK2awgHX/8QZCXq5mNJZzacU= Subject key identifier: C9:4C:48:7D:85:65:90:12:E5:E8:2E:8A:20:17:AF:48:90:7F:DB:C0 Certificate issuer: /CN=A91551D7/serialNumber=113618B0D410682AC06A901D65BB9AC955ED89E0 Certificate serial: 0E2C Authority key identifier: 11:36:18:B0:D4:10:68:2A:C0:6A:90:1D:65:BB:9A:C9:55:ED:89:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ETYYsNQQaCrAapAdZbuayVXtieA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/BA3A46C28D3211EB9BFE873BC4F9AE02.roa Signing time: Wed 18 Dec 2024 18:16:23 +0000 ROA not before: Wed 18 Dec 2024 18:16:23 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 38199 IP address blocks: 103.7.68.0/22 maxlen: 22 120.138.80.0/20 maxlen: 20 163.47.88.0/22 maxlen: 22 221.133.32.0/21 maxlen: 21 221.133.40.0/21 maxlen: 21 223.27.128.0/20 maxlen: 20 2402:9a00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/ETYYsNQQaCrAapAdZbuayVXtieA.crl rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/ETYYsNQQaCrAapAdZbuayVXtieA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ETYYsNQQaCrAapAdZbuayVXtieA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 17:59:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3628 (0xe2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91551D7, serialNumber=113618B0D410682AC06A901D65BB9AC955ED89E0 Validity Not Before: Dec 18 18:16:23 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67631177-a34d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:87:3c:f0:2e:0e:31:37:ee:f8:56:c6:5e:d4: 0d:22:a7:63:b4:68:be:77:9d:29:51:c8:1b:2a:d6: 22:3a:09:78:b9:2c:b3:ad:88:d1:90:06:d9:a9:8d: 44:c1:5b:5b:e3:87:da:6b:41:91:40:ba:a1:46:7b: 8b:8c:fc:ae:51:72:48:ec:ab:5a:39:05:a5:5b:d8: a0:d2:6f:1a:a0:62:ea:b9:96:a3:35:4d:6b:74:e2: fe:46:21:cd:f9:da:2b:ae:92:11:b0:40:66:6f:91: c4:a6:cd:e9:9f:4a:95:ce:69:e3:51:5c:02:68:f7: d4:3c:bf:5c:51:3e:24:1c:f4:a2:fd:05:e1:c5:67: ec:5b:80:74:d3:cf:cf:67:0a:0e:cb:4f:69:37:cd: 42:ce:3c:40:ac:41:43:9b:e1:85:18:33:c8:cf:c7: 9c:66:3a:4f:eb:e6:2d:92:60:fb:0d:07:08:6a:91: 9f:e6:0c:4f:ff:ca:58:9d:2e:af:a8:6f:c2:31:93: 7e:30:93:9c:fb:f0:68:50:6d:42:81:66:76:72:ac: 8a:d9:41:28:5a:6c:c5:b6:3b:bd:0d:97:00:2e:22: 8a:47:6a:bd:cf:80:41:56:2a:a1:ab:dd:23:a4:b3: 4d:88:0c:8e:e0:c6:05:3d:1a:11:3c:8c:87:77:44: 80:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:4C:48:7D:85:65:90:12:E5:E8:2E:8A:20:17:AF:48:90:7F:DB:C0 X509v3 Authority Key Identifier: keyid:11:36:18:B0:D4:10:68:2A:C0:6A:90:1D:65:BB:9A:C9:55:ED:89:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/ETYYsNQQaCrAapAdZbuayVXtieA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ETYYsNQQaCrAapAdZbuayVXtieA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/BA3A46C28D3211EB9BFE873BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.7.68.0/22 120.138.80.0/20 163.47.88.0/22 221.133.32.0/20 223.27.128.0/20 IPv6: 2402:9a00::/32 Signature Algorithm: sha256WithRSAEncryption 35:30:bf:32:25:47:f2:e3:e3:60:7f:25:92:f4:b6:da:aa:14: 94:57:f2:4f:84:18:ff:40:89:74:21:cc:c7:ca:68:2c:1d:58: ab:2b:6f:c2:7a:89:b1:42:af:21:c8:c3:0c:ed:ac:fe:74:ba: 05:ff:02:ca:8a:b6:5c:54:ca:8b:4e:59:91:66:f6:ec:f5:7b: 7c:9c:79:92:b6:b7:a9:57:ab:7c:d2:1b:6c:8d:5a:cd:12:00: 21:bc:8c:ec:c9:4e:21:45:9b:74:75:f8:0d:3f:7e:83:d6:19: e5:ed:bd:32:e7:eb:70:30:ba:cc:7a:29:48:14:8d:f5:ee:7a: 61:ba:00:82:7b:72:40:12:f6:fe:38:5d:d6:e9:a6:f4:dd:bd: 63:d0:65:f5:32:27:b5:1d:9a:aa:e8:14:db:5c:5f:41:84:03: 03:93:85:f5:a9:57:bf:76:2d:66:a4:93:78:c5:71:9e:1d:a3: 80:8f:30:fa:a1:ce:9d:04:dc:a9:69:6a:ca:aa:93:f8:d1:78: 7d:b7:84:35:ba:c0:a9:7b:00:9b:e5:ed:ae:a3:ef:21:e7:d1: 92:d7:12:2f:c2:0d:c9:65:0e:e1:eb:c7:b7:b3:2c:e2:1a:02: 78:48:f2:1a:ba:dc:d4:67:a6:41:59:2a:f8:ed:b8:ca:d7:85: e7:cb:6b:fc -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICDiwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTUxRDcxMTAvBgNVBAUTKDExMzYxOEIwRDQxMDY4MkFDMDZBOTAxRDY1QkI5QUM5 NTVFRDg5RTAwHhcNMjQxMjE4MTgxNjIzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzYzMTE3Ny1hMzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuYc88C4OMTfu+FbGXtQNIqdjtGi+d50pUcgbKtYiOgl4uSyzrYjRkAbZqY1E wVtb44faa0GRQLqhRnuLjPyuUXJI7KtaOQWlW9ig0m8aoGLquZajNU1rdOL+RiHN +dorrpIRsEBmb5HEps3pn0qVzmnjUVwCaPfUPL9cUT4kHPSi/QXhxWfsW4B008/P ZwoOy09pN81CzjxArEFDm+GFGDPIz8ecZjpP6+YtkmD7DQcIapGf5gxP/8pYnS6v qG/CMZN+MJOc+/BoUG1CgWZ2cqyK2UEoWmzFtju9DZcALiKKR2q9z4BBViqhq90j pLNNiAyO4MYFPRoRPIyHd0SASwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFMlMSH2F ZZAS5eguiiAXr0iQf9vAMB8GA1UdIwQYMBaAFBE2GLDUEGgqwGqQHWW7mslV7Yng MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTFENy82OEYwOTI5MjlF MkYxMUU5QjJFNTI4MEFDNEY5QUUwMi9FVFlZc05RUWFDckFhcEFkWmJ1YXlWWHRp ZUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VUWVlzTlFRYUNyQWFwQWRaYnVheVZYdGllQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTUxRDcvNjhGMDkyOTI5RTJGMTFFOUIyRTUyODBBQzRGOUFFMDIvQkEzQTQ2QzI4 RDMyMTFFQjlCRkU4NzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAJnB0QDBAR4ilADBAKjL1gDBATdhSADBATfG4AwDQQCAAIw BwMFACQCmgAwDQYJKoZIhvcNAQELBQADggEBADUwvzIlR/Lj42B/JZL0ttqqFJRX 8k+EGP9AiXQhzMfKaCwdWKsrb8J6ibFCryHIwwztrP50ugX/AsqKtlxUyotOWZFm 9uz1e3yceZK2t6lXq3zSG2yNWs0SACG8jOzJTiFFm3R1+A0/foPWGeXtvTLn63Aw usx6KUgUjfXuemG6AIJ7ckAS9v44XdbppvTdvWPQZfUyJ7UdmqroFNtcX0GEAwOT hfWpV792LWakk3jFcZ4do4CPMPqhzp0E3Klpasqqk/jReH23hDW6wKl7AJvl7a6j 7yHn0ZLXEi/CDcllDuHrx7ezLOIaAnhI8hq63NRnpkFZKvjtuMrXhefLa/w= -----END CERTIFICATE-----Generated at Mon Apr 28 20:10:35 2025 by rpki-client on console.sobornost.net