$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/C5AFD098167311F0916F5435C4F9AE02.roa File: C5AFD098167311F0916F5435C4F9AE02.roa (raw, json) Hash identifier: NKujXUGh0X/SkT7+y791gsNwYlUiCMjNSQHbtD/TZ7k= Subject key identifier: 9D:FC:C2:F4:42:0F:2B:2B:71:29:BC:10:03:2B:95:87:6B:66:4E:FE Certificate issuer: /CN=A91DA0AA/serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD Certificate serial: 017E Authority key identifier: ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/C5AFD098167311F0916F5435C4F9AE02.roa Signing time: Fri 11 Apr 2025 01:24:54 +0000 ROA not before: Fri 11 Apr 2025 01:24:54 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 17828 IP address blocks: 103.20.76.0/22 maxlen: 22 202.58.128.0/22 maxlen: 22 202.165.192.0/20 maxlen: 24 2001:c60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7Y9dbJv8FI96u3CMUpHThHgcYf0.crl rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7Y9dbJv8FI96u3CMUpHThHgcYf0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 382 (0x17e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA0AA, serialNumber=ED8F5D6C9BFC148F7ABB708C5291D384781C61FD Validity Not Before: Apr 11 01:24:54 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67f86f66-1fe9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:ea:a6:82:e8:f6:80:e8:79:46:55:98:80:e0: 01:fe:3f:e0:1e:6b:05:f7:57:1b:63:1a:2d:ec:b6: ef:de:44:ff:69:11:f0:cf:c2:12:dc:8e:2a:82:da: b3:d3:74:99:59:44:ef:9b:c6:4e:0c:b1:a1:3f:b2: 0f:b5:2e:e8:93:e2:f2:d6:ae:1d:5d:17:47:f8:59: 25:6a:db:40:5a:5f:d2:e9:e9:d3:9b:f4:9f:dc:9c: 16:8a:94:f9:41:18:2b:12:a2:4a:20:b9:22:2b:04: d8:12:28:1a:f9:e3:91:c3:d3:e0:5e:e7:dc:e6:c0: f7:74:a5:33:3a:17:e6:9c:79:b7:2f:47:77:c4:86: 5a:d5:98:1d:d8:dd:02:a2:43:db:40:2d:24:5b:a5: cb:bd:dc:e8:2a:82:e8:fa:f3:2e:08:51:88:1f:72: ad:08:52:09:24:83:3a:17:4e:0c:cb:a6:b7:df:aa: 13:4f:df:fa:5a:8e:96:fe:e9:10:31:14:58:3e:36: 01:10:87:78:78:8f:27:6a:e4:1a:df:17:a6:e5:c4: cf:76:9d:b7:09:22:ed:56:0e:d1:7f:b4:ff:18:7e: a5:3a:14:d0:3d:8f:78:b7:52:e9:34:54:fc:56:08: c4:6a:8f:87:9a:81:da:8f:f3:90:6d:bf:eb:36:82: c2:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:FC:C2:F4:42:0F:2B:2B:71:29:BC:10:03:2B:95:87:6B:66:4E:FE X509v3 Authority Key Identifier: keyid:ED:8F:5D:6C:9B:FC:14:8F:7A:BB:70:8C:52:91:D3:84:78:1C:61:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/7Y9dbJv8FI96u3CMUpHThHgcYf0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Y9dbJv8FI96u3CMUpHThHgcYf0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA0AA/82BBB552003D11EE9608F147C4F9AE02/C5AFD098167311F0916F5435C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.20.76.0/22 202.58.128.0/22 202.165.192.0/20 IPv6: 2001:c60::/32 Signature Algorithm: sha256WithRSAEncryption 06:dc:97:31:f6:e1:9c:65:76:c8:56:a9:40:e0:ae:8f:09:cd: c4:9f:8c:2d:ff:02:9b:bb:1e:f8:8e:18:b1:73:62:aa:e3:a7: 51:ff:9e:ae:4d:09:1f:47:ed:35:7e:31:c1:43:d5:c4:51:a3: ef:d5:38:da:e2:b3:9b:97:28:da:28:97:57:ca:f9:4a:73:3c: 6e:6e:47:41:1d:78:7c:0d:c3:7b:d0:0e:90:df:9f:ba:38:8b: 88:89:e4:1c:91:60:31:f6:bf:fa:d4:a7:52:55:f9:3b:f5:44: 00:0c:b4:7f:6c:3a:52:61:38:01:86:77:70:14:8f:6f:26:da: ba:f6:b6:ed:d4:2e:07:68:67:47:74:a1:a9:23:1d:85:ce:2f: 62:e7:3e:4a:1e:39:c3:8c:2f:92:49:2c:7a:bb:c5:25:15:9f: 71:15:28:6c:73:42:69:1e:5a:1c:50:ad:f9:8f:b7:63:c1:9f: ac:01:ea:8b:13:ad:4c:8d:0a:df:57:d6:aa:d7:d0:44:de:0f: a9:0a:e5:e6:50:62:cc:ed:48:38:ef:94:01:28:cd:48:04:d9: a5:04:4b:de:76:7e:9c:90:8a:57:65:00:8a:42:07:aa:d4:e1: fc:27:c6:dc:49:94:cf:9c:6c:da:90:15:0e:f8:85:1d:70:e3: 84:15:ff:21 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICAX4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REEwQUExMTAvBgNVBAUTKEVEOEY1RDZDOUJGQzE0OEY3QUJCNzA4QzUyOTFEMzg0 NzgxQzYxRkQwHhcNMjUwNDExMDEyNDU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y4NmY2Ni0xZmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3uqmguj2gOh5RlWYgOAB/j/gHmsF91cbYxot7Lbv3kT/aRHwz8IS3I4qgtqz 03SZWUTvm8ZODLGhP7IPtS7ok+Ly1q4dXRdH+FklattAWl/S6enTm/Sf3JwWipT5 QRgrEqJKILkiKwTYEiga+eORw9PgXufc5sD3dKUzOhfmnHm3L0d3xIZa1Zgd2N0C okPbQC0kW6XLvdzoKoLo+vMuCFGIH3KtCFIJJIM6F04My6a336oTT9/6Wo6W/ukQ MRRYPjYBEId4eI8nauQa3xem5cTPdp23CSLtVg7Rf7T/GH6lOhTQPY94t1LpNFT8 VgjEao+HmoHaj/OQbb/rNoLCLwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFJ38wvRC DysrcSm8EAMrlYdrZk7+MB8GA1UdIwQYMBaAFO2PXWyb/BSPertwjFKR04R4HGH9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTBBQS84MkJCQjU1MjAw M0QxMUVFOTYwOEYxNDdDNEY5QUUwMi83WTlkYkp2OEZJOTZ1M0NNVXBIVGhIZ2NZ ZjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdZOWRiSnY4Rkk5NnUzQ01VcEhUaEhnY1lmMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REEwQUEvODJCQkI1NTIwMDNEMTFFRTk2MDhGMTQ3QzRGOUFFMDIvQzVBRkQwOTgx NjczMTFGMDkxNkY1NDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnFEwDBALKOoADBATKpcAwDQQCAAIwBwMFACABDGAwDQYJ KoZIhvcNAQELBQADggEBAAbclzH24ZxldshWqUDgro8JzcSfjC3/Apu7HviOGLFz Yqrjp1H/nq5NCR9H7TV+McFD1cRRo+/VONris5uXKNool1fK+UpzPG5uR0EdeHwN w3vQDpDfn7o4i4iJ5ByRYDH2v/rUp1JV+Tv1RAAMtH9sOlJhOAGGd3AUj28m2rr2 tu3ULgdoZ0d0oakjHYXOL2LnPkoeOcOML5JJLHq7xSUVn3EVKGxzQmkeWhxQrfmP t2PBn6wB6osTrUyNCt9X1qrX0ETeD6kK5eZQYsztSDjvlAEozUgE2aUES952fpyQ ildlAIpCB6rU4fwnxtxJlM+cbNqQFQ74hR1w44QV/yE= -----END CERTIFICATE-----Generated at Sun Apr 27 05:43:13 2025 by rpki-client on console.sobornost.net