$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/AF0508E8B1EE11EF93E70F63C4F9AE02.roa File: AF0508E8B1EE11EF93E70F63C4F9AE02.roa (raw, json) Hash identifier: /m7E0Dw/anD8qYNxCWedW44uleLaVBkf0eBmZ6XFvMk= Subject key identifier: 19:DE:0F:07:BA:6B:C8:C5:46:DD:78:A1:47:15:E6:62:C2:F5:BF:CB Certificate issuer: /CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD Certificate serial: 0CAB Authority key identifier: DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/AF0508E8B1EE11EF93E70F63C4F9AE02.roa Signing time: Sun 04 May 2025 18:28:13 +0000 ROA not before: Sun 04 May 2025 18:28:13 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 141452 IP address blocks: 103.214.80.0/24 maxlen: 24 103.214.81.0/24 maxlen: 24 103.214.83.0/24 maxlen: 24 144.48.85.0/24 maxlen: 24 144.48.86.0/24 maxlen: 24 144.48.87.0/24 maxlen: 24 2404:d580::/32 maxlen: 32 2404:d580::/48 maxlen: 48 2404:d580:1::/48 maxlen: 48 2404:d580:2::/48 maxlen: 48 2404:d580:3::/48 maxlen: 48 2404:d580:4::/48 maxlen: 48 2404:d580:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 18:11:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3243 (0xcab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEBE3, serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD Validity Not Before: May 4 18:28:13 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6817b1bd-529d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:2b:c5:a7:2c:04:dc:78:28:c8:ac:3a:1f:2f: d1:0c:c7:a5:5e:4e:b0:c5:29:9e:6b:e3:e4:9d:6d: 67:cf:4f:de:30:18:ca:12:69:e1:fe:76:b5:60:5b: fb:e6:36:81:4a:75:cb:2d:aa:cc:42:3a:68:36:39: 79:c7:9f:62:1d:ed:06:f2:b5:38:68:52:ef:09:89: d0:31:c9:b6:98:e7:f1:22:55:20:02:a1:cb:f0:ae: 32:31:28:4f:18:6d:04:c0:88:bc:d5:0e:f7:0f:fa: 6b:d3:64:02:2f:3a:7b:2d:b7:61:9f:d0:9c:94:73: 7b:aa:94:d7:9c:0d:0e:b6:f0:64:3a:a7:b1:51:90: 0b:e5:df:b5:e9:e1:45:55:c8:02:79:2f:8d:48:3c: 1c:ad:31:7d:29:dd:18:08:5e:5d:bb:ce:7a:56:cf: 50:8c:49:13:e4:68:d1:a2:7a:31:03:1f:1f:e0:48: 2a:57:40:36:98:58:ce:99:d2:b0:96:aa:e8:98:de: 86:51:a8:5b:4f:d0:33:45:81:8a:25:3e:75:0a:0c: 82:d5:9b:a9:d2:f7:1e:e8:b4:40:ea:cf:82:62:36: d2:f3:ce:d5:53:01:d7:af:10:75:86:c7:b3:e9:bc: 1a:33:f8:f6:90:12:2d:67:e3:32:fd:b9:be:2d:2d: f3:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:DE:0F:07:BA:6B:C8:C5:46:DD:78:A1:47:15:E6:62:C2:F5:BF:CB X509v3 Authority Key Identifier: keyid:DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/AF0508E8B1EE11EF93E70F63C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.214.80.0/23 103.214.83.0/24 144.48.85.0-144.48.87.255 IPv6: 2404:d580::/32 Signature Algorithm: sha256WithRSAEncryption 53:6e:4b:c3:29:66:a1:58:73:e5:4e:6f:93:47:95:2b:75:28: d1:94:a1:6e:d6:ec:ac:4f:06:04:5e:fe:d3:fe:cc:7f:21:14: 4e:da:b1:76:8c:73:a5:3c:c0:87:d4:8e:a2:a2:d6:d6:7a:cd: cb:cf:70:ec:bf:7b:5e:03:13:e8:55:ad:6d:32:59:02:83:5e: c8:81:55:83:4c:f4:c0:82:15:dd:1e:00:9a:2d:11:ef:c5:f2: ae:d4:67:c9:04:21:a0:5e:31:ba:04:85:a4:32:77:d6:79:04: 11:9a:45:a5:90:30:9e:25:55:96:46:ce:ed:71:d5:25:a3:1b: 2a:12:83:e0:83:de:e4:57:81:8e:a0:84:fd:bc:6e:1f:b0:4c: 12:4c:a6:1d:47:7f:3c:92:47:1e:72:78:f1:c5:40:8c:78:55: 9b:07:b7:ee:b0:4d:fc:9d:a6:e0:46:0f:22:4c:93:c6:28:13: 03:64:e2:ed:d3:39:14:f8:e7:65:eb:e4:55:d2:ec:af:5a:01: e7:a6:27:bb:47:f3:0c:24:91:09:0c:45:83:30:74:b8:d3:0e: 2a:46:02:a0:0c:d3:5c:7e:c9:f1:14:cd:93:a0:8a:9f:c4:62: e1:bf:60:90:66:c7:89:4d:af:84:85:9a:37:28:08:54:2f:2f: 5d:00:95:a1 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgICDKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REVCRTMxMTAvBgNVBAUTKERFNTA1NDJCRUExMDgyMDFBNzcyQzAwQkM5RjI1MUFE MTdGQTk2Q0QwHhcNMjUwNTA0MTgyODEzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE3YjFiZC01MjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8ivFpywE3HgoyKw6Hy/RDMelXk6wxSmea+PknW1nz0/eMBjKEmnh/na1YFv7 5jaBSnXLLarMQjpoNjl5x59iHe0G8rU4aFLvCYnQMcm2mOfxIlUgAqHL8K4yMShP GG0EwIi81Q73D/pr02QCLzp7Lbdhn9CclHN7qpTXnA0OtvBkOqexUZAL5d+16eFF VcgCeS+NSDwcrTF9Kd0YCF5du856Vs9QjEkT5GjRonoxAx8f4EgqV0A2mFjOmdKw lqromN6GUahbT9AzRYGKJT51CgyC1Zup0vce6LRA6s+CYjbS887VUwHXrxB1hsez 6bwaM/j2kBItZ+My/bm+LS3zPQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFBneDwe6 a8jFRt14oUcV5mLC9b/LMB8GA1UdIwQYMBaAFN5QVCvqEIIBp3LAC8nyUa0X+pbN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUJFMy84MEFFMTBDNjA0 NTAxMUVBQkE4MkM0MTVDNEY5QUUwMi8zbEJVSy1vUWdnR25jc0FMeWZKUnJSZjZs czAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNsQlVLLW9RZ2dHbmNzQUx5ZkpSclJmNmxzMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REVCRTMvODBBRTEwQzYwNDUwMTFFQUJBODJDNDE1QzRGOUFFMDIvQUYwNTA4RThC MUVFMTFFRjkzRTcwRjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E MzAxMCAEAgABMBoDBAFn1lADBABn1lMwDAMEAJAwVQMEA5AwUDANBAIAAjAHAwUA JATVgDANBgkqhkiG9w0BAQsFAAOCAQEAU25LwylmoVhz5U5vk0eVK3Uo0ZShbtbs rE8GBF7+0/7MfyEUTtqxdoxzpTzAh9SOoqLW1nrNy89w7L97XgMT6FWtbTJZAoNe yIFVg0z0wIIV3R4Ami0R78XyrtRnyQQhoF4xugSFpDJ31nkEEZpFpZAwniVVlkbO 7XHVJaMbKhKD4IPe5FeBjqCE/bxuH7BMEkymHUd/PJJHHnJ48cVAjHhVmwe37rBN /J2m4EYPIkyTxigTA2Ti7dM5FPjnZevkVdLsr1oB56Ynu0fzDCSRCQxFgzB0uNMO KkYCoAzTXH7J8RTNk6CKn8Ri4b9gkGbHiU2vhIWaNygIVC8vXQCVoQ== -----END CERTIFICATE-----Generated at Tue May 6 20:07:49 2025 by rpki-client on console.sobornost.net