$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/1595B1FED9AC11EF839F3432C4F9AE02.roa File: 1595B1FED9AC11EF839F3432C4F9AE02.roa (raw, json) Hash identifier: AVqyrwzxwv29vA+eeoVtTi+rlSfGPjPYZVTTcrYZmKY= Subject key identifier: D9:9F:33:B4:C6:CE:B9:7F:81:DE:F3:53:DA:5F:71:23:D5:F5:86:5E Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013 Certificate serial: 06B9 Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/1595B1FED9AC11EF839F3432C4F9AE02.roa Signing time: Thu 23 Jan 2025 17:04:46 +0000 ROA not before: Thu 23 Jan 2025 17:04:46 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 6134 IP address blocks: 43.247.132.0/22 maxlen: 24 43.254.164.0/22 maxlen: 24 43.255.156.0/22 maxlen: 24 103.30.76.0/22 maxlen: 24 103.171.34.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 23:39:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1721 (0x6b9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9139322 Validity Not Before: Jan 23 17:04:46 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=679276ad-7b2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:62:67:61:30:0e:bc:05:67:53:ca:4b:93:20: f4:6f:5e:cd:11:3a:e6:63:a5:7a:7d:23:c9:d8:b2: a3:36:6d:a9:f0:9b:54:3f:84:1b:83:0f:ea:3e:a7: f2:60:ab:48:32:92:2b:84:5b:a5:93:ba:a1:7c:e2: a1:e5:8b:70:62:4f:ec:5b:55:c5:13:95:09:12:6a: e3:0b:cc:be:1c:53:6b:44:f5:2e:4a:c8:99:6a:ae: fa:20:e1:4d:1e:aa:c4:70:03:45:91:08:d4:34:74: 73:65:f1:e0:08:08:a9:3d:c9:bd:50:f2:a1:11:54: fa:44:4b:f7:41:1f:87:24:a4:08:75:6d:b6:8f:9a: 13:b2:c9:1d:9d:6a:92:be:22:b8:df:be:00:f4:2b: e4:6b:6d:b4:0d:a7:b0:85:4b:d6:83:00:cd:92:74: 0e:a0:f6:e5:f0:68:d6:a3:0c:d3:12:26:b7:5b:44: 92:3a:19:c2:d5:43:bd:d9:b3:f9:96:47:ba:01:77: 01:43:42:66:0d:a3:31:fd:89:b1:fd:11:45:0b:17: 92:92:be:18:74:e0:2d:dd:90:b4:77:07:9e:04:e8: 2f:65:52:92:6a:96:7a:aa:a4:2b:e9:13:d8:7a:bd: ae:68:6f:4b:87:2e:39:e1:6f:1e:fd:57:2f:f3:a1: 2e:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:9F:33:B4:C6:CE:B9:7F:81:DE:F3:53:DA:5F:71:23:D5:F5:86:5E X509v3 Authority Key Identifier: keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/1595B1FED9AC11EF839F3432C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.247.132.0/22 43.254.164.0/22 43.255.156.0/22 103.30.76.0/22 103.171.34.0/23 Signature Algorithm: sha256WithRSAEncryption 38:de:9f:d0:1b:64:88:b7:e3:1d:ef:da:00:29:6a:d1:3c:b6: 41:bf:0d:58:c0:30:77:d9:b6:4d:8a:db:fd:97:76:81:83:af: b6:1e:b2:49:50:94:bc:fe:ff:f9:91:56:47:34:c4:7c:65:68: cc:21:e1:e0:5b:d9:ea:fe:3b:c7:f3:5a:07:29:4b:e4:87:d8: 13:1e:23:d2:33:48:a2:66:32:02:af:bd:c4:68:78:46:e7:10: f2:1a:c4:04:ba:df:95:43:24:83:81:c5:cd:77:78:94:7f:74: 54:ab:9d:27:a4:24:6a:6d:63:00:6c:d0:d0:47:21:13:84:cf: 25:d9:62:7f:54:1a:bd:17:34:49:10:91:4e:9f:b4:4a:38:27: b1:a6:f0:2b:6e:1b:58:14:b5:b3:18:77:86:4d:5e:13:e8:76: fb:e0:29:e0:c8:bd:1b:f6:de:9d:17:1a:88:06:d6:2a:e5:91: c0:79:a4:4a:e1:04:ba:66:d9:a6:d7:3a:bc:bd:6a:e2:68:56: c6:b0:73:b6:3e:13:47:5e:7d:bc:d0:52:52:e3:1c:38:81:e1: b4:97:0a:d0:d9:f1:4d:25:83:0f:23:8d:6f:32:37:4c:54:fd: 1b:60:26:c7:e0:f1:d1:cb:4f:39:38:3e:af:af:64:4c:13:f4: b2:71:76:4d -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICBrkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF QTNDNzEwMTMwHhcNMjUwMTIzMTcwNDQ2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzkyNzZhZC03YjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0mJnYTAOvAVnU8pLkyD0b17NETrmY6V6fSPJ2LKjNm2p8JtUP4Qbgw/qPqfy YKtIMpIrhFulk7qhfOKh5YtwYk/sW1XFE5UJEmrjC8y+HFNrRPUuSsiZaq76IOFN HqrEcANFkQjUNHRzZfHgCAipPcm9UPKhEVT6REv3QR+HJKQIdW22j5oTsskdnWqS viK4374A9Cvka220DaewhUvWgwDNknQOoPbl8GjWowzTEia3W0SSOhnC1UO92bP5 lke6AXcBQ0JmDaMx/Ymx/RFFCxeSkr4YdOAt3ZC0dweeBOgvZVKSapZ6qqQr6RPY er2uaG9Lhy454W8e/Vcv86Eu1wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFNmfM7TG zrl/gd7zU9pfcSPV9YZeMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2 NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvMTU5NUIxRkVE OUFDMTFFRjgzOUYzNDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAIr94QDBAIr/qQDBAIr/5wDBAJnHkwDBAFnqyIwDQYJKoZI hvcNAQELBQADggEBADjen9AbZIi34x3v2gApatE8tkG/DVjAMHfZtk2K2/2XdoGD r7YesklQlLz+//mRVkc0xHxlaMwh4eBb2er+O8fzWgcpS+SH2BMeI9IzSKJmMgKv vcRoeEbnEPIaxAS635VDJIOBxc13eJR/dFSrnSekJGptYwBs0NBHIROEzyXZYn9U Gr0XNEkQkU6ftEo4J7Gm8CtuG1gUtbMYd4ZNXhPodvvgKeDIvRv23p0XGogG1irl kcB5pErhBLpm2abXOry9auJoVsawc7Y+E0defbzQUlLjHDiB4bSXCtDZ8U0lgw8j jW8yN0xU/RtgJsfg8dHLTzk4Pq+vZEwT9LJxdk0= -----END CERTIFICATE-----Generated at Sat Apr 5 07:12:10 2025 by rpki-client