$ rpki-client -vvf rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/31414558B0D511EFB17B942FC4F9AE02.roa File: 31414558B0D511EFB17B942FC4F9AE02.roa (raw, json) Hash identifier: mtUL6kpWcJ0s0WYAq9l26D9HLDGvLgZ5GCmZqFRcyjs= Subject key identifier: 9A:05:4B:E1:EA:38:A6:3A:8B:92:2A:11:1A:2E:F3:6B:1E:DD:74:CB Certificate issuer: /CN=A9143B09/serialNumber=5329700B4DDDAD9E3FCDC3273F4D18D3E3045DC0 Certificate serial: 08AA Authority key identifier: 53:29:70:0B:4D:DD:AD:9E:3F:CD:C3:27:3F:4D:18:D3:E3:04:5D:C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UylwC03drZ4_zcMnP00Y0-MEXcA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/31414558B0D511EFB17B942FC4F9AE02.roa Signing time: Wed 26 Mar 2025 17:26:37 +0000 ROA not before: Wed 26 Mar 2025 17:26:37 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 133957 IP address blocks: 45.118.68.0/24 maxlen: 24 45.118.69.0/24 maxlen: 24 45.118.70.0/24 maxlen: 24 45.118.71.0/24 maxlen: 24 103.49.200.0/24 maxlen: 24 103.49.202.0/24 maxlen: 24 103.49.203.0/24 maxlen: 24 2402:1c80::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/UylwC03drZ4_zcMnP00Y0-MEXcA.crl rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/UylwC03drZ4_zcMnP00Y0-MEXcA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UylwC03drZ4_zcMnP00Y0-MEXcA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:27:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2218 (0x8aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143B09 Validity Not Before: Mar 26 17:26:37 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67e438cd-f984 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:ef:29:cc:10:18:6b:81:e3:5e:0a:c4:0e:8f: 39:5a:84:37:74:bd:30:ab:34:b1:a2:d7:e6:75:24: 14:ff:8c:cc:eb:20:68:a7:9a:bf:11:c2:5b:ca:ca: e0:c0:a7:8b:09:6c:f3:7d:af:44:dd:92:90:7a:a6: 55:a3:0c:b4:83:78:32:55:e1:d8:9f:f0:5d:28:23: 05:70:a3:ec:15:e5:9f:34:f6:fa:1f:18:cf:b5:79: bc:a9:d9:6a:b0:75:44:9d:42:52:99:db:fc:dc:22: f6:66:cb:d3:33:72:32:f7:8f:5c:db:59:6e:1a:d4: 32:d9:b8:89:76:97:f3:32:28:23:ac:0e:eb:99:90: 61:df:7f:5f:7b:0d:e2:f9:0b:3a:3c:1f:e8:c1:22: cb:d9:9d:d5:0f:c9:19:25:fc:a4:68:bc:32:cd:07: 82:8c:04:88:be:5e:f5:8f:8b:3f:2c:4e:07:2a:69: d0:89:38:06:28:21:16:1e:d0:49:51:a7:d4:e0:bf: 59:0f:42:59:4d:26:b4:16:f0:6c:a9:59:e9:1c:92: 8d:68:dc:a5:3e:b4:51:66:0d:12:37:69:d6:50:bc: 5f:91:b1:7f:e4:0d:e0:ac:38:d8:16:0e:87:87:97: 42:6d:d5:83:e4:a2:76:0b:59:e5:ab:db:f0:06:4f: d0:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:05:4B:E1:EA:38:A6:3A:8B:92:2A:11:1A:2E:F3:6B:1E:DD:74:CB X509v3 Authority Key Identifier: keyid:53:29:70:0B:4D:DD:AD:9E:3F:CD:C3:27:3F:4D:18:D3:E3:04:5D:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/UylwC03drZ4_zcMnP00Y0-MEXcA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UylwC03drZ4_zcMnP00Y0-MEXcA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143B09/3B367BCE33B711E9AD0F587AC4F9AE02/31414558B0D511EFB17B942FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.118.68.0/22 103.49.200.0/24 103.49.202.0/23 IPv6: 2402:1c80::/32 Signature Algorithm: sha256WithRSAEncryption 5b:d3:e2:c3:bf:e2:97:68:67:c1:69:14:29:c8:d6:2f:ac:5b: 69:b6:a9:ec:8f:79:07:ca:ee:28:26:76:c2:da:e0:10:f2:e4: 8a:71:fa:22:f3:fe:16:3e:37:28:79:8d:90:6f:f7:33:a4:d4: f4:d6:44:49:09:75:d5:bd:df:16:06:d3:4d:06:89:5f:13:ad: 07:b8:13:f8:90:b7:a3:7d:50:73:87:4f:93:ab:24:4f:3f:d4: c7:3b:9a:9d:9f:05:b0:ac:3b:56:b6:27:9e:02:ba:dd:74:07: 62:97:60:a7:ab:7b:fc:6b:ed:e7:08:b4:74:57:7f:19:0b:e4: 46:80:b1:9c:db:98:fa:eb:c9:22:8c:0a:f6:ce:c0:87:bf:eb: 77:8c:57:03:ad:98:5a:91:fe:49:0a:d7:42:e6:f8:16:53:c0: f6:96:70:13:d6:15:c8:dd:30:16:2b:68:2d:38:71:a0:20:0b: 64:b7:2a:ec:06:5e:8a:ce:21:4f:56:23:64:3c:ad:70:48:f1: 2c:d6:08:21:0d:cc:3b:c3:95:1a:6b:07:c2:83:c5:0d:89:7c: 4d:c7:47:12:a8:d0:8a:f9:de:ec:f2:c0:08:32:7a:b2:bb:97: 5d:d3:d0:f4:bc:f9:0d:cc:ef:18:06:68:d2:f0:33:4e:83:50: 54:4b:ab:0a -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICCKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNCMDkxMTAvBgNVBAUTKDUzMjk3MDBCNEREREFEOUUzRkNEQzMyNzNGNEQxOEQz RTMwNDVEQzAwHhcNMjUwMzI2MTcyNjM3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2U0MzhjZC1mOTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5u8pzBAYa4HjXgrEDo85WoQ3dL0wqzSxotfmdSQU/4zM6yBop5q/EcJbysrg wKeLCWzzfa9E3ZKQeqZVowy0g3gyVeHYn/BdKCMFcKPsFeWfNPb6HxjPtXm8qdlq sHVEnUJSmdv83CL2ZsvTM3Iy949c21luGtQy2biJdpfzMigjrA7rmZBh339few3i +Qs6PB/owSLL2Z3VD8kZJfykaLwyzQeCjASIvl71j4s/LE4HKmnQiTgGKCEWHtBJ UafU4L9ZD0JZTSa0FvBsqVnpHJKNaNylPrRRZg0SN2nWULxfkbF/5A3grDjYFg6H h5dCbdWD5KJ2C1nlq9vwBk/QmQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFJoFS+Hq OKY6i5IqERou82se3XTLMB8GA1UdIwQYMBaAFFMpcAtN3a2eP83DJz9NGNPjBF3A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0IwOS8zQjM2N0JDRTMz QjcxMUU5QUQwRjU4N0FDNEY5QUUwMi9VeWx3QzAzZHJaNF96Y01uUDAwWTAtTUVY Y0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1V5bHdDMDNkclo0X3pjTW5QMDBZMC1NRVhjQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDNCMDkvM0IzNjdCQ0UzM0I3MTFFOUFEMEY1ODdBQzRGOUFFMDIvMzE0MTQ1NThC MEQ1MTFFRkIxN0I5NDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAItdkQDBABnMcgDBAFnMcowDQQCAAIwBwMFACQCHIAwDQYJ KoZIhvcNAQELBQADggEBAFvT4sO/4pdoZ8FpFCnI1i+sW2m2qeyPeQfK7igmdsLa 4BDy5Ipx+iLz/hY+Nyh5jZBv9zOk1PTWREkJddW93xYG000GiV8TrQe4E/iQt6N9 UHOHT5OrJE8/1Mc7mp2fBbCsO1a2J54Cut10B2KXYKere/xr7ecItHRXfxkL5EaA sZzbmPrrySKMCvbOwIe/63eMVwOtmFqR/kkK10Lm+BZTwPaWcBPWFcjdMBYraC04 caAgC2S3KuwGXorOIU9WI2Q8rXBI8SzWCCENzDvDlRprB8KDxQ2JfE3HRxKo0Ir5 3uzywAgyerK7l13T0PS8+Q3M7xgGaNLwM06DUFRLqwo= -----END CERTIFICATE-----Generated at Sat Apr 5 02:07:47 2025 by rpki-client