$ rpki-client -vvf rpki.apnic.net/member_repository/A9148E7B/478FA6D6708D11ED94E32D22C4F9AE02/8CFF3572708F11ED88DF8322C4F9AE02.roa File: 8CFF3572708F11ED88DF8322C4F9AE02.roa (raw, json) Hash identifier: lONZjm0NjFEm7xQkBCGWnrkGFmjAfW8U6anBdYjJWgg= Subject key identifier: 3D:E0:C0:07:06:0B:AC:2E:01:49:48:55:41:65:31:AB:3C:9C:51:50 Certificate issuer: /CN=A9148E7B/serialNumber=980227A5D775A034DA778D33F88C5CC020D1C39C Certificate serial: 0190 Authority key identifier: 98:02:27:A5:D7:75:A0:34:DA:77:8D:33:F8:8C:5C:C0:20:D1:C3:9C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mAInpdd1oDTad40z-IxcwCDRw5w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148E7B/478FA6D6708D11ED94E32D22C4F9AE02/8CFF3572708F11ED88DF8322C4F9AE02.roa Signing time: Thu 09 Jan 2025 02:16:41 +0000 ROA not before: Thu 09 Jan 2025 02:16:41 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 132098 IP address blocks: 103.28.0.0/22 maxlen: 22 103.28.0.0/24 maxlen: 24 103.28.1.0/24 maxlen: 24 103.28.2.0/24 maxlen: 24 103.28.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148E7B/478FA6D6708D11ED94E32D22C4F9AE02/mAInpdd1oDTad40z-IxcwCDRw5w.crl rsync://rpki.apnic.net/member_repository/A9148E7B/478FA6D6708D11ED94E32D22C4F9AE02/mAInpdd1oDTad40z-IxcwCDRw5w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mAInpdd1oDTad40z-IxcwCDRw5w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 02:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 400 (0x190) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148E7B, serialNumber=980227A5D775A034DA778D33F88C5CC020D1C39C Validity Not Before: Jan 9 02:16:41 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=677f3189-83c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:8d:61:f6:64:33:f2:18:af:f5:ff:3f:e4:37: 5c:7c:41:f6:4f:0c:98:ec:43:ee:82:0a:28:23:4e: 4d:c9:31:f3:1f:90:d8:e1:c7:60:75:65:a6:0d:7f: 46:a0:99:db:eb:98:3c:eb:65:5d:f0:6f:e7:d4:99: 54:52:52:1c:82:18:cc:09:a4:d7:c2:76:fb:e4:2b: a2:bd:a7:9b:1a:6d:fd:5a:3f:4b:c6:c9:2f:ad:e1: 80:d9:fe:37:9c:1f:ae:03:8e:6e:42:7f:c7:d8:22: ac:ae:05:13:fb:cb:13:7b:88:0c:f3:f3:ba:22:68: 9f:8b:e6:4e:8a:2a:f7:7e:80:56:78:bf:06:c7:72: 3e:52:d8:86:cf:89:da:1f:56:bf:bd:67:88:85:1f: fe:01:53:9b:98:44:55:f2:94:1b:d9:70:df:fa:d5: 24:c6:bd:15:c1:b5:34:37:dc:b2:cb:92:c7:50:56: 98:8f:3d:71:a7:d0:fb:06:e4:f6:be:3b:c5:1b:53: 50:f2:22:4b:01:84:f7:5d:f3:43:3e:50:8d:05:de: 39:86:18:28:3a:56:b1:fc:14:ac:fe:c5:77:11:1f: 09:33:bf:00:3a:0a:6c:87:53:59:59:ed:1a:b5:b8: c7:fe:1e:39:e1:5a:20:0a:b4:6f:01:5a:97:2f:11: 36:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:E0:C0:07:06:0B:AC:2E:01:49:48:55:41:65:31:AB:3C:9C:51:50 X509v3 Authority Key Identifier: keyid:98:02:27:A5:D7:75:A0:34:DA:77:8D:33:F8:8C:5C:C0:20:D1:C3:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148E7B/478FA6D6708D11ED94E32D22C4F9AE02/mAInpdd1oDTad40z-IxcwCDRw5w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mAInpdd1oDTad40z-IxcwCDRw5w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148E7B/478FA6D6708D11ED94E32D22C4F9AE02/8CFF3572708F11ED88DF8322C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.28.0.0/22 Signature Algorithm: sha256WithRSAEncryption 41:35:5f:23:a1:5e:d1:24:3e:f3:20:7d:15:da:ed:8f:e4:e9: 09:3b:27:23:21:15:5a:ed:08:04:4f:00:99:51:0f:73:1a:ab: 31:b0:31:3b:e0:01:6e:04:50:d7:14:57:0f:cc:1b:3f:17:23: 92:98:9d:d6:5a:00:b8:b5:93:4e:e0:be:4f:ac:e0:76:32:c3: 2d:68:71:62:b8:80:22:f1:d1:f0:7d:5a:ed:92:12:47:89:1a: ca:72:37:5e:25:87:81:6c:b6:bf:2e:67:b2:cb:05:f7:d7:9b: 40:77:b3:cb:88:35:72:08:ff:5c:fe:9b:08:96:ad:73:7d:8a: ec:09:df:ae:67:21:03:2f:0d:13:a2:1c:a9:55:7c:67:3d:00: 1f:f4:c8:99:93:14:d5:23:13:09:af:72:c2:fb:84:62:46:dc: 92:74:aa:a4:c9:0c:a9:e2:a3:ed:20:95:c9:46:23:e1:a5:89: fe:0d:03:c2:ca:b9:db:e1:91:91:bd:c1:ca:b7:4b:43:b4:3b: 4d:44:ae:d9:25:33:59:82:ad:10:58:e7:1b:29:fc:7f:d4:0a: 7e:23:70:3b:e0:71:43:d8:5a:d6:03:e3:d3:96:0d:8b:da:b8: 8f:f2:ec:60:ff:1a:64:af:33:82:91:96:13:1a:ef:1c:86:2e: 0f:da:e1:a1 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhFN0IxMTAvBgNVBAUTKDk4MDIyN0E1RDc3NUEwMzREQTc3OEQzM0Y4OEM1Q0Mw MjBEMUMzOUMwHhcNMjUwMTA5MDIxNjQxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzdmMzE4OS04M2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8Y1h9mQz8hiv9f8/5DdcfEH2TwyY7EPuggooI05NyTHzH5DY4cdgdWWmDX9G oJnb65g862Vd8G/n1JlUUlIcghjMCaTXwnb75CuivaebGm39Wj9LxskvreGA2f43 nB+uA45uQn/H2CKsrgUT+8sTe4gM8/O6Imifi+ZOiir3foBWeL8Gx3I+UtiGz4na H1a/vWeIhR/+AVObmERV8pQb2XDf+tUkxr0VwbU0N9yyy5LHUFaYjz1xp9D7BuT2 vjvFG1NQ8iJLAYT3XfNDPlCNBd45hhgoOlax/BSs/sV3ER8JM78AOgpsh1NZWe0a tbjH/h454VogCrRvAVqXLxE28wIDAQABo4IClTCCApEwHQYDVR0OBBYEFD3gwAcG C6wuAUlIVUFlMas8nFFQMB8GA1UdIwQYMBaAFJgCJ6XXdaA02neNM/iMXMAg0cOc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEU3Qi80NzhGQTZENjcw OEQxMUVEOTRFMzJEMjJDNEY5QUUwMi9tQUlucGRkMW9EVGFkNDB6LUl4Y3dDRFJ3 NXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21BSW5wZGQxb0RUYWQ0MHotSXhjd0NEUnc1dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDhFN0IvNDc4RkE2RDY3MDhEMTFFRDk0RTMyRDIyQzRGOUFFMDIvOENGRjM1NzI3 MDhGMTFFRDg4REY4MzIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJnHAAwDQYJKoZIhvcNAQELBQADggEBAEE1XyOhXtEkPvMg fRXa7Y/k6Qk7JyMhFVrtCARPAJlRD3MaqzGwMTvgAW4EUNcUVw/MGz8XI5KYndZa ALi1k07gvk+s4HYywy1ocWK4gCLx0fB9Wu2SEkeJGspyN14lh4Fstr8uZ7LLBffX m0B3s8uINXII/1z+mwiWrXN9iuwJ365nIQMvDROiHKlVfGc9AB/0yJmTFNUjEwmv csL7hGJG3JJ0qqTJDKnio+0glclGI+Glif4NA8LKudvhkZG9wcq3S0O0O01Ertkl M1mCrRBY5xsp/H/UCn4jcDvgcUPYWtYD49OWDYvauI/y7GD/GmSvM4KRlhMa7xyG Lg/a4aE= -----END CERTIFICATE-----Generated at Tue Apr 22 12:21:34 2025 by rpki-client