$ rpki-client -vvf rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/BCB2FFCEBA7211EDB0F5AE53C4F9AE02.roa File: BCB2FFCEBA7211EDB0F5AE53C4F9AE02.roa (raw, json) Hash identifier: 1FbgogUKsuIfXEKaTsa4RV0e3CNtC1HQdrvDxgG3fiQ= Subject key identifier: E4:B4:4A:88:9A:55:00:CB:B9:69:56:DE:37:49:16:5E:E0:2A:E5:3E Certificate issuer: /CN=A914D2E1/serialNumber=3C651524B4F91A350D1ECFBBA66CABD1B48FB7C5 Certificate serial: 018E Authority key identifier: 3C:65:15:24:B4:F9:1A:35:0D:1E:CF:BB:A6:6C:AB:D1:B4:8F:B7:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGUVJLT5GjUNHs-7pmyr0bSPt8U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/BCB2FFCEBA7211EDB0F5AE53C4F9AE02.roa Signing time: Mon 03 Mar 2025 04:56:53 +0000 ROA not before: Mon 03 Mar 2025 04:56:53 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 150788 IP address blocks: 103.203.240.0/24 maxlen: 24 103.206.98.0/24 maxlen: 24 203.0.139.0/24 maxlen: 24 2001:df2:10c0::/48 maxlen: 48 2400:e760:100::/48 maxlen: 48 2400:e760:200::/48 maxlen: 48 2400:e760:300::/48 maxlen: 48 2400:e760:400::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/PGUVJLT5GjUNHs-7pmyr0bSPt8U.crl rsync://rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/PGUVJLT5GjUNHs-7pmyr0bSPt8U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGUVJLT5GjUNHs-7pmyr0bSPt8U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 02:31:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 398 (0x18e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914D2E1 Validity Not Before: Mar 3 04:56:53 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67c53695-f4a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:55:78:b3:13:31:6a:62:03:3a:ea:34:95:33: 1d:c2:9a:ed:fb:21:12:84:fc:2e:36:dc:30:06:c5: 58:a2:3e:07:74:4f:76:89:ee:f8:54:76:86:4f:7c: 06:0e:c3:5a:12:fa:82:22:b7:dd:af:f1:cd:15:4c: 6d:67:bf:35:4e:09:66:0d:25:35:a5:ef:30:e7:9e: 77:a3:74:41:1f:24:9d:57:c8:86:d6:64:bd:2a:e1: 6c:36:87:54:16:f0:27:5c:7b:25:ef:6e:2e:75:5b: 60:a5:0b:ca:a7:20:07:a8:6b:ba:3f:1a:02:60:19: 97:eb:45:da:c0:b5:a5:41:16:d3:02:c3:a9:80:38: 45:59:19:2d:3b:65:a0:0c:a0:14:71:9c:77:f1:de: 90:0b:f0:3f:0e:de:b3:e9:bc:aa:48:69:23:f8:da: 38:9a:9d:ae:2a:78:1d:32:78:54:63:69:f8:d9:4b: 43:32:21:8a:66:14:ea:30:31:58:55:b8:dd:d7:9d: ee:87:4d:3e:48:29:6f:f8:26:7a:24:78:7e:aa:5f: 3f:e8:41:03:91:ef:b4:13:a2:ac:62:e6:ac:b1:e6: 0d:76:4f:23:44:73:f8:9c:53:f4:ec:94:ed:92:0d: 60:a1:ed:22:a1:66:20:52:11:75:bc:e4:bc:a8:5a: 1d:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:B4:4A:88:9A:55:00:CB:B9:69:56:DE:37:49:16:5E:E0:2A:E5:3E X509v3 Authority Key Identifier: keyid:3C:65:15:24:B4:F9:1A:35:0D:1E:CF:BB:A6:6C:AB:D1:B4:8F:B7:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/PGUVJLT5GjUNHs-7pmyr0bSPt8U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGUVJLT5GjUNHs-7pmyr0bSPt8U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D2E1/DA86B616BA6E11EDB9CEA43AC4F9AE02/BCB2FFCEBA7211EDB0F5AE53C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.203.240.0/24 103.206.98.0/24 203.0.139.0/24 IPv6: 2001:df2:10c0::/48 2400:e760:100::/48 2400:e760:200::/48 2400:e760:300::/48 2400:e760:400::/48 Signature Algorithm: sha256WithRSAEncryption 35:02:32:91:4b:ec:f7:8c:12:94:b5:81:e2:07:0d:74:9b:80: 97:00:0c:03:7f:69:27:65:af:10:36:ba:ab:73:cf:cf:db:c9: 38:36:bc:85:d7:f0:f5:0b:42:16:93:67:1d:36:e7:35:02:91: 87:c6:7d:a3:b7:c8:e3:ec:6a:bb:98:df:9d:66:93:50:7e:53: f9:ef:e9:a9:e7:74:ba:40:0a:3a:63:5f:b9:7e:e5:da:02:34: 94:72:24:c2:36:b9:df:9f:64:7d:e6:34:3d:54:e1:24:2d:a0: 6b:ed:4f:41:3e:1a:fc:aa:74:f5:ba:c7:d2:e5:59:38:64:ef: 22:24:5f:b3:51:4c:e6:23:33:af:13:db:b2:f7:0b:53:a9:14: c2:dc:6a:6f:f1:77:de:83:79:da:46:32:03:a5:17:33:20:91: 98:00:e5:c0:98:e6:9b:79:93:3c:96:f6:dc:04:e4:93:13:31: 90:e8:0e:1d:ff:bf:ae:80:62:e6:60:65:50:7f:e6:c1:a2:a2: f0:5f:1c:09:e2:ae:f0:d9:2d:ad:3d:44:6d:ce:0a:10:44:8b: 6a:99:a9:59:b0:16:1d:da:44:07:d2:c0:0d:00:a7:cf:0f:1b: 1c:43:65:c9:3a:40:5c:89:3d:5d:27:1f:c7:6a:f7:cc:bd:79: 25:1b:90:2e -----BEGIN CERTIFICATE----- MIIFsjCCBJqgAwIBAgICAY4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEQyRTExMTAvBgNVBAUTKDNDNjUxNTI0QjRGOTFBMzUwRDFFQ0ZCQkE2NkNBQkQx QjQ4RkI3QzUwHhcNMjUwMzAzMDQ1NjUzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2M1MzY5NS1mNGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzVV4sxMxamIDOuo0lTMdwprt+yEShPwuNtwwBsVYoj4HdE92ie74VHaGT3wG DsNaEvqCIrfdr/HNFUxtZ781TglmDSU1pe8w5553o3RBHySdV8iG1mS9KuFsNodU FvAnXHsl724udVtgpQvKpyAHqGu6PxoCYBmX60XawLWlQRbTAsOpgDhFWRktO2Wg DKAUcZx38d6QC/A/Dt6z6byqSGkj+No4mp2uKngdMnhUY2n42UtDMiGKZhTqMDFY Vbjd153uh00+SClv+CZ6JHh+ql8/6EEDke+0E6KsYuasseYNdk8jRHP4nFP07JTt kg1goe0ioWYgUhF1vOS8qFodhQIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFOS0Soia VQDLuWlW3jdJFl7gKuU+MB8GA1UdIwQYMBaAFDxlFSS0+Ro1DR7Pu6Zsq9G0j7fF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RDJFMS9EQTg2QjYxNkJB NkUxMUVEQjlDRUE0M0FDNEY5QUUwMi9QR1VWSkxUNUdqVU5Icy03cG15cjBiU1B0 OFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BHVVZKTFQ1R2pVTkhzLTdwbXlyMGJTUHQ4VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEQyRTEvREE4NkI2MTZCQTZFMTFFREI5Q0VBNDNBQzRGOUFFMDIvQkNCMkZGQ0VC QTcyMTFFREIwRjVBRTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYAYIKwYBBQUHAQcBAf8E UTBPMBgEAgABMBIDBABny/ADBABnzmIDBADLAIswMwQCAAIwLQMHACABDfIQwAMH ACQA52ABAAMHACQA52ACAAMHACQA52ADAAMHACQA52AEADANBgkqhkiG9w0BAQsF AAOCAQEANQIykUvs94wSlLWB4gcNdJuAlwAMA39pJ2WvEDa6q3PPz9vJODa8hdfw 9QtCFpNnHTbnNQKRh8Z9o7fI4+xqu5jfnWaTUH5T+e/pqed0ukAKOmNfuX7l2gI0 lHIkwja5359kfeY0PVThJC2ga+1PQT4a/Kp09brH0uVZOGTvIiRfs1FM5iMzrxPb svcLU6kUwtxqb/F33oN52kYyA6UXMyCRmADlwJjmm3mTPJb23ATkkxMxkOgOHf+/ roBi5mBlUH/mwaKi8F8cCeKu8NktrT1Ebc4KEESLapmpWbAWHdpEB9LADQCnzw8b HENlyTpAXIk9XScfx2r3zL15JRuQLg== -----END CERTIFICATE-----Generated at Fri Apr 11 11:47:28 2025 by rpki-client