$ rpki-client -vvf rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/A23207FEB14111E5A3B46B15C4F9AE02.roa File: A23207FEB14111E5A3B46B15C4F9AE02.roa (raw, json) Hash identifier: AGdYmprG1+spdhAmRDse9H6yLxE5LG56xPYvpdtuuFA= Subject key identifier: D6:B9:E4:45:D7:1A:D9:52:F7:FA:6E:E2:BE:F6:A8:39:6B:23:BD:EF Certificate issuer: /CN=A9151C9D/serialNumber=FC655A21543ECF57BFA3EBDF7946A99561EC52F5 Certificate serial: 26BE Authority key identifier: FC:65:5A:21:54:3E:CF:57:BF:A3:EB:DF:79:46:A9:95:61:EC:52:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_GVaIVQ-z1e_o-vfeUaplWHsUvU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/A23207FEB14111E5A3B46B15C4F9AE02.roa Signing time: Thu 06 Mar 2025 16:02:45 +0000 ROA not before: Thu 06 Mar 2025 16:02:45 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 133498 IP address blocks: 103.231.240.0/22 maxlen: 22 103.231.240.0/24 maxlen: 24 103.231.241.0/24 maxlen: 24 103.231.242.0/24 maxlen: 24 103.231.243.0/24 maxlen: 24 2001:df5:e800::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/_GVaIVQ-z1e_o-vfeUaplWHsUvU.crl rsync://rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/_GVaIVQ-z1e_o-vfeUaplWHsUvU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_GVaIVQ-z1e_o-vfeUaplWHsUvU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 15:43:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9918 (0x26be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9151C9D Validity Not Before: Mar 6 16:02:45 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67c9c725-cfe8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:00:6c:97:3a:8b:e6:58:9b:1c:1b:61:61:c4: bf:09:4a:16:2e:02:58:43:d5:1d:e8:49:9c:78:62: 6c:79:30:5b:38:57:3f:2c:25:be:b8:39:2b:ac:2b: 8a:89:3b:4c:04:d9:43:7b:4e:02:89:da:4f:a5:c5: d8:44:64:56:8b:6d:24:fb:34:e0:5c:c0:e8:bc:0e: d7:9a:37:31:86:41:eb:46:25:44:65:55:de:f4:73: 5f:f7:aa:0f:06:79:2b:22:41:20:4c:0a:26:88:e3: 77:16:b2:c6:53:b6:f5:e1:db:98:48:e4:a0:75:40: db:0c:47:d1:1a:0d:12:89:9e:bc:76:ae:8e:73:56: 71:04:55:86:e5:70:58:27:a4:86:12:19:34:9d:a2: 0d:73:8a:72:0c:ea:2b:38:71:60:0a:ec:7b:6d:9d: ee:19:cb:9e:ef:8c:b7:f7:80:ed:34:42:ce:2c:88: d6:c8:d7:07:e7:ed:48:26:ab:a5:a2:72:4e:50:81: 14:8f:af:cf:b5:27:b7:12:d9:4e:04:4f:a4:ca:a6: d6:f8:db:98:bb:f2:22:eb:a8:00:5a:7f:26:a6:80: bf:c3:c8:1a:c4:03:e4:a9:6a:88:75:41:fc:3f:1d: d2:c5:51:7f:d9:a5:ef:7d:71:2d:1a:c7:29:cb:46: 88:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:B9:E4:45:D7:1A:D9:52:F7:FA:6E:E2:BE:F6:A8:39:6B:23:BD:EF X509v3 Authority Key Identifier: keyid:FC:65:5A:21:54:3E:CF:57:BF:A3:EB:DF:79:46:A9:95:61:EC:52:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/_GVaIVQ-z1e_o-vfeUaplWHsUvU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_GVaIVQ-z1e_o-vfeUaplWHsUvU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9151C9D/73ACA5E4CF4511E4B6B7A211C4F9AE02/A23207FEB14111E5A3B46B15C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.231.240.0/22 IPv6: 2001:df5:e800::/48 Signature Algorithm: sha256WithRSAEncryption c0:9e:d3:d0:56:69:56:cf:b0:b6:c7:de:4d:fc:39:71:9e:63: 60:45:23:80:d9:bd:a4:16:c1:6a:df:f3:67:d7:a8:bc:4b:ea: 58:22:ee:bc:76:7d:35:9a:83:c3:24:0f:15:de:e0:bb:fc:66: 9e:dd:ff:ed:66:5e:2e:44:5b:79:51:b9:c2:3a:3d:fa:f6:a3: 38:dc:d9:e8:86:f4:8d:17:2a:6e:87:3a:4b:87:6d:e3:64:ea: cc:ba:a5:d7:d1:45:26:4b:57:a5:93:0b:e6:ae:d5:d3:79:7b: 67:61:5e:36:a3:19:90:80:3e:cd:48:7f:39:61:85:46:36:59: 90:10:75:2e:b5:f4:3b:7d:75:a2:b0:6b:7d:a2:5f:a7:b5:77: ce:ed:20:2d:f2:95:2a:80:cc:d7:c0:18:6a:5d:ca:75:4d:ea: 9e:52:d7:ad:e8:b9:c1:a9:e0:39:3b:60:14:92:b2:36:11:4f: d4:af:cd:6a:dc:55:31:64:8a:bf:7b:4d:a2:3c:0d:7d:6e:85: 62:f5:9e:66:c7:4b:92:87:87:db:a7:2b:28:6b:f8:ca:8b:db: 43:6b:a3:92:9c:1a:a7:84:a5:87:21:29:5d:67:4e:69:ca:e8: 54:ca:88:28:61:d6:a6:b1:a2:f7:0a:fa:9b:00:c8:20:0f:85: be:1c:f8:98 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICJr4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTFDOUQxMTAvBgNVBAUTKEZDNjU1QTIxNTQzRUNGNTdCRkEzRUJERjc5NDZBOTk1 NjFFQzUyRjUwHhcNMjUwMzA2MTYwMjQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2M5YzcyNS1jZmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8ABslzqL5libHBthYcS/CUoWLgJYQ9Ud6EmceGJseTBbOFc/LCW+uDkrrCuK iTtMBNlDe04CidpPpcXYRGRWi20k+zTgXMDovA7XmjcxhkHrRiVEZVXe9HNf96oP BnkrIkEgTAomiON3FrLGU7b14duYSOSgdUDbDEfRGg0SiZ68dq6Oc1ZxBFWG5XBY J6SGEhk0naINc4pyDOorOHFgCux7bZ3uGcue74y394DtNELOLIjWyNcH5+1IJqul onJOUIEUj6/PtSe3EtlOBE+kyqbW+NuYu/Ii66gAWn8mpoC/w8gaxAPkqWqIdUH8 Px3SxVF/2aXvfXEtGscpy0aI2wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNa55EXX GtlS9/pu4r72qDlrI73vMB8GA1UdIwQYMBaAFPxlWiFUPs9Xv6Pr33lGqZVh7FL1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MUM5RC83M0FDQTVFNENG NDUxMUU0QjZCN0EyMTFDNEY5QUUwMi9fR1ZhSVZRLXoxZV9vLXZmZVVhcGxXSHNV dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19HVmFJVlEtejFlX28tdmZlVWFwbFdIc1V2VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTFDOUQvNzNBQ0E1RTRDRjQ1MTFFNEI2QjdBMjExQzRGOUFFMDIvQTIzMjA3RkVC MTQxMTFFNUEzQjQ2QjE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAJn5/AwDwQCAAIwCQMHACABDfXoADANBgkqhkiG9w0BAQsF AAOCAQEAwJ7T0FZpVs+wtsfeTfw5cZ5jYEUjgNm9pBbBat/zZ9eovEvqWCLuvHZ9 NZqDwyQPFd7gu/xmnt3/7WZeLkRbeVG5wjo9+vajONzZ6Ib0jRcqboc6S4dt42Tq zLql19FFJktXpZML5q7V03l7Z2FeNqMZkIA+zUh/OWGFRjZZkBB1LrX0O311orBr faJfp7V3zu0gLfKVKoDM18AYal3KdU3qnlLXrei5wangOTtgFJKyNhFP1K/NatxV MWSKv3tNojwNfW6FYvWeZsdLkoeH26crKGv4yovbQ2ujkpwap4SlhyEpXWdOacro VMqIKGHWprGi9wr6mwDIIA+Fvhz4mA== -----END CERTIFICATE-----Generated at Sun Apr 6 02:15:04 2025 by rpki-client