$ rpki-client -vvf rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/1FCD9DE2926611EDA99A9419C4F9AE02.roa File: 1FCD9DE2926611EDA99A9419C4F9AE02.roa (raw, json) Hash identifier: RqBWzz5uXzyQ1KueU4cHYCTj7govMSTdgiL2egEdolc= Subject key identifier: 2B:EF:85:0E:1F:B7:7B:43:AD:A4:19:C3:55:BB:E9:12:8A:21:31:9E Certificate issuer: /CN=A9157BC3/serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Certificate serial: 018B Authority key identifier: 28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/1FCD9DE2926611EDA99A9419C4F9AE02.roa Signing time: Sat 15 Feb 2025 04:45:18 +0000 ROA not before: Sat 15 Feb 2025 04:45:18 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 150707 IP address blocks: 103.65.222.0/23 maxlen: 23 103.65.222.0/24 maxlen: 24 103.65.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 02:15:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 395 (0x18b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157BC3, serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Validity Not Before: Feb 15 04:45:18 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67b01bde-aa19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:cf:5a:5c:a6:d3:17:8e:e2:ac:fb:8c:29:02: e1:46:87:5f:0b:1f:ca:2c:e6:c0:4c:ed:44:b7:33: 8d:ca:ca:3a:9b:b8:8f:e7:2c:cf:75:00:b5:ca:ad: 71:3d:a9:8d:e5:6f:d8:bc:05:b7:3c:5a:36:3a:47: 6c:31:8f:72:18:0b:d3:1d:35:91:f4:60:6e:85:0a: 3b:41:90:ae:21:22:a8:c6:ff:5c:b7:63:e5:7e:8d: 27:52:b2:71:f6:10:5a:fa:93:ff:10:87:01:68:a9: d7:88:c2:b0:fb:71:2a:83:d4:c1:fe:aa:e2:14:9c: 68:de:05:a3:e6:34:81:c8:39:1f:82:bc:54:14:62: ca:bf:76:b7:ee:f8:34:10:2f:98:d0:53:9d:f3:7d: b4:94:89:21:23:fa:3d:18:ee:72:2b:99:66:cc:d9: 51:38:2b:c2:57:24:60:f6:e5:81:0b:df:d5:33:92: 1f:3d:4d:36:12:dd:6d:e5:54:b2:6c:7a:c8:1c:f2: 81:d1:db:b3:26:0f:52:80:46:ec:31:ee:5e:d6:b5: 9f:ee:73:ac:90:41:01:60:3b:3a:f6:7a:1f:fa:19: d9:05:a6:9f:66:9f:97:72:f5:22:3a:29:71:38:14: 3b:b7:f0:28:0f:e2:bc:8f:27:87:89:08:87:03:76: 7a:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:EF:85:0E:1F:B7:7B:43:AD:A4:19:C3:55:BB:E9:12:8A:21:31:9E X509v3 Authority Key Identifier: keyid:28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/1FCD9DE2926611EDA99A9419C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.65.222.0/23 Signature Algorithm: sha256WithRSAEncryption ae:b6:e5:94:a1:af:1f:44:08:21:f3:68:80:f7:f7:91:5f:cc: 69:bf:d3:5d:35:fb:38:84:2f:3d:71:48:e0:5c:89:73:35:53: f9:2e:98:fa:17:49:f6:e7:06:b9:cb:bc:5c:b0:d3:c1:2a:ae: dc:dc:68:f5:d4:8b:48:31:e4:bd:a7:f7:7d:00:d2:55:59:86: 60:ad:b5:97:ea:38:f2:38:d3:d6:24:ae:96:b1:f5:8e:23:5d: 56:d7:61:29:0e:ed:56:6e:0f:94:3d:93:36:00:83:8b:79:27: 7d:85:59:5a:03:27:7d:13:2c:19:b7:53:dd:b4:e8:63:64:57: 88:5b:74:5d:94:de:82:4a:2b:ec:63:20:1b:37:0e:a0:24:90: 35:d7:c3:fc:62:6e:b1:3d:73:ad:ec:48:ab:e2:e8:46:57:bc: ed:30:54:f8:94:12:9a:40:7a:3a:7c:66:21:18:3b:58:94:ba: 4b:b3:24:a7:13:f4:45:42:3f:c7:42:7b:b3:6f:09:8c:2d:8b: a3:b7:7e:19:01:d9:03:34:85:c6:db:80:56:bf:7f:29:90:95: 03:65:82:45:fc:49:8c:e7:5f:f8:60:23:12:db:30:5f:20:27: b5:49:fb:fe:ec:3d:d4:f7:65:b9:52:6a:53:6f:c6:31:09:71: d3:42:ac:7d -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCQzMxMTAvBgNVBAUTKDI4QUM5N0Q5OTg3RTc4REJFRTlEQ0I5RjAzNzM1QzI4 M0JDRTE4NjIwHhcNMjUwMjE1MDQ0NTE4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2IwMWJkZS1hYTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxc9aXKbTF47irPuMKQLhRodfCx/KLObATO1EtzONyso6m7iP5yzPdQC1yq1x PamN5W/YvAW3PFo2OkdsMY9yGAvTHTWR9GBuhQo7QZCuISKoxv9ct2Plfo0nUrJx 9hBa+pP/EIcBaKnXiMKw+3Eqg9TB/qriFJxo3gWj5jSByDkfgrxUFGLKv3a37vg0 EC+Y0FOd8320lIkhI/o9GO5yK5lmzNlROCvCVyRg9uWBC9/VM5IfPU02Et1t5VSy bHrIHPKB0duzJg9SgEbsMe5e1rWf7nOskEEBYDs69nof+hnZBaafZp+XcvUiOilx OBQ7t/AoD+K8jyeHiQiHA3Z6gwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCvvhQ4f t3tDraQZw1W76RKKITGeMB8GA1UdIwQYMBaAFCisl9mYfnjb7p3LnwNzXCg7zhhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0JDMy83MDhFNkY2ODky NjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVOdnVuY3VmQTNOY0tEdk9H R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tLeVgyWmgtZU52dW5jdWZBM05jS0R2T0dHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdCQzMvNzA4RTZGNjg5MjYxMTFFREE1MjA0RTY0QzRGOUFFMDIvMUZDRDlERTI5 MjY2MTFFREE5OUE5NDE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnQd4wDQYJKoZIhvcNAQELBQADggEBAK625ZShrx9ECCHz aID395FfzGm/0101+ziELz1xSOBciXM1U/kumPoXSfbnBrnLvFyw08EqrtzcaPXU i0gx5L2n930A0lVZhmCttZfqOPI409Ykrpax9Y4jXVbXYSkO7VZuD5Q9kzYAg4t5 J32FWVoDJ30TLBm3U9206GNkV4hbdF2U3oJKK+xjIBs3DqAkkDXXw/xibrE9c63s SKvi6EZXvO0wVPiUEppAejp8ZiEYO1iUukuzJKcT9EVCP8dCe7NvCYwti6O3fhkB 2QM0hcbbgFa/fymQlQNlgkX8SYznX/hgIxLbMF8gJ7VJ+/7sPdT3ZblSalNvxjEJ cdNCrH0= -----END CERTIFICATE-----Generated at Tue Apr 22 12:43:42 2025 by rpki-client