$ rpki-client -vvf rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/513421B0E3AB11EF9C68465CC4F9AE02.roa File: 513421B0E3AB11EF9C68465CC4F9AE02.roa (raw, json) Hash identifier: /6OtFAV0fvfK8AYoQXUKAPYFcikHsFv3EvaxBMPOB2s= Subject key identifier: D5:25:0C:36:E8:6F:60:4F:DF:25:9B:1E:44:CF:F4:14:B5:13:C6:C5 Certificate issuer: /CN=A9158840/serialNumber=FAE6201C666392340BEE138ED41799BA86DAA688 Certificate serial: 0C00 Authority key identifier: FA:E6:20:1C:66:63:92:34:0B:EE:13:8E:D4:17:99:BA:86:DA:A6:88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-uYgHGZjkjQL7hOO1BeZuobapog.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/513421B0E3AB11EF9C68465CC4F9AE02.roa Signing time: Wed 05 Feb 2025 10:42:52 +0000 ROA not before: Wed 05 Feb 2025 10:42:52 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 138146 IP address blocks: 103.121.60.0/24 maxlen: 24 103.121.61.0/24 maxlen: 24 103.121.62.0/24 maxlen: 24 103.121.63.0/24 maxlen: 24 2403:6840::/32 maxlen: 40 2403:6840::/48 maxlen: 48 2403:6840:1::/48 maxlen: 48 2403:6840:2::/48 maxlen: 48 2403:6840:3::/48 maxlen: 48 2403:6840:4::/48 maxlen: 48 2403:6840:5::/48 maxlen: 48 2403:6840:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/-uYgHGZjkjQL7hOO1BeZuobapog.crl rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/-uYgHGZjkjQL7hOO1BeZuobapog.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-uYgHGZjkjQL7hOO1BeZuobapog.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:46:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3072 (0xc00) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158840 Validity Not Before: Feb 5 10:42:52 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67a340ac-4ce8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:be:67:de:ce:a2:66:52:d5:9e:aa:16:8b:f7: c9:b6:29:e6:40:13:83:58:7e:e4:81:58:45:4a:f8: 69:d0:9a:d7:8d:de:6d:47:97:c1:1d:5f:7f:e6:f9: 2c:88:94:83:f5:52:f9:fd:64:a4:41:ac:5f:8a:b9: 97:fd:d4:54:94:1b:85:74:bf:e4:06:de:af:56:f6: 4d:d1:d7:6b:63:62:88:8a:db:d4:b9:58:cf:ed:bb: b2:bd:f9:2c:94:30:b7:2c:1c:df:60:c5:e8:63:a3: ac:ed:31:70:23:a1:36:90:ae:b0:7b:41:ca:10:7e: 7d:55:4f:cd:37:ea:ba:06:c7:c6:37:9d:b7:9a:0d: c6:9f:50:30:92:fa:99:47:57:a2:86:f2:ff:4b:ca: e7:70:bb:65:1e:21:9a:9f:0c:e7:32:77:3b:c1:c9: 4e:3a:44:ef:1f:31:a0:f1:e1:65:e0:a0:5b:00:8c: e1:7f:15:c5:19:ee:13:33:88:4d:f8:58:71:f4:4d: 8c:5a:a2:55:82:44:09:77:ff:44:d4:96:89:a5:53: 9c:7c:2a:bf:01:0e:c0:dd:dc:c1:78:b3:3d:aa:81: 52:fe:97:96:d6:52:ac:98:e9:bf:bc:61:89:09:c9: 2d:fd:1b:b8:a8:ef:6d:42:cb:40:cd:07:07:ad:73: 92:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:25:0C:36:E8:6F:60:4F:DF:25:9B:1E:44:CF:F4:14:B5:13:C6:C5 X509v3 Authority Key Identifier: keyid:FA:E6:20:1C:66:63:92:34:0B:EE:13:8E:D4:17:99:BA:86:DA:A6:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/-uYgHGZjkjQL7hOO1BeZuobapog.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-uYgHGZjkjQL7hOO1BeZuobapog.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158840/6177332A0B8211EA8041154BC4F9AE02/513421B0E3AB11EF9C68465CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.121.60.0/22 IPv6: 2403:6840::/32 Signature Algorithm: sha256WithRSAEncryption b4:74:8f:81:3e:5c:ee:1e:0b:0b:90:9c:68:f5:6e:33:94:e6: 56:9f:86:2d:ee:97:94:3a:4c:a4:6f:0f:d7:52:33:27:cb:cb: e9:85:70:32:0a:fc:19:32:82:59:11:3a:0d:9c:1b:19:16:e2: a2:c9:e5:f9:1d:06:a4:90:55:cb:b8:ce:14:4e:e9:af:34:56: 5c:45:9f:83:05:ae:19:54:21:88:3e:59:63:46:93:ed:ce:1f: f9:87:19:9a:95:ac:1d:3a:d3:76:51:2f:89:bf:9f:9d:da:93: 81:5e:33:b8:5d:9d:7d:cc:05:ba:06:be:81:d3:55:39:af:9a: 1b:4f:e0:d5:44:d6:20:c6:a0:4b:8c:7c:75:5e:5b:3a:99:f5: cb:b0:2d:3d:d2:24:9d:95:b5:d5:53:d5:d9:5a:fa:eb:ed:7b: d6:f3:02:50:7c:da:76:99:17:ad:64:d1:1e:85:21:94:5f:41: c3:19:6d:e0:d0:01:97:4c:4b:ad:c4:52:e7:16:42:7b:a4:b5: 32:8f:3c:8c:94:03:a9:bd:bd:60:bf:33:46:41:39:44:bf:f3: a5:8c:da:1e:67:00:ec:df:f2:98:f9:f5:ff:ee:61:2b:11:04: b7:bd:eb:7c:1f:58:d8:7d:46:06:b1:75:a2:b6:63:68:07:65: 31:53:b3:42 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICDAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg4NDAxMTAvBgNVBAUTKEZBRTYyMDFDNjY2MzkyMzQwQkVFMTM4RUQ0MTc5OUJB ODZEQUE2ODgwHhcNMjUwMjA1MTA0MjUyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2EzNDBhYy00Y2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2r5n3s6iZlLVnqoWi/fJtinmQBODWH7kgVhFSvhp0JrXjd5tR5fBHV9/5vks iJSD9VL5/WSkQaxfirmX/dRUlBuFdL/kBt6vVvZN0ddrY2KIitvUuVjP7buyvfks lDC3LBzfYMXoY6Os7TFwI6E2kK6we0HKEH59VU/NN+q6BsfGN523mg3Gn1AwkvqZ R1eihvL/S8rncLtlHiGanwznMnc7wclOOkTvHzGg8eFl4KBbAIzhfxXFGe4TM4hN +Fhx9E2MWqJVgkQJd/9E1JaJpVOcfCq/AQ7A3dzBeLM9qoFS/peW1lKsmOm/vGGJ Cckt/Ru4qO9tQstAzQcHrXOSkQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNUlDDbo b2BP3yWbHkTP9BS1E8bFMB8GA1UdIwQYMBaAFPrmIBxmY5I0C+4TjtQXmbqG2qaI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODg0MC82MTc3MzMyQTBC ODIxMUVBODA0MTE1NEJDNEY5QUUwMi8tdVlnSEdaamtqUUw3aE9PMUJlWnVvYmFw b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy11WWdIR1pqa2pRTDdoT08xQmVadW9iYXBvZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTg4NDAvNjE3NzMzMkEwQjgyMTFFQTgwNDExNTRCQzRGOUFFMDIvNTEzNDIxQjBF M0FCMTFFRjlDNjg0NjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJneTwwDQQCAAIwBwMFACQDaEAwDQYJKoZIhvcNAQELBQAD ggEBALR0j4E+XO4eCwuQnGj1bjOU5lafhi3ul5Q6TKRvD9dSMyfLy+mFcDIK/Bky glkROg2cGxkW4qLJ5fkdBqSQVcu4zhRO6a80VlxFn4MFrhlUIYg+WWNGk+3OH/mH GZqVrB0603ZRL4m/n53ak4FeM7hdnX3MBboGvoHTVTmvmhtP4NVE1iDGoEuMfHVe WzqZ9cuwLT3SJJ2VtdVT1dla+uvte9bzAlB82naZF61k0R6FIZRfQcMZbeDQAZdM S63EUucWQnuktTKPPIyUA6m9vWC/M0ZBOUS/86WM2h5nAOzf8pj59f/uYSsRBLe9 63wfWNh9RgaxdaK2Y2gHZTFTs0I= -----END CERTIFICATE-----Generated at Sun Apr 6 18:45:28 2025 by rpki-client