$ rpki-client -vvf rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa File: B4B32D509EDD11EC85676D09C4F9AE02.roa (raw, json) Hash identifier: HUKn8TCAiBNnvKqCcCok66Nsu0wRIivvDnUfIyEmyBw= Subject key identifier: E2:30:84:B9:15:92:E1:EC:A9:D3:D1:17:30:C7:CC:0C:6F:E3:91:E2 Certificate issuer: /CN=A9158D75/serialNumber=F4345C314D6EBEDEB45FE0755F8FFEACF363CB8A Certificate serial: 0C9E Authority key identifier: F4:34:5C:31:4D:6E:BE:DE:B4:5F:E0:75:5F:8F:FE:AC:F3:63:CB:8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa Signing time: Fri 28 Mar 2025 18:29:23 +0000 ROA not before: Fri 28 Mar 2025 18:29:23 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 38031 IP address blocks: 43.254.96.0/22 maxlen: 24 61.247.176.0/20 maxlen: 24 103.245.96.0/22 maxlen: 22 103.245.98.0/23 maxlen: 24 111.221.0.0/21 maxlen: 24 114.134.88.0/21 maxlen: 24 203.112.72.0/21 maxlen: 24 2401:d380::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.crl rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 18:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3230 (0xc9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158D75 Validity Not Before: Mar 28 18:29:23 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67e6ea83-9e92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:14:d0:f6:17:e5:da:b4:b6:40:a3:47:1f:1b: 85:06:b2:d0:a1:bf:23:20:70:d4:c0:37:7f:a1:f8: 00:a7:c1:34:d1:b9:64:c5:15:3e:e9:1c:a1:f3:b3: b4:49:3f:ae:66:67:f4:c4:1a:8f:59:6a:05:f7:cb: b7:ae:91:68:dc:08:d3:02:9b:eb:a2:5d:d8:cf:12: 4b:3c:03:fc:b6:85:a2:dd:7e:d9:46:e7:9a:a7:f2: cf:ff:98:5b:5f:01:9e:0f:6c:dc:9a:b3:ad:b8:6e: e5:91:1f:0d:9e:b7:97:87:e8:83:19:ad:48:90:70: 15:25:66:8f:35:27:41:39:dd:78:27:fb:99:18:6b: 98:b1:66:87:53:26:b9:e5:a7:7c:7c:7c:95:a1:29: 5c:6a:19:b4:68:50:a3:4d:de:c7:5c:c8:c1:78:75: 85:af:28:0f:d6:5d:df:c3:39:59:c6:ee:da:45:ae: 6e:a2:61:d5:b2:ff:99:c2:40:60:6b:70:64:7b:c7: 79:a6:cd:d8:6d:c6:32:69:7f:d0:6c:49:a3:f6:2d: f4:cb:ce:7c:07:ab:2c:95:1a:db:44:6d:8c:b2:a0: 36:28:c0:77:32:ec:60:0c:59:04:5c:cb:c1:07:21: 4b:3b:b6:d1:50:33:e4:68:2b:f4:b8:cf:d7:49:17: d4:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:30:84:B9:15:92:E1:EC:A9:D3:D1:17:30:C7:CC:0C:6F:E3:91:E2 X509v3 Authority Key Identifier: keyid:F4:34:5C:31:4D:6E:BE:DE:B4:5F:E0:75:5F:8F:FE:AC:F3:63:CB:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/9DRcMU1uvt60X-B1X4_-rPNjy4o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9DRcMU1uvt60X-B1X4_-rPNjy4o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158D75/7434940EF25E11E99130B181C4F9AE02/B4B32D509EDD11EC85676D09C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.254.96.0/22 61.247.176.0/20 103.245.96.0/22 111.221.0.0/21 114.134.88.0/21 203.112.72.0/21 IPv6: 2401:d380::/32 Signature Algorithm: sha256WithRSAEncryption b4:1d:92:8c:26:6c:a1:83:11:b6:ab:27:e0:2f:23:fc:8e:bc: a2:f3:56:95:16:66:21:7a:41:b1:72:50:c3:15:65:ec:8e:96: 26:ad:cb:96:ef:95:e4:3e:7f:3f:82:05:cf:8e:f7:21:c8:9f: 8c:7c:06:d2:6b:fe:af:bf:5e:8c:05:0f:42:92:57:c1:c8:6c: 2c:97:85:c5:27:17:ed:01:46:f8:c1:d3:aa:75:2d:71:c4:4b: fa:da:17:08:17:37:b4:4f:fc:cb:68:20:43:b6:6f:4b:19:0a: a4:11:5a:a7:87:68:70:1a:8c:d6:dd:82:68:52:a1:79:37:b7: 56:5a:44:a5:4a:f3:57:40:ca:15:94:c7:a1:d3:96:f1:ce:b8: fb:eb:ab:fe:c1:f9:88:0b:c3:24:e1:56:db:5e:ea:d4:63:78: 52:f9:01:d9:40:65:40:4c:1e:b2:8a:b8:b2:0d:75:c0:2d:60: 95:9c:ce:82:af:d3:68:f0:6a:b6:8a:76:32:39:8f:c2:38:0b: ad:39:11:24:8a:ad:04:d4:50:90:cb:91:39:2c:c3:7a:ff:69: b1:4f:e9:a5:cd:aa:50:1d:36:76:ba:a2:8a:29:d7:32:fe:f0: 49:19:73:14:9f:f2:2c:85:18:46:2b:a4:8d:61:54:21:62:8d: 2b:1a:40:85 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgICDJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NThENzUxMTAvBgNVBAUTKEY0MzQ1QzMxNEQ2RUJFREVCNDVGRTA3NTVGOEZGRUFD RjM2M0NCOEEwHhcNMjUwMzI4MTgyOTIzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2U2ZWE4My05ZTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4RTQ9hfl2rS2QKNHHxuFBrLQob8jIHDUwDd/ofgAp8E00blkxRU+6Ryh87O0 ST+uZmf0xBqPWWoF98u3rpFo3AjTApvrol3YzxJLPAP8toWi3X7ZRueap/LP/5hb XwGeD2zcmrOtuG7lkR8NnreXh+iDGa1IkHAVJWaPNSdBOd14J/uZGGuYsWaHUya5 5ad8fHyVoSlcahm0aFCjTd7HXMjBeHWFrygP1l3fwzlZxu7aRa5uomHVsv+ZwkBg a3Bke8d5ps3YbcYyaX/QbEmj9i30y858B6sslRrbRG2MsqA2KMB3MuxgDFkEXMvB ByFLO7bRUDPkaCv0uM/XSRfUMQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFOIwhLkV kuHsqdPRFzDHzAxv45HiMB8GA1UdIwQYMBaAFPQ0XDFNbr7etF/gdV+P/qzzY8uK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEQ3NS83NDM0OTQwRUYy NUUxMUU5OTEzMEIxODFDNEY5QUUwMi85RFJjTVUxdXZ0NjBYLUIxWDRfLXJQTmp5 NG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlEUmNNVTF1dnQ2MFgtQjFYNF8tclBOank0by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NThENzUvNzQzNDk0MEVGMjVFMTFFOTkxMzBCMTgxQzRGOUFFMDIvQjRCMzJENTA5 RUREMTFFQzg1Njc2RDA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E PTA7MCoEAgABMCQDBAIr/mADBAQ997ADBAJn9WADBANv3QADBANyhlgDBAPLcEgw DQQCAAIwBwMFACQB04AwDQYJKoZIhvcNAQELBQADggEBALQdkowmbKGDEbarJ+Av I/yOvKLzVpUWZiF6QbFyUMMVZeyOliaty5bvleQ+fz+CBc+O9yHIn4x8BtJr/q+/ XowFD0KSV8HIbCyXhcUnF+0BRvjB06p1LXHES/raFwgXN7RP/MtoIEO2b0sZCqQR WqeHaHAajNbdgmhSoXk3t1ZaRKVK81dAyhWUx6HTlvHOuPvrq/7B+YgLwyThVtte 6tRjeFL5AdlAZUBMHrKKuLINdcAtYJWczoKv02jwaraKdjI5j8I4C605ESSKrQTU UJDLkTksw3r/abFP6aXNqlAdNna6ooop1zL+8EkZcxSf8iyFGEYrpI1hVCFijSsa QIU= -----END CERTIFICATE-----Generated at Sat Apr 12 10:42:50 2025 by rpki-client