$ rpki-client -vvf rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/3D940BFAC1A711EFAFD15F46C4F9AE02.roa File: 3D940BFAC1A711EFAFD15F46C4F9AE02.roa (raw, json) Hash identifier: 9+qlA4Q9NblMxHBbHQc6/IzU15TwV+ogIZA74gQ+vIA= Subject key identifier: 3D:EE:E6:E1:CF:0F:BD:DA:E0:CE:79:B9:32:FA:68:83:F1:D8:5C:1F Certificate issuer: /CN=A9161B4C/serialNumber=E384AA4025A106B547A7C089B1DDFEEE6CCBA22F Certificate serial: 0144 Authority key identifier: E3:84:AA:40:25:A1:06:B5:47:A7:C0:89:B1:DD:FE:EE:6C:CB:A2:2F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/44SqQCWhBrVHp8CJsd3-7mzLoi8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/3D940BFAC1A711EFAFD15F46C4F9AE02.roa Signing time: Tue 24 Dec 2024 03:30:28 +0000 ROA not before: Tue 24 Dec 2024 03:30:28 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 151396 IP address blocks: 103.134.216.0/24 maxlen: 24 103.134.217.0/24 maxlen: 24 103.134.218.0/24 maxlen: 24 103.134.219.0/24 maxlen: 24 103.146.218.0/23 maxlen: 24 103.214.0.0/23 maxlen: 24 2401:720::/36 maxlen: 36 2401:720:1000::/36 maxlen: 36 2401:720:2000::/36 maxlen: 36 2401:720:3000::/36 maxlen: 36 2401:720:4000::/36 maxlen: 36 2401:720:5000::/36 maxlen: 36 2401:720:6000::/36 maxlen: 36 2401:720:7000::/36 maxlen: 36 2401:720:8000::/36 maxlen: 36 2401:720:9000::/36 maxlen: 36 2401:720:a000::/36 maxlen: 36 2401:720:b000::/36 maxlen: 36 2401:720:c000::/36 maxlen: 36 2401:720:d000::/36 maxlen: 36 2401:720:e000::/36 maxlen: 36 2401:720:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/44SqQCWhBrVHp8CJsd3-7mzLoi8.crl rsync://rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/44SqQCWhBrVHp8CJsd3-7mzLoi8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/44SqQCWhBrVHp8CJsd3-7mzLoi8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 03:28:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 324 (0x144) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161B4C Validity Not Before: Dec 24 03:30:28 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=676a2ad4-2b29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d1:22:16:0b:b4:4e:0e:87:70:e3:21:40:54: 30:6a:ac:88:41:c0:09:17:c9:0a:92:53:78:bb:68: ac:e4:5f:1c:8c:96:57:a9:81:93:a4:74:97:25:65: ef:64:3a:0e:fd:3a:06:56:f3:ab:16:1e:76:1c:f9: 2a:a7:07:08:2c:60:17:ec:09:94:65:5f:f0:61:aa: d9:5f:6e:7b:b4:2b:96:50:2b:45:01:52:8f:5d:d5: 22:c3:52:36:1b:23:20:2a:4c:38:74:1c:01:ea:18: c9:e5:9e:71:ea:ad:03:db:88:3e:1f:2c:fd:2f:09: 8e:6a:7b:d5:24:ec:a6:b1:5f:84:0e:ac:81:f7:84: 13:2e:3e:8d:47:b2:1d:1d:cb:88:02:8b:a2:1d:0f: 99:b1:42:66:72:2d:5e:29:53:63:7b:f2:78:b3:68: 83:3b:0c:4e:78:8f:09:3f:6d:e8:91:c8:ff:e0:b9: d3:cf:d3:1f:b2:2d:1f:18:da:f3:13:9a:5e:8c:ce: 59:54:e6:7a:86:bf:7e:c3:34:10:4b:32:a3:87:3b: 85:38:a1:89:b3:8e:80:da:12:b1:14:35:d2:df:b5: 83:49:3f:e7:fd:75:ea:6d:00:96:e2:88:9d:45:f4: 3e:65:a7:e6:f2:b0:2e:9f:ba:df:6c:be:dc:cc:67: 2b:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:EE:E6:E1:CF:0F:BD:DA:E0:CE:79:B9:32:FA:68:83:F1:D8:5C:1F X509v3 Authority Key Identifier: keyid:E3:84:AA:40:25:A1:06:B5:47:A7:C0:89:B1:DD:FE:EE:6C:CB:A2:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/44SqQCWhBrVHp8CJsd3-7mzLoi8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/44SqQCWhBrVHp8CJsd3-7mzLoi8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161B4C/29799152043011EEB3732C5BC4F9AE02/3D940BFAC1A711EFAFD15F46C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.134.216.0/22 103.146.218.0/23 103.214.0.0/23 IPv6: 2401:720::/32 Signature Algorithm: sha256WithRSAEncryption 29:7c:ea:36:64:6f:e3:c0:e2:8d:57:42:34:09:1d:ff:ec:d0: af:53:26:2b:76:d8:07:be:d4:93:8e:cf:1a:d0:ba:59:94:cc: 87:b5:45:8f:97:25:7f:0c:69:f5:83:b2:32:d6:d2:42:37:6d: d5:c8:0b:f9:fc:6b:30:e3:37:2f:c5:79:0f:62:bf:fa:ee:32: 88:a7:1c:28:5f:b9:99:64:7b:1c:75:b5:ab:ae:bb:6a:19:c3: a8:b9:17:d7:97:ce:7a:57:19:c8:05:44:c1:77:8a:59:90:51: 84:ef:45:2c:e8:f8:5a:ea:3d:6b:5a:81:2e:d1:bc:20:24:35: a7:45:d2:19:ea:62:fb:e9:81:e3:8c:cf:fb:48:46:de:fb:81: 49:5b:56:49:65:b5:66:2b:9b:f4:29:67:1d:e9:1b:77:bb:ed: ec:15:9e:ad:9f:41:52:dd:99:76:6c:2b:36:60:c0:25:45:5e: 21:91:1d:ee:b6:08:b8:b5:7c:3b:50:b4:b3:9e:19:09:cf:cd: 63:b3:29:01:d1:89:e0:a0:5e:e1:68:9f:12:e8:cd:ac:14:dc: c2:27:5a:be:08:e6:45:b7:9c:aa:25:5a:42:99:ea:19:a8:81: 99:64:b0:bf:3f:ed:42:50:b1:d5:a8:98:87:2d:dc:de:e3:ab: dd:fc:76:b0 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICAUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjFCNEMxMTAvBgNVBAUTKEUzODRBQTQwMjVBMTA2QjU0N0E3QzA4OUIxRERGRUVF NkNDQkEyMkYwHhcNMjQxMjI0MDMzMDI4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzZhMmFkNC0yYjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuNEiFgu0Tg6HcOMhQFQwaqyIQcAJF8kKklN4u2is5F8cjJZXqYGTpHSXJWXv ZDoO/ToGVvOrFh52HPkqpwcILGAX7AmUZV/wYarZX257tCuWUCtFAVKPXdUiw1I2 GyMgKkw4dBwB6hjJ5Z5x6q0D24g+Hyz9LwmOanvVJOymsV+EDqyB94QTLj6NR7Id HcuIAouiHQ+ZsUJmci1eKVNje/J4s2iDOwxOeI8JP23okcj/4LnTz9Mfsi0fGNrz E5pejM5ZVOZ6hr9+wzQQSzKjhzuFOKGJs46A2hKxFDXS37WDST/n/XXqbQCW4oid RfQ+Zafm8rAun7rfbL7czGcrIwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFD3u5uHP D73a4M55uTL6aIPx2FwfMB8GA1UdIwQYMBaAFOOEqkAloQa1R6fAibHd/u5sy6Iv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUI0Qy8yOTc5OTE1MjA0 MzAxMUVFQjM3MzJDNUJDNEY5QUUwMi80NFNxUUNXaEJyVkhwOENKc2QzLTdtekxv aTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ0U3FRQ1doQnJWSHA4Q0pzZDMtN216TG9pOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjFCNEMvMjk3OTkxNTIwNDMwMTFFRUIzNzMyQzVCQzRGOUFFMDIvM0Q5NDBCRkFD MUE3MTFFRkFGRDE1RjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAJnhtgDBAFnktoDBAFn1gAwDQQCAAIwBwMFACQBByAwDQYJ KoZIhvcNAQELBQADggEBACl86jZkb+PA4o1XQjQJHf/s0K9TJit22Ae+1JOOzxrQ ulmUzIe1RY+XJX8MafWDsjLW0kI3bdXIC/n8azDjNy/FeQ9iv/ruMoinHChfuZlk exx1tauuu2oZw6i5F9eXznpXGcgFRMF3ilmQUYTvRSzo+FrqPWtagS7RvCAkNadF 0hnqYvvpgeOMz/tIRt77gUlbVklltWYrm/QpZx3pG3e77ewVnq2fQVLdmXZsKzZg wCVFXiGRHe62CLi1fDtQtLOeGQnPzWOzKQHRieCgXuFonxLozawU3MInWr4I5kW3 nKolWkKZ6hmogZlksL8/7UJQsdWomIct3N7jq938drA= -----END CERTIFICATE-----Generated at Sun Apr 6 21:10:08 2025 by rpki-client