$ rpki-client -vvf rpki.apnic.net/member_repository/A9165588/694531F2FA8711EF83EDEC2DC4F9AE02/C405E494FCBF11EF8E586B7AC4F9AE02.roa File: C405E494FCBF11EF8E586B7AC4F9AE02.roa (raw, json) Hash identifier: 8p+dYc7w4P5cdTWL4po8oK48UBPSJ7b6JBGkywZrPZ0= Subject key identifier: C7:D7:2F:E7:93:1B:A7:49:BF:BF:86:B7:60:10:BD:7E:6F:48:B0:F2 Certificate issuer: /CN=A9165588/serialNumber=EF9F97CEB2927651D64FAA02E39DBE0DA3B71F95 Certificate serial: 11 Authority key identifier: EF:9F:97:CE:B2:92:76:51:D6:4F:AA:02:E3:9D:BE:0D:A3:B7:1F:95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75-XzrKSdlHWT6oC452-DaO3H5U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165588/694531F2FA8711EF83EDEC2DC4F9AE02/C405E494FCBF11EF8E586B7AC4F9AE02.roa Signing time: Sun 09 Mar 2025 08:23:23 +0000 ROA not before: Sun 09 Mar 2025 08:23:23 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 0 IP address blocks: 203.13.144.0/24 maxlen: 24 203.13.146.0/23 maxlen: 24 203.13.148.0/22 maxlen: 24 203.13.152.0/22 maxlen: 24 203.13.157.0/24 maxlen: 24 203.13.158.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165588/694531F2FA8711EF83EDEC2DC4F9AE02/75-XzrKSdlHWT6oC452-DaO3H5U.crl rsync://rpki.apnic.net/member_repository/A9165588/694531F2FA8711EF83EDEC2DC4F9AE02/75-XzrKSdlHWT6oC452-DaO3H5U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75-XzrKSdlHWT6oC452-DaO3H5U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 07:19:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165588 Validity Not Before: Mar 9 08:23:23 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67cd4ffb-d088 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:9b:a6:18:86:3b:e4:79:47:1a:2d:98:04:b6: 11:1d:44:f1:a4:68:4a:cf:6c:ce:0e:a1:2a:ee:de: e6:28:e2:03:d4:34:83:bf:dd:1e:aa:7d:b9:6f:8f: 84:c4:d4:6b:75:75:f8:8a:17:84:53:16:07:63:87: c8:08:68:81:25:e2:d5:68:3a:b9:b5:f3:12:62:db: fe:93:cf:85:81:91:36:70:5c:78:45:7e:14:78:e3: d7:6d:23:58:a2:d8:d0:bf:40:0a:ef:ee:b5:7f:85: f6:04:d1:53:26:1b:04:0c:0b:c6:c1:1f:af:7d:36: f0:b2:79:fb:89:80:8d:0e:bd:fa:0e:3c:c1:e1:6e: a0:09:b1:45:71:2a:c4:d2:f7:75:70:06:ea:ac:15: 3b:ed:40:d4:82:95:09:b6:77:0e:4f:be:2e:29:26: 71:0e:bc:54:93:22:b1:fe:9c:d5:6a:0a:09:dd:53: 1e:93:35:ca:1c:6f:02:c3:be:5e:db:0f:37:7e:87: 7f:d6:98:fb:26:9c:ed:98:20:63:b4:31:00:5d:b2: 4a:7f:2a:bf:eb:fe:62:28:03:70:52:73:8a:d6:9b: 65:77:ec:b2:1a:c7:93:2c:0e:7f:64:21:16:fd:bf: bd:a8:a2:d1:b0:61:a3:b5:39:a9:78:c9:7b:e6:e8: e5:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:D7:2F:E7:93:1B:A7:49:BF:BF:86:B7:60:10:BD:7E:6F:48:B0:F2 X509v3 Authority Key Identifier: keyid:EF:9F:97:CE:B2:92:76:51:D6:4F:AA:02:E3:9D:BE:0D:A3:B7:1F:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165588/694531F2FA8711EF83EDEC2DC4F9AE02/75-XzrKSdlHWT6oC452-DaO3H5U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75-XzrKSdlHWT6oC452-DaO3H5U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165588/694531F2FA8711EF83EDEC2DC4F9AE02/C405E494FCBF11EF8E586B7AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.13.144.0/24 203.13.146.0-203.13.155.255 203.13.157.0-203.13.159.255 Signature Algorithm: sha256WithRSAEncryption 81:d0:77:cb:45:4a:f1:6d:c9:38:8a:86:1f:f0:dd:bb:d4:76: c4:32:57:75:66:cc:e0:87:8c:05:85:da:00:0c:56:6a:90:ca: 07:24:66:4e:80:ed:f6:04:d8:8a:ad:35:09:aa:a8:ba:73:b0: b3:25:09:8d:19:90:69:f4:11:72:9a:d4:d2:c5:81:d0:ce:88: cc:4f:56:1d:7f:b8:6c:65:1e:d3:b1:3f:69:14:8d:e4:1e:67: 18:48:63:65:33:c8:f7:77:ed:8c:a5:b5:c5:11:fd:eb:50:1e: c6:05:f3:9d:94:ed:7c:ca:80:1f:f2:7f:f2:cd:00:36:57:9f: 7b:35:36:c3:5a:a1:7b:e7:06:72:08:e7:63:af:b0:9f:f2:ee: c0:b2:03:9f:8c:6d:3c:ae:07:d7:26:eb:de:02:e8:ea:ea:a2: 16:e9:a5:97:ff:c6:0b:fa:2c:0c:78:16:d5:2e:a2:b0:75:28: 0e:75:a9:36:bb:6b:65:b9:b7:2e:0d:64:74:8c:67:0c:f2:c0: 3c:34:67:c2:7a:d7:a3:2a:45:cd:a7:b6:f5:81:f8:97:6b:d6: d9:ff:02:0e:73:0f:a1:c0:de:a4:c4:af:f4:a6:f2:cd:be:ef: c3:2b:12:6b:c7:d2:f6:f4:ef:50:4d:0c:7a:b7:d3:b1:73:9f: 18:a4:36:31 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 NTU4ODExMC8GA1UEBRMoRUY5Rjk3Q0VCMjkyNzY1MUQ2NEZBQTAyRTM5REJFMERB M0I3MUY5NTAeFw0yNTAzMDkwODIzMjNaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3Y2Q0ZmZiLWQwODgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDYm6YYhjvkeUcaLZgEthEdRPGkaErPbM4OoSru3uYo4gPUNIO/3R6qfblvj4TE 1Gt1dfiKF4RTFgdjh8gIaIEl4tVoOrm18xJi2/6Tz4WBkTZwXHhFfhR449dtI1ii 2NC/QArv7rV/hfYE0VMmGwQMC8bBH699NvCyefuJgI0OvfoOPMHhbqAJsUVxKsTS 93VwBuqsFTvtQNSClQm2dw5Pvi4pJnEOvFSTIrH+nNVqCgndUx6TNcocbwLDvl7b Dzd+h3/WmPsmnO2YIGO0MQBdskp/Kr/r/mIoA3BSc4rWm2V37LIax5MsDn9kIRb9 v72ootGwYaO1Oal4yXvm6OX3AgMBAAGjggKxMIICrTAdBgNVHQ4EFgQUx9cv55Mb p0m/v4a3YBC9fm9IsPIwHwYDVR0jBBgwFoAU75+XzrKSdlHWT6oC452+DaO3H5Uw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1NTg4LzY5NDUzMUYyRkE4 NzExRUY4M0VERUMyREM0RjlBRTAyLzc1LVh6cktTZGxIV1Q2b0M0NTItRGFPM0g1 VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNzUtWHpyS1NkbEhXVDZvQzQ1Mi1EYU8zSDVVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NTU4OC82OTQ1MzFGMkZBODcxMUVGODNFREVDMkRDNEY5QUUwMi9DNDA1RTQ5NEZD QkYxMUVGOEU1ODZCN0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA7BggrBgEFBQcBBwEB/wQs MCowKAQCAAEwIgMEAMsNkDAMAwQByw2SAwQCyw2YMAwDBADLDZ0DBAXLDYAwDQYJ KoZIhvcNAQELBQADggEBAIHQd8tFSvFtyTiKhh/w3bvUdsQyV3VmzOCHjAWF2gAM VmqQygckZk6A7fYE2IqtNQmqqLpzsLMlCY0ZkGn0EXKa1NLFgdDOiMxPVh1/uGxl HtOxP2kUjeQeZxhIY2UzyPd37YyltcUR/etQHsYF852U7XzKgB/yf/LNADZXn3s1 NsNaoXvnBnII52OvsJ/y7sCyA5+MbTyuB9cm694C6OrqohbppZf/xgv6LAx4FtUu orB1KA51qTa7a2W5ty4NZHSMZwzywDw0Z8J616MqRc2ntvWB+Jdr1tn/Ag5zD6HA 3qTEr/Sm8s2+78MrEmvH0vb071BNDHq307FznxikNjE= -----END CERTIFICATE-----Generated at Sat Apr 5 02:13:22 2025 by rpki-client