$ rpki-client -vvf rpki.apnic.net/member_repository/A916AC30/760D6A648C6211EF99464085C4F9AE02/8CBE22F8D33911EF9F576474C4F9AE02.roa File: 8CBE22F8D33911EF9F576474C4F9AE02.roa (raw, json) Hash identifier: NMDs0Vn0lErQbJ2ubqn2Wa0iHcDZLQ+NyOe8KJVyEl0= Subject key identifier: 6A:95:E3:9E:94:10:20:7B:7A:09:28:43:44:31:84:04:56:12:C7:96 Certificate issuer: /CN=A916AC30/serialNumber=72E8860B2B473365BF261420D06B58A804C296B2 Certificate serial: 53 Authority key identifier: 72:E8:86:0B:2B:47:33:65:BF:26:14:20:D0:6B:58:A8:04:C2:96:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cuiGCytHM2W_JhQg0GtYqATClrI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916AC30/760D6A648C6211EF99464085C4F9AE02/8CBE22F8D33911EF9F576474C4F9AE02.roa Signing time: Fri 07 Feb 2025 12:31:02 +0000 ROA not before: Fri 07 Feb 2025 12:31:02 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 59253 IP address blocks: 43.249.38.0/23 maxlen: 23 43.249.38.0/24 maxlen: 24 43.249.39.0/24 maxlen: 24 103.254.152.0/22 maxlen: 22 103.254.154.0/23 maxlen: 23 2001:df1:800::/48 maxlen: 48 2402:a7c0::/32 maxlen: 32 2402:a7c0:3000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916AC30/760D6A648C6211EF99464085C4F9AE02/cuiGCytHM2W_JhQg0GtYqATClrI.crl rsync://rpki.apnic.net/member_repository/A916AC30/760D6A648C6211EF99464085C4F9AE02/cuiGCytHM2W_JhQg0GtYqATClrI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cuiGCytHM2W_JhQg0GtYqATClrI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 06:25:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 83 (0x53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916AC30 Validity Not Before: Feb 7 12:31:02 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67a5fd05-5a80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:c8:d3:64:8e:38:a0:22:28:f8:64:12:bb:16: f4:c7:df:1d:12:69:f5:05:82:20:ce:3b:60:9b:61: f5:50:d7:24:c7:97:29:30:43:06:0a:cc:a4:90:6e: a4:7f:23:fb:64:0a:cf:e4:a7:35:10:97:82:2b:ff: bc:d8:19:17:4d:42:5c:7d:26:84:85:5c:01:ad:e7: c1:39:7c:ac:a1:cf:1b:58:3c:d1:10:b9:02:fd:bf: 57:41:c5:fa:03:6c:f1:51:5e:cf:9a:71:36:22:0a: 28:8a:6f:13:0d:12:44:05:7c:1e:80:94:ba:76:92: b8:f1:5d:de:f2:87:1a:82:5e:db:a1:d7:6d:cb:28: f9:03:88:ef:41:78:f1:8e:67:cd:3d:71:53:55:77: c7:15:c2:6d:d9:d7:1a:e8:ca:5f:8b:68:7e:4a:53: 01:8d:16:d8:a3:99:db:b2:6c:54:f7:ce:a6:3f:5b: 57:65:98:3a:66:76:99:28:57:62:bc:00:bb:c2:39: f7:ba:04:94:06:af:2d:77:9c:94:4f:7c:b9:68:a3: 22:8f:98:32:57:34:88:93:fc:54:3e:48:4b:84:bf: 71:d9:90:11:5d:cc:23:b4:8c:d9:b6:43:d9:e6:54: 40:52:6f:92:fe:83:b8:27:22:d0:0e:d6:d0:0a:c3: ed:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:95:E3:9E:94:10:20:7B:7A:09:28:43:44:31:84:04:56:12:C7:96 X509v3 Authority Key Identifier: keyid:72:E8:86:0B:2B:47:33:65:BF:26:14:20:D0:6B:58:A8:04:C2:96:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916AC30/760D6A648C6211EF99464085C4F9AE02/cuiGCytHM2W_JhQg0GtYqATClrI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cuiGCytHM2W_JhQg0GtYqATClrI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916AC30/760D6A648C6211EF99464085C4F9AE02/8CBE22F8D33911EF9F576474C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.38.0/23 103.254.152.0/22 IPv6: 2001:df1:800::/48 2402:a7c0::/32 Signature Algorithm: sha256WithRSAEncryption 72:f5:81:fa:55:1a:ae:e6:b8:51:3e:7e:e5:a2:d7:73:d7:30: d1:89:a7:f4:5e:99:29:bf:7f:fd:20:3a:5c:37:ef:11:0d:43: ba:99:b0:5f:07:38:d7:60:c6:24:32:a8:a6:e2:ed:de:44:29: 11:b8:b3:f7:e2:3b:1d:4f:3c:47:07:ee:b7:1f:c0:6c:a3:05: 65:21:9f:91:09:67:c6:a8:2b:a4:f8:52:4c:34:5d:2e:72:0d: ad:20:19:db:b9:41:a9:28:28:9e:d8:f8:be:71:9d:d2:36:e6: a7:4b:c1:5c:a2:b1:7c:9a:6c:a9:72:06:d4:b7:fd:c7:d4:58: 86:30:b7:77:b6:61:85:f5:b8:ad:3b:7e:e9:0f:f6:83:1e:39: 25:ec:0a:51:5b:64:28:ff:d5:eb:01:d2:a0:6d:c4:57:ac:de: b5:40:d5:50:dd:b0:2a:de:74:56:a1:9f:ba:24:8a:30:1c:b9: 0b:ff:8e:24:31:63:7b:05:65:d5:8f:d1:80:18:89:ed:45:1a: ff:54:a1:1e:c8:e3:b9:c9:da:63:c5:36:00:9f:45:ac:b8:16: cd:05:b0:34:c3:a8:fd:8f:fc:18:29:cb:7c:3c:7e:50:5c:bc: fe:7a:e0:78:d8:0c:bf:57:00:ea:77:fe:3b:e5:33:77:ac:f9: ca:4f:9c:c4 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgIBUzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 QUMzMDExMC8GA1UEBRMoNzJFODg2MEIyQjQ3MzM2NUJGMjYxNDIwRDA2QjU4QTgw NEMyOTZCMjAeFw0yNTAyMDcxMjMxMDJaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YTVmZDA1LTVhODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDRyNNkjjigIij4ZBK7FvTH3x0SafUFgiDOO2CbYfVQ1yTHlykwQwYKzKSQbqR/ I/tkCs/kpzUQl4Ir/7zYGRdNQlx9JoSFXAGt58E5fKyhzxtYPNEQuQL9v1dBxfoD bPFRXs+acTYiCiiKbxMNEkQFfB6AlLp2krjxXd7yhxqCXtuh123LKPkDiO9BePGO Z809cVNVd8cVwm3Z1xroyl+LaH5KUwGNFtijmduybFT3zqY/W1dlmDpmdpkoV2K8 ALvCOfe6BJQGry13nJRPfLlooyKPmDJXNIiT/FQ+SEuEv3HZkBFdzCO0jNm2Q9nm VEBSb5L+g7gnItAO1tAKw+3nAgMBAAGjggKzMIICrzAdBgNVHQ4EFgQUapXjnpQQ IHt6CShDRDGEBFYSx5YwHwYDVR0jBBgwFoAUcuiGCytHM2W/JhQg0GtYqATClrIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZBQzMwLzc2MEQ2QTY0OEM2 MjExRUY5OTQ2NDA4NUM0RjlBRTAyL2N1aUdDeXRITTJXX0poUWcwR3RZcUFUQ2xy SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY3VpR0N5dEhNMldfSmhRZzBHdFlxQVRDbHJJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QUMzMC83NjBENkE2NDhDNjIxMUVGOTk0NjQwODVDNEY5QUUwMi84Q0JFMjJGOEQz MzkxMUVGOUY1NzY0NzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA9BggrBgEFBQcBBwEB/wQu MCwwEgQCAAEwDAMEASv5JgMEAmf+mDAWBAIAAjAQAwcAIAEN8QgAAwUAJAKnwDAN BgkqhkiG9w0BAQsFAAOCAQEAcvWB+lUarua4UT5+5aLXc9cw0Ymn9F6ZKb9//SA6 XDfvEQ1DupmwXwc412DGJDKopuLt3kQpEbiz9+I7HU88Rwfutx/AbKMFZSGfkQln xqgrpPhSTDRdLnINrSAZ27lBqSgontj4vnGd0jbmp0vBXKKxfJpsqXIG1Lf9x9RY hjC3d7ZhhfW4rTt+6Q/2gx45JewKUVtkKP/V6wHSoG3EV6zetUDVUN2wKt50VqGf uiSKMBy5C/+OJDFjewVl1Y/RgBiJ7UUa/1ShHsjjucnaY8U2AJ9FrLgWzQWwNMOo /Y/8GCnLfDx+UFy8/nrgeNgMv1cA6nf+O+Uzd6z5yk+cxA== -----END CERTIFICATE-----Generated at Sat Apr 5 19:27:54 2025 by rpki-client