$ rpki-client -vvf rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/7D1F1FBEFB6611EFB1FB024BC4F9AE02.roa File: 7D1F1FBEFB6611EFB1FB024BC4F9AE02.roa (raw, json) Hash identifier: fisSzN1NEUWVRstcSqL4cuynXiHp5VgHPFGAgqQAMWs= Subject key identifier: 0C:9C:EC:83:B0:9B:1A:37:75:9E:76:8E:83:32:9D:9A:D0:9D:B7:62 Certificate issuer: /CN=A916B974/serialNumber=90B2F12BE7A58663BF15DC717E7D40B30241B8EA Certificate serial: 02 Authority key identifier: 90:B2:F1:2B:E7:A5:86:63:BF:15:DC:71:7E:7D:40:B3:02:41:B8:EA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kLLxK-elhmO_Fdxxfn1AswJBuOo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/7D1F1FBEFB6611EFB1FB024BC4F9AE02.roa Signing time: Fri 07 Mar 2025 15:11:48 +0000 ROA not before: Fri 07 Mar 2025 15:11:48 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 135357 IP address blocks: 43.240.144.0/22 maxlen: 22 43.240.144.0/24 maxlen: 24 43.240.145.0/24 maxlen: 24 43.240.146.0/24 maxlen: 24 43.240.147.0/24 maxlen: 24 103.215.48.0/22 maxlen: 22 103.215.48.0/24 maxlen: 24 103.215.49.0/24 maxlen: 24 103.215.50.0/24 maxlen: 24 103.215.51.0/24 maxlen: 24 144.48.220.0/22 maxlen: 22 144.48.220.0/24 maxlen: 24 144.48.221.0/24 maxlen: 24 144.48.222.0/24 maxlen: 24 144.48.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/kLLxK-elhmO_Fdxxfn1AswJBuOo.crl rsync://rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/kLLxK-elhmO_Fdxxfn1AswJBuOo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kLLxK-elhmO_Fdxxfn1AswJBuOo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 07:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B974 Validity Not Before: Mar 7 15:11:48 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67cb0cb3-bdce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:d2:b0:b1:65:bc:52:3e:8e:ab:3f:3d:e0:f8: d2:c3:76:27:f0:6f:e2:84:47:f0:ae:58:1b:d5:53: e2:78:3e:ab:94:10:8c:ee:87:05:85:7b:a2:68:4a: b9:8a:42:b4:9f:0e:97:99:49:da:53:40:bd:25:ce: 7b:c7:ab:df:02:15:74:66:ae:b1:ff:f0:2a:e0:4d: a1:7c:dc:57:95:37:6e:1d:dc:a5:65:d5:42:88:87: 68:fb:0b:1e:bb:9a:13:56:0f:b9:e2:27:f4:57:76: 56:d6:c5:bd:30:82:e6:9e:ed:02:be:b5:ad:8d:9a: 1f:6a:dd:1e:5f:5a:c9:19:e2:34:6d:71:c4:54:36: 1d:63:38:07:3b:e0:dc:47:c1:1f:3c:49:42:76:30: 79:38:0b:b6:4a:fa:01:f3:c0:34:32:98:4b:93:fd: ca:49:45:72:9f:75:0f:c8:1c:3f:fa:17:12:94:41: ba:40:e5:3e:3f:27:20:c8:0c:c1:aa:ce:d6:63:7f: 53:e4:68:b4:1b:01:6e:1c:67:0a:d1:e8:35:71:8f: 99:6b:10:0d:5f:d8:7a:6e:25:15:32:7a:b8:8d:cf: 88:f3:13:62:dd:cf:7d:ab:92:ff:9c:97:71:90:a1: 17:66:ba:29:1f:dc:79:67:3d:d1:65:f5:80:50:ab: 73:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:9C:EC:83:B0:9B:1A:37:75:9E:76:8E:83:32:9D:9A:D0:9D:B7:62 X509v3 Authority Key Identifier: keyid:90:B2:F1:2B:E7:A5:86:63:BF:15:DC:71:7E:7D:40:B3:02:41:B8:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/kLLxK-elhmO_Fdxxfn1AswJBuOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kLLxK-elhmO_Fdxxfn1AswJBuOo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B974/E4E8900EFB6511EF9BBAEE49C4F9AE02/7D1F1FBEFB6611EFB1FB024BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.240.144.0/22 103.215.48.0/22 144.48.220.0/22 Signature Algorithm: sha256WithRSAEncryption 86:30:d6:e9:78:74:67:3b:82:59:22:c9:cf:38:d9:62:94:e4: 44:e2:27:ff:3d:05:89:d8:5c:13:d5:a3:ac:6c:09:7d:4c:0c: 90:11:8a:cb:a5:67:d4:74:06:0f:95:9c:78:25:f1:03:c2:63: eb:5d:1b:8a:3f:54:43:64:ac:07:71:e0:cd:52:6f:f9:74:47: 4f:0f:60:0e:fe:ff:fa:e7:31:a3:63:c1:e6:1e:e4:81:75:e2: 37:95:50:d8:16:fa:08:27:a7:16:1c:48:90:19:17:f3:78:97: f5:cb:78:00:15:b7:99:9b:ca:6c:e7:a5:f2:1a:a4:12:41:e0: 34:d1:f0:73:ae:cb:e7:8e:89:93:d0:1f:4c:2d:d5:00:79:b4: 3e:8a:64:d8:ab:e7:7a:42:25:9c:04:0b:eb:d5:9f:0b:89:47: 81:74:ed:91:d3:17:80:01:68:8e:a9:a6:cc:9d:c5:34:21:b1: ce:80:99:f0:92:02:e8:17:7c:43:c0:46:c5:18:7a:65:58:5e: 46:c9:2b:85:75:c2:e2:5d:e5:02:6a:39:c3:e6:cc:5e:1a:58: a7:d9:6f:e3:46:04:9d:59:0c:c4:f6:31:be:e3:a9:fb:a9:46: 89:dc:78:d1:de:00:84:e7:39:73:d7:d6:a2:69:3d:fb:f4:53: 7b:7e:a1:56 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 Qjk3NDExMC8GA1UEBRMoOTBCMkYxMkJFN0E1ODY2M0JGMTVEQzcxN0U3RDQwQjMw MjQxQjhFQTAeFw0yNTAzMDcxNTExNDhaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3Y2IwY2IzLWJkY2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDT0rCxZbxSPo6rPz3g+NLDdifwb+KER/CuWBvVU+J4PquUEIzuhwWFe6JoSrmK QrSfDpeZSdpTQL0lznvHq98CFXRmrrH/8CrgTaF83FeVN24d3KVl1UKIh2j7Cx67 mhNWD7niJ/RXdlbWxb0wguae7QK+ta2Nmh9q3R5fWskZ4jRtccRUNh1jOAc74NxH wR88SUJ2MHk4C7ZK+gHzwDQymEuT/cpJRXKfdQ/IHD/6FxKUQbpA5T4/JyDIDMGq ztZjf1PkaLQbAW4cZwrR6DVxj5lrEA1f2HpuJRUyeriNz4jzE2Ldz32rkv+cl3GQ oRdmuikf3HlnPdFl9YBQq3P9AgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUDJzsg7Cb Gjd1nnaOgzKdmtCdt2IwHwYDVR0jBBgwFoAUkLLxK+elhmO/Fdxxfn1AswJBuOow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZCOTc0L0U0RTg5MDBFRkI2 NTExRUY5QkJBRUU0OUM0RjlBRTAyL2tMTHhLLWVsaG1PX0ZkeHhmbjFBc3dKQnVP by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIva0xMeEstZWxobU9fRmR4eGZuMUFzd0pCdU9vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 Qjk3NC9FNEU4OTAwRUZCNjUxMUVGOUJCQUVFNDlDNEY5QUUwMi83RDFGMUZCRUZC NjYxMUVGQjFGQjAyNEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc MBowGAQCAAEwEgMEAivwkAMEAmfXMAMEApAw3DANBgkqhkiG9w0BAQsFAAOCAQEA hjDW6Xh0ZzuCWSLJzzjZYpTkROIn/z0FidhcE9WjrGwJfUwMkBGKy6Vn1HQGD5Wc eCXxA8Jj610bij9UQ2SsB3HgzVJv+XRHTw9gDv7/+ucxo2PB5h7kgXXiN5VQ2Bb6 CCenFhxIkBkX83iX9ct4ABW3mZvKbOel8hqkEkHgNNHwc67L546Jk9AfTC3VAHm0 Popk2KvnekIlnAQL69WfC4lHgXTtkdMXgAFojqmmzJ3FNCGxzoCZ8JIC6Bd8Q8BG xRh6ZVheRskrhXXC4l3lAmo5w+bMXhpYp9lv40YEnVkMxPYxvuOp+6lGidx40d4A hOc5c9fWomk9+/RTe36hVg== -----END CERTIFICATE-----Generated at Sat Apr 5 07:16:50 2025 by rpki-client