$ rpki-client -vvf rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/258F8662BBDF11ED8CE89144C4F9AE02.roa File: 258F8662BBDF11ED8CE89144C4F9AE02.roa (raw, json) Hash identifier: gR4VIke3wzcLlwcHX1MfRQDB5DCCZYAeVJopuxrfT0I= Subject key identifier: 8D:F1:ED:28:C4:74:1D:D5:93:29:7A:EE:2D:15:4A:B5:59:85:DB:5B Certificate issuer: /CN=A916EF5E/serialNumber=42182F5F71A58984CE8859AE60A4CACA73FE8361 Certificate serial: 0F81 Authority key identifier: 42:18:2F:5F:71:A5:89:84:CE:88:59:AE:60:A4:CA:CA:73:FE:83:61 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/258F8662BBDF11ED8CE89144C4F9AE02.roa Signing time: Sun 12 Jan 2025 05:15:40 +0000 ROA not before: Sun 12 Jan 2025 05:15:40 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 54415 IP address blocks: 103.99.168.0/24 maxlen: 24 2401:b140::/48 maxlen: 48 2401:b140:1::/48 maxlen: 48 2401:b140:2::/48 maxlen: 48 2401:b140:3::/48 maxlen: 48 2401:b140:4::/48 maxlen: 48 2401:b140:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.crl rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 16:48:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3969 (0xf81) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916EF5E Validity Not Before: Jan 12 05:15:40 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67834ffc-db3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:2c:47:b5:83:44:ba:41:09:2e:b9:66:7a:0c: e0:97:1d:2c:aa:6d:e5:71:94:48:29:66:3d:07:1f: 56:27:43:f3:54:ba:16:15:03:7c:9e:90:90:04:2d: 4e:33:bb:f2:da:23:9b:c2:d2:e9:4b:a5:5b:2e:cd: bd:eb:4a:16:9a:0f:3d:e8:da:47:5e:44:90:82:42: 33:dd:18:03:b0:e1:a8:70:1c:39:cf:e2:59:75:7b: d2:f4:d4:93:ae:3b:36:bb:3f:74:7e:61:a4:67:55: 66:6e:ec:67:a1:e2:84:db:42:6f:f4:32:5c:ef:91: dc:0b:4b:61:37:b6:bc:de:d6:15:ab:5b:89:02:93: bc:52:bc:2e:37:4e:2e:4a:b6:ca:72:0d:94:39:6e: cb:3a:8d:54:40:f3:de:28:91:e0:46:3e:5b:31:89: 49:bd:a3:4f:79:69:3a:b1:24:3e:72:67:3d:b1:a3: 5c:7b:e7:e8:c0:34:12:48:11:55:5d:65:3c:1b:93: de:aa:fc:9a:cc:81:91:de:e5:9e:3b:a5:61:81:a0: 74:8b:d3:d3:56:e5:9f:53:09:67:d6:ba:02:a9:bd: da:93:85:11:93:f4:cd:b5:83:4e:65:b4:41:f9:3c: 7e:3f:7b:f3:3c:51:80:40:2e:5b:5e:a6:1c:37:11: 6a:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:F1:ED:28:C4:74:1D:D5:93:29:7A:EE:2D:15:4A:B5:59:85:DB:5B X509v3 Authority Key Identifier: keyid:42:18:2F:5F:71:A5:89:84:CE:88:59:AE:60:A4:CA:CA:73:FE:83:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/QhgvX3GliYTOiFmuYKTKynP-g2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QhgvX3GliYTOiFmuYKTKynP-g2E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916EF5E/F38DCF8A106B11E8B8CA020BC4F9AE02/258F8662BBDF11ED8CE89144C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.168.0/24 IPv6: 2401:b140::-2401:b140:5:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 1c:22:ad:d4:8d:35:72:3a:fe:de:d6:df:bf:c4:13:41:fd:05: c2:85:42:86:e5:24:85:41:35:2d:fc:50:19:de:47:ca:8f:97: 50:a1:3e:c0:79:64:a3:83:56:e1:17:db:78:ad:32:48:73:52: 8c:7d:bf:b6:29:99:2d:af:0d:3e:fe:2c:84:0e:a5:6d:9c:c0: 05:e1:60:9c:cb:c8:2a:41:86:60:da:70:d1:1b:c7:68:0b:02: c2:4e:0d:03:fe:c5:04:83:5f:2e:25:61:e4:c7:8b:e7:3a:a9: 1f:f4:d5:9d:76:1b:64:2d:50:81:4c:e6:40:a4:dc:74:21:94: 33:2c:3b:89:fb:96:f0:7d:bc:58:3e:f6:0c:02:42:fd:f7:fa: 20:86:10:80:a3:fa:52:83:c0:1a:32:bc:8a:f3:50:08:0a:28: ca:a1:cc:ab:ae:0b:8a:61:7d:1a:f0:f5:bf:7c:2e:7d:10:e7: 12:81:ba:c5:f0:42:bb:f8:c1:86:3f:df:38:8a:ac:52:66:4b: e7:ef:c2:11:1c:49:0c:c6:0e:1a:6b:f2:4d:cb:33:6b:de:2d: d1:53:69:0e:95:43:b1:b1:f5:e7:4c:3d:0e:e2:bd:02:83:87: 13:21:84:bd:20:6c:19:22:46:b9:a8:b8:2b:be:07:58:b3:74: 46:ec:d4:76 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICD4EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkVGNUUxMTAvBgNVBAUTKDQyMTgyRjVGNzFBNTg5ODRDRTg4NTlBRTYwQTRDQUNB NzNGRTgzNjEwHhcNMjUwMTEyMDUxNTQwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzgzNGZmYy1kYjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxixHtYNEukEJLrlmegzglx0sqm3lcZRIKWY9Bx9WJ0PzVLoWFQN8npCQBC1O M7vy2iObwtLpS6VbLs2960oWmg896NpHXkSQgkIz3RgDsOGocBw5z+JZdXvS9NST rjs2uz90fmGkZ1VmbuxnoeKE20Jv9DJc75HcC0thN7a83tYVq1uJApO8UrwuN04u SrbKcg2UOW7LOo1UQPPeKJHgRj5bMYlJvaNPeWk6sSQ+cmc9saNce+fowDQSSBFV XWU8G5PeqvyazIGR3uWeO6VhgaB0i9PTVuWfUwln1roCqb3ak4URk/TNtYNOZbRB +Tx+P3vzPFGAQC5bXqYcNxFqFwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFI3x7SjE dB3Vkyl67i0VSrVZhdtbMB8GA1UdIwQYMBaAFEIYL19xpYmEzohZrmCkyspz/oNh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RUY1RS9GMzhEQ0Y4QTEw NkIxMUU4QjhDQTAyMEJDNEY5QUUwMi9RaGd2WDNHbGlZVE9pRm11WUtUS3luUC1n MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FoZ3ZYM0dsaVlUT2lGbXVZS1RLeW5QLWcyRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkVGNUUvRjM4RENGOEExMDZCMTFFOEI4Q0EwMjBCQzRGOUFFMDIvMjU4Rjg2NjJC QkRGMTFFRDhDRTg5MTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMAwEAgABMAYDBABnY6gwGAQCAAIwEjAQAwUGJAGxQAMHASQBsUAABDANBgkq hkiG9w0BAQsFAAOCAQEAHCKt1I01cjr+3tbfv8QTQf0FwoVChuUkhUE1LfxQGd5H yo+XUKE+wHlko4NW4RfbeK0ySHNSjH2/timZLa8NPv4shA6lbZzABeFgnMvIKkGG YNpw0RvHaAsCwk4NA/7FBINfLiVh5MeL5zqpH/TVnXYbZC1QgUzmQKTcdCGUMyw7 ifuW8H28WD72DAJC/ff6IIYQgKP6UoPAGjK8ivNQCAooyqHMq64LimF9GvD1v3wu fRDnEoG6xfBCu/jBhj/fOIqsUmZL5+/CERxJDMYOGmvyTcsza94t0VNpDpVDsbH1 50w9DuK9AoOHEyGEvSBsGSJGuai4K74HWLN0RuzUdg== -----END CERTIFICATE-----Generated at Sat Apr 5 01:58:01 2025 by rpki-client