$ rpki-client -vvf rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/D7A207C2F33611EAA449F44CC4F9AE02.roa File: D7A207C2F33611EAA449F44CC4F9AE02.roa (raw, json) Hash identifier: mHz2DdFQ0RZ5vfKso12AKZq1LAYQSiKV2aIOicI25cQ= Subject key identifier: 6D:52:22:21:70:DA:63:68:9C:EA:40:87:0B:26:7D:95:9B:54:74:64 Certificate issuer: /CN=A917DB52/serialNumber=693B71A5B5DA6054DF7F9C0D379CF520C1C8F291 Certificate serial: 0785 Authority key identifier: 69:3B:71:A5:B5:DA:60:54:DF:7F:9C:0D:37:9C:F5:20:C1:C8:F2:91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aTtxpbXaYFTff5wNN5z1IMHI8pE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/D7A207C2F33611EAA449F44CC4F9AE02.roa Signing time: Fri 13 Dec 2024 11:26:43 +0000 ROA not before: Fri 13 Dec 2024 11:26:43 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 136481 IP address blocks: 103.89.168.0/22 maxlen: 22 103.89.168.0/24 maxlen: 24 103.89.169.0/24 maxlen: 24 103.89.170.0/23 maxlen: 24 163.53.236.0/22 maxlen: 22 163.53.236.0/24 maxlen: 24 163.53.237.0/24 maxlen: 24 163.53.238.0/24 maxlen: 24 163.53.239.0/24 maxlen: 24 2400:ab20::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/aTtxpbXaYFTff5wNN5z1IMHI8pE.crl rsync://rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/aTtxpbXaYFTff5wNN5z1IMHI8pE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aTtxpbXaYFTff5wNN5z1IMHI8pE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 20:48:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1925 (0x785) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DB52, serialNumber=693B71A5B5DA6054DF7F9C0D379CF520C1C8F291 Validity Not Before: Dec 13 11:26:43 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=675c19f3-35a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:cd:d5:6b:75:17:a1:35:ee:54:ef:4c:cd:6c: 48:ce:8f:f4:69:02:fa:88:a3:c3:2f:2a:e4:72:35: 7c:56:c8:74:fb:78:5f:2d:0f:b2:a7:0f:61:4d:54: 1c:2c:fd:ff:c1:4b:6e:67:f2:94:61:39:5e:ee:74: 62:4d:d9:e3:27:f6:2a:46:05:49:ff:9a:df:43:1c: 3d:8c:1c:8e:ad:bd:9e:37:c9:bd:ba:79:3b:44:cf: ac:44:c6:7a:32:f0:56:3e:61:cf:6f:03:2c:ca:b1: 7f:39:c1:a6:b8:c0:18:9d:33:20:3c:4b:92:b6:5e: 73:7b:fd:f7:37:5a:63:72:9a:22:2e:c5:d4:be:83: bb:32:91:7e:f5:5c:78:82:36:9f:8c:3d:4b:8f:d4: 26:a4:7e:b5:60:c9:ad:c4:45:6a:bf:32:52:00:5a: f2:75:0f:88:2c:ad:e7:23:dc:2c:8f:88:59:40:60: 1e:38:66:b8:13:be:1e:f4:93:84:a2:76:7f:b3:71: 60:f7:f1:00:ed:f4:62:f1:92:30:c9:57:3f:19:8c: 0d:84:db:42:33:b1:12:25:66:9e:e3:68:be:a1:90: 73:a5:74:b3:c9:32:15:c0:ee:eb:1e:af:9a:e7:5b: 17:43:97:7a:8e:10:ef:14:8f:3c:f8:5d:ef:96:38: 74:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:52:22:21:70:DA:63:68:9C:EA:40:87:0B:26:7D:95:9B:54:74:64 X509v3 Authority Key Identifier: keyid:69:3B:71:A5:B5:DA:60:54:DF:7F:9C:0D:37:9C:F5:20:C1:C8:F2:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/aTtxpbXaYFTff5wNN5z1IMHI8pE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aTtxpbXaYFTff5wNN5z1IMHI8pE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DB52/45F556BEF28011EA871BAD6AC4F9AE02/D7A207C2F33611EAA449F44CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.168.0/22 163.53.236.0/22 IPv6: 2400:ab20::/32 Signature Algorithm: sha256WithRSAEncryption 6b:de:1c:45:53:eb:5e:dd:6d:82:54:df:6f:1d:87:7e:8d:a2: 4e:d8:d2:65:14:08:86:09:46:6f:2c:f0:fd:3c:c3:ea:49:0e: 6e:7c:d7:d2:36:89:c2:90:ea:14:5a:8b:49:12:c9:d3:ef:f9: 1c:d6:1b:3b:ab:4a:c1:e3:e6:8c:36:7d:e2:7f:a1:fe:6b:42: 98:a2:60:bd:a0:44:b6:83:25:a9:c8:54:66:12:04:09:7c:51: cc:4b:e8:21:e3:6b:a9:ab:e9:80:a8:a1:2c:8a:d4:7d:b6:99: 87:33:01:ef:e5:d4:eb:3d:d4:d3:b0:5b:ce:ba:c1:59:92:be: 35:7e:6c:2d:f1:cc:46:2b:c3:1c:a8:65:f9:f3:a3:a3:9e:6e: d3:5d:02:16:4e:6f:fb:ea:ac:81:4c:df:26:ea:63:91:98:a8: 81:e6:ac:c0:df:c9:7e:d2:3b:e0:2b:fe:cf:1e:8a:b7:98:59: 54:ef:48:16:b2:f0:eb:64:1c:47:24:42:1b:69:b1:2f:e7:3b: ad:09:97:94:e7:ad:36:1d:51:81:09:75:86:24:b8:c2:df:fd: 88:bb:a6:d3:38:e6:dc:04:fb:60:de:0a:61:ae:24:47:9f:1e: 28:49:c7:ca:84:74:d7:62:24:c5:da:f6:5a:1a:a6:91:1d:f7: e4:78:8e:6f -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICB4UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RCNTIxMTAvBgNVBAUTKDY5M0I3MUE1QjVEQTYwNTRERjdGOUMwRDM3OUNGNTIw QzFDOEYyOTEwHhcNMjQxMjEzMTEyNjQzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzVjMTlmMy0zNWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA583Va3UXoTXuVO9MzWxIzo/0aQL6iKPDLyrkcjV8Vsh0+3hfLQ+ypw9hTVQc LP3/wUtuZ/KUYTle7nRiTdnjJ/YqRgVJ/5rfQxw9jByOrb2eN8m9unk7RM+sRMZ6 MvBWPmHPbwMsyrF/OcGmuMAYnTMgPEuStl5ze/33N1pjcpoiLsXUvoO7MpF+9Vx4 gjafjD1Lj9QmpH61YMmtxEVqvzJSAFrydQ+ILK3nI9wsj4hZQGAeOGa4E74e9JOE onZ/s3Fg9/EA7fRi8ZIwyVc/GYwNhNtCM7ESJWae42i+oZBzpXSzyTIVwO7rHq+a 51sXQ5d6jhDvFI88+F3vljh0gwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFG1SIiFw 2mNonOpAhwsmfZWbVHRkMB8GA1UdIwQYMBaAFGk7caW12mBU33+cDTec9SDByPKR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REI1Mi80NUY1NTZCRUYy ODAxMUVBODcxQkFENkFDNEY5QUUwMi9hVHR4cGJYYVlGVGZmNXdOTjV6MUlNSEk4 cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FUdHhwYlhhWUZUZmY1d05ONXoxSU1ISThwRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0RCNTIvNDVGNTU2QkVGMjgwMTFFQTg3MUJBRDZBQzRGOUFFMDIvRDdBMjA3QzJG MzM2MTFFQUE0NDlGNDRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnWagDBAKjNewwDQQCAAIwBwMFACQAqyAwDQYJKoZIhvcN AQELBQADggEBAGveHEVT617dbYJU328dh36Nok7Y0mUUCIYJRm8s8P08w+pJDm58 19I2icKQ6hRai0kSydPv+RzWGzurSsHj5ow2feJ/of5rQpiiYL2gRLaDJanIVGYS BAl8UcxL6CHja6mr6YCooSyK1H22mYczAe/l1Os91NOwW866wVmSvjV+bC3xzEYr wxyoZfnzo6OebtNdAhZOb/vqrIFM3ybqY5GYqIHmrMDfyX7SO+Ar/s8eireYWVTv SBay8OtkHEckQhtpsS/nO60Jl5TnrTYdUYEJdYYkuMLf/Yi7ptM45twE+2DeCmGu JEefHihJx8qEdNdiJMXa9loappEd9+R4jm8= -----END CERTIFICATE-----Generated at Tue Apr 22 12:37:40 2025 by rpki-client