$ rpki-client -vvf rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/5FEAFF2082EB11EEB854FA63C4F9AE02.roa File: 5FEAFF2082EB11EEB854FA63C4F9AE02.roa (raw, json) Hash identifier: 1iuXJipvz24oOntaPEU1wj4mqlPSsDFfiyLqXTsQZv4= Subject key identifier: 89:34:EE:86:F1:DD:12:08:43:74:33:79:24:0F:D6:97:C3:40:54:8C Certificate issuer: /CN=A9183B95/serialNumber=FAD7ECC9C05CD8EB2056909D6C614715E2C5133E Certificate serial: 03CF Authority key identifier: FA:D7:EC:C9:C0:5C:D8:EB:20:56:90:9D:6C:61:47:15:E2:C5:13:3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-tfsycBc2OsgVpCdbGFHFeLFEz4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/5FEAFF2082EB11EEB854FA63C4F9AE02.roa Signing time: Wed 22 Jan 2025 15:42:58 +0000 ROA not before: Wed 22 Jan 2025 15:42:58 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 9009 IP address blocks: 43.228.156.0/24 maxlen: 24 43.228.158.0/24 maxlen: 24 43.228.159.0/24 maxlen: 24 103.47.144.0/24 maxlen: 24 103.47.146.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/-tfsycBc2OsgVpCdbGFHFeLFEz4.crl rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/-tfsycBc2OsgVpCdbGFHFeLFEz4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-tfsycBc2OsgVpCdbGFHFeLFEz4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 00:14:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 975 (0x3cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9183B95 Validity Not Before: Jan 22 15:42:58 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67911201-f582 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:eb:6b:9d:e2:10:d2:67:07:26:ff:7f:4a:7a: b6:14:50:8a:07:d6:00:f6:01:ea:3f:a6:0b:70:a7: 9f:bc:ef:ed:df:b3:74:f5:a6:b6:61:ab:2f:5d:1e: bc:1b:9f:60:c8:c8:c8:33:47:3f:00:02:b8:c0:9c: a3:4e:f2:f1:53:9f:1d:26:1e:c3:02:7c:50:76:13: c5:ca:2e:81:7d:11:6f:ca:7c:1b:75:19:62:7e:78: de:ca:6b:14:a1:00:85:96:96:29:4d:b8:e7:fe:78: c7:c3:66:3a:de:97:76:90:78:99:bd:17:57:92:1c: d4:68:ad:b7:d9:a5:ee:38:b5:e1:9b:18:b0:88:57: 75:39:a8:30:c1:63:e0:05:12:65:cc:3c:05:84:c9: fd:33:4d:37:ac:95:64:80:c6:dd:44:31:3e:81:b9: 03:4b:48:3c:06:a8:84:d3:1c:79:33:1c:e5:51:c9: 0c:a5:2e:03:9f:71:16:de:fc:ec:a8:67:be:0d:29: f0:ae:a1:d9:c2:a1:26:1d:87:3a:70:b8:2f:83:6d: 38:6e:07:d2:47:8a:51:17:1c:54:24:14:5a:8d:b6: 18:b0:e1:52:b3:50:d7:59:c3:25:60:21:aa:12:b7: ee:60:bd:7c:af:55:87:95:60:6a:c2:00:fb:dd:ac: c8:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:34:EE:86:F1:DD:12:08:43:74:33:79:24:0F:D6:97:C3:40:54:8C X509v3 Authority Key Identifier: keyid:FA:D7:EC:C9:C0:5C:D8:EB:20:56:90:9D:6C:61:47:15:E2:C5:13:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/-tfsycBc2OsgVpCdbGFHFeLFEz4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-tfsycBc2OsgVpCdbGFHFeLFEz4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/5FEAFF2082EB11EEB854FA63C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.156.0/24 43.228.158.0/23 103.47.144.0/24 103.47.146.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:41:00:03:dd:82:4e:7f:fb:ba:c9:64:04:c0:d2:3f:4e:8d: 9c:90:3b:9a:f2:7a:30:75:8a:1f:18:6e:5c:0b:6b:d8:66:e7: 6a:8e:ee:55:d4:b6:96:46:3e:43:9f:dc:1b:12:f7:80:d6:1d: 64:a5:c8:a2:23:38:d3:48:57:27:1f:72:27:0c:b8:73:6c:27: d3:c6:31:b0:a1:f9:1d:14:ae:c2:0a:4f:c0:86:5e:18:dd:f8: c2:39:93:e7:17:9d:48:8a:19:a6:9d:25:d7:5d:66:1f:4d:de: 05:8d:8b:98:ee:c4:c8:4f:74:5a:1d:16:f1:da:11:95:90:62: 50:a6:70:a4:ea:7a:a9:13:38:30:e8:1d:7b:3e:47:b9:dc:b0: 55:e2:31:bf:3b:bc:3b:6f:c4:8e:55:95:d6:f0:97:90:49:cf: 9a:87:d4:40:f9:29:5b:3f:41:ec:21:27:61:c3:c6:2c:9d:34: 91:5c:34:a0:29:64:a4:71:bd:8b:5e:13:77:9b:4c:d6:5e:6e: 1c:4a:7c:73:41:fb:3d:2e:55:1e:83:8e:f5:36:97:44:95:b1: bc:1e:7a:b4:e3:0b:2d:51:57:03:be:7e:db:51:52:a0:f8:11: 4a:0c:6c:97:42:0e:ea:50:40:56:1d:5f:52:2c:1e:df:8b:76: 60:43:ce:5b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICA88wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODNCOTUxMTAvBgNVBAUTKEZBRDdFQ0M5QzA1Q0Q4RUIyMDU2OTA5RDZDNjE0NzE1 RTJDNTEzM0UwHhcNMjUwMTIyMTU0MjU4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzkxMTIwMS1mNTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvOtrneIQ0mcHJv9/Snq2FFCKB9YA9gHqP6YLcKefvO/t37N09aa2YasvXR68 G59gyMjIM0c/AAK4wJyjTvLxU58dJh7DAnxQdhPFyi6BfRFvynwbdRlifnjeymsU oQCFlpYpTbjn/njHw2Y63pd2kHiZvRdXkhzUaK232aXuOLXhmxiwiFd1OagwwWPg BRJlzDwFhMn9M003rJVkgMbdRDE+gbkDS0g8BqiE0xx5MxzlUckMpS4Dn3EW3vzs qGe+DSnwrqHZwqEmHYc6cLgvg204bgfSR4pRFxxUJBRajbYYsOFSs1DXWcMlYCGq ErfuYL18r1WHlWBqwgD73azIlQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFIk07obx 3RIIQ3QzeSQP1pfDQFSMMB8GA1UdIwQYMBaAFPrX7MnAXNjrIFaQnWxhRxXixRM+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4M0I5NS9CNTRBM0MzNDgw MzUxMUVDOUFEREE1NEZDNEY5QUUwMi8tdGZzeWNCYzJPc2dWcENkYkdGSEZlTEZF ejQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy10ZnN5Y0JjMk9zZ1ZwQ2RiR0ZIRmVMRkV6NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODNCOTUvQjU0QTNDMzQ4MDM1MTFFQzlBRERBNTRGQzRGOUFFMDIvNUZFQUZGMjA4 MkVCMTFFRUI4NTRGQTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAAr5JwDBAEr5J4DBABnL5ADBABnL5IwDQYJKoZIhvcNAQEL BQADggEBAC5BAAPdgk5/+7rJZATA0j9OjZyQO5ryejB1ih8YblwLa9hm52qO7lXU tpZGPkOf3BsS94DWHWSlyKIjONNIVycfcicMuHNsJ9PGMbCh+R0UrsIKT8CGXhjd +MI5k+cXnUiKGaadJdddZh9N3gWNi5juxMhPdFodFvHaEZWQYlCmcKTqeqkTODDo HXs+R7ncsFXiMb87vDtvxI5Vldbwl5BJz5qH1ED5KVs/QewhJ2HDxiydNJFcNKAp ZKRxvYteE3ebTNZebhxKfHNB+z0uVR6DjvU2l0SVsbweerTjCy1RVwO+fttRUqD4 EUoMbJdCDupQQFYdX1IsHt+LdmBDzls= -----END CERTIFICATE-----Generated at Tue Apr 8 19:07:29 2025 by rpki-client