$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E759E66129B11EB97265731C4F9AE02.roa File: 0E759E66129B11EB97265731C4F9AE02.roa (raw, json) Hash identifier: 8g8+itWQcFc4qdf7Qxrtzfn4bCwsVNqweGXLI1WRVNY= Subject key identifier: 5B:63:39:CC:96:33:4F:25:02:98:8B:72:D1:2A:F5:E2:60:98:6F:FA Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: A3E7 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E759E66129B11EB97265731C4F9AE02.roa Signing time: Wed 29 Jan 2025 07:12:37 +0000 ROA not before: Wed 29 Jan 2025 07:12:37 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 134331 IP address blocks: 43.254.32.0/22 maxlen: 24 103.48.104.0/22 maxlen: 24 103.79.32.0/22 maxlen: 24 103.96.220.0/22 maxlen: 24 103.98.108.0/22 maxlen: 24 103.143.212.0/23 maxlen: 24 103.170.224.0/23 maxlen: 24 103.197.132.0/22 maxlen: 24 103.243.40.0/22 maxlen: 24 220.158.176.0/22 maxlen: 24 2001:df4:d6c0::/48 maxlen: 48 2001:df6:7200::/48 maxlen: 48 2402:dc40::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 07:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41959 (0xa3e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: Jan 29 07:12:37 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6799d4e4-bf72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1e:d5:6d:94:a4:b8:d7:e3:bd:b0:e6:3e:62: 94:85:93:c2:01:0f:5c:c9:fe:51:43:f4:75:77:61: 2e:c9:4b:d6:e5:fe:64:0a:85:aa:0c:18:33:5d:0d: 8d:40:3c:75:c7:46:bc:ef:9b:49:ea:01:15:02:0f: 04:70:bc:b2:3e:ee:91:b1:4d:62:28:e1:ea:4f:2f: a6:f0:b3:b0:1f:90:5a:99:b3:bd:81:fc:65:a9:de: 11:1e:92:b1:15:47:2e:a9:7a:69:5c:00:a7:60:20: b8:3b:6a:f0:dc:6d:24:eb:ec:4c:74:27:a0:17:36: fd:f7:97:0c:90:ab:32:d4:3a:f5:ae:14:1e:f9:f7: a9:a1:42:f0:d4:05:be:50:40:32:4e:39:f1:a9:b0: 6e:47:d8:c9:be:2c:7e:32:3d:80:d0:19:51:72:13: 10:09:cf:b7:86:36:62:4c:b4:e6:bb:d8:0c:72:3d: 20:08:bd:97:85:75:c7:9c:8e:ac:7e:c4:3b:73:75: 20:9f:45:b2:b3:91:75:a8:26:06:dc:44:ca:72:3d: 93:ff:25:d2:ef:b3:12:17:5d:bf:ed:d0:53:3a:8d: 4a:74:9e:82:5a:08:30:6e:4e:b2:76:a5:35:99:57: ac:46:52:aa:dc:09:c7:68:04:37:5b:ab:76:2c:7c: 1a:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:63:39:CC:96:33:4F:25:02:98:8B:72:D1:2A:F5:E2:60:98:6F:FA X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E759E66129B11EB97265731C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.254.32.0/22 103.48.104.0/22 103.79.32.0/22 103.96.220.0/22 103.98.108.0/22 103.143.212.0/23 103.170.224.0/23 103.197.132.0/22 103.243.40.0/22 220.158.176.0/22 IPv6: 2001:df4:d6c0::/48 2001:df6:7200::/48 2402:dc40::/32 Signature Algorithm: sha256WithRSAEncryption 59:ef:5a:df:c5:5b:24:0b:2c:ad:19:6e:98:fd:98:ad:4e:d2: 90:52:1b:a6:50:6e:aa:83:ff:dc:a9:c8:93:ca:10:0d:5d:26: f3:e4:7b:0f:11:80:5c:e2:49:44:e2:11:d2:dd:fe:9f:c0:01: 98:5c:d8:4e:30:2d:94:7d:ac:8d:1d:20:ba:99:7b:69:eb:dd: 78:b7:f4:3b:84:2a:90:51:c2:fc:cb:1c:5b:cd:6f:a4:20:04: bd:52:19:c8:63:b7:4d:44:cb:6a:c7:e3:f3:25:6e:8e:b2:75: 71:0e:da:fe:ee:c9:99:78:1a:d8:8b:b0:00:03:52:6a:86:e0: 90:c8:4c:63:90:e9:dc:08:85:aa:f9:34:85:74:bc:c6:20:2f: b4:f3:49:fb:63:fa:11:ec:9b:5a:7d:c9:28:6c:36:7f:07:d0: e3:1f:b4:af:95:dc:1a:93:f5:d3:65:fd:0f:77:5a:4d:77:68: 62:4c:34:88:12:09:04:99:22:d1:0c:05:fb:af:bd:2f:75:ca: 0e:ac:08:50:35:9d:5f:ec:0d:1f:db:fb:35:fb:6b:c7:29:8f: c1:40:91:80:97:7b:82:05:1d:85:6f:b5:92:b1:0c:a9:2c:f9: dd:cf:92:6d:06:91:31:76:97:2f:1b:39:24:db:e3:d3:cc:aa: 49:20:03:93 -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgIDAKPnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDEyOTA3MTIzN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjc5OWQ0ZTQtYmY3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALYe1W2UpLjX472w5j5ilIWTwgEPXMn+UUP0dXdhLslL1uX+ZAqFqgwYM10N jUA8dcdGvO+bSeoBFQIPBHC8sj7ukbFNYijh6k8vpvCzsB+QWpmzvYH8ZaneER6S sRVHLql6aVwAp2AguDtq8NxtJOvsTHQnoBc2/feXDJCrMtQ69a4UHvn3qaFC8NQF vlBAMk458amwbkfYyb4sfjI9gNAZUXITEAnPt4Y2Yky05rvYDHI9IAi9l4V1x5yO rH7EO3N1IJ9FsrORdagmBtxEynI9k/8l0u+zEhddv+3QUzqNSnSegloIMG5Osnal NZlXrEZSqtwJx2gEN1urdix8GqMCAwEAAaOCAuwwggLoMB0GA1UdDgQWBBRbYznM ljNPJQKYi3LRKvXiYJhv+jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzBFNzU5RTY2 MTI5QjExRUI5NzI2NTczMUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMHYGCCsGAQUFBwEHAQH/ BGcwZTBCBAIAATA8AwQCK/4gAwQCZzBoAwQCZ08gAwQCZ2DcAwQCZ2JsAwQBZ4/U AwQBZ6rgAwQCZ8WEAwQCZ/MoAwQC3J6wMB8EAgACMBkDBwAgAQ301sADBwAgAQ32 cgADBQAkAtxAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ71rfxVskCyytGW6Y/ZitTtKQ UhumUG6qg//cqciTyhANXSbz5HsPEYBc4klE4hHS3f6fwAGYXNhOMC2UfayNHSC6 mXtp6914t/Q7hCqQUcL8yxxbzW+kIAS9UhnIY7dNRMtqx+PzJW6OsnVxDtr+7smZ eBrYi7AAA1JqhuCQyExjkOncCIWq+TSFdLzGIC+080n7Y/oR7JtafckobDZ/B9Dj H7Svldwak/XTZf0Pd1pNd2hiTDSIEgkEmSLRDAX7r70vdcoOrAhQNZ1f7A0f2/s1 +2vHKY/BQJGAl3uCBR2Fb7WSsQypLPndz5JtBpExdpcvGzkk2+PTzKpJIAOT -----END CERTIFICATE-----Generated at Fri Apr 4 10:54:44 2025 by rpki-client