$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/13D76C42E8BC11EC97A06B40C4F9AE02.roa File: 13D76C42E8BC11EC97A06B40C4F9AE02.roa (raw, json) Hash identifier: iiOcZHvyMtHi7MOtBzt3q8V7OgEBRcIFR4wV21bLHxE= Subject key identifier: B7:43:5D:47:C8:03:63:35:F4:9B:8F:9D:17:43:E3:B1:7F:8A:BA:5F Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: A482 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/13D76C42E8BC11EC97A06B40C4F9AE02.roa Signing time: Mon 03 Feb 2025 07:26:36 +0000 ROA not before: Mon 03 Feb 2025 07:26:36 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 148000 IP address blocks: 1.10.10.0/24 maxlen: 24 45.249.126.0/24 maxlen: 24 45.249.127.0/24 maxlen: 24 45.250.52.0/22 maxlen: 24 103.68.48.0/24 maxlen: 24 103.68.49.0/24 maxlen: 24 160.202.192.0/24 maxlen: 24 160.202.193.0/24 maxlen: 24 160.202.194.0/24 maxlen: 24 160.202.196.0/24 maxlen: 24 160.202.198.0/24 maxlen: 24 160.202.200.0/24 maxlen: 24 160.202.201.0/24 maxlen: 24 2001:de2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 15:28:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42114 (0xa482) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: Feb 3 07:26:36 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67a06fac-e608 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:af:a8:49:c4:d0:20:97:4f:a1:df:72:2c:78: 86:8a:4d:18:93:10:7f:ce:2a:4b:33:ac:1b:11:17: f0:1a:cb:53:10:dd:bb:b7:1a:c4:80:e4:12:0e:11: 7d:21:d3:27:e4:55:53:36:10:fb:52:c1:58:02:9c: b1:18:26:f1:04:b9:18:a9:9b:83:6e:e6:53:c4:e0: f3:c9:da:7d:ea:55:da:a8:7e:c8:5e:44:85:8a:96: a8:9a:47:df:30:c7:f6:69:d8:88:19:b4:aa:d7:4e: 1e:25:0c:b7:48:4f:b6:47:ee:dd:f0:b5:21:e0:a5: fd:38:1d:dc:66:eb:42:be:9e:a2:ff:f2:56:f2:e2: 19:86:7c:54:e5:c6:92:09:ff:6a:e6:85:8c:4d:33: ca:fc:59:2f:16:05:a7:0d:f0:76:dc:8b:5e:e6:e2: e0:e6:0b:fc:0c:0d:8d:92:3a:74:fb:5a:b1:de:bd: 09:5c:1b:c6:1e:fa:41:9e:e2:43:68:a3:be:6d:54: 2a:9e:57:6a:0b:a1:ef:2d:90:32:46:2a:93:74:f4: e0:c8:d9:09:c3:f1:3b:49:e9:8d:b5:35:ea:52:56: d0:97:d3:2b:44:e8:46:a3:4b:12:9a:d7:5e:e8:1c: c8:df:7d:1f:86:2d:1d:9b:7a:8e:5a:35:21:32:0d: cf:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:43:5D:47:C8:03:63:35:F4:9B:8F:9D:17:43:E3:B1:7F:8A:BA:5F X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/13D76C42E8BC11EC97A06B40C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 1.10.10.0/24 45.249.126.0/23 45.250.52.0/22 103.68.48.0/23 160.202.192.0-160.202.194.255 160.202.196.0/24 160.202.198.0/24 160.202.200.0/23 IPv6: 2001:de2::/48 Signature Algorithm: sha256WithRSAEncryption a0:4a:fb:2a:1b:29:dc:75:22:9b:b4:3d:a6:24:75:03:62:e1: 81:9c:11:a3:b4:4f:bd:09:7a:55:f5:1e:c7:19:53:28:a1:5e: e0:d4:60:de:c7:3a:1a:42:9e:2c:1d:8f:af:2b:45:6b:38:b6: c7:38:13:18:44:02:69:0a:ff:cd:f9:52:de:a1:17:a2:ca:b3: 51:8f:17:fb:b6:8c:e3:11:a9:50:b7:a6:7d:09:94:d1:e4:22: ab:9f:56:01:bf:d8:90:fa:44:4e:e1:ff:68:6c:66:92:d3:4b: d5:4f:19:d5:85:03:6a:97:e3:9a:29:cc:54:ec:d3:db:06:f2: e6:3f:26:94:c0:6a:9b:6b:15:06:2c:16:b7:08:80:d8:40:94: a2:ae:bb:bd:22:c9:be:a7:da:9c:1b:fa:31:94:1a:0c:5f:fb: 97:8c:06:0b:34:e4:23:dc:0c:48:4c:f1:a3:49:00:04:08:8e: c3:3d:bb:c8:b9:6a:27:06:e8:4d:25:9c:33:5e:c9:b3:09:db: 87:3e:2b:84:18:97:0d:1f:98:b9:c5:4e:c5:12:e7:35:f2:71: da:d2:26:f1:c5:a7:88:d1:6c:dc:3d:c6:47:c9:b1:43:ad:bf: 96:4a:45:5f:70:28:87:ec:b6:d1:71:db:c8:2c:7a:1b:2a:a5: dd:56:5b:b1 -----BEGIN CERTIFICATE----- MIIFtTCCBJ2gAwIBAgIDAKSCMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDIwMzA3MjYzNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdhMDZmYWMtZTYwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMavqEnE0CCXT6Hfcix4hopNGJMQf84qSzOsGxEX8BrLUxDdu7caxIDkEg4R fSHTJ+RVUzYQ+1LBWAKcsRgm8QS5GKmbg27mU8Tg88nafepV2qh+yF5EhYqWqJpH 3zDH9mnYiBm0qtdOHiUMt0hPtkfu3fC1IeCl/Tgd3GbrQr6eov/yVvLiGYZ8VOXG kgn/auaFjE0zyvxZLxYFpw3wdtyLXubi4OYL/AwNjZI6dPtasd69CVwbxh76QZ7i Q2ijvm1UKp5Xaguh7y2QMkYqk3T04MjZCcPxO0npjbU16lJW0JfTK0ToRqNLEprX XugcyN99H4YtHZt6jlo1ITINz7kCAwEAAaOCAtgwggLUMB0GA1UdDgQWBBS3Q11H yANjNfSbj50XQ+Oxf4q6XzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzEzRDc2QzQy RThCQzExRUM5N0EwNkI0MEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGIGCCsGAQUFBwEHAQH/ BFMwUTA+BAIAATA4AwQAAQoKAwQBLfl+AwQCLfo0AwQBZ0QwMAwDBAagysADBACg ysIDBACgysQDBACgysYDBAGgysgwDwQCAAIwCQMHACABDeIAADANBgkqhkiG9w0B AQsFAAOCAQEAoEr7Khsp3HUim7Q9piR1A2LhgZwRo7RPvQl6VfUexxlTKKFe4NRg 3sc6GkKeLB2PrytFazi2xzgTGEQCaQr/zflS3qEXosqzUY8X+7aM4xGpULemfQmU 0eQiq59WAb/YkPpETuH/aGxmktNL1U8Z1YUDapfjminMVOzT2wby5j8mlMBqm2sV BiwWtwiA2ECUoq67vSLJvqfanBv6MZQaDF/7l4wGCzTkI9wMSEzxo0kABAiOwz27 yLlqJwboTSWcM17Jswnbhz4rhBiXDR+YucVOxRLnNfJx2tIm8cWniNFs3D3GR8mx Q62/lkpFX3Aoh+y20XHbyCx6Gyql3VZbsQ== -----END CERTIFICATE-----Generated at Fri Apr 4 10:54:47 2025 by rpki-client