$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/145A04A2F5A411EFAFA7370BC4F9AE02.roa File: 145A04A2F5A411EFAFA7370BC4F9AE02.roa (raw, json) Hash identifier: PUyoYb41gqvGcp845pGHLUnCv8Knusj/tfSUQuW2lPA= Subject key identifier: B9:58:E9:9D:2B:92:35:F5:48:E9:CB:44:8A:E1:FF:6D:CF:03:5D:4E Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: A859 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/145A04A2F5A411EFAFA7370BC4F9AE02.roa Signing time: Fri 28 Feb 2025 07:53:33 +0000 ROA not before: Fri 28 Feb 2025 07:53:33 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 138312 IP address blocks: 103.212.92.0/24 maxlen: 24 103.212.93.0/24 maxlen: 24 103.212.94.0/24 maxlen: 24 103.212.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 15:28:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43097 (0xa859) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: Feb 28 07:53:33 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67c16b7c-c53c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:2c:b1:7d:79:5d:7e:c9:d6:02:02:bb:4a:22: d5:c1:0e:fb:7e:7c:8a:75:ee:4a:99:db:0e:31:6a: e4:5a:02:52:a0:61:c6:dd:ed:d8:33:1d:cd:91:b4: 42:21:dc:6e:18:7c:ad:25:5c:42:69:d8:d0:75:14: 7e:ae:fc:24:7f:91:7f:84:3f:1b:0d:37:10:d3:7d: 91:9c:aa:5b:77:d0:f5:e4:8c:96:69:61:28:3b:7a: 27:81:d8:85:ca:b7:2a:94:d2:7c:d9:1c:c4:33:93: 0e:8b:12:5b:7e:74:35:d4:16:06:2d:f2:e9:40:6c: a8:2c:64:33:e4:5e:1c:1a:f5:49:4d:c5:cf:9c:18: 67:cf:e4:40:8b:29:87:1d:d1:9f:30:17:f0:76:e4: fb:5f:4d:45:73:40:7b:7b:ce:4c:b7:74:6a:9f:08: 98:5e:3b:81:e7:2c:dc:fa:81:63:87:5e:fc:db:1d: 4f:18:d4:d4:87:3c:5b:9c:c2:20:5c:4c:85:52:8e: 0e:2e:b5:b1:57:df:c0:a2:57:d2:ea:bf:92:a2:7c: 46:0e:82:5f:50:dd:a4:41:0b:0f:b6:b9:4e:80:e8: 11:f0:fa:2d:b6:cc:7d:98:14:a2:dd:ae:21:d3:8d: 9f:3a:9b:f7:8c:9a:6a:83:3b:f9:a2:a3:c9:d7:36: 69:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:58:E9:9D:2B:92:35:F5:48:E9:CB:44:8A:E1:FF:6D:CF:03:5D:4E X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/145A04A2F5A411EFAFA7370BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.212.92.0/22 Signature Algorithm: sha256WithRSAEncryption 33:65:37:28:48:b2:d1:b3:93:e0:e2:b6:b5:4e:ed:c7:29:a8: 08:e0:a7:6d:16:0d:09:27:be:ca:89:49:5c:50:f4:b7:38:33: 44:ea:70:d1:7d:05:a4:30:16:43:fc:b4:9b:eb:65:6f:32:83: b1:08:d0:14:bb:c3:b3:13:be:3b:da:82:18:e3:f0:fb:fc:8f: 25:ff:b9:a2:92:71:a5:38:23:cb:22:e7:cb:b0:37:6e:0e:d8: 6f:b4:56:7a:75:e4:83:d9:ba:09:3e:8d:5b:85:39:5f:e1:57: 48:42:b2:3f:49:9e:ee:d8:6f:e5:b4:8e:8e:ad:67:6b:a4:72: f7:0c:71:50:65:7d:df:27:56:28:94:59:8b:a9:67:be:d1:93: b2:d0:a5:ef:e6:2a:43:f8:69:4a:91:c7:62:36:e6:50:9a:da: 08:76:ed:68:9f:8d:2a:a2:7f:c1:f7:b2:5d:77:b7:31:a6:cf: ae:5a:d9:9a:d2:83:89:46:6d:7a:9b:fd:ea:09:28:51:12:ac: ef:d2:17:11:95:27:67:58:c2:cb:d9:f4:96:3d:0c:74:72:d5: 8c:8e:fc:38:c9:17:e6:7b:81:62:df:59:c2:1d:4b:5a:6b:cf: 94:f6:9f:cb:4a:42:d5:16:84:e9:bb:a7:db:fc:ce:4b:32:16: e5:d2:64:a4 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgIDAKhZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDIyODA3NTMzM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdjMTZiN2MtYzUzYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYssX15XX7J1gICu0oi1cEO+358inXuSpnbDjFq5FoCUqBhxt3t2DMdzZG0 QiHcbhh8rSVcQmnY0HUUfq78JH+Rf4Q/Gw03ENN9kZyqW3fQ9eSMlmlhKDt6J4HY hcq3KpTSfNkcxDOTDosSW350NdQWBi3y6UBsqCxkM+ReHBr1SU3Fz5wYZ8/kQIsp hx3RnzAX8Hbk+19NRXNAe3vOTLd0ap8ImF47gecs3PqBY4de/NsdTxjU1Ic8W5zC IFxMhVKODi61sVffwKJX0uq/kqJ8Rg6CX1DdpEELD7a5ToDoEfD6LbbMfZgUot2u IdONnzqb94yaaoM7+aKjydc2aSUCAwEAAaOCApUwggKRMB0GA1UdDgQWBBS5WOmd K5I19Ujpy0SK4f9tzwNdTjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE0NUEwNEEy RjVBNDExRUZBRkE3MzcwQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/ BBAwDjAMBAIAATAGAwQCZ9RcMA0GCSqGSIb3DQEBCwUAA4IBAQAzZTcoSLLRs5Pg 4ra1Tu3HKagI4KdtFg0JJ77KiUlcUPS3ODNE6nDRfQWkMBZD/LSb62VvMoOxCNAU u8OzE7472oIY4/D7/I8l/7miknGlOCPLIufLsDduDthvtFZ6deSD2boJPo1bhTlf 4VdIQrI/SZ7u2G/ltI6OrWdrpHL3DHFQZX3fJ1YolFmLqWe+0ZOy0KXv5ipD+GlK kcdiNuZQmtoIdu1on40qon/B97Jdd7cxps+uWtma0oOJRm16m/3qCShREqzv0hcR lSdnWMLL2fSWPQx0ctWMjvw4yRfme4Fi31nCHUtaa8+U9p/LSkLVFoTpu6fb/M5L Mhbl0mSk -----END CERTIFICATE-----Generated at Fri Apr 4 10:58:45 2025 by rpki-client