$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/221B5824FF0F11EF9EC2523EC4F9AE02.roa File: 221B5824FF0F11EF9EC2523EC4F9AE02.roa (raw, json) Hash identifier: 3IH5UxzncTfKiLrjJfpxpxbErUBREM3y+dS5Wbx+F/M= Subject key identifier: B2:2B:BD:0A:7D:33:9A:FF:25:B4:BB:AF:8D:0E:B1:7E:E9:B5:F3:0B Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: AA7B Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/221B5824FF0F11EF9EC2523EC4F9AE02.roa Signing time: Wed 12 Mar 2025 06:56:34 +0000 ROA not before: Wed 12 Mar 2025 06:56:33 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 141816 IP address blocks: 103.89.8.0/24 maxlen: 24 103.171.2.0/24 maxlen: 24 103.171.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 22:26:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43643 (0xaa7b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: Mar 12 06:56:33 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67d13021-ad7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:b4:a4:17:42:d6:9b:cf:f5:e7:1d:ea:01:c1: 3c:1e:9f:b8:d5:50:c0:4f:36:25:59:d4:ff:62:5e: 44:06:09:7d:9e:4c:c6:32:b4:a4:17:ef:ed:15:14: 41:ca:b4:0d:fe:f2:86:4d:dc:d6:8a:af:83:df:20: 36:c3:cf:c1:ed:6a:30:d2:34:5e:e4:8a:59:7c:7c: 4d:cb:a5:a2:8a:68:20:ac:c0:ad:68:7f:93:74:ef: 88:c8:1c:91:3f:b7:a2:11:5a:22:d3:dd:0e:86:94: f8:7f:91:cf:99:6b:50:f0:32:60:f7:b3:46:82:91: f4:75:2a:6f:4d:7d:28:ad:aa:91:0b:72:11:e7:90: be:12:e9:57:7e:61:a6:1c:1e:93:b6:b9:37:98:58: b5:88:35:ec:24:fb:af:a7:39:07:de:02:08:23:83: c0:52:2a:53:1d:3e:87:0a:19:93:93:ee:e8:29:ab: 44:ad:d8:80:d9:ee:6b:cb:8c:80:a6:3e:fc:1a:9f: db:1b:9a:d0:3a:59:e5:9a:60:fb:5f:d0:77:8f:be: 69:97:b0:9f:3e:91:00:a4:6e:70:0e:59:98:7e:75: 42:70:4d:9e:21:3a:6c:a8:be:df:6a:28:36:b4:47: 9d:27:c9:f7:e9:c3:a9:bf:dc:d6:99:8e:62:c8:0d: 46:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:2B:BD:0A:7D:33:9A:FF:25:B4:BB:AF:8D:0E:B1:7E:E9:B5:F3:0B X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/221B5824FF0F11EF9EC2523EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.8.0/24 103.171.2.0/23 Signature Algorithm: sha256WithRSAEncryption 02:86:4c:e8:58:55:82:84:55:61:e4:97:3a:d9:35:c2:3b:82: a4:10:f6:34:66:5f:46:b5:88:2f:41:db:5b:b1:27:35:7d:11: 0d:4b:69:99:4e:b8:2a:d8:3d:fe:b6:6b:f0:d4:68:25:7f:f3: a2:a8:15:17:f8:5b:57:3f:92:e3:aa:a2:61:4b:62:63:cf:83: ab:c0:39:8c:40:f0:f8:1b:8f:74:85:42:99:e0:ae:f1:0c:26: d1:37:ec:3f:bc:89:b3:b9:eb:6d:5e:f1:27:84:8c:19:99:a9: 6f:83:ee:89:ef:df:3a:fc:ff:4f:2e:04:31:11:61:bb:f8:7c: 6e:55:d1:f8:76:f2:c5:03:7f:ae:db:85:91:0c:de:37:1f:1f: 99:98:04:5e:0a:88:f2:97:03:12:44:0e:6c:e3:fe:c3:72:ee: b0:c6:f4:91:ab:13:05:a4:57:83:6a:87:0e:f1:21:39:db:74: 0f:a2:13:a4:12:7f:a1:67:82:a6:8b:0c:35:e9:a1:4e:1d:dd: 2d:ac:d2:d7:b1:15:9f:6b:ba:08:6e:a0:d3:85:7b:28:7d:9f: f0:75:30:01:38:0d:66:1e:7b:fc:50:22:d3:3f:a9:1b:91:12: 04:3a:38:b2:3f:ce:ee:e7:cc:f5:7e:aa:e6:8d:94:41:69:a8: ba:19:dd:d7 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIDAKp7MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDMxMjA2NTYzM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdkMTMwMjEtYWQ3YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ+0pBdC1pvP9ecd6gHBPB6fuNVQwE82JVnU/2JeRAYJfZ5MxjK0pBfv7RUU Qcq0Df7yhk3c1oqvg98gNsPPwe1qMNI0XuSKWXx8TculoopoIKzArWh/k3TviMgc kT+3ohFaItPdDoaU+H+Rz5lrUPAyYPezRoKR9HUqb019KK2qkQtyEeeQvhLpV35h phwek7a5N5hYtYg17CT7r6c5B94CCCODwFIqUx0+hwoZk5Pu6CmrRK3YgNnua8uM gKY+/Bqf2xua0DpZ5Zpg+1/Qd4++aZewnz6RAKRucA5ZmH51QnBNniE6bKi+32oo NrRHnSfJ9+nDqb/c1pmOYsgNRpMCAwEAAaOCApswggKXMB0GA1UdDgQWBBSyK70K fTOa/yW0u6+NDrF+6bXzCzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIyMUI1ODI0 RkYwRjExRUY5RUMyNTIzRUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/ BBYwFDASBAIAATAMAwQAZ1kIAwQBZ6sCMA0GCSqGSIb3DQEBCwUAA4IBAQAChkzo WFWChFVh5Jc62TXCO4KkEPY0Zl9GtYgvQdtbsSc1fRENS2mZTrgq2D3+tmvw1Ggl f/OiqBUX+FtXP5LjqqJhS2Jjz4OrwDmMQPD4G490hUKZ4K7xDCbRN+w/vImzuett XvEnhIwZmalvg+6J7986/P9PLgQxEWG7+HxuVdH4dvLFA3+u24WRDN43Hx+ZmARe CojylwMSRA5s4/7Dcu6wxvSRqxMFpFeDaocO8SE523QPohOkEn+hZ4Kmiww16aFO Hd0trNLXsRWfa7oIbqDThXsofZ/wdTABOA1mHnv8UCLTP6kbkRIEOjiyP87u58z1 fqrmjZRBaai6Gd3X -----END CERTIFICATE-----Generated at Fri Apr 11 11:29:27 2025 by rpki-client