$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/748B0074BDE111EAAEFB6D58C4F9AE02.roa File: 748B0074BDE111EAAEFB6D58C4F9AE02.roa (raw, json) Hash identifier: ymUFGrpGJRKiCq9YeDQoiw+7lQxX2kHSUb3afyMBdbA= Subject key identifier: 87:FF:72:D2:1C:8C:BB:A9:5C:12:92:04:45:56:D4:05:EC:4C:C0:BC Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8893 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/748B0074BDE111EAAEFB6D58C4F9AE02.roa Signing time: Thu 30 May 2024 15:55:09 +0000 ROA not before: Thu 30 May 2024 15:55:09 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 132937 IP address blocks: 43.239.192.0/22 maxlen: 24 103.173.192.0/23 maxlen: 24 103.227.62.0/24 maxlen: 24 103.234.116.0/23 maxlen: 24 103.253.125.0/24 maxlen: 24 2001:df7:8a00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34963 (0x8893) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: May 30 15:55:09 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6658a15d-b216 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e7:8a:94:f3:70:bf:27:1e:f3:64:8e:d0:70: 01:83:d2:70:b6:c4:bb:62:72:95:38:0a:ba:a4:1e: 3c:17:4b:f8:79:b4:36:dc:18:93:b0:ec:fe:ec:b5: 21:94:9c:87:c1:50:fa:6d:78:4c:ba:39:99:cf:a1: 1f:41:75:bf:b4:85:a5:03:47:d3:ff:93:d2:44:5b: 72:3a:1e:af:d9:b8:21:53:c5:a9:c0:46:04:9c:26: a4:00:1e:40:76:0a:6f:cd:60:4c:7a:85:48:d0:14: fa:7d:f5:55:6b:07:8b:56:ee:71:28:4e:ca:93:74: 50:30:eb:f0:59:bc:d0:8b:27:4b:86:6b:63:3b:14: 26:cf:ed:0a:2f:61:88:a7:cd:fc:52:4b:ac:88:84: 15:9f:85:ce:d2:5d:ab:73:ee:75:6d:02:4f:03:06: 85:13:3f:16:4d:a1:c6:93:86:ae:c3:62:73:41:a0: 27:14:42:e0:fd:e9:d7:7e:44:b4:c6:dd:7c:62:74: 57:f0:4d:76:b7:d3:14:28:0f:22:cb:77:ab:e9:f0: ae:40:25:9a:c2:0c:89:fd:33:f2:7a:f9:8b:55:2a: 61:59:f0:fa:40:02:be:5f:33:23:ca:eb:60:74:57: 07:57:5b:10:0c:36:69:71:3a:d6:6d:bd:74:5f:7a: e9:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:FF:72:D2:1C:8C:BB:A9:5C:12:92:04:45:56:D4:05:EC:4C:C0:BC X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/748B0074BDE111EAAEFB6D58C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.239.192.0/22 103.173.192.0/23 103.227.62.0/24 103.234.116.0/23 103.253.125.0/24 IPv6: 2001:df7:8a00::/48 Signature Algorithm: sha256WithRSAEncryption 04:f3:e1:c0:96:f6:68:f0:72:e7:dc:00:a7:b2:96:92:24:3c: 21:c8:a7:64:e8:8d:5a:c1:e9:0a:2b:68:74:8b:13:dd:15:88: 66:6e:a4:8c:98:ad:09:16:cc:af:04:05:1c:e2:c5:15:a1:3e: c6:a8:62:6e:e6:d2:1f:72:21:e0:f9:41:44:f0:2b:1a:2d:88: 07:fc:73:c5:d0:fd:1f:e3:d8:d4:46:1d:80:fd:9c:c6:2e:e9: 7d:1b:ef:6d:37:51:88:6e:2a:cc:0c:fb:c2:ce:88:23:02:1b: 84:88:44:f1:21:41:55:d8:ba:69:e8:3f:28:a3:d7:d7:b6:c8: 26:d4:fa:db:80:44:ee:e9:87:16:b6:1d:28:02:13:c5:cd:25: 9b:17:f0:f1:93:7b:93:6e:93:6f:86:6a:8a:06:01:51:e9:df: ea:2f:84:d2:c4:fe:58:a3:92:30:aa:ab:0d:1e:66:d0:42:62: b6:3b:82:da:68:63:f5:86:13:55:6e:39:83:d8:29:1b:55:e3: 04:91:e5:cf:e3:ff:f8:8a:55:f7:33:b4:0c:2b:3f:2d:a3:38: 0a:a9:5e:8e:60:5e:e5:ea:d9:aa:3d:cb:7a:27:32:70:25:f7: 5c:62:f9:02:30:7a:88:04:b4:c5:cf:cc:76:cb:78:37:98:07: 14:0b:6e:f9 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIDAIiTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUzMDE1NTUwOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY1OGExNWQtYjIxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALbnipTzcL8nHvNkjtBwAYPScLbEu2JylTgKuqQePBdL+Hm0NtwYk7Ds/uy1 IZSch8FQ+m14TLo5mc+hH0F1v7SFpQNH0/+T0kRbcjoer9m4IVPFqcBGBJwmpAAe QHYKb81gTHqFSNAU+n31VWsHi1bucShOypN0UDDr8Fm80IsnS4ZrYzsUJs/tCi9h iKfN/FJLrIiEFZ+FztJdq3PudW0CTwMGhRM/Fk2hxpOGrsNic0GgJxRC4P3p135E tMbdfGJ0V/BNdrfTFCgPIst3q+nwrkAlmsIMif0z8nr5i1UqYVnw+kACvl8zI8rr YHRXB1dbEAw2aXE61m29dF966ZECAwEAAaOCAr4wggK6MB0GA1UdDgQWBBSH/3LS HIy7qVwSkgRFVtQF7EzAvDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc0OEIwMDc0 QkRFMTExRUFBRUZCNkQ1OEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEgGCCsGAQUFBwEHAQH/ BDkwNzAkBAIAATAeAwQCK+/AAwQBZ63AAwQAZ+M+AwQBZ+p0AwQAZ/19MA8EAgAC MAkDBwAgAQ33igAwDQYJKoZIhvcNAQELBQADggEBAATz4cCW9mjwcufcAKeylpIk PCHIp2TojVrB6QoraHSLE90ViGZupIyYrQkWzK8EBRzixRWhPsaoYm7m0h9yIeD5 QUTwKxotiAf8c8XQ/R/j2NRGHYD9nMYu6X0b7203UYhuKswM+8LOiCMCG4SIRPEh QVXYumnoPyij19e2yCbU+tuARO7phxa2HSgCE8XNJZsX8PGTe5Nuk2+GaooGAVHp 3+ovhNLE/lijkjCqqw0eZtBCYrY7gtpoY/WGE1VuOYPYKRtV4wSR5c/j//iKVfcz tAwrPy2jOAqpXo5gXuXq2ao9y3onMnAl91xi+QIweogEtMXPzHbLeDeYBxQLbvk= -----END CERTIFICATE-----Generated at Sun Feb 16 20:38:05 2025 by rpki-client