$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/75CB8AC64DD211EC89EF6D68C4F9AE02.roa File: 75CB8AC64DD211EC89EF6D68C4F9AE02.roa (raw, json) Hash identifier: FDGRKIm+OPpJ8sNUbLMXv9Zj5RkoSuXdzm6CUMmY8y8= Subject key identifier: E8:37:F4:E0:7E:82:A7:88:EA:BD:FF:E7:0E:24:1D:8C:9A:D1:49:C8 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8A94 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/75CB8AC64DD211EC89EF6D68C4F9AE02.roa Signing time: Thu 30 May 2024 16:03:36 +0000 ROA not before: Thu 30 May 2024 16:03:36 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 135796 IP address blocks: 103.129.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35476 (0x8a94) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: May 30 16:03:36 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6658a358-0f39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:c3:ce:9e:ff:c5:ca:c3:47:41:8b:ac:4e:c8: a8:01:48:91:92:4d:6c:31:67:89:cd:01:3f:96:3e: 68:59:6d:85:5e:26:1f:99:cd:0e:c7:9d:ed:73:30: 47:5e:bf:ab:0f:1a:55:26:26:c2:a2:47:37:43:d4: b9:53:ed:46:a3:e5:ff:39:c2:05:36:30:00:df:e5: c0:b1:7e:9d:c5:46:04:a0:0b:ff:64:91:da:eb:b1: d5:9a:af:a1:5b:7d:15:3a:d6:71:e8:b3:a4:ce:52: e2:34:6e:d9:41:85:a4:cd:30:b9:e7:73:e8:49:7d: 81:78:9d:6d:f8:33:d3:e2:3c:f5:a2:42:4c:db:1c: 18:8f:0c:ec:fe:27:63:2b:62:de:e6:39:24:65:55: c5:a0:61:c5:1e:29:db:1e:3e:de:3e:67:1b:78:f3: 6d:7a:84:6f:96:d7:c7:1c:94:35:9a:47:be:80:49: 1c:dd:78:c4:7c:a6:06:29:23:78:f0:81:99:04:6e: 87:54:d7:58:d0:46:e9:73:c6:34:5d:9f:6a:ed:e6: 1f:77:d5:bc:d2:bb:3d:73:87:19:a9:0c:1f:30:a8: a7:e7:ab:f0:a3:40:e7:87:92:78:19:bb:d3:0b:f5: 28:15:f6:23:d6:4c:5e:f5:32:0f:60:3e:96:1a:4d: 4c:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:37:F4:E0:7E:82:A7:88:EA:BD:FF:E7:0E:24:1D:8C:9A:D1:49:C8 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/75CB8AC64DD211EC89EF6D68C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.129.64.0/22 Signature Algorithm: sha256WithRSAEncryption 3f:1c:99:3c:88:53:7d:6d:6f:cc:6a:a1:6f:16:06:0e:c0:c3: 30:34:92:2a:3b:c9:db:bb:e2:4c:e5:38:9d:00:72:64:ae:de: cb:44:87:33:cd:6c:62:6e:2b:1e:06:c6:7e:15:25:4b:20:76: 81:ab:43:a0:1e:33:dd:60:5d:e6:63:5d:79:a9:f6:4c:be:34: a2:c4:2d:71:ff:d3:57:09:b6:d1:bd:b0:3c:ff:43:52:34:a5: 57:f9:fe:0b:d6:f2:b4:38:47:63:b7:98:5c:d5:63:47:45:cf: ca:86:55:4a:f6:94:4a:e7:bd:56:d4:fc:a9:29:45:5a:1f:cb: 14:d7:d7:e0:06:b6:76:17:c2:ad:0b:86:3e:f8:56:7f:c2:be: d3:56:95:28:15:f1:c9:4c:8b:93:f7:b8:4a:dc:be:86:e5:f9: 43:8c:1d:25:97:aa:52:4b:01:f7:34:dc:e8:35:13:51:61:a8: 51:12:42:3f:c0:f0:d9:ab:10:9a:f5:95:7d:2c:a9:92:c4:c9: 2c:04:81:c9:9f:8e:72:8e:f1:6b:bf:73:8e:75:9f:da:7b:a4: 99:87:07:a0:26:85:ff:52:5b:31:08:71:a8:98:7d:c0:db:59: 08:f4:21:fe:60:25:c3:3f:9a:01:46:47:28:d5:11:0d:3c:cc: 9d:0f:03:18 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgIDAIqUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUzMDE2MDMzNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY1OGEzNTgtMGYzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN/Dzp7/xcrDR0GLrE7IqAFIkZJNbDFnic0BP5Y+aFlthV4mH5nNDsed7XMw R16/qw8aVSYmwqJHN0PUuVPtRqPl/znCBTYwAN/lwLF+ncVGBKAL/2SR2uux1Zqv oVt9FTrWceizpM5S4jRu2UGFpM0wuedz6El9gXidbfgz0+I89aJCTNscGI8M7P4n Yyti3uY5JGVVxaBhxR4p2x4+3j5nG3jzbXqEb5bXxxyUNZpHvoBJHN14xHymBikj ePCBmQRuh1TXWNBG6XPGNF2fau3mH3fVvNK7PXOHGakMHzCop+er8KNA54eSeBm7 0wv1KBX2I9ZMXvUyD2A+lhpNTLsCAwEAAaOCApUwggKRMB0GA1UdDgQWBBToN/Tg foKniOq9/+cOJB2MmtFJyDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc1Q0I4QUM2 NEREMjExRUM4OUVGNkQ2OEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/ BBAwDjAMBAIAATAGAwQCZ4FAMA0GCSqGSIb3DQEBCwUAA4IBAQA/HJk8iFN9bW/M aqFvFgYOwMMwNJIqO8nbu+JM5TidAHJkrt7LRIczzWxibiseBsZ+FSVLIHaBq0Og HjPdYF3mY115qfZMvjSixC1x/9NXCbbRvbA8/0NSNKVX+f4L1vK0OEdjt5hc1WNH Rc/KhlVK9pRK571W1PypKUVaH8sU19fgBrZ2F8KtC4Y++FZ/wr7TVpUoFfHJTIuT 97hK3L6G5flDjB0ll6pSSwH3NNzoNRNRYahREkI/wPDZqxCa9ZV9LKmSxMksBIHJ n45yjvFrv3OOdZ/ae6SZhwegJoX/UlsxCHGomH3A21kI9CH+YCXDP5oBRkco1REN PMydDwMY -----END CERTIFICATE-----Generated at Sun Feb 16 20:37:39 2025 by rpki-client