$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7857BF18F8BE11EF9BA47822C4F9AE02.roa File: 7857BF18F8BE11EF9BA47822C4F9AE02.roa (raw, json) Hash identifier: LwQnqUsb12RhLVLDqS2E1IRhDMgOZ2oan8vsLWEbqsY= Subject key identifier: C2:C0:FA:54:DE:9C:38:DD:6E:99:13:35:93:35:A5:14:59:24:C1:B7 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: A8FC Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7857BF18F8BE11EF9BA47822C4F9AE02.roa Signing time: Tue 04 Mar 2025 06:04:02 +0000 ROA not before: Tue 04 Mar 2025 06:04:02 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 137083 IP address blocks: 103.57.96.0/24 maxlen: 24 103.57.97.0/24 maxlen: 24 103.105.228.0/24 maxlen: 24 103.105.229.0/24 maxlen: 24 103.108.73.0/24 maxlen: 24 103.157.8.0/24 maxlen: 24 103.157.9.0/24 maxlen: 24 103.175.116.0/23 maxlen: 24 2001:df4:f40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 07:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43260 (0xa8fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: Mar 4 06:04:02 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67c697d2-ea9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:dd:45:ca:fb:0f:bb:5d:f2:a7:f5:45:42:a7: af:d9:08:46:43:59:c9:ed:d0:41:21:65:5d:a6:6e: 9e:af:55:5c:05:98:27:9b:6c:5d:77:60:41:12:39: fa:16:30:d7:52:6e:69:ec:40:26:05:8c:3a:ac:43: 69:59:c9:f8:e5:25:f1:c6:cd:0e:a2:6c:ab:fb:ed: d0:13:58:8e:15:3b:19:2e:e2:eb:37:c8:8e:16:bf: 68:0c:c2:96:eb:da:ff:d9:28:01:a8:71:25:96:82: 2a:d2:e3:b8:4c:ef:0e:15:d5:1f:ab:32:28:2b:b8: 73:93:12:e9:b5:55:80:3d:e3:78:2d:fc:7e:00:a5: b0:81:30:f3:b8:59:04:6c:c4:6a:72:84:b8:00:b3: 8e:a8:59:1d:50:fc:28:f2:6d:cb:8d:29:86:14:af: e4:95:7b:7b:dd:a2:e6:e5:69:8e:ad:ca:90:72:70: 41:dc:9e:2f:54:8f:55:92:71:84:3f:f9:ea:c8:74: db:66:5c:e5:bc:4a:3d:54:95:10:3d:43:1e:27:b2: 07:d7:36:02:d5:8e:f0:77:f8:a4:59:4d:c1:0f:9e: e7:c3:cc:3b:67:20:72:80:04:9a:3a:e2:fe:e1:d7: 3a:41:02:8c:d2:02:32:43:49:6c:a3:0e:d2:77:10: 32:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:C0:FA:54:DE:9C:38:DD:6E:99:13:35:93:35:A5:14:59:24:C1:B7 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7857BF18F8BE11EF9BA47822C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.57.96.0/23 103.105.228.0/23 103.108.73.0/24 103.157.8.0/23 103.175.116.0/23 IPv6: 2001:df4:f40::/48 Signature Algorithm: sha256WithRSAEncryption 8e:a6:d1:0a:a7:8d:50:a2:29:31:82:ad:a6:e8:bf:41:e1:14: 4d:0a:15:6f:23:85:41:be:cd:af:53:c6:d7:bb:d2:d6:4c:56: 4c:74:9d:47:3e:15:3a:56:f3:54:f7:d4:d8:b4:02:de:18:fa: 0e:61:30:45:08:f5:58:a9:9c:ab:44:a5:52:0c:46:6a:bc:72: 41:5d:73:aa:67:4a:29:d6:24:5a:1a:54:3b:5b:67:78:a6:1d: fd:c8:ff:65:bc:68:ef:c5:01:b3:5c:50:84:4e:e8:31:0c:d8: 8d:54:36:ec:61:ec:1e:1e:1f:da:00:6e:6f:63:6b:ee:82:a4: f7:33:08:16:0b:f4:69:1f:77:81:5e:b4:36:52:0c:2d:68:b6: 59:e0:5c:5a:f7:99:d0:78:2c:c2:61:67:ff:fe:aa:0a:87:b7: ab:17:dd:30:2c:bc:b9:47:9d:7e:3c:db:46:d9:eb:af:5c:9d: 52:c2:3a:e4:fb:cd:af:9b:97:c6:56:69:d9:dd:d4:2e:27:c1: cf:07:e8:a6:1e:d2:50:1a:94:c6:e6:c6:d4:6a:99:ac:25:f1: 83:5a:02:97:bd:74:4b:9c:bc:ee:20:01:15:b3:cf:79:84:28: 2e:97:46:92:b1:44:15:9d:ca:16:63:85:8f:e5:38:9c:2c:3f: da:27:0c:21 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIDAKj8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDMwNDA2MDQwMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdjNjk3ZDItZWE5YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMXdRcr7D7td8qf1RUKnr9kIRkNZye3QQSFlXaZunq9VXAWYJ5tsXXdgQRI5 +hYw11JuaexAJgWMOqxDaVnJ+OUl8cbNDqJsq/vt0BNYjhU7GS7i6zfIjha/aAzC luva/9koAahxJZaCKtLjuEzvDhXVH6syKCu4c5MS6bVVgD3jeC38fgClsIEw87hZ BGzEanKEuACzjqhZHVD8KPJty40phhSv5JV7e92i5uVpjq3KkHJwQdyeL1SPVZJx hD/56sh022Zc5bxKPVSVED1DHieyB9c2AtWO8Hf4pFlNwQ+e58PMO2cgcoAEmjri /uHXOkECjNICMkNJbKMO0ncQMpcCAwEAAaOCAr4wggK6MB0GA1UdDgQWBBTCwPpU 3pw43W6ZEzWTNaUUWSTBtzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc4NTdCRjE4 RjhCRTExRUY5QkE0NzgyMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEgGCCsGAQUFBwEHAQH/ BDkwNzAkBAIAATAeAwQBZzlgAwQBZ2nkAwQAZ2xJAwQBZ50IAwQBZ690MA8EAgAC MAkDBwAgAQ30D0AwDQYJKoZIhvcNAQELBQADggEBAI6m0QqnjVCiKTGCrabov0Hh FE0KFW8jhUG+za9Txte70tZMVkx0nUc+FTpW81T31Ni0At4Y+g5hMEUI9VipnKtE pVIMRmq8ckFdc6pnSinWJFoaVDtbZ3imHf3I/2W8aO/FAbNcUIRO6DEM2I1UNuxh 7B4eH9oAbm9ja+6CpPczCBYL9Gkfd4FetDZSDC1otlngXFr3mdB4LMJhZ//+qgqH t6sX3TAsvLlHnX4820bZ669cnVLCOuT7za+bl8ZWadnd1C4nwc8H6KYe0lAalMbm xtRqmawl8YNaApe9dEucvO4gARWzz3mEKC6XRpKxRBWdyhZjhY/lOJwsP9onDCE= -----END CERTIFICATE-----Generated at Fri Apr 4 11:23:05 2025 by rpki-client