$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7D174FAAC9CF11EFB0F6B448C4F9AE02.roa File: 7D174FAAC9CF11EFB0F6B448C4F9AE02.roa (raw, json) Hash identifier: 8bPQTwa8AZMRFwSG91RFEUP3CA5u5z9vVhuPAWlSPIM= Subject key identifier: 8B:95:E6:C7:A7:83:F7:9C:B6:BD:D3:E8:E2:EF:C9:D4:6B:53:10:E3 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: A17C Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7D174FAAC9CF11EFB0F6B448C4F9AE02.roa Signing time: Fri 03 Jan 2025 12:37:27 +0000 ROA not before: Fri 03 Jan 2025 12:37:27 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 138235 IP address blocks: 103.134.96.0/22 maxlen: 24 103.171.190.0/24 maxlen: 24 103.171.191.0/24 maxlen: 24 2407:5140::/32 maxlen: 32 2407:5140::/48 maxlen: 48 2407:5140:1::/48 maxlen: 48 2407:5140:2::/48 maxlen: 48 2407:5140:3::/48 maxlen: 48 2407:5140:4::/48 maxlen: 48 2407:5140:5::/48 maxlen: 48 2407:5140:6::/48 maxlen: 48 2407:5140:7::/48 maxlen: 48 2407:5140:8::/48 maxlen: 48 2407:5140:9::/48 maxlen: 48 2407:5140:a::/48 maxlen: 48 2407:5140:b::/48 maxlen: 48 2407:5140:c::/48 maxlen: 48 2407:5140:d::/48 maxlen: 48 2407:5140:e::/48 maxlen: 48 2407:5140:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 15:26:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41340 (0xa17c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: Jan 3 12:37:27 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6777da06-12ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:01:20:7b:86:e1:d6:78:a7:b1:f7:99:be:07: fe:e5:70:53:95:40:4a:8e:22:da:a0:a9:a4:a8:db: 5c:3d:65:e7:52:70:5c:9b:c1:03:eb:06:3c:d3:53: 4e:63:f7:6e:6b:92:e2:4b:d0:ed:df:c3:ad:59:f2: 6f:04:cd:5f:a0:2e:ae:1d:2b:e5:9e:bf:b8:b6:e4: 14:3c:91:07:a4:46:00:86:29:d9:86:e4:33:1b:2f: 38:9b:e9:22:fa:d7:3c:f0:ee:c5:11:c9:fa:08:f9: 55:36:ec:ba:1e:7a:32:4e:a5:5c:3b:fd:f1:3c:c9: 05:c1:9c:a9:21:2e:ec:ad:88:37:7a:3b:37:1d:7b: 98:0c:b0:7a:55:e0:91:fb:f4:e1:f5:73:31:43:7f: c9:bd:d2:81:0b:1c:78:2d:96:15:5d:8d:37:5f:a3: 7c:fe:32:a3:fd:b8:f1:ae:0d:de:e9:cd:06:7c:53: b4:17:35:e0:c5:37:6c:a4:d2:fe:48:ed:7c:f0:a5: ae:b6:d8:1a:ce:d9:28:c1:93:97:a7:44:f4:7e:5d: 53:1d:99:be:bc:bc:75:84:87:d0:73:95:5d:14:9c: 06:c0:b3:47:a2:38:2b:c5:61:ab:fb:a2:72:21:36: 77:c9:5f:9f:43:a8:21:7e:d6:5b:f2:7f:74:66:fd: 32:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:95:E6:C7:A7:83:F7:9C:B6:BD:D3:E8:E2:EF:C9:D4:6B:53:10:E3 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7D174FAAC9CF11EFB0F6B448C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.134.96.0/22 103.171.190.0/23 IPv6: 2407:5140::/32 Signature Algorithm: sha256WithRSAEncryption 1b:06:87:59:15:0c:2e:1f:53:75:06:73:12:bc:7a:dd:3b:6b: 82:68:c2:34:ae:f7:0e:7b:a7:c5:fc:e0:c9:81:27:be:ef:f9: c8:a9:6d:8b:e8:90:0e:ab:0e:7a:be:f0:ee:c7:01:7e:79:60: 44:19:cb:08:dd:a1:1d:78:67:3d:53:aa:15:f7:e8:e5:d0:22: de:a6:2d:00:cc:8f:59:c9:b4:e0:43:a6:8c:eb:83:2b:7e:6d: a7:98:1c:d3:50:64:7c:5e:de:73:8c:91:7c:08:d5:11:95:61: df:44:93:3f:36:44:18:9b:2f:65:ac:1b:42:6b:a3:09:01:bc: 90:d5:0f:cb:f4:4e:3d:df:5a:22:e9:6b:8c:7c:5c:7d:a7:98: 61:07:b5:c3:d8:ac:ba:05:da:3a:24:4f:7b:3b:28:f2:5a:da: c6:f8:aa:d1:f6:82:dd:54:32:dc:90:ee:fd:46:5d:7f:df:71: df:3d:9e:bf:aa:8b:06:b6:cb:b1:81:bc:c6:db:59:5f:ac:dd: 60:16:09:d4:60:24:46:45:6e:0e:25:c6:ac:ce:90:0d:5f:1c: 4f:80:a9:9e:95:5c:d1:65:5e:8e:ae:9c:c6:7f:c6:fb:d7:ca: 63:3a:52:e5:0c:72:4c:ae:77:97:89:7d:79:68:41:90:cc:24: be:d7:85:05 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIDAKF8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDEwMzEyMzcyN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjc3N2RhMDYtMTJlYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMABIHuG4dZ4p7H3mb4H/uVwU5VASo4i2qCppKjbXD1l51JwXJvBA+sGPNNT TmP3bmuS4kvQ7d/DrVnybwTNX6Aurh0r5Z6/uLbkFDyRB6RGAIYp2YbkMxsvOJvp IvrXPPDuxRHJ+gj5VTbsuh56Mk6lXDv98TzJBcGcqSEu7K2IN3o7Nx17mAywelXg kfv04fVzMUN/yb3SgQsceC2WFV2NN1+jfP4yo/248a4N3unNBnxTtBc14MU3bKTS /kjtfPClrrbYGs7ZKMGTl6dE9H5dUx2Zvry8dYSH0HOVXRScBsCzR6I4K8Vhq/ui ciE2d8lfn0OoIX7WW/J/dGb9MgUCAwEAAaOCAqowggKmMB0GA1UdDgQWBBSLlebH p4P3nLa90+ji78nUa1MQ4zAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzdEMTc0RkFB QzlDRjExRUZCMEY2QjQ0OEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDQGCCsGAQUFBwEHAQH/ BCUwIzASBAIAATAMAwQCZ4ZgAwQBZ6u+MA0EAgACMAcDBQAkB1FAMA0GCSqGSIb3 DQEBCwUAA4IBAQAbBodZFQwuH1N1BnMSvHrdO2uCaMI0rvcOe6fF/ODJgSe+7/nI qW2L6JAOqw56vvDuxwF+eWBEGcsI3aEdeGc9U6oV9+jl0CLepi0AzI9ZybTgQ6aM 64Mrfm2nmBzTUGR8Xt5zjJF8CNURlWHfRJM/NkQYmy9lrBtCa6MJAbyQ1Q/L9E49 31oi6WuMfFx9p5hhB7XD2Ky6Bdo6JE97OyjyWtrG+KrR9oLdVDLckO79Rl1/33Hf PZ6/qosGtsuxgbzG21lfrN1gFgnUYCRGRW4OJcaszpANXxxPgKmelVzRZV6OrpzG f8b718pjOlLlDHJMrneXiX15aEGQzCS+14UF -----END CERTIFICATE-----Generated at Sat Apr 5 07:12:24 2025 by rpki-client