$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/899362B4E46911EF9A0CA270C4F9AE02.roa File: 899362B4E46911EF9A0CA270C4F9AE02.roa (raw, json) Hash identifier: WarfKh5/8dg4D5OWmiilGl+N7CJynRKo7MpsowUrdB8= Subject key identifier: F2:A0:EF:35:D3:9D:4C:88:CA:15:A6:2F:B3:3A:16:DD:33:59:41:AB Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: A54A Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/899362B4E46911EF9A0CA270C4F9AE02.roa Signing time: Fri 07 Feb 2025 07:34:42 +0000 ROA not before: Fri 07 Feb 2025 07:34:42 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 138737 IP address blocks: 103.127.60.0/23 maxlen: 24 103.139.170.0/23 maxlen: 24 103.157.162.0/23 maxlen: 24 103.160.28.0/23 maxlen: 24 103.160.132.0/23 maxlen: 24 103.162.74.0/24 maxlen: 24 103.162.75.0/24 maxlen: 24 2001:df1:e840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 15:28:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42314 (0xa54a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: Feb 7 07:34:42 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67a5b792-6f53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:1f:4e:fc:fb:15:5c:6b:c0:55:82:d0:bb:90: 45:1c:ca:70:4f:91:c2:63:77:83:52:7f:2b:a2:a0: 02:5b:45:ef:4e:28:f0:cb:b7:a9:11:40:6b:40:1c: 64:a6:52:ed:79:48:6e:73:65:2f:e2:c6:d3:b2:2f: 3b:83:64:d4:a7:21:a8:ef:b2:0a:25:5c:63:35:eb: e4:1e:cc:1e:88:d8:db:b9:dc:8b:1f:db:d3:2f:f6: 05:76:c2:5b:d5:b9:b9:ae:24:b9:ce:05:07:a6:27: d4:b4:e8:83:28:d8:01:6c:49:ad:0b:93:be:83:64: d7:48:88:af:14:af:62:f4:58:c4:b6:e6:39:94:a6: 10:5a:69:87:ba:e4:68:ab:57:d9:9e:04:f4:66:b0: b7:89:66:af:d1:91:dd:b8:4f:04:7c:02:2c:c0:7e: 3a:2c:cf:0b:8c:4f:7d:1d:33:84:1d:39:11:b7:2c: 3c:76:66:92:2e:1a:03:5f:cc:59:96:26:16:0a:7d: 49:32:cf:2b:c7:41:cf:4b:e4:b8:3a:03:e8:51:38: 79:b5:88:29:85:91:25:8b:a5:3c:d2:48:49:a8:60: 39:fd:50:74:a2:76:59:6a:3e:a8:7e:3c:b0:af:60: b2:f9:66:1c:e5:17:da:2f:3c:73:43:58:57:43:f7: e2:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:A0:EF:35:D3:9D:4C:88:CA:15:A6:2F:B3:3A:16:DD:33:59:41:AB X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/899362B4E46911EF9A0CA270C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.127.60.0/23 103.139.170.0/23 103.157.162.0/23 103.160.28.0/23 103.160.132.0/23 103.162.74.0/23 IPv6: 2001:df1:e840::/48 Signature Algorithm: sha256WithRSAEncryption b2:e3:86:87:86:25:c9:f7:9e:79:69:ab:a7:c8:5d:82:c0:59: 15:ea:d1:79:a0:77:63:03:bb:d5:3f:a8:c3:99:3f:6b:d6:13: e3:9e:a6:97:aa:40:46:54:7b:e9:ac:6b:85:08:77:2a:c2:86: 91:d5:c3:0a:54:67:5c:24:2d:11:10:25:88:ee:60:40:cb:2a: 49:f5:6d:f8:e2:bd:cf:ae:e0:f3:8e:11:e7:b8:10:77:77:fb: 41:25:32:c3:da:b1:b7:68:aa:b0:2c:71:59:8b:65:09:43:3b: 4a:1f:15:b1:3d:02:01:b2:4c:d6:e3:21:6b:68:0c:51:6f:44: d7:a6:41:af:3d:d0:f7:a8:0e:52:cf:f1:94:f2:16:84:9a:d6: 4c:a0:e8:ce:5d:b5:8b:8a:87:2a:04:be:eb:c3:95:c0:e3:d0: 2d:5f:41:08:63:a7:82:0e:c1:fe:67:fd:27:05:7a:25:da:95: dc:77:4e:96:36:36:a5:1d:c3:9b:70:4a:3b:22:38:cc:0e:71: ec:f9:a0:eb:43:5d:bb:20:9f:0e:f4:63:e8:18:d7:7b:d5:ca: 9f:4b:6e:15:a1:ef:44:6b:57:50:55:b3:e2:ac:60:7d:9d:ca: b3:95:fb:c5:c9:d0:e9:07:b6:af:c8:46:33:2f:19:3d:ff:39: 37:b5:3b:a2 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgIDAKVKMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDIwNzA3MzQ0MloXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdhNWI3OTItNmY1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANIfTvz7FVxrwFWC0LuQRRzKcE+RwmN3g1J/K6KgAltF704o8Mu3qRFAa0Ac ZKZS7XlIbnNlL+LG07IvO4Nk1KchqO+yCiVcYzXr5B7MHojY27ncix/b0y/2BXbC W9W5ua4kuc4FB6Yn1LTogyjYAWxJrQuTvoNk10iIrxSvYvRYxLbmOZSmEFpph7rk aKtX2Z4E9Gawt4lmr9GR3bhPBHwCLMB+OizPC4xPfR0zhB05EbcsPHZmki4aA1/M WZYmFgp9STLPK8dBz0vkuDoD6FE4ebWIKYWRJYulPNJISahgOf1QdKJ2WWo+qH48 sK9gsvlmHOUX2i88c0NYV0P34rUCAwEAAaOCAsQwggLAMB0GA1UdDgQWBBTyoO81 051MiMoVpi+zOhbdM1lBqzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzg5OTM2MkI0 RTQ2OTExRUY5QTBDQTI3MEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sME4GCCsGAQUFBwEHAQH/ BD8wPTAqBAIAATAkAwQBZ388AwQBZ4uqAwQBZ52iAwQBZ6AcAwQBZ6CEAwQBZ6JK MA8EAgACMAkDBwAgAQ3x6EAwDQYJKoZIhvcNAQELBQADggEBALLjhoeGJcn3nnlp q6fIXYLAWRXq0Xmgd2MDu9U/qMOZP2vWE+OeppeqQEZUe+msa4UIdyrChpHVwwpU Z1wkLREQJYjuYEDLKkn1bfjivc+u4POOEee4EHd3+0ElMsPasbdoqrAscVmLZQlD O0ofFbE9AgGyTNbjIWtoDFFvRNemQa890PeoDlLP8ZTyFoSa1kyg6M5dtYuKhyoE vuvDlcDj0C1fQQhjp4IOwf5n/ScFeiXaldx3TpY2NqUdw5twSjsiOMwOcez5oOtD Xbsgnw70Y+gY13vVyp9LbhWh70RrV1BVs+KsYH2dyrOV+8XJ0OkHtq/IRjMvGT3/ OTe1O6I= -----END CERTIFICATE-----Generated at Fri Apr 4 10:58:35 2025 by rpki-client