$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C96C54D4650E11EFAECF9A74C4F9AE02.roa File: C96C54D4650E11EFAECF9A74C4F9AE02.roa (raw, json) Hash identifier: dZF8mZValf9zKQ53Np9BDk93yaBAC57Bmf1LYe5yP2k= Subject key identifier: 27:36:E0:85:E2:BD:82:7E:EC:A9:18:D3:52:98:7B:AC:9D:6A:EE:DE Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: A5F4 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C96C54D4650E11EFAECF9A74C4F9AE02.roa Signing time: Wed 12 Feb 2025 12:26:04 +0000 ROA not before: Wed 12 Feb 2025 12:26:04 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 133706 IP address blocks: 43.228.220.0/22 maxlen: 24 45.125.60.0/22 maxlen: 24 103.47.236.0/22 maxlen: 24 103.215.248.0/22 maxlen: 24 157.119.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42484 (0xa5f4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: Feb 12 12:26:04 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67ac935c-3d7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:6f:84:8d:f9:13:db:5d:19:ec:ed:ca:d3:7c: 73:45:d6:eb:bc:4b:b5:9f:c6:42:1e:3e:06:40:f8: 4f:69:74:1c:2b:19:ac:d4:85:f9:62:9e:cf:9b:42: af:a6:d8:fe:a2:51:2b:2b:50:63:0b:73:1d:ab:72: 80:e2:00:70:a9:06:be:43:29:8f:db:a6:f1:d4:ce: 1f:bf:a1:79:fa:aa:58:9a:47:f0:0b:c8:5a:38:7a: 1f:20:b6:0e:60:ae:23:21:a9:76:c4:3c:a6:28:71: 3e:c7:8c:61:02:59:49:f8:a9:03:97:31:fe:e8:39: 15:43:4d:b9:2b:0e:de:ff:11:bf:0b:78:1d:6c:60: fd:ab:80:2a:de:0f:21:1d:e8:2e:68:35:2f:0b:13: 4f:d2:d0:35:77:1d:9b:1d:af:9d:68:55:87:8b:0f: 98:42:a7:10:7a:af:d3:8e:e2:c0:5c:dc:5b:f8:14: 9d:da:31:a1:a0:93:ba:c8:4b:3d:ce:ba:5a:8c:e3: 27:79:ff:57:b8:31:aa:a2:64:cf:69:98:d5:7e:e6: 58:2a:1c:85:3b:b8:82:d7:fe:cf:5f:70:a2:16:32: e4:c8:5d:2c:3a:00:06:89:cb:54:e5:ab:b6:5b:59: 6b:6d:7e:d3:96:37:29:c3:48:77:43:23:f5:f9:e8: b6:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:36:E0:85:E2:BD:82:7E:EC:A9:18:D3:52:98:7B:AC:9D:6A:EE:DE X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C96C54D4650E11EFAECF9A74C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.220.0/22 45.125.60.0/22 103.47.236.0/22 103.215.248.0/22 157.119.124.0/22 Signature Algorithm: sha256WithRSAEncryption 3d:67:c2:da:ca:c4:35:48:3f:ec:10:87:2b:02:d3:d4:47:9c: 07:39:0f:bb:4a:1c:df:5b:e8:54:ed:f1:15:11:5a:4e:42:66: 9f:85:91:30:d3:74:0e:5a:90:1b:94:f6:50:48:75:20:c7:06: ac:01:b6:aa:95:14:9e:1f:f7:24:a6:64:cd:92:40:0c:a5:2b: c6:88:59:91:7c:c8:b0:d8:7a:d0:aa:ba:bc:2a:05:c0:84:fd: 48:49:51:ff:6f:4d:82:ef:13:6b:fd:5d:69:7e:46:74:58:23: 0c:d8:c5:32:6f:e6:96:f4:82:9f:78:71:ed:81:97:8f:f8:db: a6:d2:09:7a:fb:c7:2e:f7:41:e8:17:06:a6:10:19:01:12:8d: d8:8e:61:09:7a:78:15:16:9b:0d:84:e6:97:06:66:e8:2d:1e: b5:7e:e5:1c:a8:59:d0:6b:2c:4f:10:58:8b:ba:6b:e7:f1:83: f7:8d:9b:d9:ef:83:11:6c:30:a0:f1:55:8a:87:f8:05:fa:66: b0:b6:cd:6d:47:84:6f:8f:47:85:5e:bd:34:dd:cb:e7:85:a6: 5a:0d:91:04:b9:9e:37:be:12:f4:99:6e:28:a2:58:4b:d8:e5: db:58:d7:09:3f:2b:4e:45:cb:78:cf:a6:ab:bc:70:8a:b6:6c: 59:f2:e9:80 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIDAKX0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDIxMjEyMjYwNFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdhYzkzNWMtM2Q3YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANBvhI35E9tdGeztytN8c0XW67xLtZ/GQh4+BkD4T2l0HCsZrNSF+WKez5tC r6bY/qJRKytQYwtzHatygOIAcKkGvkMpj9um8dTOH7+hefqqWJpH8AvIWjh6HyC2 DmCuIyGpdsQ8pihxPseMYQJZSfipA5cx/ug5FUNNuSsO3v8Rvwt4HWxg/auAKt4P IR3oLmg1LwsTT9LQNXcdmx2vnWhVh4sPmEKnEHqv047iwFzcW/gUndoxoaCTushL Pc66WozjJ3n/V7gxqqJkz2mY1X7mWCochTu4gtf+z19wohYy5MhdLDoABonLVOWr tltZa21+05Y3KcNId0Mj9fnottUCAwEAAaOCAq0wggKpMB0GA1UdDgQWBBQnNuCF 4r2CfuypGNNSmHusnWru3jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0M5NkM1NEQ0 NjUwRTExRUZBRUNGOUE3NEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDcGCCsGAQUFBwEHAQH/ BCgwJjAkBAIAATAeAwQCK+TcAwQCLX08AwQCZy/sAwQCZ9f4AwQCnXd8MA0GCSqG SIb3DQEBCwUAA4IBAQA9Z8LaysQ1SD/sEIcrAtPUR5wHOQ+7ShzfW+hU7fEVEVpO QmafhZEw03QOWpAblPZQSHUgxwasAbaqlRSeH/ckpmTNkkAMpSvGiFmRfMiw2HrQ qrq8KgXAhP1ISVH/b02C7xNr/V1pfkZ0WCMM2MUyb+aW9IKfeHHtgZeP+Num0gl6 +8cu90HoFwamEBkBEo3YjmEJengVFpsNhOaXBmboLR61fuUcqFnQayxPEFiLumvn 8YP3jZvZ74MRbDCg8VWKh/gF+mawts1tR4Rvj0eFXr003cvnhaZaDZEEuZ43vhL0 mW4oolhL2OXbWNcJPytORct4z6arvHCKtmxZ8umA -----END CERTIFICATE-----Generated at Sun Feb 16 20:15:46 2025 by rpki-client