$ rpki-client -vvf rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/337C9CE4314C11F0845D2C39C4F9AE02.roa File: 337C9CE4314C11F0845D2C39C4F9AE02.roa (raw, json) Hash identifier: tLRJQ8QY9Inh1rPsduPheEywqKEjWOsUqz32XElA7RM= Subject key identifier: 62:19:DF:38:1F:5E:8F:2B:77:8B:12:1B:CE:8B:86:D8:4C:7E:0F:11 Certificate issuer: /CN=A911FAC3/serialNumber=7762AA8277020D0BB5C75997DE5F7D8A5142DF14 Certificate serial: 1392 Authority key identifier: 77:62:AA:82:77:02:0D:0B:B5:C7:59:97:DE:5F:7D:8A:51:42:DF:14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/337C9CE4314C11F0845D2C39C4F9AE02.roa Signing time: Thu 15 May 2025 05:21:34 +0000 ROA not before: Thu 15 May 2025 05:21:34 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 63932 IP address blocks: 43.229.12.0/22 maxlen: 22 43.229.12.0/24 maxlen: 24 43.229.13.0/24 maxlen: 24 43.229.15.0/24 maxlen: 24 103.48.16.0/22 maxlen: 22 114.130.240.0/21 maxlen: 21 114.130.240.0/23 maxlen: 23 114.130.252.0/22 maxlen: 22 2401:ed80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.crl rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 17:10:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5010 (0x1392) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911FAC3, serialNumber=7762AA8277020D0BB5C75997DE5F7D8A5142DF14 Validity Not Before: May 15 05:21:34 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=682579dd-1c59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:72:67:40:75:2e:0b:d2:6f:bf:b4:c7:64:20: a1:b5:8b:61:d1:7b:a6:56:d6:37:c1:d8:f7:88:cb: b6:aa:d4:6b:31:70:a4:3d:4b:58:54:ae:a7:da:32: c7:ed:f0:03:25:23:00:52:0a:c6:be:3a:7b:2e:3b: e8:27:be:20:55:59:59:2f:1a:99:65:cb:17:02:65: 0a:5c:e2:3f:e7:aa:b4:43:9f:cb:30:2c:73:14:19: 63:98:47:b9:5c:92:b7:9c:d9:30:59:99:2d:7a:e8: 33:0f:9e:df:99:db:7f:a7:40:ee:11:af:1f:8b:9f: 40:20:19:dd:3b:ee:49:f4:61:68:72:e3:93:67:84: bf:22:17:52:c4:f2:24:e9:b6:e9:62:0a:9c:aa:18: 31:1c:71:30:9e:d9:7c:bf:05:63:6d:32:5a:68:ba: 48:c1:4d:6e:5d:f3:00:d2:d0:2c:41:5c:c0:0e:87: da:7f:da:a0:3b:26:0a:11:ed:bf:de:19:66:7e:47: f8:04:34:94:82:0f:1c:4e:4e:a4:a5:86:f0:79:9a: 2a:1f:fe:f9:66:3c:be:78:a9:11:cf:bd:fd:8c:32: af:cf:88:12:99:dc:4d:bb:2e:71:d6:ae:3f:39:b0: ff:0b:db:c1:b6:db:11:ee:4e:d8:84:71:2b:4a:37: 27:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:19:DF:38:1F:5E:8F:2B:77:8B:12:1B:CE:8B:86:D8:4C:7E:0F:11 X509v3 Authority Key Identifier: keyid:77:62:AA:82:77:02:0D:0B:B5:C7:59:97:DE:5F:7D:8A:51:42:DF:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/d2KqgncCDQu1x1mX3l99ilFC3xQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d2KqgncCDQu1x1mX3l99ilFC3xQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911FAC3/7B868C089DF511E8957AB416C4F9AE02/337C9CE4314C11F0845D2C39C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.229.12.0/22 103.48.16.0/22 114.130.240.0/21 114.130.252.0/22 IPv6: 2401:ed80::/32 Signature Algorithm: sha256WithRSAEncryption a5:dd:a4:9e:63:ad:e3:33:aa:3a:05:7c:fb:32:49:72:1f:b2: 27:22:18:69:b4:ca:72:b9:67:e2:1a:50:d8:c2:00:ee:2d:97: 5b:7e:c7:86:2a:d1:2b:5d:9f:48:43:0d:2d:2d:0b:5d:79:7e: ec:02:9c:d0:ae:62:ee:6b:eb:9b:99:8e:44:c8:27:02:34:d9: f8:94:02:d7:a6:04:6f:7d:e0:77:d9:60:67:7e:ae:0c:e8:75: a2:2b:b9:9f:a7:00:4a:f5:1a:5e:c3:55:6f:44:7e:64:82:e2: a3:83:69:2c:28:a1:44:94:f5:09:e3:b7:1e:c4:ee:11:ed:39: ff:77:81:34:f1:87:91:dc:1c:e8:4c:39:2f:21:b2:58:a1:ff: 43:22:cd:da:0b:23:fc:0f:45:fc:1f:14:1f:22:b4:76:ce:a0: 62:b4:e3:e9:74:17:da:51:62:95:75:92:1d:52:35:64:7a:d2: 07:2f:11:c8:7b:d8:a1:d5:83:02:68:e0:8c:96:c5:c8:af:13: 5b:c4:aa:01:87:ea:c0:62:c0:95:3a:e4:4e:eb:72:74:0e:cd: ac:a5:02:04:8c:8b:33:65:3f:66:94:e0:89:7f:7f:e3:53:36: 07:89:ac:96:98:d1:e4:85:9f:46:65:04:a3:6d:5f:22:36:f8: 6c:93:06:a5 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICE5IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUZBQzMxMTAvBgNVBAUTKDc3NjJBQTgyNzcwMjBEMEJCNUM3NTk5N0RFNUY3RDhB NTE0MkRGMTQwHhcNMjUwNTE1MDUyMTM0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODI1NzlkZC0xYzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs3JnQHUuC9Jvv7THZCChtYth0XumVtY3wdj3iMu2qtRrMXCkPUtYVK6n2jLH 7fADJSMAUgrGvjp7LjvoJ74gVVlZLxqZZcsXAmUKXOI/56q0Q5/LMCxzFBljmEe5 XJK3nNkwWZkteugzD57fmdt/p0DuEa8fi59AIBndO+5J9GFocuOTZ4S/IhdSxPIk 6bbpYgqcqhgxHHEwntl8vwVjbTJaaLpIwU1uXfMA0tAsQVzADofaf9qgOyYKEe2/ 3hlmfkf4BDSUgg8cTk6kpYbweZoqH/75Zjy+eKkRz739jDKvz4gSmdxNuy5x1q4/ ObD/C9vBttsR7k7YhHErSjcn/wIDAQABo4ICtjCCArIwHQYDVR0OBBYEFGIZ3zgf Xo8rd4sSG86LhthMfg8RMB8GA1UdIwQYMBaAFHdiqoJ3Ag0LtcdZl95ffYpRQt8U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRkFDMy83Qjg2OEMwODlE RjUxMUU4OTU3QUI0MTZDNEY5QUUwMi9kMktxZ25jQ0RRdTF4MW1YM2w5OWlsRkMz eFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2QyS3FnbmNDRFF1MXgxbVgzbDk5aWxGQzN4US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUZBQzMvN0I4NjhDMDg5REY1MTFFODk1N0FCNDE2QzRGOUFFMDIvMzM3QzlDRTQz MTRDMTFGMDg0NUQyQzM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr5QwDBAJnMBADBANygvADBAJygvwwDQQCAAIwBwMFACQB 7YAwDQYJKoZIhvcNAQELBQADggEBAKXdpJ5jreMzqjoFfPsySXIfsiciGGm0ynK5 Z+IaUNjCAO4tl1t+x4Yq0Stdn0hDDS0tC115fuwCnNCuYu5r65uZjkTIJwI02fiU AtemBG994HfZYGd+rgzodaIruZ+nAEr1Gl7DVW9EfmSC4qODaSwooUSU9Qnjtx7E 7hHtOf93gTTxh5HcHOhMOS8hslih/0MizdoLI/wPRfwfFB8itHbOoGK04+l0F9pR YpV1kh1SNWR60gcvEch72KHVgwJo4IyWxcivE1vEqgGH6sBiwJU65E7rcnQOzayl AgSMizNlP2aU4Il/f+NTNgeJrJaY0eSFn0ZlBKNtXyI2+GyTBqU= -----END CERTIFICATE-----Generated at Tue Jun 3 23:50:52 2025 by rpki-client