$ rpki-client -vvf rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/2BF876B43C6411F098BE6F2EC4F9AE02.roa File: 2BF876B43C6411F098BE6F2EC4F9AE02.roa (raw, json) Hash identifier: 78fn2memSm7vBnLFbyR7taN3PwAlhw+S3wateBPSFCg= Subject key identifier: 8F:DB:71:7C:7A:F4:E9:CC:0D:86:48:9E:DF:D9:15:34:BA:2B:EE:57 Certificate issuer: /CN=A912DC44/serialNumber=A6421FE13D8C93A7BDDFF8B53719B5808748D0DF Certificate serial: 0D5A Authority key identifier: A6:42:1F:E1:3D:8C:93:A7:BD:DF:F8:B5:37:19:B5:80:87:48:D0:DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/2BF876B43C6411F098BE6F2EC4F9AE02.roa Signing time: Thu 29 May 2025 08:08:58 +0000 ROA not before: Thu 29 May 2025 08:08:58 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 134806 IP address blocks: 103.89.26.0/24 maxlen: 24 103.89.27.0/24 maxlen: 24 103.126.216.0/22 maxlen: 24 103.200.36.0/22 maxlen: 22 103.200.36.0/23 maxlen: 23 103.200.36.0/24 maxlen: 24 103.200.37.0/24 maxlen: 24 103.200.38.0/23 maxlen: 23 103.200.38.0/24 maxlen: 24 103.200.39.0/24 maxlen: 24 123.253.64.0/22 maxlen: 24 2401:1040::/32 maxlen: 32 2401:1040::/40 maxlen: 40 2401:1040::/48 maxlen: 48 2401:1040:1::/48 maxlen: 48 2401:1040:2::/48 maxlen: 48 2401:1040:3::/48 maxlen: 48 2401:1040:100::/40 maxlen: 40 2401:1040:100::/48 maxlen: 48 2401:1040:101::/48 maxlen: 48 2401:1040:102::/48 maxlen: 48 2401:1040:103::/48 maxlen: 48 2401:1040:300::/40 maxlen: 40 2401:1040:301::/48 maxlen: 48 2401:1040:8100::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.crl rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 04:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3418 (0xd5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912DC44, serialNumber=A6421FE13D8C93A7BDDFF8B53719B5808748D0DF Validity Not Before: May 29 08:08:58 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=6838161a-6e35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6f:71:f8:e5:a4:47:c6:76:02:16:1b:cd:8c: 71:48:6b:40:e1:f0:e4:d1:21:0d:84:94:1f:0a:60: 17:7b:5a:4e:2d:86:ae:10:37:31:74:87:d8:f5:65: 12:82:f1:06:ee:15:a5:08:16:00:dc:51:05:91:43: 5e:40:9d:fb:a1:ab:af:73:90:20:c1:08:22:58:82: b3:07:45:99:e9:17:34:bd:7e:d4:d5:8b:3b:2a:ee: da:48:eb:e3:ff:8b:da:b0:72:03:66:32:c2:0b:45: 1b:cc:d5:01:18:f6:9b:ab:54:c8:b9:5d:48:64:7e: ab:f8:ca:2f:43:90:0c:45:88:eb:5f:18:c5:f5:5e: fa:11:1d:97:05:0f:f7:56:e0:7b:18:11:94:b5:66: 00:13:56:f2:57:31:b1:6c:75:dc:3e:1d:79:a6:cb: 44:aa:9a:5a:af:9d:fc:c3:58:97:70:2a:10:01:32: fb:fe:66:b4:28:d1:60:73:c2:a9:07:60:54:a0:e2: 5f:41:b2:84:3c:e0:1f:a8:dc:07:43:9f:06:48:65: 65:c5:92:9c:85:60:22:47:fd:2b:f0:51:c9:17:89: a6:ed:7b:ae:9f:02:df:10:a6:ec:2f:61:1a:8a:68: 60:38:04:bf:37:3f:54:fa:04:59:ac:45:28:d3:88: fb:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:DB:71:7C:7A:F4:E9:CC:0D:86:48:9E:DF:D9:15:34:BA:2B:EE:57 X509v3 Authority Key Identifier: keyid:A6:42:1F:E1:3D:8C:93:A7:BD:DF:F8:B5:37:19:B5:80:87:48:D0:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/2BF876B43C6411F098BE6F2EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.26.0/23 103.126.216.0/22 103.200.36.0/22 123.253.64.0/22 IPv6: 2401:1040::/32 Signature Algorithm: sha256WithRSAEncryption 83:fe:3b:12:3e:59:2f:03:c7:b5:26:cf:ad:ea:12:94:66:2c: dd:71:76:fc:f1:5b:fa:6f:ee:50:65:31:25:53:bf:a0:f0:61: 6f:fe:30:64:63:7b:0e:6e:52:39:42:a6:e6:36:f0:1c:ff:6a: 14:9e:07:51:ba:69:37:f5:fb:eb:b0:9c:bb:89:6f:8b:f8:22: 0d:ad:e9:25:75:6b:ba:db:ee:76:4d:c2:f6:3c:32:ab:ee:c0: 6a:93:dc:a8:f5:7e:ed:ba:11:78:8c:1b:f3:8d:aa:4e:c9:47: 52:d3:a2:12:9a:50:1b:44:3e:15:fd:4a:29:c1:59:ca:70:2e: 71:25:84:ea:31:66:b3:21:e7:2d:98:8e:37:fe:6f:ab:69:5c: 8f:52:fd:94:02:e7:b3:83:e1:23:01:ab:2c:b0:6a:04:c6:a4: 55:a9:65:11:0a:e0:40:97:df:44:d8:52:33:c9:b9:5a:88:6c: c6:15:d0:5d:72:98:e2:94:72:05:0d:4c:7a:06:53:9d:7b:a9: 82:c5:df:ab:b0:fb:10:1e:c9:da:8b:42:9a:41:cc:e9:a2:7f: b4:6b:63:07:0e:46:51:f7:c0:53:c7:d6:21:e1:fa:75:c2:ee: fb:55:1f:28:e5:b5:4d:da:ed:e4:7c:96:72:ff:d7:95:af:7b: 4a:12:63:7b -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICDVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkRDNDQxMTAvBgNVBAUTKEE2NDIxRkUxM0Q4QzkzQTdCRERGRjhCNTM3MTlCNTgw ODc0OEQwREYwHhcNMjUwNTI5MDgwODU4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02ODM4MTYxYS02ZTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvW9x+OWkR8Z2AhYbzYxxSGtA4fDk0SENhJQfCmAXe1pOLYauEDcxdIfY9WUS gvEG7hWlCBYA3FEFkUNeQJ37oauvc5AgwQgiWIKzB0WZ6Rc0vX7U1Ys7Ku7aSOvj /4vasHIDZjLCC0UbzNUBGPabq1TIuV1IZH6r+MovQ5AMRYjrXxjF9V76ER2XBQ/3 VuB7GBGUtWYAE1byVzGxbHXcPh15pstEqppar538w1iXcCoQATL7/ma0KNFgc8Kp B2BUoOJfQbKEPOAfqNwHQ58GSGVlxZKchWAiR/0r8FHJF4mm7XuunwLfEKbsL2Ea imhgOAS/Nz9U+gRZrEUo04j7CQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFI/bcXx6 9OnMDYZInt/ZFTS6K+5XMB8GA1UdIwQYMBaAFKZCH+E9jJOnvd/4tTcZtYCHSNDf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyREM0NC8yOUI2QkVEQUU0 RkMxMUU5QjEzQjQ4NjBDNEY5QUUwMi9wa0lmNFQyTWs2ZTkzX2kxTnhtMWdJZEkw TjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BrSWY0VDJNazZlOTNfaTFOeG0xZ0lkSTBOOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkRDNDQvMjlCNkJFREFFNEZDMTFFOUIxM0I0ODYwQzRGOUFFMDIvMkJGODc2QjQz QzY0MTFGMDk4QkU2RjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAFnWRoDBAJnftgDBAJnyCQDBAJ7/UAwDQQCAAIwBwMFACQB EEAwDQYJKoZIhvcNAQELBQADggEBAIP+OxI+WS8Dx7Umz63qEpRmLN1xdvzxW/pv 7lBlMSVTv6DwYW/+MGRjew5uUjlCpuY28Bz/ahSeB1G6aTf1++uwnLuJb4v4Ig2t 6SV1a7rb7nZNwvY8MqvuwGqT3Kj1fu26EXiMG/ONqk7JR1LTohKaUBtEPhX9SinB WcpwLnElhOoxZrMh5y2Yjjf+b6tpXI9S/ZQC57OD4SMBqyywagTGpFWpZREK4ECX 30TYUjPJuVqIbMYV0F1ymOKUcgUNTHoGU517qYLF36uw+xAeydqLQppBzOmif7Rr YwcORlH3wFPH1iHh+nXC7vtVHyjltU3a7eR8lnL/15Wve0oSY3s= -----END CERTIFICATE-----Generated at Tue Jun 3 23:57:56 2025 by rpki-client