$ rpki-client -vvf rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/5614ADF6C2D811EF873CE458C4F9AE02.roa File: 5614ADF6C2D811EF873CE458C4F9AE02.roa (raw, json) Hash identifier: Je3Z35nzgEvUslXJ4oraJDaijtfqayvpURpYN7cdlFs= Subject key identifier: A1:9E:0C:2C:D3:C5:B6:05:DA:20:3E:FB:DD:58:68:75:32:4B:56:B9 Certificate issuer: /CN=A912DC44/serialNumber=A6421FE13D8C93A7BDDFF8B53719B5808748D0DF Certificate serial: 0CFF Authority key identifier: A6:42:1F:E1:3D:8C:93:A7:BD:DF:F8:B5:37:19:B5:80:87:48:D0:DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/5614ADF6C2D811EF873CE458C4F9AE02.roa Signing time: Thu 26 Dec 2024 18:16:28 +0000 ROA not before: Thu 26 Dec 2024 18:16:28 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 134806 IP address blocks: 103.89.26.0/24 maxlen: 24 103.89.27.0/24 maxlen: 24 103.126.216.0/22 maxlen: 24 103.127.58.0/24 maxlen: 24 103.200.36.0/22 maxlen: 22 103.200.36.0/23 maxlen: 23 103.200.36.0/24 maxlen: 24 103.200.37.0/24 maxlen: 24 103.200.38.0/23 maxlen: 23 103.200.38.0/24 maxlen: 24 103.200.39.0/24 maxlen: 24 123.253.64.0/22 maxlen: 24 2401:1040::/32 maxlen: 32 2401:1040::/40 maxlen: 40 2401:1040::/48 maxlen: 48 2401:1040:1::/48 maxlen: 48 2401:1040:2::/48 maxlen: 48 2401:1040:3::/48 maxlen: 48 2401:1040:100::/40 maxlen: 40 2401:1040:102::/48 maxlen: 48 2401:1040:300::/40 maxlen: 40 2401:1040:301::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.crl rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Feb 2025 18:47:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3327 (0xcff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912DC44 Validity Not Before: Dec 26 18:16:28 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=676d9d7b-42a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ca:9a:c1:ad:98:ca:5f:9c:90:ec:2b:6d:ce: e6:bb:12:de:b5:e2:02:fd:c2:ec:5a:81:70:5c:69: 22:4c:77:4d:f8:d5:3a:63:64:5c:e8:69:86:92:60: fb:e1:ff:58:87:21:24:f4:54:ce:17:f5:ae:8e:6c: ba:d8:ef:3f:ff:e3:98:fa:8c:6f:5b:b3:35:b0:85: f2:46:b7:86:0c:a3:c8:eb:54:a5:00:bc:4f:96:50: 93:d8:c4:f0:72:1d:1c:61:13:db:4f:d6:42:85:bf: 9f:61:bf:16:99:bb:45:50:37:89:83:6b:73:cd:45: 04:ba:70:7a:a6:9f:7d:30:6c:d1:3f:95:d0:53:ae: 20:fd:8d:6e:a3:1e:d9:97:e4:11:64:4c:1e:c0:6f: 71:8f:95:69:bc:ab:dd:eb:02:42:ec:26:5f:db:c4: 1d:d7:6a:3e:6e:fd:aa:34:3e:fd:67:76:f8:7f:fa: c0:2b:50:32:a7:67:2d:53:7a:d4:3d:8c:03:4d:31: 1c:f0:3a:af:b3:4b:33:3b:1a:99:a9:cb:4d:0f:9f: 21:35:a4:25:d5:db:57:ff:b3:c3:82:5b:d0:7d:69: f1:4b:45:20:b6:54:b4:96:fc:69:38:f1:da:ad:35: 8f:61:96:56:bf:e0:45:03:d4:6b:44:3b:3d:c4:cf: 4c:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:9E:0C:2C:D3:C5:B6:05:DA:20:3E:FB:DD:58:68:75:32:4B:56:B9 X509v3 Authority Key Identifier: keyid:A6:42:1F:E1:3D:8C:93:A7:BD:DF:F8:B5:37:19:B5:80:87:48:D0:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pkIf4T2Mk6e93_i1Nxm1gIdI0N8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DC44/29B6BEDAE4FC11E9B13B4860C4F9AE02/5614ADF6C2D811EF873CE458C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.26.0/23 103.126.216.0/22 103.127.58.0/24 103.200.36.0/22 123.253.64.0/22 IPv6: 2401:1040::/32 Signature Algorithm: sha256WithRSAEncryption 5d:b3:65:18:d9:80:9a:df:03:b5:59:98:ff:02:57:aa:22:03: 6e:40:0a:7a:73:17:3a:67:67:d0:15:37:ea:43:bf:79:a5:d0: f4:13:61:45:99:c9:44:74:4e:5d:4d:09:3c:49:f3:75:a9:32: df:11:0f:00:86:ce:3e:51:ad:da:1b:d6:54:ef:73:42:da:58: e4:6e:15:87:9f:36:36:e3:6b:05:e2:fb:f4:0f:da:74:52:9f: d8:81:b1:0e:a3:02:ba:e7:bc:82:34:db:a2:47:fa:d3:ec:24: e6:7e:72:4f:53:6e:3e:88:e2:06:b5:96:6e:42:35:84:33:a9: d6:12:28:2e:39:82:49:5f:ec:97:3c:76:40:20:c0:55:07:f2: 6a:8d:6f:31:65:40:2e:be:cf:3e:0f:95:7e:b4:12:9b:79:c9: 1e:46:be:ff:fa:73:1a:de:7a:a3:c1:19:da:cd:56:30:e5:6d: 45:d9:9d:a4:6d:b0:d4:96:2c:2b:03:ac:42:5e:e8:e0:1f:7e: ba:22:d4:25:f0:f5:b5:aa:3f:5f:f9:e3:69:5b:04:e1:48:b5: 52:e3:c9:85:d2:6f:33:17:11:09:e1:49:53:8e:d9:a0:c8:3a: 21:bf:73:62:bd:45:ea:10:cd:ad:b8:94:f5:eb:6f:75:5c:c2: 4c:1d:1d:bd -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICDP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkRDNDQxMTAvBgNVBAUTKEE2NDIxRkUxM0Q4QzkzQTdCRERGRjhCNTM3MTlCNTgw ODc0OEQwREYwHhcNMjQxMjI2MTgxNjI4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzZkOWQ3Yi00MmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwsqawa2Yyl+ckOwrbc7muxLeteIC/cLsWoFwXGkiTHdN+NU6Y2Rc6GmGkmD7 4f9YhyEk9FTOF/Wujmy62O8//+OY+oxvW7M1sIXyRreGDKPI61SlALxPllCT2MTw ch0cYRPbT9ZChb+fYb8WmbtFUDeJg2tzzUUEunB6pp99MGzRP5XQU64g/Y1uox7Z l+QRZEwewG9xj5VpvKvd6wJC7CZf28Qd12o+bv2qND79Z3b4f/rAK1Ayp2ctU3rU PYwDTTEc8Dqvs0szOxqZqctND58hNaQl1dtX/7PDglvQfWnxS0UgtlS0lvxpOPHa rTWPYZZWv+BFA9RrRDs9xM9MqQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFKGeDCzT xbYF2iA++91YaHUyS1a5MB8GA1UdIwQYMBaAFKZCH+E9jJOnvd/4tTcZtYCHSNDf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyREM0NC8yOUI2QkVEQUU0 RkMxMUU5QjEzQjQ4NjBDNEY5QUUwMi9wa0lmNFQyTWs2ZTkzX2kxTnhtMWdJZEkw TjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BrSWY0VDJNazZlOTNfaTFOeG0xZ0lkSTBOOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkRDNDQvMjlCNkJFREFFNEZDMTFFOUIxM0I0ODYwQzRGOUFFMDIvNTYxNEFERjZD MkQ4MTFFRjg3M0NFNDU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAFnWRoDBAJnftgDBABnfzoDBAJnyCQDBAJ7/UAwDQQCAAIw BwMFACQBEEAwDQYJKoZIhvcNAQELBQADggEBAF2zZRjZgJrfA7VZmP8CV6oiA25A CnpzFzpnZ9AVN+pDv3ml0PQTYUWZyUR0Tl1NCTxJ83WpMt8RDwCGzj5Rrdob1lTv c0LaWORuFYefNjbjawXi+/QP2nRSn9iBsQ6jArrnvII026JH+tPsJOZ+ck9Tbj6I 4ga1lm5CNYQzqdYSKC45gklf7Jc8dkAgwFUH8mqNbzFlQC6+zz4PlX60Ept5yR5G vv/6cxreeqPBGdrNVjDlbUXZnaRtsNSWLCsDrEJe6OAffroi1CXw9bWqP1/542lb BOFItVLjyYXSbzMXEQnhSVOO2aDIOiG/c2K9ReoQza24lPXrb3VcwkwdHb0= -----END CERTIFICATE-----Generated at Thu Feb 20 03:11:55 2025 by rpki-client