$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/C8D6C4CAD1EF11EAA9944238C4F9AE02.roa File: C8D6C4CAD1EF11EAA9944238C4F9AE02.roa (raw, json) Hash identifier: B9/ZOaKJ3mY7sCCRxWSrCr6EkWxFbiFs/1gThM69MvA= Subject key identifier: 87:E3:4B:65:84:CC:BF:CE:DE:73:C2:A9:F0:51:C9:A3:BF:3D:BA:11 Certificate issuer: /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0 Certificate serial: 25B4 Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/C8D6C4CAD1EF11EAA9944238C4F9AE02.roa Signing time: Sat 08 Feb 2025 17:55:33 +0000 ROA not before: Sat 08 Feb 2025 17:55:33 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 139038 IP address blocks: 103.138.210.0/24 maxlen: 24 103.138.210.254/32 maxlen: 32 2001:df0:5580::/48 maxlen: 48 2001:df0:5580::/54 maxlen: 54 2001:df0:5580:800::/54 maxlen: 54 2001:df0:5580:1000::/52 maxlen: 52 2001:df0:5580:1000::/54 maxlen: 54 2001:df0:5580:2000::/52 maxlen: 52 2001:df0:5580:3000::/52 maxlen: 52 2001:df0:5580:7000::/52 maxlen: 52 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9652 (0x25b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913B805 Validity Not Before: Feb 8 17:55:33 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67a79a95-b993 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:63:16:9d:67:9b:06:77:1c:0c:8a:19:e9:f4: 4e:b5:27:5d:20:03:d2:52:ae:58:4c:d3:1c:ff:8b: 82:7d:37:17:61:b4:fc:79:a6:33:54:b8:d6:69:10: 91:d3:94:aa:f4:dd:c9:31:ce:74:5b:d6:9f:d1:8d: 10:1a:f7:83:08:6f:40:7d:d1:b1:01:db:2a:6f:2b: 76:65:04:cc:75:b9:ec:12:6a:91:7d:34:ec:47:98: aa:73:2a:a4:d4:e9:30:84:9d:be:f4:f7:f2:5f:5a: 62:a2:e9:74:a7:45:71:cc:8a:a6:e0:3d:1c:38:29: e2:70:be:d2:f0:4b:10:72:b5:1e:35:38:9a:a8:3f: 02:9c:3f:be:cd:03:34:ab:bc:b3:e8:42:e5:da:18: ef:54:54:91:e5:36:e4:aa:af:bc:07:5b:1c:86:52: d4:b3:66:a8:76:72:a8:be:ca:21:23:1b:f8:4d:bb: 7a:ca:90:3f:d7:08:53:64:bc:6e:01:a5:9b:81:f3: f5:eb:63:75:66:8c:f8:66:0a:96:0c:de:70:04:4d: 28:2f:d3:1f:b4:9b:ae:35:e8:3e:6a:32:87:f1:75: 25:99:42:9d:f3:83:bc:88:6d:9b:f7:fa:44:f3:05: df:3a:ab:30:a8:ce:f6:13:a2:6d:18:b1:cc:7b:b6: e8:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:E3:4B:65:84:CC:BF:CE:DE:73:C2:A9:F0:51:C9:A3:BF:3D:BA:11 X509v3 Authority Key Identifier: keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/C8D6C4CAD1EF11EAA9944238C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.138.210.0/24 IPv6: 2001:df0:5580::/48 Signature Algorithm: sha256WithRSAEncryption bd:5b:c6:c2:5a:01:85:9d:a6:99:8b:47:1c:7d:db:68:92:e8: e6:fd:c6:28:53:54:c9:a8:46:d9:7d:82:c8:19:8e:21:8b:d8: 1a:e9:78:0e:b5:22:e6:b7:55:3c:35:95:0b:ab:4d:d4:1e:73: 3d:f3:e2:ca:40:5a:ef:7c:4c:1d:da:61:99:93:29:82:34:db: 72:e1:c2:65:1f:ec:83:fa:b1:25:3e:3d:e7:8a:c9:79:10:ce: 66:45:fa:b1:ce:84:23:0b:87:c4:4a:d1:08:dc:1e:97:68:a3: 05:04:bb:e1:a8:04:11:c7:e0:dd:f5:4e:b6:a4:0e:ea:fb:ab: 99:27:5c:a1:ef:47:dc:61:ed:a4:e3:2e:68:c5:52:f5:16:9e: 16:42:39:6b:f9:87:ea:78:f5:e1:9e:7c:03:dc:07:ea:36:36: ee:80:b5:0c:ce:48:fc:d0:39:47:0e:2f:80:c2:17:b0:d4:b6: ed:ce:f0:58:a2:90:dc:69:61:c1:cf:2f:c0:d1:96:a1:67:3c: 48:cb:19:66:29:22:7b:ea:35:c0:ac:eb:95:b9:b5:3b:48:9c: e0:5f:44:75:ce:49:a1:40:dd:b0:f5:4a:f5:3c:b6:07:ff:71: 90:5a:c4:66:99:be:09:bb:00:1c:95:5c:b7:40:22:57:99:2a: 40:6e:1d:9f -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICJbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw RDNEOEE2RDAwHhcNMjUwMjA4MTc1NTMzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2E3OWE5NS1iOTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtWMWnWebBnccDIoZ6fROtSddIAPSUq5YTNMc/4uCfTcXYbT8eaYzVLjWaRCR 05Sq9N3JMc50W9af0Y0QGveDCG9AfdGxAdsqbyt2ZQTMdbnsEmqRfTTsR5iqcyqk 1OkwhJ2+9PfyX1pioul0p0VxzIqm4D0cOCnicL7S8EsQcrUeNTiaqD8CnD++zQM0 q7yz6ELl2hjvVFSR5Tbkqq+8B1schlLUs2aodnKovsohIxv4Tbt6ypA/1whTZLxu AaWbgfP162N1Zoz4ZgqWDN5wBE0oL9MftJuuNeg+ajKH8XUlmUKd84O8iG2b9/pE 8wXfOqswqM72E6JtGLHMe7boQwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIfjS2WE zL/O3nPCqfBRyaO/PboRMB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvQzhENkM0Q0FE MUVGMTFFQUE5OTQ0MjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBABnitIwDwQCAAIwCQMHACABDfBVgDANBgkqhkiG9w0BAQsF AAOCAQEAvVvGwloBhZ2mmYtHHH3baJLo5v3GKFNUyahG2X2CyBmOIYvYGul4DrUi 5rdVPDWVC6tN1B5zPfPiykBa73xMHdphmZMpgjTbcuHCZR/sg/qxJT4954rJeRDO ZkX6sc6EIwuHxErRCNwel2ijBQS74agEEcfg3fVOtqQO6vurmSdcoe9H3GHtpOMu aMVS9RaeFkI5a/mH6nj14Z58A9wH6jY27oC1DM5I/NA5Rw4vgMIXsNS27c7wWKKQ 3Glhwc8vwNGWoWc8SMsZZikie+o1wKzrlbm1O0ic4F9Edc5JoUDdsPVK9Ty2B/9x kFrEZpm+CbsAHJVct0AiV5kqQG4dnw== -----END CERTIFICATE-----Generated at Sun Feb 16 20:26:13 2025 by rpki-client