$ rpki-client -vvf rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/33E27678B25C11EF8946BE4FC4F9AE02.roa File: 33E27678B25C11EF8946BE4FC4F9AE02.roa (raw, json) Hash identifier: +fDUFmlUHsQP24i5ggEqmXh3ISn4s3EPo0pOThu4m/Y= Subject key identifier: 88:8B:8A:5A:79:AA:A9:E2:15:FC:55:F7:5C:D2:BE:17:C9:FC:69:D3 Certificate issuer: /CN=A913F721/serialNumber=1DD717B229936190CEB667C7CE1CA9F9BFB5FAC4 Certificate serial: 0B08 Authority key identifier: 1D:D7:17:B2:29:93:61:90:CE:B6:67:C7:CE:1C:A9:F9:BF:B5:FA:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/33E27678B25C11EF8946BE4FC4F9AE02.roa Signing time: Thu 08 May 2025 19:55:30 +0000 ROA not before: Thu 08 May 2025 19:55:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 137703 IP address blocks: 103.113.192.0/22 maxlen: 24 2404:5e40::/48 maxlen: 48 2404:5e40:1::/48 maxlen: 48 2404:5e40:2::/48 maxlen: 48 2404:5e40:3::/48 maxlen: 48 2404:5e40:4::/48 maxlen: 48 2404:5e40:5::/48 maxlen: 48 2404:5e40:6::/48 maxlen: 48 2404:5e40:7::/48 maxlen: 48 2404:5e40:8::/48 maxlen: 48 2404:5e40:9::/48 maxlen: 48 2404:5e40:a::/48 maxlen: 48 2404:5e40:b::/48 maxlen: 48 2404:5e40:c::/48 maxlen: 48 2404:5e40:d::/48 maxlen: 48 2404:5e40:e::/48 maxlen: 48 2404:5e40:f::/48 maxlen: 48 2404:5e40:8000::/48 maxlen: 48 2404:5e40:8001::/48 maxlen: 48 2404:5e40:8002::/48 maxlen: 48 2404:5e40:8003::/48 maxlen: 48 2404:5e40:8004::/48 maxlen: 48 2404:5e40:8005::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 19:33:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2824 (0xb08) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F721, serialNumber=1DD717B229936190CEB667C7CE1CA9F9BFB5FAC4 Validity Not Before: May 8 19:55:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681d0c32-57d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:c3:5a:86:a2:e5:8a:30:d9:12:24:3d:ec:14: b6:1c:82:c2:97:b4:86:41:f5:f2:53:ab:b9:af:d7: 67:97:ed:51:47:6b:f8:3e:ff:6f:b3:d6:2f:71:02: b9:02:5b:f8:e7:89:39:18:1e:e2:3d:8a:ad:43:09: 61:b0:e1:2c:96:6d:4a:9d:c7:68:96:ed:21:db:c5: f5:02:1b:0c:98:32:2b:e0:d6:e9:f4:e2:62:db:af: 90:be:a8:b7:ca:b8:cf:c7:ae:4b:87:94:2b:e5:5c: 4a:9d:ba:b0:19:6e:38:ab:9b:5d:0d:c1:9e:20:46: 67:c5:65:a9:fa:f7:a1:e1:ac:2a:75:27:54:2e:53: 78:5a:eb:f9:f2:82:0d:d3:64:6f:0b:d3:3a:57:29: ff:f9:70:f3:62:74:1a:71:fa:15:11:b5:80:5b:d5: 40:3c:aa:58:8f:32:32:fc:a4:c4:c7:b2:5c:ca:fc: fd:0a:32:f0:03:ab:39:3a:9e:80:cb:fe:5a:53:11: b2:6f:4c:ab:e0:05:5c:7a:9e:ea:7e:8f:69:50:93: 1c:6b:ec:ea:34:f6:8e:3c:23:cb:4b:8a:bb:2e:05: 95:19:1d:c3:b6:41:de:d0:1e:8a:d4:b7:9b:88:ed: 37:86:fe:9b:a7:a6:eb:46:30:cf:96:d4:4d:fa:29: 93:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:8B:8A:5A:79:AA:A9:E2:15:FC:55:F7:5C:D2:BE:17:C9:FC:69:D3 X509v3 Authority Key Identifier: keyid:1D:D7:17:B2:29:93:61:90:CE:B6:67:C7:CE:1C:A9:F9:BF:B5:FA:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/33E27678B25C11EF8946BE4FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.113.192.0/22 IPv6: 2404:5e40::/44 2404:5e40:8000::-2404:5e40:8005:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 4e:4f:d7:2b:19:e3:fa:9c:c9:22:8e:3b:be:ec:dd:fe:c6:51: 1b:22:7c:d8:ec:a8:77:6f:3f:62:5c:16:69:29:62:9a:28:70: 3c:ba:f0:a0:a7:16:5c:ab:98:41:e9:2e:84:ef:43:de:21:e9: 62:19:f4:2a:b8:3b:b6:b2:b0:35:04:b1:1f:33:4d:32:31:e5: 79:b8:a1:d0:8c:bb:0c:2f:8d:d8:97:50:07:8b:c0:2f:3d:af: a4:ff:d2:cd:4c:bf:3e:5e:b6:05:c2:79:b7:3a:df:f0:33:99: 6f:6f:9d:e1:79:4b:13:bb:87:2e:bc:aa:93:9c:2d:c7:25:96: 22:44:24:73:6d:59:a3:38:b8:67:37:7a:07:db:de:ac:b3:39: a2:78:fa:64:81:9d:32:fc:b2:91:36:49:e1:2c:73:69:01:7a: 35:e9:a7:a2:55:63:32:8c:71:3b:78:49:ed:8e:95:61:da:35: a1:82:13:93:a7:8a:12:9d:0f:8e:a7:32:2c:37:50:cc:d3:c1: 9e:5a:b2:1e:38:bb:de:b2:43:f2:af:8b:35:e6:43:82:94:de: a7:aa:32:8b:0c:05:69:ba:1e:d1:6d:c2:0c:fb:97:0f:5e:70: dd:2f:a2:74:bc:cf:33:ef:77:59:b3:cb:00:3d:ee:de:b7:ed: 56:32:fc:37 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICCwgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0Y3MjExMTAvBgNVBAUTKDFERDcxN0IyMjk5MzYxOTBDRUI2NjdDN0NFMUNBOUY5 QkZCNUZBQzQwHhcNMjUwNTA4MTk1NTMwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFkMGMzMi01N2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz8NahqLlijDZEiQ97BS2HILCl7SGQfXyU6u5r9dnl+1RR2v4Pv9vs9YvcQK5 Alv454k5GB7iPYqtQwlhsOEslm1Kncdolu0h28X1AhsMmDIr4Nbp9OJi26+Qvqi3 yrjPx65Lh5Qr5VxKnbqwGW44q5tdDcGeIEZnxWWp+veh4awqdSdULlN4Wuv58oIN 02RvC9M6Vyn/+XDzYnQacfoVEbWAW9VAPKpYjzIy/KTEx7Jcyvz9CjLwA6s5Op6A y/5aUxGyb0yr4AVcep7qfo9pUJMca+zqNPaOPCPLS4q7LgWVGR3DtkHe0B6K1Leb iO03hv6bp6brRjDPltRN+imT7QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFIiLilp5 qqniFfxV91zSvhfJ/GnTMB8GA1UdIwQYMBaAFB3XF7Ipk2GQzrZnx84cqfm/tfrE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjcyMS82NDQyNDM3QTUz QUMxMUVBOUFENTRCMkZDNEY5QUUwMi9IZGNYc2ltVFlaRE90bWZIemh5cC1iLTEt c1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hkY1hzaW1UWVpET3RtZkh6aHlwLWItMS1zUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0Y3MjEvNjQ0MjQzN0E1M0FDMTFFQTlBRDU0QjJGQzRGOUFFMDIvMzNFMjc2NzhC MjVDMTFFRjg5NDZCRTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMAwEAgABMAYDBAJnccAwIgQCAAIwHAMHBCQEXkAAADARAwYHJAReQIADBwEk BF5AgAQwDQYJKoZIhvcNAQELBQADggEBAE5P1ysZ4/qcySKOO77s3f7GURsifNjs qHdvP2JcFmkpYpoocDy68KCnFlyrmEHpLoTvQ94h6WIZ9Cq4O7aysDUEsR8zTTIx 5Xm4odCMuwwvjdiXUAeLwC89r6T/0s1Mvz5etgXCebc63/AzmW9vneF5SxO7hy68 qpOcLcclliJEJHNtWaM4uGc3egfb3qyzOaJ4+mSBnTL8spE2SeEsc2kBejXpp6JV YzKMcTt4Se2OlWHaNaGCE5OnihKdD46nMiw3UMzTwZ5ash44u96yQ/KvizXmQ4KU 3qeqMosMBWm6HtFtwgz7lw9ecN0vonS8zzPvd1mzywA97t637VYy/Dc= -----END CERTIFICATE-----Generated at Mon Jun 2 07:08:38 2025 by rpki-client