$ rpki-client -vvf rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/24AE273C2D1111EE85C59810C4F9AE02.roa File: 24AE273C2D1111EE85C59810C4F9AE02.roa (raw, json) Hash identifier: f0BT/JmpOI0SlXzNJeEFPNEtCO/vruTdpVAOpvR5vus= Subject key identifier: 80:18:E2:6F:99:48:A3:52:51:D1:48:A6:C4:59:7C:D4:45:46:69:66 Certificate issuer: /CN=A9145D25/serialNumber=C2F28E9D188439C4FE69F63A4CAA6DA42496291D Certificate serial: 052C Authority key identifier: C2:F2:8E:9D:18:84:39:C4:FE:69:F6:3A:4C:AA:6D:A4:24:96:29:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/24AE273C2D1111EE85C59810C4F9AE02.roa Signing time: Wed 21 May 2025 00:25:48 +0000 ROA not before: Wed 21 May 2025 00:25:48 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 211392 IP address blocks: 103.172.110.0/23 maxlen: 23 103.172.110.0/24 maxlen: 24 103.172.111.0/24 maxlen: 24 103.204.13.0/24 maxlen: 24 203.168.128.0/22 maxlen: 22 203.168.128.0/23 maxlen: 23 203.168.128.0/24 maxlen: 24 203.168.129.0/24 maxlen: 24 203.168.130.0/23 maxlen: 23 203.168.130.0/24 maxlen: 24 203.168.131.0/24 maxlen: 24 2001:df7:6e80::/47 maxlen: 47 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.crl rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 23:51:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1324 (0x52c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145D25, serialNumber=C2F28E9D188439C4FE69F63A4CAA6DA42496291D Validity Not Before: May 21 00:25:48 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=682d1d8c-7658 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:75:7f:35:c5:fb:33:57:19:be:0a:98:7d:f8: c2:6b:75:52:5e:e8:ea:c6:8e:2b:7a:1b:1d:59:e0: 40:2d:65:8e:59:32:03:81:6a:49:26:bc:f8:f4:03: bd:bd:b3:71:79:91:2b:5a:ed:45:ef:6e:a8:85:b1: 7d:50:77:e0:95:03:a8:23:38:d2:a0:56:b5:5b:dd: 5c:e7:ce:89:01:58:42:86:dc:a9:f8:af:87:6d:71: 84:0c:33:56:5b:0b:77:4c:84:d3:98:89:ef:9c:1d: dd:45:05:2c:ef:3c:3b:52:8e:52:e7:f8:97:09:16: c2:9a:c4:e9:22:e6:23:2c:f4:af:be:78:fd:c0:f0: d9:b3:e7:cf:f5:c6:0d:c2:fa:2c:ef:6f:36:88:b9: 8f:83:bb:c5:92:13:f0:6c:61:2d:b2:f2:95:c3:63: bd:55:39:0c:ce:cc:98:00:da:19:95:43:e4:36:c4: ba:3a:0a:bc:c2:63:b1:a9:3f:82:5d:e3:64:26:6a: 1f:92:2d:49:0e:ca:6e:c9:f7:9e:7a:b1:cb:ab:c4: 5c:4f:2c:a9:0c:35:67:c7:eb:61:78:c8:3e:99:2c: 2b:96:19:ec:7a:16:e1:ed:77:9d:43:b1:b4:66:17: 98:0b:d8:6a:6a:f7:7f:7c:a2:ec:3e:e3:a4:e3:00: a4:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:18:E2:6F:99:48:A3:52:51:D1:48:A6:C4:59:7C:D4:45:46:69:66 X509v3 Authority Key Identifier: keyid:C2:F2:8E:9D:18:84:39:C4:FE:69:F6:3A:4C:AA:6D:A4:24:96:29:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/wvKOnRiEOcT-afY6TKptpCSWKR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wvKOnRiEOcT-afY6TKptpCSWKR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145D25/67F2B0D80BD211ECBAA4806AC4F9AE02/24AE273C2D1111EE85C59810C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.172.110.0/23 103.204.13.0/24 203.168.128.0/22 IPv6: 2001:df7:6e80::/47 Signature Algorithm: sha256WithRSAEncryption 77:b2:ee:f4:05:a8:a5:05:2f:99:43:9a:a0:c9:e5:10:f6:11: 6a:f5:7b:3f:14:b4:36:9b:07:7e:bc:ad:27:83:34:7f:6f:b1: 48:52:be:2d:02:c9:ca:4c:46:d8:f7:32:84:2c:53:1f:2a:8d: 20:d1:c5:a9:cc:3a:6f:b0:cd:a3:4a:36:b8:e6:8a:55:12:83: c3:67:d1:ca:cf:44:a2:69:eb:ac:1b:ec:69:d2:83:11:ad:1b: 31:1b:b1:0b:59:71:3e:c0:80:85:f2:8c:68:76:30:0f:a3:aa: eb:0f:d4:07:64:ee:f5:81:55:c0:1b:c5:94:7b:24:5e:0d:99: b6:5d:12:3a:b4:b3:c8:2e:3e:c8:41:c6:da:35:51:51:17:fd: 10:5f:af:5e:43:4e:18:02:d0:10:ec:fc:c0:a8:84:fc:81:d8: 72:71:47:67:b7:7c:d3:47:30:9b:31:68:15:1f:a3:1e:43:ca: f9:e6:e0:2f:e2:b0:56:1f:d2:28:22:51:3d:8c:14:57:5e:86: 4c:2f:48:3f:3f:71:bd:9b:ed:95:e0:15:ae:dd:05:3e:ca:31: 1c:82:b7:8a:19:ca:be:18:bb:13:56:09:13:64:80:8b:0e:be: 5a:52:b9:6f:f6:67:d4:c9:90:1b:7f:cc:79:a3:bc:77:6f:62: c3:5c:a8:65 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICBSwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDVEMjUxMTAvBgNVBAUTKEMyRjI4RTlEMTg4NDM5QzRGRTY5RjYzQTRDQUE2REE0 MjQ5NjI5MUQwHhcNMjUwNTIxMDAyNTQ4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJkMWQ4Yy03NjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1HV/NcX7M1cZvgqYffjCa3VSXujqxo4rehsdWeBALWWOWTIDgWpJJrz49AO9 vbNxeZErWu1F726ohbF9UHfglQOoIzjSoFa1W91c586JAVhChtyp+K+HbXGEDDNW Wwt3TITTmInvnB3dRQUs7zw7Uo5S5/iXCRbCmsTpIuYjLPSvvnj9wPDZs+fP9cYN wvos7282iLmPg7vFkhPwbGEtsvKVw2O9VTkMzsyYANoZlUPkNsS6Ogq8wmOxqT+C XeNkJmofki1JDspuyfeeerHLq8RcTyypDDVnx+theMg+mSwrlhnsehbh7XedQ7G0 ZheYC9hqavd/fKLsPuOk4wCkFwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFIAY4m+Z SKNSUdFIpsRZfNRFRmlmMB8GA1UdIwQYMBaAFMLyjp0YhDnE/mn2OkyqbaQklikd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NUQyNS82N0YyQjBEODBC RDIxMUVDQkFBNDgwNkFDNEY5QUUwMi93dktPblJpRU9jVC1hZlk2VEtwdHBDU1dL UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3d2S09uUmlFT2NULWFmWTZUS3B0cENTV0tSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDVEMjUvNjdGMkIwRDgwQkQyMTFFQ0JBQTQ4MDZBQzRGOUFFMDIvMjRBRTI3M0My RDExMTFFRTg1QzU5ODEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBgEAgABMBIDBAFnrG4DBABnzA0DBALLqIAwDwQCAAIwCQMHASABDfdugDAN BgkqhkiG9w0BAQsFAAOCAQEAd7Lu9AWopQUvmUOaoMnlEPYRavV7PxS0NpsHfryt J4M0f2+xSFK+LQLJykxG2PcyhCxTHyqNINHFqcw6b7DNo0o2uOaKVRKDw2fRys9E omnrrBvsadKDEa0bMRuxC1lxPsCAhfKMaHYwD6Oq6w/UB2Tu9YFVwBvFlHskXg2Z tl0SOrSzyC4+yEHG2jVRURf9EF+vXkNOGALQEOz8wKiE/IHYcnFHZ7d800cwmzFo FR+jHkPK+ebgL+KwVh/SKCJRPYwUV16GTC9IPz9xvZvtleAVrt0FPsoxHIK3ihnK vhi7E1YJE2SAiw6+WlK5b/Zn1MmQG3/MeaO8d29iw1yoZQ== -----END CERTIFICATE-----Generated at Mon Jun 2 06:44:17 2025 by rpki-client