$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa File: 2CD5AAF8060311EBBE15EA18C4F9AE02.roa (raw, json) Hash identifier: vtoSKlT7or456eJjA8slT3V02xUjwJUVTYQRDOjaj2Q= Subject key identifier: 43:02:E4:1D:0B:72:4E:E9:82:7E:99:2B:70:2F:4C:F6:A5:36:E0:92 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0BD4 Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa Signing time: Tue 20 May 2025 19:14:37 +0000 ROA not before: Tue 20 May 2025 19:14:37 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 135386 IP address blocks: 45.248.68.0/22 maxlen: 22 45.248.68.0/24 maxlen: 24 45.248.69.0/24 maxlen: 24 45.248.70.0/24 maxlen: 24 45.248.71.0/24 maxlen: 24 103.9.192.0/22 maxlen: 24 103.73.96.0/22 maxlen: 24 103.216.216.0/22 maxlen: 24 2404:f880::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 18:48:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3028 (0xbd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22, serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Validity Not Before: May 20 19:14:37 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=682cd49c-29c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:81:2b:1b:9f:6a:5a:db:3f:5f:6b:ae:c5:fa: fb:7b:28:60:7d:83:ce:89:ea:24:e2:ea:ea:41:c2: 63:f1:87:e2:5d:a3:84:07:50:f6:9b:40:e5:48:0f: b3:4c:c6:ce:5a:ca:be:29:4f:2b:f7:e6:82:74:10: 69:df:54:e3:66:16:62:87:69:3a:85:90:d4:f7:1e: 54:e3:63:59:11:6b:66:e1:24:d9:dd:c0:85:c8:4b: ce:60:bd:4f:c1:79:98:fd:b6:13:01:a1:c8:6d:65: 1f:d4:df:3e:04:b1:8c:fb:92:10:fd:e7:26:58:dd: c1:4f:40:50:66:e3:3f:2e:86:64:67:bd:64:d3:32: b4:f9:b5:fa:bb:e1:7b:72:0b:72:0b:d7:a5:cb:d3: 54:15:ac:bb:be:d5:82:8d:3e:dd:12:59:4c:6c:63: ba:6a:87:37:94:49:1c:f0:c3:1d:ac:85:89:82:a2: be:8b:7b:2c:68:e1:d5:02:65:d0:6c:35:11:e2:2d: 4b:37:17:d4:af:72:1d:7d:6a:33:25:a0:13:03:a6: 63:52:f9:a3:09:71:62:35:4b:98:e3:1c:bc:18:af: 5b:2b:a1:13:c0:3a:4e:f1:1c:bf:61:bb:aa:9f:8b: 89:ec:b8:b4:2c:d3:47:80:9c:94:a6:18:dd:e6:b2: c2:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:02:E4:1D:0B:72:4E:E9:82:7E:99:2B:70:2F:4C:F6:A5:36:E0:92 X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.248.68.0/22 103.9.192.0/22 103.73.96.0/22 103.216.216.0/22 IPv6: 2404:f880::/32 Signature Algorithm: sha256WithRSAEncryption 6a:5a:1b:fb:aa:03:3d:4c:3d:2d:40:0d:93:1d:aa:ab:d4:7f: 48:ef:6d:16:7f:1f:59:ba:35:9c:db:50:95:37:c4:c1:7c:62: 19:6a:64:1c:88:da:23:67:cc:01:9b:13:09:29:f0:78:fa:fa: 13:0c:cb:47:5e:d6:e4:58:de:62:9a:58:4e:dc:0c:05:8b:db: b2:23:7e:e6:cc:c6:d6:48:71:5f:dc:4d:ce:ba:4a:7d:0f:78: 60:11:0e:69:73:50:e6:fb:e1:09:21:4f:33:f9:72:0d:6b:6c: 30:26:a5:9a:e4:71:51:7a:f4:6d:2c:1b:ce:4a:6c:0b:0b:69: 77:8b:08:2e:39:62:a2:dd:3a:21:cc:86:a4:3a:a0:1e:a9:82: a4:6b:1e:6c:53:81:28:12:c8:76:02:7e:61:63:4f:f5:ff:65: b0:b2:4f:48:94:16:4e:89:f9:8f:e9:db:58:e7:94:86:1d:b6: 9e:35:26:6e:df:4d:c7:bb:22:7f:52:cc:98:6f:f7:70:c5:91: 38:da:2d:f0:ae:9b:f8:b7:02:e4:45:05:37:80:94:93:48:4a: eb:0f:40:b6:99:cb:32:b3:8f:25:73:52:b9:a1:d8:8d:95:64: d0:29:40:53:0a:14:a6:2c:b7:42:b5:83:4a:89:95:cc:a0:99: a9:5c:39:71 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICC9QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjUwNTIwMTkxNDM3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJjZDQ5Yy0yOWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxoErG59qWts/X2uuxfr7eyhgfYPOieok4urqQcJj8YfiXaOEB1D2m0DlSA+z TMbOWsq+KU8r9+aCdBBp31TjZhZih2k6hZDU9x5U42NZEWtm4STZ3cCFyEvOYL1P wXmY/bYTAaHIbWUf1N8+BLGM+5IQ/ecmWN3BT0BQZuM/LoZkZ71k0zK0+bX6u+F7 cgtyC9ely9NUFay7vtWCjT7dEllMbGO6aoc3lEkc8MMdrIWJgqK+i3ssaOHVAmXQ bDUR4i1LNxfUr3IdfWozJaATA6ZjUvmjCXFiNUuY4xy8GK9bK6ETwDpO8Ry/Ybuq n4uJ7Li0LNNHgJyUphjd5rLC0QIDAQABo4ICtjCCArIwHQYDVR0OBBYEFEMC5B0L ck7pgn6ZK3AvTPalNuCSMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEFFMjIvQjE3ODQzOUUxQkJGMTFFQUI2QTc0RjcxQzRGOUFFMDIvMkNENUFBRjgw NjAzMTFFQkJFMTVFQTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIt+EQDBAJnCcADBAJnSWADBAJn2NgwDQQCAAIwBwMFACQE +IAwDQYJKoZIhvcNAQELBQADggEBAGpaG/uqAz1MPS1ADZMdqqvUf0jvbRZ/H1m6 NZzbUJU3xMF8YhlqZByI2iNnzAGbEwkp8Hj6+hMMy0de1uRY3mKaWE7cDAWL27Ij fubMxtZIcV/cTc66Sn0PeGARDmlzUOb74QkhTzP5cg1rbDAmpZrkcVF69G0sG85K bAsLaXeLCC45YqLdOiHMhqQ6oB6pgqRrHmxTgSgSyHYCfmFjT/X/ZbCyT0iUFk6J +Y/p21jnlIYdtp41Jm7fTce7In9SzJhv93DFkTjaLfCum/i3AuRFBTeAlJNISusP QLaZyzKzjyVzUrmh2I2VZNApQFMKFKYst0K1g0qJlcygmalcOXE= -----END CERTIFICATE-----Generated at Thu Jun 5 07:32:55 2025 by rpki-client