$ rpki-client -vvf rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/B32668C4D98C11EB905D7281C4F9AE02.roa File: B32668C4D98C11EB905D7281C4F9AE02.roa (raw, json) Hash identifier: +CpW1CaKQXu6MhTzl4JHCslaYOAYJXQr9xAkDiD0lq0= Subject key identifier: FC:CD:9F:CD:A9:0B:3A:F9:CC:3A:84:F6:05:43:E7:74:54:4B:80:2E Certificate issuer: /CN=A914CBF3/serialNumber=E2449E312220131E2E76C42C7CCC6DD193510707 Certificate serial: 0BEA Authority key identifier: E2:44:9E:31:22:20:13:1E:2E:76:C4:2C:7C:CC:6D:D1:93:51:07:07 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4kSeMSIgEx4udsQsfMxt0ZNRBwc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/B32668C4D98C11EB905D7281C4F9AE02.roa Signing time: Wed 08 Jan 2025 19:07:50 +0000 ROA not before: Wed 08 Jan 2025 19:07:50 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 63969 IP address blocks: 103.126.20.0/22 maxlen: 23 103.126.20.0/24 maxlen: 24 103.126.21.0/24 maxlen: 24 103.126.22.0/24 maxlen: 24 103.126.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/4kSeMSIgEx4udsQsfMxt0ZNRBwc.crl rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/4kSeMSIgEx4udsQsfMxt0ZNRBwc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4kSeMSIgEx4udsQsfMxt0ZNRBwc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:52:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3050 (0xbea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914CBF3 Validity Not Before: Jan 8 19:07:50 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=677ecd05-410d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:80:a6:2c:a8:1c:69:a1:f1:3c:c0:b1:b0:5c: ae:ac:14:b7:f4:8c:f3:42:0a:d7:7c:71:c8:99:8c: 92:8d:fa:74:26:7c:ae:7b:f8:ea:13:99:67:ea:4b: 1c:2d:d4:a5:da:1d:d6:db:47:bf:c5:f5:4e:c4:68: f7:83:9c:fb:95:63:50:a7:02:d1:37:fa:63:8d:5f: ee:55:1e:60:93:7a:3d:94:49:67:ff:c3:7e:35:62: 58:71:4f:a0:59:de:f2:02:32:62:59:7f:63:f5:c1: 64:13:fd:a5:c8:90:ce:35:01:c0:9b:aa:55:80:44: b5:1d:8b:eb:46:da:40:1c:4e:f1:60:65:4a:f5:8a: 66:7f:b0:00:a9:81:e6:78:ee:4d:c5:0d:a1:6d:95: 2b:11:af:aa:d3:18:74:42:9b:12:7f:a6:10:a9:4d: 71:da:99:f1:88:88:6b:ec:8f:e5:3f:63:df:70:1b: 90:d0:f0:7d:24:1e:a0:23:bc:19:03:ec:ee:24:5f: 4f:dd:5b:c0:d9:2f:81:62:c8:4a:1a:d8:cd:8d:5e: 3a:3b:8b:4c:4d:04:7e:30:dd:1a:d8:e2:67:54:2b: 8e:c8:3d:06:8a:23:2e:63:31:77:bb:82:29:ad:36: a0:4b:d3:fe:ab:1a:a2:d3:8c:68:47:8e:3b:57:73: 8c:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:CD:9F:CD:A9:0B:3A:F9:CC:3A:84:F6:05:43:E7:74:54:4B:80:2E X509v3 Authority Key Identifier: keyid:E2:44:9E:31:22:20:13:1E:2E:76:C4:2C:7C:CC:6D:D1:93:51:07:07 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/4kSeMSIgEx4udsQsfMxt0ZNRBwc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4kSeMSIgEx4udsQsfMxt0ZNRBwc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/B32668C4D98C11EB905D7281C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.126.20.0/22 Signature Algorithm: sha256WithRSAEncryption 02:db:85:c7:8a:50:8e:f5:16:7a:96:5c:d8:05:07:51:83:d1: 23:3e:f8:a8:74:6c:fa:5d:f7:11:be:30:73:31:9b:de:0c:be: e4:49:7c:c0:da:00:b1:14:05:44:28:88:79:7a:81:a0:c4:b2: c8:83:10:d4:3d:ab:e4:95:e4:97:88:fc:c8:f3:fb:f9:c4:f8: a8:1c:33:65:19:d1:31:10:7d:8c:cc:05:b2:bd:cc:93:91:7b: ee:63:8d:eb:9d:15:bf:12:46:d6:cb:75:3e:d9:dc:01:90:20: a3:fe:e4:b6:b6:df:db:83:49:82:ce:3d:66:4b:78:cb:92:af: ba:30:74:5f:ba:6a:86:05:d7:e8:28:03:41:11:15:f3:c0:09: 76:fc:ef:13:d4:cf:88:71:66:d5:9a:ce:ea:28:b3:24:bf:9c: 76:c7:33:af:67:d3:ec:30:9d:06:7f:36:3a:4b:49:51:32:92: f1:0f:ec:1b:59:40:b8:08:f5:9d:5a:ec:e5:c4:32:86:28:1b: a4:66:83:4c:13:76:db:55:55:67:84:69:a4:97:03:96:00:09: 61:89:21:cf:4d:34:c8:58:83:48:c6:ac:37:7e:e4:bb:50:b1: 3a:e7:95:a6:f0:24:28:da:b9:f2:a6:c8:de:a4:84:e0:4f:ff: 5b:c5:19:77 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICC+owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NENCRjMxMTAvBgNVBAUTKEUyNDQ5RTMxMjIyMDEzMUUyRTc2QzQyQzdDQ0M2REQx OTM1MTA3MDcwHhcNMjUwMTA4MTkwNzUwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzdlY2QwNS00MTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5YCmLKgcaaHxPMCxsFyurBS39IzzQgrXfHHImYySjfp0Jnyue/jqE5ln6ksc LdSl2h3W20e/xfVOxGj3g5z7lWNQpwLRN/pjjV/uVR5gk3o9lEln/8N+NWJYcU+g Wd7yAjJiWX9j9cFkE/2lyJDONQHAm6pVgES1HYvrRtpAHE7xYGVK9Ypmf7AAqYHm eO5NxQ2hbZUrEa+q0xh0QpsSf6YQqU1x2pnxiIhr7I/lP2PfcBuQ0PB9JB6gI7wZ A+zuJF9P3VvA2S+BYshKGtjNjV46O4tMTQR+MN0a2OJnVCuOyD0GiiMuYzF3u4Ip rTagS9P+qxqi04xoR447V3OMMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPzNn82p Czr5zDqE9gVD53RUS4AuMB8GA1UdIwQYMBaAFOJEnjEiIBMeLnbELHzMbdGTUQcH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0JGMy8xQkM2RUIyMDEx RTcxMUVBQjkwM0FBNzlDNEY5QUUwMi80a1NlTVNJZ0V4NHVkc1FzZk14dDBaTlJC d2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRrU2VNU0lnRXg0dWRzUXNmTXh0MFpOUkJ3Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NENCRjMvMUJDNkVCMjAxMUU3MTFFQUI5MDNBQTc5QzRGOUFFMDIvQjMyNjY4QzRE OThDMTFFQjkwNUQ3MjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJnfhQwDQYJKoZIhvcNAQELBQADggEBAALbhceKUI71FnqW XNgFB1GD0SM++Kh0bPpd9xG+MHMxm94MvuRJfMDaALEUBUQoiHl6gaDEssiDENQ9 q+SV5JeI/Mjz+/nE+KgcM2UZ0TEQfYzMBbK9zJORe+5jjeudFb8SRtbLdT7Z3AGQ IKP+5La239uDSYLOPWZLeMuSr7owdF+6aoYF1+goA0ERFfPACXb87xPUz4hxZtWa zuoosyS/nHbHM69n0+wwnQZ/NjpLSVEykvEP7BtZQLgI9Z1a7OXEMoYoG6Rmg0wT dttVVWeEaaSXA5YACWGJIc9NNMhYg0jGrDd+5LtQsTrnlabwJCjaufKmyN6khOBP /1vFGXc= -----END CERTIFICATE-----Generated at Sun Apr 6 17:56:31 2025 by rpki-client