$ rpki-client -vvf rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/B2356D1A180911EB962CB216C4F9AE02.roa File: B2356D1A180911EB962CB216C4F9AE02.roa (raw, json) Hash identifier: RbLdN/sBiJ5TXTjTcsJOAhQn9KJyZmQ2QyPUKPhkRDw= Subject key identifier: 44:4A:4C:FC:82:26:9A:15:BD:DF:CE:27:2A:8F:B2:81:50:85:4A:C3 Certificate issuer: /CN=A915617D/serialNumber=19EA5B45F01E80BE0A76DCDAC9926B6E6742F221 Certificate serial: 077A Authority key identifier: 19:EA:5B:45:F0:1E:80:BE:0A:76:DC:DA:C9:92:6B:6E:67:42:F2:21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GepbRfAegL4KdtzayZJrbmdC8iE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/B2356D1A180911EB962CB216C4F9AE02.roa Signing time: Fri 30 May 2025 21:51:01 +0000 ROA not before: Fri 30 May 2025 21:51:01 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 135423 IP address blocks: 45.250.156.0/22 maxlen: 22 45.250.156.0/24 maxlen: 24 45.250.157.0/24 maxlen: 24 45.250.158.0/24 maxlen: 24 45.250.159.0/24 maxlen: 24 103.219.68.0/22 maxlen: 22 103.219.68.0/24 maxlen: 24 103.219.69.0/24 maxlen: 24 103.219.70.0/24 maxlen: 24 103.219.71.0/24 maxlen: 24 2405:4d80::/32 maxlen: 37 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/GepbRfAegL4KdtzayZJrbmdC8iE.crl rsync://rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/GepbRfAegL4KdtzayZJrbmdC8iE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GepbRfAegL4KdtzayZJrbmdC8iE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 15 Jun 2025 21:10:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1914 (0x77a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915617D, serialNumber=19EA5B45F01E80BE0A76DCDAC9926B6E6742F221 Validity Not Before: May 30 21:51:01 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=683a2845-7269 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:32:ed:d4:20:36:7f:d5:2f:0d:d9:22:e2:7c: f0:c6:73:63:e2:3c:e4:cf:b4:24:33:69:16:37:8d: 3b:a2:12:c8:93:2a:f3:f2:53:c3:c8:d8:b5:39:f3: 0b:da:09:9b:41:b5:26:d1:8a:7e:6c:75:e0:dc:1b: ac:34:fa:2e:e3:a1:89:64:5f:e6:cf:95:07:e0:59: cb:cb:ea:d6:f7:e6:9d:a1:55:32:1a:90:f1:7c:a7: 08:ba:e8:a1:0e:33:11:1e:8e:a8:ab:a1:28:5a:7c: 6d:27:f2:a8:2f:cf:e0:a4:29:20:8c:f2:37:e7:ca: 55:ed:8e:84:00:3f:87:09:3b:d8:46:a9:06:7f:c1: a1:51:f6:17:a7:60:7a:09:a3:90:08:63:42:ed:1e: 54:0e:52:ce:2c:e0:60:35:08:6d:50:44:33:1a:41: 79:4d:32:3b:7f:50:6f:ef:9e:33:60:dd:68:a6:56: 1f:7f:94:ea:03:c7:a1:02:7e:dc:88:8e:b5:b1:00: 97:28:3b:23:ee:0f:4c:20:42:ad:89:73:b1:fa:83: fe:fb:0e:06:21:b5:16:22:05:26:fd:00:fe:74:1f: 3c:44:a2:a8:7e:8b:51:3a:4b:23:4d:ab:f8:9f:87: a8:a5:c5:dd:cd:f4:fc:79:4e:d1:9c:83:53:4b:72: 70:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:4A:4C:FC:82:26:9A:15:BD:DF:CE:27:2A:8F:B2:81:50:85:4A:C3 X509v3 Authority Key Identifier: keyid:19:EA:5B:45:F0:1E:80:BE:0A:76:DC:DA:C9:92:6B:6E:67:42:F2:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/GepbRfAegL4KdtzayZJrbmdC8iE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GepbRfAegL4KdtzayZJrbmdC8iE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915617D/18DC5742180811EBA8573012C4F9AE02/B2356D1A180911EB962CB216C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.250.156.0/22 103.219.68.0/22 IPv6: 2405:4d80::/32 Signature Algorithm: sha256WithRSAEncryption b0:d3:bb:e4:9d:8c:ba:16:39:81:f8:67:1d:9a:80:f9:5f:6e: 1d:d7:7a:66:33:1c:b4:79:b9:b7:a0:da:d5:75:80:50:68:fd: e4:ea:15:13:d3:04:65:72:d8:16:f2:f5:b9:37:14:43:42:13: 8f:cc:88:1e:87:ed:80:de:77:f7:7a:c3:6d:b7:e9:4a:4d:2d: 75:bc:a2:b7:41:24:11:db:aa:15:f9:5e:9f:d9:e9:b8:f4:f3: a7:e9:28:13:22:c3:c0:e4:63:f0:15:da:b0:8b:24:b1:6d:23: f4:77:d3:a3:8d:48:7a:94:7f:05:77:e2:3d:f7:b2:20:2e:0c: 12:ff:80:d0:be:35:fc:44:3f:e3:7d:04:5b:02:34:85:3e:2b: 27:46:92:82:ef:47:9c:c7:01:09:73:7b:21:a0:79:7e:98:c8: 4d:b0:8d:61:09:0d:3c:3e:ad:11:ac:32:88:5b:b9:7d:14:69: 0b:ee:5b:62:28:6b:b6:9a:b0:d7:e6:09:d5:25:31:46:b8:ba: ee:00:ef:e5:42:70:a9:35:48:46:f7:93:62:e2:f2:e8:18:21: 97:28:90:d8:87:59:19:9b:5f:5d:11:83:a1:92:b5:9d:b8:86: 30:fd:4e:cf:43:68:9b:13:65:ad:0e:4c:a4:d0:a9:d3:5e:25: 7c:a9:5f:a3 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICB3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYxN0QxMTAvBgNVBAUTKDE5RUE1QjQ1RjAxRTgwQkUwQTc2RENEQUM5OTI2QjZF Njc0MkYyMjEwHhcNMjUwNTMwMjE1MTAxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODNhMjg0NS03MjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoTLt1CA2f9UvDdki4nzwxnNj4jzkz7QkM2kWN407ohLIkyrz8lPDyNi1OfML 2gmbQbUm0Yp+bHXg3BusNPou46GJZF/mz5UH4FnLy+rW9+adoVUyGpDxfKcIuuih DjMRHo6oq6EoWnxtJ/KoL8/gpCkgjPI358pV7Y6EAD+HCTvYRqkGf8GhUfYXp2B6 CaOQCGNC7R5UDlLOLOBgNQhtUEQzGkF5TTI7f1Bv754zYN1oplYff5TqA8ehAn7c iI61sQCXKDsj7g9MIEKtiXOx+oP++w4GIbUWIgUm/QD+dB88RKKofotROksjTav4 n4eopcXdzfT8eU7RnINTS3JwvwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFERKTPyC JpoVvd/OJyqPsoFQhUrDMB8GA1UdIwQYMBaAFBnqW0XwHoC+Cnbc2smSa25nQvIh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjE3RC8xOERDNTc0MjE4 MDgxMUVCQTg1NzMwMTJDNEY5QUUwMi9HZXBiUmZBZWdMNEtkdHpheVpKcmJtZEM4 aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dlcGJSZkFlZ0w0S2R0emF5WkpyYm1kQzhpRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYxN0QvMThEQzU3NDIxODA4MTFFQkE4NTczMDEyQzRGOUFFMDIvQjIzNTZEMUEx ODA5MTFFQjk2MkNCMjE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIt+pwDBAJn20QwDQQCAAIwBwMFACQFTYAwDQYJKoZIhvcN AQELBQADggEBALDTu+SdjLoWOYH4Zx2agPlfbh3XemYzHLR5ubeg2tV1gFBo/eTq FRPTBGVy2Bby9bk3FENCE4/MiB6H7YDed/d6w2236UpNLXW8ordBJBHbqhX5Xp/Z 6bj086fpKBMiw8DkY/AV2rCLJLFtI/R306ONSHqUfwV34j33siAuDBL/gNC+NfxE P+N9BFsCNIU+KydGkoLvR5zHAQlzeyGgeX6YyE2wjWEJDTw+rRGsMohbuX0UaQvu W2Ioa7aasNfmCdUlMUa4uu4A7+VCcKk1SEb3k2Li8ugYIZcokNiHWRmbX10Rg6GS tZ24hjD9Ts9DaJsTZa0OTKTQqdNeJXypX6M= -----END CERTIFICATE-----Generated at Tue Jun 10 09:13:01 2025 by rpki-client