$ rpki-client -vvf rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/41969D1C8F3011EEA61ACF62C4F9AE02.roa File: 41969D1C8F3011EEA61ACF62C4F9AE02.roa (raw, json) Hash identifier: mRLPSGz3fDg54l8MXzyosEq3sw4/imNOjGKPzEwZfwU= Subject key identifier: 95:01:60:63:D6:01:A4:26:4A:81:AD:77:A1:98:B9:A3:9A:0D:E3:77 Certificate issuer: /CN=A9179F22/serialNumber=FCF753D346AAAB95AB14C6267515CDF13F80FBBB Certificate serial: FE Authority key identifier: FC:F7:53:D3:46:AA:AB:95:AB:14:C6:26:75:15:CD:F1:3F:80:FB:BB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_PdT00aqq5WrFMYmdRXN8T-A-7s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/41969D1C8F3011EEA61ACF62C4F9AE02.roa Signing time: Thu 27 Feb 2025 06:29:48 +0000 ROA not before: Thu 27 Feb 2025 06:29:48 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 16509 IP address blocks: 103.150.252.0/24 maxlen: 24 2400:a4a0:1::/48 maxlen: 48 2400:a4a0:30::/48 maxlen: 48 2400:a4a0:40::/48 maxlen: 48 2400:a4a0:41::/48 maxlen: 48 2400:a4a0:42::/48 maxlen: 48 2400:a4a0:90::/48 maxlen: 48 2400:a4a0:100::/48 maxlen: 48 2400:a4a0:101::/48 maxlen: 48 2400:a4a0:115::/48 maxlen: 48 2400:a4a0:a100::/48 maxlen: 48 2400:a4a0:aaa2::/48 maxlen: 48 2400:a4a0:aaa3::/48 maxlen: 48 2400:a4a0:aaa4::/48 maxlen: 48 2400:a4a0:aaa5::/48 maxlen: 48 2400:a4a0:b100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/_PdT00aqq5WrFMYmdRXN8T-A-7s.crl rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/_PdT00aqq5WrFMYmdRXN8T-A-7s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_PdT00aqq5WrFMYmdRXN8T-A-7s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Mar 2025 03:31:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 254 (0xfe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9179F22 Validity Not Before: Feb 27 06:29:48 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c0065c-3756 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:61:0c:7b:d1:83:f1:31:cf:2d:af:86:80:aa: fa:9c:05:e9:20:21:ad:f9:ad:2d:09:94:9e:a4:71: 6c:81:bf:db:19:c4:fd:1d:b7:c2:b7:95:4d:46:e9: 0e:53:60:9f:f4:a2:a6:f9:f0:f4:8f:73:0e:fe:8e: fd:00:66:41:f2:03:40:7e:94:20:2d:bc:48:3a:cf: 2e:5f:97:f7:28:2a:4a:8d:9b:f4:95:11:08:c1:18: 42:f3:9a:64:2c:8c:0f:4d:3f:12:f5:b6:53:d6:44: ec:7c:aa:e8:2b:3c:7f:72:89:f2:68:3f:f6:f5:dc: 69:5d:3a:b2:37:9f:a9:03:11:d1:2f:34:7e:47:f6: 94:12:dc:8e:26:23:b8:e9:85:40:ae:9b:80:f6:2b: 6d:05:c3:2d:52:cf:a5:2a:d5:ba:bc:22:d5:85:4d: a9:2d:c4:c1:c8:f7:79:52:a6:0a:a2:1c:7e:31:cf: 7c:ec:20:52:00:3f:1e:8e:02:4b:ac:78:26:5a:ba: ed:fd:81:09:0f:94:6f:2d:fb:34:4b:0a:2d:af:4d: 79:df:c9:09:fc:ab:b0:3c:e7:3c:69:bb:b4:01:50: b4:75:62:01:33:71:e1:94:42:4a:6e:cc:1a:2d:17: fa:24:12:7b:b9:7e:52:d6:c9:41:98:cb:a8:d0:79: 9f:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:01:60:63:D6:01:A4:26:4A:81:AD:77:A1:98:B9:A3:9A:0D:E3:77 X509v3 Authority Key Identifier: keyid:FC:F7:53:D3:46:AA:AB:95:AB:14:C6:26:75:15:CD:F1:3F:80:FB:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/_PdT00aqq5WrFMYmdRXN8T-A-7s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_PdT00aqq5WrFMYmdRXN8T-A-7s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/41969D1C8F3011EEA61ACF62C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.150.252.0/24 IPv6: 2400:a4a0:1::/48 2400:a4a0:30::/48 2400:a4a0:40::-2400:a4a0:42:ffff:ffff:ffff:ffff:ffff 2400:a4a0:90::/48 2400:a4a0:100::/47 2400:a4a0:115::/48 2400:a4a0:a100::/48 2400:a4a0:aaa2::-2400:a4a0:aaa5:ffff:ffff:ffff:ffff:ffff 2400:a4a0:b100::/48 Signature Algorithm: sha256WithRSAEncryption 72:af:42:5b:0e:26:99:5e:ab:fa:b2:ac:4b:d2:3f:93:b3:7d: a3:51:e6:62:93:f0:80:9d:29:8a:a0:71:2d:9a:9b:b5:ac:5d: 43:b8:2d:38:3e:52:15:59:8a:e9:0a:d4:ec:a1:80:a1:02:1a: 77:ee:e3:f3:56:d3:0d:bf:e8:5c:54:87:eb:28:22:a2:c4:c8: fb:9b:d4:b6:9b:35:cc:4f:04:4a:e0:1a:ca:09:c8:24:b6:eb: 22:3f:47:b6:29:48:18:5e:cb:97:e0:03:ed:53:d6:5c:40:28: d3:d9:07:e9:bf:60:18:56:5f:4a:a1:ea:4c:de:4d:0b:50:78: 45:87:e4:fa:3b:54:9e:48:8e:f3:c1:f3:39:8d:ab:d0:64:e3: 82:20:ed:68:59:cb:b7:89:d7:d0:5e:38:63:ef:2b:99:b2:51: 0b:90:26:72:4f:58:ec:46:d7:16:9e:8d:45:c5:6d:91:1d:4e: b3:38:35:39:33:a7:bc:9a:e3:5d:a2:f7:2b:93:a1:93:e3:a0: b7:61:94:20:1d:55:bc:fc:8e:94:f8:90:de:9e:61:22:d2:4a: c4:71:c0:b8:a7:7e:6d:86:48:1b:43:74:ed:a1:7d:c8:6f:76: 2d:ba:70:a5:4f:5c:a4:78:b3:06:2d:97:f4:da:a9:20:db:5e: e0:30:86:73 -----BEGIN CERTIFICATE----- MIIF4TCCBMmgAwIBAgICAP4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzlGMjIxMTAvBgNVBAUTKEZDRjc1M0QzNDZBQUFCOTVBQjE0QzYyNjc1MTVDREYx M0Y4MEZCQkIwHhcNMjUwMjI3MDYyOTQ4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MwMDY1Yy0zNzU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs2EMe9GD8THPLa+GgKr6nAXpICGt+a0tCZSepHFsgb/bGcT9HbfCt5VNRukO U2Cf9KKm+fD0j3MO/o79AGZB8gNAfpQgLbxIOs8uX5f3KCpKjZv0lREIwRhC85pk LIwPTT8S9bZT1kTsfKroKzx/conyaD/29dxpXTqyN5+pAxHRLzR+R/aUEtyOJiO4 6YVArpuA9ittBcMtUs+lKtW6vCLVhU2pLcTByPd5UqYKohx+Mc987CBSAD8ejgJL rHgmWrrt/YEJD5RvLfs0Swotr01538kJ/KuwPOc8abu0AVC0dWIBM3HhlEJKbswa LRf6JBJ7uX5S1slBmMuo0HmfZwIDAQABo4IDBTCCAwEwHQYDVR0OBBYEFJUBYGPW AaQmSoGtd6GYuaOaDeN3MB8GA1UdIwQYMBaAFPz3U9NGqquVqxTGJnUVzfE/gPu7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OUYyMi9DRjlCRjVGRThG MkYxMUVFOUNCRkQ5NjFDNEY5QUUwMi9fUGRUMDBhcXE1V3JGTVltZFJYTjhULUEt N3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19QZFQwMGFxcTVXckZNWW1kUlhOOFQtQS03cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzlGMjIvQ0Y5QkY1RkU4RjJGMTFFRTlDQkZEOTYxQzRGOUFFMDIvNDE5NjlEMUM4 RjMwMTFFRUE2MUFDRjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgY4GCCsGAQUFBwEHAQH/ BH8wfTAMBAIAATAGAwQAZ5b8MG0EAgACMGcDBwAkAKSgAAEDBwAkAKSgADAwEgMH BiQApKAAQAMHACQApKAAQgMHACQApKAAkAMHASQApKABAAMHACQApKABFQMHACQA pKChADASAwcBJACkoKqiAwcBJACkoKqkAwcAJACkoLEAMA0GCSqGSIb3DQEBCwUA A4IBAQByr0JbDiaZXqv6sqxL0j+Ts32jUeZik/CAnSmKoHEtmpu1rF1DuC04PlIV WYrpCtTsoYChAhp37uPzVtMNv+hcVIfrKCKixMj7m9S2mzXMTwRK4BrKCcgktusi P0e2KUgYXsuX4APtU9ZcQCjT2Qfpv2AYVl9KoepM3k0LUHhFh+T6O1SeSI7zwfM5 javQZOOCIO1oWcu3idfQXjhj7yuZslELkCZyT1jsRtcWno1FxW2RHU6zODU5M6e8 muNdovcrk6GT46C3YZQgHVW8/I6U+JDenmEi0krEccC4p35thkgbQ3TtoX3Ib3Yt unClT1ykeLMGLZf02qkg217gMIZz -----END CERTIFICATE-----Generated at Thu Mar 13 21:56:29 2025 by rpki-client