$ rpki-client -vvf rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/36660EAE679E11EFBAD37686C4F9AE02.roa File: 36660EAE679E11EFBAD37686C4F9AE02.roa (raw, json) Hash identifier: AxabGlp0IamL1AOMbCgBi5Y/mrLVivTXD8uMAD10h7U= Subject key identifier: F1:30:07:09:9B:C1:F1:28:33:AA:18:58:C1:E0:E6:EE:0C:00:5B:30 Certificate issuer: /CN=A918BCEE/serialNumber=F40BE8B5AD16B1847FC0D4F4708F9D414931ABA6 Certificate serial: 02A1 Authority key identifier: F4:0B:E8:B5:AD:16:B1:84:7F:C0:D4:F4:70:8F:9D:41:49:31:AB:A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Avota0WsYR_wNT0cI-dQUkxq6Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/36660EAE679E11EFBAD37686C4F9AE02.roa Signing time: Thu 27 Mar 2025 02:08:30 +0000 ROA not before: Thu 27 Mar 2025 02:08:30 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 140952 IP address blocks: 103.209.253.0/24 maxlen: 24 103.209.254.0/24 maxlen: 24 2404:5d80:6300::/40 maxlen: 40 2404:5d80:6800::/40 maxlen: 40 2404:5d80:7400::/40 maxlen: 40 2404:5d80:9000::/40 maxlen: 40 2404:5d80:9400::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/9Avota0WsYR_wNT0cI-dQUkxq6Y.crl rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/9Avota0WsYR_wNT0cI-dQUkxq6Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Avota0WsYR_wNT0cI-dQUkxq6Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 01:26:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 673 (0x2a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918BCEE Validity Not Before: Mar 27 02:08:30 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67e4b31e-8e45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:52:11:5f:cd:9a:e0:68:b0:23:e2:fe:98:ab: 6e:c9:c4:f3:4f:4b:25:8c:f8:f4:60:7d:84:4b:a8: 81:eb:25:21:0a:65:f3:73:93:1f:8e:60:15:79:ef: c7:08:f2:6e:f4:50:5c:38:07:b3:2b:b5:44:a9:0f: a6:50:97:bc:dd:d9:e6:35:6a:c0:2d:24:46:35:28: a3:63:a3:09:82:09:53:a4:4e:0e:b9:58:e6:f6:6e: a0:15:ce:7a:f1:70:fb:cd:21:bf:35:35:5e:92:ce: da:8b:b2:1e:96:33:80:39:13:c6:4a:9c:70:d3:7d: 9b:63:b4:27:12:73:fc:4d:c9:0a:48:69:53:52:04: 8e:73:81:a4:b4:7e:e9:03:fe:14:9d:0c:09:0b:c2: 85:73:19:da:a2:c0:fc:19:58:06:04:13:7f:44:5e: 51:6e:f3:0e:ee:8e:b4:b5:1e:ab:01:49:3d:ce:f9: fc:3e:b5:19:fe:2e:88:35:4a:b8:d2:2b:d2:2d:2b: 96:25:b6:d4:da:96:da:ed:f7:a4:ab:ae:3b:92:c8: 67:1b:06:18:7a:59:72:e5:3d:89:6a:6b:fc:c8:2c: af:ab:ef:cd:d4:a6:3a:1e:49:da:57:ae:e1:66:38: 59:61:43:74:40:19:8f:c1:b8:32:b3:d2:cc:48:0f: 4f:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:30:07:09:9B:C1:F1:28:33:AA:18:58:C1:E0:E6:EE:0C:00:5B:30 X509v3 Authority Key Identifier: keyid:F4:0B:E8:B5:AD:16:B1:84:7F:C0:D4:F4:70:8F:9D:41:49:31:AB:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/9Avota0WsYR_wNT0cI-dQUkxq6Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Avota0WsYR_wNT0cI-dQUkxq6Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/36660EAE679E11EFBAD37686C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.209.253.0-103.209.254.255 IPv6: 2404:5d80:6300::/40 2404:5d80:6800::/40 2404:5d80:7400::/40 2404:5d80:9000::/40 2404:5d80:9400::/40 Signature Algorithm: sha256WithRSAEncryption 77:a2:19:14:eb:5b:46:74:04:f8:cd:54:4d:8f:3e:34:52:6e: f0:f4:a9:44:da:e6:3e:f3:73:6b:06:ab:49:b1:45:ed:e0:0a: 38:ff:92:62:cb:53:46:b1:41:8c:e0:c9:98:62:89:fd:34:77: c2:78:b4:ba:18:f3:14:20:39:26:53:1f:f9:6d:22:a0:7c:a1: f7:94:e1:bd:44:41:91:df:3d:e1:c8:94:b7:63:11:fb:1c:fe: 40:5c:9d:20:ae:56:4a:5e:11:c2:71:c3:2e:20:91:ab:5d:42: 37:5b:bf:83:3e:97:77:2d:22:0e:aa:78:94:51:dc:4b:a1:78: 3b:d6:5e:53:65:3e:c8:d3:83:20:2f:e3:d7:59:8b:73:86:26: 04:af:66:f1:9b:81:39:f2:49:89:32:3b:b6:63:2c:e0:40:7b: 6b:05:89:8e:35:42:82:a4:7e:d0:ed:f5:7a:d7:ae:65:49:eb: 14:a1:62:a0:95:1b:02:08:09:ff:1b:d0:ef:5f:d2:0e:19:ca: f0:72:2c:99:23:da:bf:25:9e:d4:b6:af:e5:d8:5a:88:32:19: 9d:fa:be:d5:97:87:cb:d4:c8:d5:7f:0a:01:ca:de:8b:b4:3b: 77:fe:28:bc:d9:80:0d:82:7d:9a:d5:12:52:35:fb:44:2e:1e: c6:f4:4c:75 -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgICAqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEJDRUUxMTAvBgNVBAUTKEY0MEJFOEI1QUQxNkIxODQ3RkMwRDRGNDcwOEY5RDQx NDkzMUFCQTYwHhcNMjUwMzI3MDIwODMwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2U0YjMxZS04ZTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6VIRX82a4GiwI+L+mKtuycTzT0sljPj0YH2ES6iB6yUhCmXzc5MfjmAVee/H CPJu9FBcOAezK7VEqQ+mUJe83dnmNWrALSRGNSijY6MJgglTpE4OuVjm9m6gFc56 8XD7zSG/NTVeks7ai7IeljOAORPGSpxw032bY7QnEnP8TckKSGlTUgSOc4GktH7p A/4UnQwJC8KFcxnaosD8GVgGBBN/RF5RbvMO7o60tR6rAUk9zvn8PrUZ/i6INUq4 0ivSLSuWJbbU2pba7fekq647kshnGwYYelly5T2Jamv8yCyvq+/N1KY6HknaV67h ZjhZYUN0QBmPwbgys9LMSA9P5QIDAQABo4ICzTCCAskwHQYDVR0OBBYEFPEwBwmb wfEoM6oYWMHg5u4MAFswMB8GA1UdIwQYMBaAFPQL6LWtFrGEf8DU9HCPnUFJMaum MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkNFRS82OEMzNTYzMDEz RkYxMUVEQTNGMzM5NDFDNEY5QUUwMi85QXZvdGEwV3NZUl93TlQwY0ktZFFVa3hx NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlBdm90YTBXc1lSX3dOVDBjSS1kUVVreHE2WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEJDRUUvNjhDMzU2MzAxM0ZGMTFFREEzRjMzOTQxQzRGOUFFMDIvMzY2NjBFQUU2 NzlFMTFFRkJBRDM3Njg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E SDBGMBQEAgABMA4wDAMEAGfR/QMEAGfR/jAuBAIAAjAoAwYAJARdgGMDBgAkBF2A aAMGACQEXYB0AwYAJARdgJADBgAkBF2AlDANBgkqhkiG9w0BAQsFAAOCAQEAd6IZ FOtbRnQE+M1UTY8+NFJu8PSpRNrmPvNzawarSbFF7eAKOP+SYstTRrFBjODJmGKJ /TR3wni0uhjzFCA5JlMf+W0ioHyh95ThvURBkd894ciUt2MR+xz+QFydIK5WSl4R wnHDLiCRq11CN1u/gz6Xdy0iDqp4lFHcS6F4O9ZeU2U+yNODIC/j11mLc4YmBK9m 8ZuBOfJJiTI7tmMs4EB7awWJjjVCgqR+0O31eteuZUnrFKFioJUbAggJ/xvQ71/S DhnK8HIsmSPavyWe1Lav5dhaiDIZnfq+1ZeHy9TI1X8KAcrei7Q7d/4ovNmADYJ9 mtUSUjX7RC4exvRMdQ== -----END CERTIFICATE-----Generated at Tue Apr 8 04:14:08 2025 by rpki-client