$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1EEABD982B3311F0A7450418C4F9AE02.roa File: 1EEABD982B3311F0A7450418C4F9AE02.roa (raw, json) Hash identifier: 098NDRGAmYFL5vQ1oX0DJdPThy0xGWMzjgPoLgK9pSI= Subject key identifier: F7:49:7E:83:47:3C:BC:F8:39:70:59:A4:1A:DD:FD:4A:38:94:E9:1A Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: BC29 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1EEABD982B3311F0A7450418C4F9AE02.roa Signing time: Tue 27 May 2025 12:25:20 +0000 ROA not before: Tue 27 May 2025 12:25:20 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 153271 IP address blocks: 43.242.224.0/24 maxlen: 24 43.242.225.0/24 maxlen: 24 43.242.226.0/24 maxlen: 24 43.242.227.0/24 maxlen: 24 45.112.56.0/22 maxlen: 24 103.181.4.0/24 maxlen: 24 103.181.5.0/24 maxlen: 24 103.232.24.0/24 maxlen: 24 103.232.25.0/24 maxlen: 24 103.232.26.0/24 maxlen: 24 103.232.27.0/24 maxlen: 24 103.239.168.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 08:25:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48169 (0xbc29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 27 12:25:20 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6835af2f-e5c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:fe:b4:32:a4:f0:37:57:1f:60:ea:61:d1:d2: d4:f3:d2:db:e7:9d:3c:9a:0e:54:86:39:21:4d:4d: ce:9a:2a:ca:23:14:8f:72:c3:8a:59:bf:06:ae:df: dc:2b:c0:19:1c:19:0a:ac:0c:43:ca:74:2a:a7:e5: d8:c8:85:e4:a5:9f:84:9b:48:dd:ce:ac:48:e0:15: ba:df:c0:a6:7c:01:a8:c3:94:1e:e0:76:e5:da:9a: 75:6a:c9:bf:50:b5:b9:92:36:4d:47:fd:31:3a:b8: 54:a7:50:40:4b:b0:ef:f1:b2:83:23:01:b8:c0:e7: df:ee:3f:17:75:59:cb:79:85:92:38:98:b7:cc:da: b9:d0:3b:bb:58:8b:ec:51:6f:0c:fa:f0:6c:52:fd: db:1f:80:c3:c0:99:2f:0f:b1:2e:fa:6b:54:9a:7c: 18:2f:0f:78:84:1d:93:13:b0:b7:e9:28:26:66:a9: 74:7a:cb:9a:19:61:da:0b:5f:45:32:e2:89:c4:f3: 5c:94:d4:19:c6:a2:e1:89:04:0f:6e:2a:ea:e6:a2: 5c:71:a1:9a:d3:fa:03:44:b3:84:59:0b:18:86:3d: 1b:0b:6e:b1:a3:33:1f:c2:ac:82:fd:2c:4d:09:96: 7b:5e:e7:35:7a:cb:c1:f1:71:0e:f0:63:e6:97:fe: f0:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:49:7E:83:47:3C:BC:F8:39:70:59:A4:1A:DD:FD:4A:38:94:E9:1A X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1EEABD982B3311F0A7450418C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.242.224.0/22 45.112.56.0/22 103.181.4.0/23 103.232.24.0/22 103.239.168.0/22 Signature Algorithm: sha256WithRSAEncryption 0d:15:c2:1b:db:e0:5a:a6:c5:22:27:0e:86:26:58:e3:20:bf: 04:29:d9:29:08:4a:d4:ff:c5:a5:34:9c:55:d8:45:8d:c2:85: 95:d7:cd:ba:99:22:a2:35:6a:7d:34:2b:93:4a:8b:a0:2d:87: 40:cc:92:a5:88:2e:bb:53:94:9c:27:21:77:f3:f6:79:5f:5a: 8e:c2:4e:61:b5:17:e7:e3:9a:68:54:96:cf:8b:0c:a2:78:fe: cf:23:79:6d:7e:86:a0:30:1d:43:40:37:4d:c4:cb:d5:dc:87: cb:6b:e3:80:a4:6e:df:f5:fd:b0:38:cb:ab:14:70:f5:e9:44: e0:3f:48:2d:33:5c:98:ac:b2:bc:c0:3f:49:6d:3a:aa:d4:99: 40:f8:31:d3:38:0b:c9:5b:0f:fd:8c:6c:bf:2e:c6:b2:cf:f2: 1c:bb:c8:b8:07:96:4f:11:0f:40:7f:52:48:91:ab:3b:1e:90: d1:c4:b7:92:b4:9e:00:02:78:37:9e:5b:1c:42:9e:c6:e0:07: 7d:f8:7e:c4:54:4f:bb:b0:5b:12:47:68:99:f8:ff:c3:33:bf: b9:ff:d8:e0:e8:54:43:b2:58:c4:ca:a9:d7:62:62:29:6a:b3: 30:e1:f5:fe:f4:44:07:62:14:f0:8f:21:02:48:df:b1:23:04: 93:3a:32:a4 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIDALwpMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUyNzEyMjUyMFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgzNWFmMmYtZTVjNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANr+tDKk8DdXH2DqYdHS1PPS2+edPJoOVIY5IU1NzpoqyiMUj3LDilm/Bq7f 3CvAGRwZCqwMQ8p0Kqfl2MiF5KWfhJtI3c6sSOAVut/ApnwBqMOUHuB25dqadWrJ v1C1uZI2TUf9MTq4VKdQQEuw7/GygyMBuMDn3+4/F3VZy3mFkjiYt8zaudA7u1iL 7FFvDPrwbFL92x+Aw8CZLw+xLvprVJp8GC8PeIQdkxOwt+koJmapdHrLmhlh2gtf RTLiicTzXJTUGcai4YkED24q6uaiXHGhmtP6A0SzhFkLGIY9GwtusaMzH8Ksgv0s TQmWe17nNXrLwfFxDvBj5pf+8K8CAwEAAaOCAq0wggKpMB0GA1UdDgQWBBT3SX6D Rzy8+DlwWaQa3f1KOJTpGjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzFFRUFCRDk4 MkIzMzExRjBBNzQ1MDQxOEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDcGCCsGAQUFBwEHAQH/ BCgwJjAkBAIAATAeAwQCK/LgAwQCLXA4AwQBZ7UEAwQCZ+gYAwQCZ++oMA0GCSqG SIb3DQEBCwUAA4IBAQANFcIb2+BapsUiJw6GJljjIL8EKdkpCErU/8WlNJxV2EWN woWV1826mSKiNWp9NCuTSougLYdAzJKliC67U5ScJyF38/Z5X1qOwk5htRfn45po VJbPiwyieP7PI3ltfoagMB1DQDdNxMvV3IfLa+OApG7f9f2wOMurFHD16UTgP0gt M1yYrLK8wD9JbTqq1JlA+DHTOAvJWw/9jGy/Lsayz/Icu8i4B5ZPEQ9Af1JIkas7 HpDRxLeStJ4AAng3nlscQp7G4Ad9+H7EVE+7sFsSR2iZ+P/DM7+5/9jg6FRDsljE yqnXYmIparMw4fX+9EQHYhTwjyECSN+xIwSTOjKk -----END CERTIFICATE-----Generated at Wed Jun 11 12:47:32 2025 by rpki-client