$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4CE03FEE2FCE11EB9757E42EC4F9AE02.roa File: 4CE03FEE2FCE11EB9757E42EC4F9AE02.roa (raw, json) Hash identifier: VYalgdjCXFv3we87a6jMoasDUVNmby62hPzy/jPXqts= Subject key identifier: 17:71:40:77:49:9B:04:2B:19:00:88:F5:75:D1:32:9C:7E:78:09:39 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: BAF2 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4CE03FEE2FCE11EB9757E42EC4F9AE02.roa Signing time: Wed 14 May 2025 08:47:35 +0000 ROA not before: Wed 14 May 2025 08:47:35 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 141309 IP address blocks: 103.158.104.0/23 maxlen: 24 2001:df5:68c0::/48 maxlen: 48 2001:df5:ab80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Jun 2025 15:42:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47858 (0xbaf2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 14 08:47:35 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=682458a7-c022 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:d7:6c:af:f6:b9:af:a9:10:5f:42:56:07:ad: 21:67:e7:55:6b:33:da:f1:46:57:6a:6b:e7:fb:c1: 20:12:9f:c3:67:ff:01:01:51:66:5f:b9:31:80:c1: 34:75:23:f0:d8:a4:79:a4:55:00:ba:c1:88:42:b8: 32:cb:75:ba:17:5d:0d:22:f3:ef:ed:63:57:b7:c6: 79:64:f2:d2:d0:2e:00:39:5d:c8:28:6b:51:e1:ed: 10:ff:d5:b1:90:43:34:cd:d3:8e:70:fe:24:a2:15: 31:f1:2e:68:7c:11:57:e1:b1:31:73:1f:46:65:ec: f9:b8:57:3f:a4:6d:1a:b8:a3:93:6c:2b:ef:3c:f0: eb:6a:b8:79:de:d7:f6:7b:9f:15:48:bb:9b:33:83: 5f:e5:8b:f7:46:3b:9b:45:fa:d5:1c:75:7d:c5:08: bf:cd:65:f6:b4:ad:92:4e:4b:3d:4d:4d:c1:f9:2f: 0f:55:56:f6:a1:db:a3:1a:c3:71:d7:82:f8:7d:af: 22:0d:5c:04:40:1a:3d:f8:47:ec:18:8e:39:2d:e7: b7:ea:c6:bd:e6:b5:35:b5:95:9c:4f:6e:a0:13:03: 6d:b6:c4:18:71:93:e5:58:91:d5:be:b2:07:3c:43: 76:96:54:10:75:d3:ab:e9:0e:b7:34:a7:42:11:ec: 5f:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:71:40:77:49:9B:04:2B:19:00:88:F5:75:D1:32:9C:7E:78:09:39 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4CE03FEE2FCE11EB9757E42EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.158.104.0/23 IPv6: 2001:df5:68c0::/48 2001:df5:ab80::/48 Signature Algorithm: sha256WithRSAEncryption 97:ad:ae:64:f1:fe:88:5f:d9:3d:31:4f:b6:d7:76:63:29:e7: a4:ab:74:f6:11:e4:60:67:23:13:dc:41:64:08:54:e7:14:b5: 29:8b:c9:f3:e1:6e:63:d2:2f:e5:8e:46:be:b9:23:19:b6:f1: 56:91:a7:ef:46:d2:20:15:b9:43:29:b4:9b:9b:70:66:c5:86: ff:5f:58:bc:a6:c0:6f:d7:27:5e:75:c5:17:31:e0:28:7f:81: cf:fc:dd:f9:0d:59:e0:fe:bf:a8:11:1b:f1:68:01:96:05:75: 07:02:82:f1:7e:73:26:5b:a6:68:d5:d3:ee:da:a9:9c:c5:73: 81:e4:3f:e8:bc:53:35:82:02:22:9d:8b:2a:13:36:7e:07:84: 59:e0:c7:6b:c9:2a:db:d1:ea:fb:4d:91:11:fe:0f:4d:17:03: cc:c1:4e:34:02:76:76:29:c9:91:70:c4:8b:bd:2a:8d:16:2d: 1e:e8:3e:0f:ef:95:e1:25:f4:d1:fd:8d:b8:18:6f:a4:f2:2f: 78:2c:0d:17:de:50:c6:16:71:dc:b9:be:8b:a2:76:ec:15:d3: cf:2f:b9:fe:38:19:fd:b9:63:c0:e0:67:00:e8:fa:f3:38:a8: ce:6c:b1:56:f6:a9:66:8c:88:be:28:90:9e:82:80:8c:34:71: 72:75:a1:ee -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgIDALryMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUxNDA4NDczNVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgyNDU4YTctYzAyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANvXbK/2ua+pEF9CVgetIWfnVWsz2vFGV2pr5/vBIBKfw2f/AQFRZl+5MYDB NHUj8NikeaRVALrBiEK4Mst1uhddDSLz7+1jV7fGeWTy0tAuADldyChrUeHtEP/V sZBDNM3TjnD+JKIVMfEuaHwRV+GxMXMfRmXs+bhXP6RtGrijk2wr7zzw62q4ed7X 9nufFUi7mzODX+WL90Y7m0X61Rx1fcUIv81l9rStkk5LPU1NwfkvD1VW9qHboxrD cdeC+H2vIg1cBEAaPfhH7BiOOS3nt+rGvea1NbWVnE9uoBMDbbbEGHGT5ViR1b6y BzxDdpZUEHXTq+kOtzSnQhHsX/UCAwEAAaOCAq8wggKrMB0GA1UdDgQWBBQXcUB3 SZsEKxkAiPV10TKcfngJOTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzRDRTAzRkVF MkZDRTExRUI5NzU3RTQyRUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDkGCCsGAQUFBwEHAQH/ BCowKDAMBAIAATAGAwQBZ55oMBgEAgACMBIDBwAgAQ31aMADBwAgAQ31q4AwDQYJ KoZIhvcNAQELBQADggEBAJetrmTx/ohf2T0xT7bXdmMp56SrdPYR5GBnIxPcQWQI VOcUtSmLyfPhbmPSL+WORr65Ixm28VaRp+9G0iAVuUMptJubcGbFhv9fWLymwG/X J151xRcx4Ch/gc/83fkNWeD+v6gRG/FoAZYFdQcCgvF+cyZbpmjV0+7aqZzFc4Hk P+i8UzWCAiKdiyoTNn4HhFngx2vJKtvR6vtNkRH+D00XA8zBTjQCdnYpyZFwxIu9 Ko0WLR7oPg/vleEl9NH9jbgYb6TyL3gsDRfeUMYWcdy5vouiduwV088vuf44Gf25 Y8DgZwDo+vM4qM5ssVb2qWaMiL4okJ6CgIw0cXJ1oe4= -----END CERTIFICATE-----Generated at Fri Jun 6 19:41:59 2025 by rpki-client