$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5BB05F0807A711EBBAD90C57C4F9AE02.roa File: 5BB05F0807A711EBBAD90C57C4F9AE02.roa (raw, json) Hash identifier: /xLzLr5G/WcRbP9j5fH3Jlc/NQM+n4Uqmz/O4DGivuo= Subject key identifier: E0:39:83:73:4D:34:2E:AC:78:EA:23:C2:E2:87:26:2E:5B:7E:D3:B6 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B1E6 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5BB05F0807A711EBBAD90C57C4F9AE02.roa Signing time: Thu 08 May 2025 15:59:01 +0000 ROA not before: Thu 08 May 2025 15:59:01 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 133659 IP address blocks: 103.42.188.0/24 maxlen: 24 103.81.160.0/24 maxlen: 24 2001:df1:3c00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 16 Jun 2025 13:22:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45542 (0xb1e6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 15:59:01 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd4c5-c874 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:3d:8b:9c:29:7c:64:cb:4c:ab:a4:17:96:c3: 2f:89:cb:8e:98:3f:18:ac:22:3e:fe:a1:e8:36:fe: 05:69:b7:4d:a2:48:2d:79:71:9e:98:d6:f1:9b:dc: 59:fa:fa:be:df:7e:20:25:3f:57:11:5b:02:2e:0f: 54:a5:6a:93:d0:57:f6:20:7d:6a:74:d2:2d:a7:82: f5:f4:a7:b6:fa:15:14:e3:41:c2:5a:54:f6:93:e8: a0:a9:d4:2d:35:f9:f2:0c:82:b7:8a:64:66:8d:26: 89:20:5f:49:20:21:a5:b8:af:51:dd:45:6d:cd:33: ed:b6:36:f1:20:8e:d5:2d:9b:ec:30:2b:62:e8:2f: 4c:b8:70:6c:d3:09:dd:ab:13:97:c7:a4:f1:de:b9: 42:dd:86:47:cc:a2:be:ac:3e:a2:06:ec:33:57:d3: 5e:98:84:23:b2:1f:bd:46:59:df:38:f0:4e:24:20: b2:ee:03:f6:55:32:79:bf:c6:89:12:5e:00:69:ae: c3:34:18:a1:9e:24:a4:5f:80:bc:7b:e7:40:ee:76: 6e:a5:bb:5a:5e:8e:99:d7:c8:f0:ca:06:72:af:26: a2:fb:c2:c4:2b:c9:48:83:15:e1:14:f2:f3:71:32: 8f:af:ab:9f:8e:19:39:a8:40:1d:87:e5:7a:29:f9: bc:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:39:83:73:4D:34:2E:AC:78:EA:23:C2:E2:87:26:2E:5B:7E:D3:B6 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5BB05F0807A711EBBAD90C57C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.42.188.0/24 103.81.160.0/24 IPv6: 2001:df1:3c00::/48 Signature Algorithm: sha256WithRSAEncryption 0f:1e:02:92:75:46:57:b0:c2:82:6a:92:c4:eb:95:c0:3b:48: f5:37:bb:99:34:cb:52:fe:66:91:93:3a:6b:e5:c4:06:f5:81: 50:e4:06:01:43:bd:48:d4:ba:06:12:4d:ed:6f:2b:84:e7:8b: b4:3b:8b:dd:71:fb:97:a1:b6:01:25:43:37:39:73:e6:6d:6f: eb:81:85:b1:aa:05:f1:74:24:e1:1b:9a:a4:a4:8d:d6:41:d8: 4a:5b:e0:35:81:e5:e9:93:7c:82:ed:e8:07:d3:14:19:9c:14: 68:22:56:37:b4:97:95:c4:ce:16:b3:64:31:eb:d0:13:88:6f: a1:b6:2d:c9:0d:ca:0d:e7:0c:66:99:0d:e7:5a:e6:ab:60:8c: 99:c9:83:34:fe:8c:39:64:7d:14:ae:54:84:29:58:f7:09:ac: 81:81:eb:c1:8a:a7:85:db:7f:31:aa:72:a0:88:73:2b:e8:c7: 04:2e:76:cb:0e:7c:9d:5f:1f:55:83:a9:4b:79:33:6f:dc:b7: a7:1e:03:71:cb:2e:9b:e1:0a:af:c2:17:74:34:c8:92:50:2b: 8f:29:0d:ad:e9:bf:26:ef:95:04:89:ae:57:0e:b9:ba:a7:d4: 81:9b:cd:b6:6d:98:ae:cb:72:b1:50:90:7f:3d:a4:1b:2b:0b: ac:af:eb:09 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIDALHmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE1NTkwMVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q0YzUtYzg3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALs9i5wpfGTLTKukF5bDL4nLjpg/GKwiPv6h6Db+BWm3TaJILXlxnpjW8Zvc Wfr6vt9+ICU/VxFbAi4PVKVqk9BX9iB9anTSLaeC9fSntvoVFONBwlpU9pPooKnU LTX58gyCt4pkZo0miSBfSSAhpbivUd1Fbc0z7bY28SCO1S2b7DArYugvTLhwbNMJ 3asTl8ek8d65Qt2GR8yivqw+ogbsM1fTXpiEI7IfvUZZ3zjwTiQgsu4D9lUyeb/G iRJeAGmuwzQYoZ4kpF+AvHvnQO52bqW7Wl6OmdfI8MoGcq8movvCxCvJSIMV4RTy 83Eyj6+rn44ZOahAHYflein5vJkCAwEAAaOCAqwwggKoMB0GA1UdDgQWBBTgOYNz TTQurHjqI8LihyYuW37TtjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzVCQjA1RjA4 MDdBNzExRUJCQUQ5MEM1N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDYGCCsGAQUFBwEHAQH/ BCcwJTASBAIAATAMAwQAZyq8AwQAZ1GgMA8EAgACMAkDBwAgAQ3xPAAwDQYJKoZI hvcNAQELBQADggEBAA8eApJ1RlewwoJqksTrlcA7SPU3u5k0y1L+ZpGTOmvlxAb1 gVDkBgFDvUjUugYSTe1vK4Tni7Q7i91x+5ehtgElQzc5c+Ztb+uBhbGqBfF0JOEb mqSkjdZB2Epb4DWB5emTfILt6AfTFBmcFGgiVje0l5XEzhazZDHr0BOIb6G2LckN yg3nDGaZDeda5qtgjJnJgzT+jDlkfRSuVIQpWPcJrIGB68GKp4XbfzGqcqCIcyvo xwQudssOfJ1fH1WDqUt5M2/ct6ceA3HLLpvhCq/CF3Q0yJJQK48pDa3pvybvlQSJ rlcOubqn1IGbzbZtmK7LcrFQkH89pBsrC6yv6wk= -----END CERTIFICATE-----Generated at Tue Jun 10 08:04:41 2025 by rpki-client