$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B2B6F4FC086E11F0AE478E38C4F9AE02.roa File: B2B6F4FC086E11F0AE478E38C4F9AE02.roa (raw, json) Hash identifier: Y15Q1DJX78wZ1v8jDfrVoRg1C4yM0uBqkaV+RhptE6w= Subject key identifier: 20:9F:F1:FF:44:A3:05:94:AE:ED:44:4F:5D:B6:85:4F:75:16:7E:9A Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: BCCA Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B2B6F4FC086E11F0AE478E38C4F9AE02.roa Signing time: Tue 03 Jun 2025 05:34:11 +0000 ROA not before: Tue 03 Jun 2025 05:34:11 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 150027 IP address blocks: 43.243.80.0/24 maxlen: 24 43.243.81.0/24 maxlen: 24 43.243.83.0/24 maxlen: 24 45.250.227.0/24 maxlen: 24 103.69.220.0/24 maxlen: 24 103.69.223.0/24 maxlen: 24 103.131.92.0/23 maxlen: 24 103.167.74.0/24 maxlen: 24 103.167.75.0/24 maxlen: 24 103.167.247.0/24 maxlen: 24 103.175.116.0/23 maxlen: 24 103.185.10.0/24 maxlen: 24 103.230.220.0/22 maxlen: 24 103.232.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Jun 2025 12:12:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48330 (0xbcca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jun 3 05:34:11 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=683e8953-d9b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:f3:2f:97:94:52:90:60:d6:d2:1f:3e:28:07: 50:bc:96:8a:b7:a9:e6:87:0d:1a:cb:e3:aa:91:84: 87:65:a9:e6:9b:76:37:34:7d:5f:7d:d0:76:71:21: 9b:e9:24:de:fb:d3:13:d3:28:dc:08:b1:82:11:bb: 67:61:53:79:f1:4b:fc:16:5a:6f:b9:4b:31:ce:ca: 7c:47:1e:cd:5d:a4:0a:d3:84:00:11:b5:c3:90:c5: b5:cb:b3:eb:7c:a5:e9:83:d4:04:8a:ed:ec:74:86: af:bd:48:e2:ab:1c:bf:1d:f9:e6:7d:eb:73:52:64: e3:0a:46:f5:e6:c8:f8:77:72:7a:8e:2d:25:cd:c3: 07:3b:73:f4:d4:10:55:81:aa:24:02:a7:9a:72:68: ca:85:e3:8a:56:b2:de:7a:4e:44:99:46:89:12:40: 34:ad:bd:26:42:43:30:b7:24:fb:98:b1:21:11:4e: e8:60:07:56:d0:74:89:e6:93:fe:a4:34:87:f4:2b: 36:ce:70:6a:19:15:81:f1:e3:a6:97:c5:13:7b:59: 2f:15:2e:eb:fe:12:fd:ee:db:a5:e7:56:81:10:53: ad:99:bb:3c:a2:7b:67:68:e8:d7:b2:e5:04:c4:1d: d3:58:17:88:f2:5b:c7:fd:ac:b8:72:1c:49:4b:82: af:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:9F:F1:FF:44:A3:05:94:AE:ED:44:4F:5D:B6:85:4F:75:16:7E:9A X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B2B6F4FC086E11F0AE478E38C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.243.80.0/23 43.243.83.0/24 45.250.227.0/24 103.69.220.0/24 103.69.223.0/24 103.131.92.0/23 103.167.74.0/23 103.167.247.0/24 103.175.116.0/23 103.185.10.0/24 103.230.220.0/22 103.232.239.0/24 Signature Algorithm: sha256WithRSAEncryption 01:dd:73:a5:bb:f3:8b:90:58:ca:eb:84:38:6d:bf:11:3c:23: f5:e5:de:cf:04:4c:96:81:dd:0d:b2:1b:84:e6:d6:6a:1e:ee: c6:e4:32:2d:b5:00:54:56:93:bc:a1:05:81:59:a8:b0:94:f2: 89:68:9e:33:44:e9:a9:67:f5:ef:a1:d5:35:2f:74:6c:52:4f: 4e:ef:3a:a5:b8:d7:31:6b:8a:3b:a2:a9:f5:b5:21:63:54:77: 45:20:53:a5:2d:b3:8a:58:85:e9:da:03:19:53:7f:a9:dc:ee: 1a:9f:53:50:e8:a1:b7:de:0b:9f:b3:7e:45:0d:e1:2b:a9:33: 70:ff:99:4a:2e:35:b9:95:5c:3b:00:28:16:8b:ba:2a:dc:24: 1d:37:03:b6:7f:ad:a3:b2:be:ec:2b:bf:ab:85:02:ef:04:08: eb:03:50:e7:75:dc:b0:21:f0:80:f3:15:7d:02:ff:66:15:8a: 57:69:d4:7b:db:6f:56:ed:6c:5c:8e:27:40:19:8a:97:57:61: 74:3e:aa:74:af:3d:69:92:7f:6e:90:b4:d2:84:65:cb:d9:24: 84:99:52:72:0f:6f:57:f8:7e:e0:fa:ab:7d:0d:9e:3a:ac:aa: f5:43:64:fe:be:6f:49:cd:74:1c:52:0b:08:05:96:29:c2:d4: 3d:0e:bb:a6 -----BEGIN CERTIFICATE----- MIIFtDCCBJygAwIBAgIDALzKMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDYwMzA1MzQxMVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgzZTg5NTMtZDliNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMLzL5eUUpBg1tIfPigHULyWirep5ocNGsvjqpGEh2Wp5pt2NzR9X33QdnEh m+kk3vvTE9Mo3AixghG7Z2FTefFL/BZab7lLMc7KfEcezV2kCtOEABG1w5DFtcuz 63yl6YPUBIrt7HSGr71I4qscvx355n3rc1Jk4wpG9ebI+Hdyeo4tJc3DBztz9NQQ VYGqJAKnmnJoyoXjilay3npORJlGiRJANK29JkJDMLck+5ixIRFO6GAHVtB0ieaT /qQ0h/QrNs5wahkVgfHjppfFE3tZLxUu6/4S/e7bpedWgRBTrZm7PKJ7Z2jo17Ll BMQd01gXiPJbx/2suHIcSUuCr18CAwEAAaOCAtcwggLTMB0GA1UdDgQWBBQgn/H/ RKMFlK7tRE9dtoVPdRZ+mjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0IyQjZGNEZD MDg2RTExRjBBRTQ3OEUzOEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGEGCCsGAQUFBwEHAQH/ BFIwUDBOBAIAATBIAwQBK/NQAwQAK/NTAwQALfrjAwQAZ0XcAwQAZ0XfAwQBZ4Nc AwQBZ6dKAwQAZ6f3AwQBZ690AwQAZ7kKAwQCZ+bcAwQAZ+jvMA0GCSqGSIb3DQEB CwUAA4IBAQAB3XOlu/OLkFjK64Q4bb8RPCP15d7PBEyWgd0NshuE5tZqHu7G5DIt tQBUVpO8oQWBWaiwlPKJaJ4zROmpZ/XvodU1L3RsUk9O7zqluNcxa4o7oqn1tSFj VHdFIFOlLbOKWIXp2gMZU3+p3O4an1NQ6KG33gufs35FDeErqTNw/5lKLjW5lVw7 ACgWi7oq3CQdNwO2f62jsr7sK7+rhQLvBAjrA1DnddywIfCA8xV9Av9mFYpXadR7 229W7WxcjidAGYqXV2F0Pqp0rz1pkn9ukLTShGXL2SSEmVJyD29X+H7g+qt9DZ46 rKr1Q2T+vm9JzXQcUgsIBZYpwtQ9Drum -----END CERTIFICATE-----Generated at Fri Jun 6 06:59:06 2025 by rpki-client