$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C2E45C64051B11EEA9671C47C4F9AE02.roa File: C2E45C64051B11EEA9671C47C4F9AE02.roa (raw, json) Hash identifier: 9G39YLuA3bogghL9p3zornCwjEcWc1hDX/Jz8WrXh+w= Subject key identifier: 45:08:C3:B2:21:43:F1:69:C3:8D:80:E9:7B:23:46:18:01:13:9E:91 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: BCD7 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C2E45C64051B11EEA9671C47C4F9AE02.roa Signing time: Tue 03 Jun 2025 09:39:33 +0000 ROA not before: Tue 03 Jun 2025 09:39:33 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 149226 IP address blocks: 103.123.172.0/23 maxlen: 24 103.169.178.0/23 maxlen: 24 2400:f1a0::/32 maxlen: 32 2400:f1a0:1::/48 maxlen: 48 2400:f1a0:2::/48 maxlen: 48 2400:f1a0:3::/48 maxlen: 48 2400:f1a0:4::/48 maxlen: 48 2400:f1a0:5::/48 maxlen: 48 2400:f1a0:6::/48 maxlen: 48 2400:f1a0:7::/48 maxlen: 48 2400:f1a0:8::/48 maxlen: 48 2400:f1a0:9::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 10:42:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48343 (0xbcd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jun 3 09:39:33 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=683ec2d5-316e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:22:2e:f1:ef:c1:1c:b6:e3:13:8a:a8:3e:fb: 62:b2:f0:e1:d1:91:c5:ad:2c:58:eb:fe:52:3c:ba: 09:9b:75:d9:90:9d:c5:2f:ab:72:84:ea:4a:a7:27: ac:0c:5f:ef:31:b2:f6:f1:c9:4b:f6:f8:e4:c6:e3: fd:4b:73:a5:01:d4:5a:0b:9e:cd:2e:9c:f1:80:13: 1a:69:2a:77:45:06:73:15:3d:7c:76:ef:1e:04:7f: 5c:21:54:07:78:e0:7c:68:9b:e1:25:6b:18:40:48: a2:64:69:f3:31:7c:a8:39:cd:68:7a:b8:ae:21:e9: cd:50:c0:c8:23:7c:9d:a0:2d:3c:e3:6e:cb:78:75: 85:b9:56:ff:95:10:c7:ff:f0:fc:87:cc:08:3b:40: 5b:f9:0b:13:76:c8:93:eb:09:c3:fe:b5:c0:a2:63: af:b4:da:02:a4:de:07:85:6a:04:23:b8:0c:0c:b8: 52:37:b5:70:ff:1f:8f:ff:b2:5c:7b:ac:16:d3:f0: c1:f8:bb:3b:96:af:8e:49:23:7a:aa:35:2e:90:02: b9:47:85:46:f2:e5:08:d7:e4:76:b1:47:ef:95:4e: 66:01:39:1a:6f:36:86:58:a5:53:fe:be:aa:d9:a0: 4d:f2:46:af:de:a9:9a:f0:7e:20:08:db:7a:ad:ca: c0:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:08:C3:B2:21:43:F1:69:C3:8D:80:E9:7B:23:46:18:01:13:9E:91 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C2E45C64051B11EEA9671C47C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.123.172.0/23 103.169.178.0/23 IPv6: 2400:f1a0::/32 Signature Algorithm: sha256WithRSAEncryption 30:42:b9:3b:a9:7e:ca:a0:56:58:84:6f:1b:f7:cb:7d:93:38: b5:7f:9f:5b:28:80:af:a1:09:08:cd:c6:63:dd:f3:eb:1b:e7: 0c:ad:12:2b:b3:ad:61:3f:9a:1e:d2:da:13:21:75:70:8b:d0: 1d:a2:5e:a5:bc:f0:53:15:e1:8c:a4:4a:ba:af:10:f9:e1:eb: 3f:c6:39:61:54:87:23:85:a9:f3:89:41:77:9a:0c:40:72:9f: 2d:d5:cf:bd:4e:cc:89:59:95:0b:4c:7c:09:c0:97:89:fc:2c: 06:8f:0b:40:e5:bc:7c:e0:54:f6:8a:4e:25:e9:19:d4:95:28: 1d:65:cd:24:7d:91:16:77:a0:cd:89:38:1c:b0:f5:fa:0f:dd: 29:d9:f3:68:8c:27:72:76:32:50:6e:1b:04:d4:76:9a:47:2f: 60:6f:f1:eb:ec:e7:f0:10:d1:c8:8d:12:a9:de:d7:a5:36:e8: df:af:db:a9:ce:21:6f:39:e6:14:1f:ea:a3:7b:49:0b:20:a6: a8:bb:9c:fd:74:ca:fb:f8:bc:8a:5c:c9:f0:47:52:9a:72:82: a5:68:04:21:9c:a8:10:d9:9e:70:2b:2f:e5:1a:ec:62:44:7f: 7a:e0:09:82:85:91:bc:5a:27:ae:59:f6:ae:7e:e5:f8:05:03: 58:83:3d:27 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIDALzXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDYwMzA5MzkzM1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgzZWMyZDUtMzE2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkiLvHvwRy24xOKqD77YrLw4dGRxa0sWOv+Ujy6CZt12ZCdxS+rcoTqSqcn rAxf7zGy9vHJS/b45Mbj/UtzpQHUWguezS6c8YATGmkqd0UGcxU9fHbvHgR/XCFU B3jgfGib4SVrGEBIomRp8zF8qDnNaHq4riHpzVDAyCN8naAtPONuy3h1hblW/5UQ x//w/IfMCDtAW/kLE3bIk+sJw/61wKJjr7TaAqTeB4VqBCO4DAy4Uje1cP8fj/+y XHusFtPwwfi7O5avjkkjeqo1LpACuUeFRvLlCNfkdrFH75VOZgE5Gm82hlilU/6+ qtmgTfJGr96pmvB+IAjbeq3KwBECAwEAAaOCAqowggKmMB0GA1UdDgQWBBRFCMOy IUPxacONgOl7I0YYAROekTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0MyRTQ1QzY0 MDUxQjExRUVBOTY3MUM0N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDQGCCsGAQUFBwEHAQH/ BCUwIzASBAIAATAMAwQBZ3usAwQBZ6myMA0EAgACMAcDBQAkAPGgMA0GCSqGSIb3 DQEBCwUAA4IBAQAwQrk7qX7KoFZYhG8b98t9kzi1f59bKICvoQkIzcZj3fPrG+cM rRIrs61hP5oe0toTIXVwi9Adol6lvPBTFeGMpEq6rxD54es/xjlhVIcjhanziUF3 mgxAcp8t1c+9TsyJWZULTHwJwJeJ/CwGjwtA5bx84FT2ik4l6RnUlSgdZc0kfZEW d6DNiTgcsPX6D90p2fNojCdydjJQbhsE1HaaRy9gb/Hr7OfwENHIjRKp3telNujf r9upziFvOeYUH+qje0kLIKaou5z9dMr7+LyKXMnwR1KacoKlaAQhnKgQ2Z5wKy/l GuxiRH964AmChZG8WieuWfaufuX4BQNYgz0n -----END CERTIFICATE-----Generated at Thu Jun 12 06:20:18 2025 by rpki-client