$ rpki-client -vvf rpki.apnic.net/member_repository/A919E83B/792D148AF28111EA8A6FC66DC4F9AE02/E68BF368DD9911EF85614A53C4F9AE02.roa File: E68BF368DD9911EF85614A53C4F9AE02.roa (raw, json) Hash identifier: r8A/94ghc8/XPx2goFiqLMeQN6YHcN5iJvMsFi80QDA= Subject key identifier: 47:DC:20:4E:1B:E8:2B:69:BC:59:EC:5B:8F:3B:20:A6:28:E6:17:79 Certificate issuer: /CN=A919E83B/serialNumber=B8A62CF1DE8B262E14737D93EE3E6F36C3A0E1C9 Certificate serial: 07B8 Authority key identifier: B8:A6:2C:F1:DE:8B:26:2E:14:73:7D:93:EE:3E:6F:36:C3:A0:E1:C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uKYs8d6LJi4Uc32T7j5vNsOg4ck.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919E83B/792D148AF28111EA8A6FC66DC4F9AE02/E68BF368DD9911EF85614A53C4F9AE02.roa Signing time: Tue 28 Jan 2025 17:06:02 +0000 ROA not before: Tue 28 Jan 2025 17:06:02 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 137000 IP address blocks: 103.149.58.0/24 maxlen: 24 103.149.59.0/24 maxlen: 24 2405:e3c0::/32 maxlen: 32 2405:e3c0::/48 maxlen: 48 2405:e3c0:1::/48 maxlen: 48 2405:e3c0:2::/48 maxlen: 48 2405:e3c0:3::/48 maxlen: 48 2405:e3c0:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919E83B/792D148AF28111EA8A6FC66DC4F9AE02/uKYs8d6LJi4Uc32T7j5vNsOg4ck.crl rsync://rpki.apnic.net/member_repository/A919E83B/792D148AF28111EA8A6FC66DC4F9AE02/uKYs8d6LJi4Uc32T7j5vNsOg4ck.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uKYs8d6LJi4Uc32T7j5vNsOg4ck.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Feb 2025 22:11:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1976 (0x7b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919E83B Validity Not Before: Jan 28 17:06:02 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67990e7a-b59d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:a8:d1:e2:d3:ef:de:c6:a5:50:95:da:35:b6: 74:f3:83:33:54:d4:6f:18:3f:6d:86:1c:5d:de:5c: c2:80:9b:31:cd:fd:c4:a8:f4:ce:e8:a9:64:6c:49: d5:d5:94:ff:aa:ce:46:a7:4e:63:f0:91:1f:de:b8: f5:ae:7a:7f:81:c5:2c:29:cf:1b:4e:b7:0d:b3:d7: d5:0d:5e:4c:3e:18:64:76:d3:b6:5d:25:ee:c1:e4: 14:c6:e6:9b:39:e2:07:0c:74:fe:0a:e0:31:96:42: b5:37:61:5e:da:33:e8:ac:cc:11:e3:5c:d9:a6:11: af:72:69:ee:0e:90:24:01:32:b5:6c:1e:6d:80:04: 02:1d:aa:b0:37:14:83:d2:2e:e8:6b:48:14:5f:b4: 28:36:a9:3b:60:f9:b3:3d:3e:ff:fc:cb:d0:d9:21: 7b:9a:29:ed:51:56:8a:ba:ba:20:f2:52:1e:76:c8: cc:61:34:e1:5d:52:78:e4:2d:19:15:42:c2:66:5c: 8a:7b:df:60:02:ef:21:60:b9:0e:ac:85:8b:29:a8: bc:25:35:91:39:58:b7:39:f3:a6:a5:6d:b5:70:d4: 0c:62:4b:a4:37:3b:78:a1:ca:79:96:29:0f:bc:3d: cf:9f:fe:f5:60:54:ff:9b:62:4f:fc:75:a6:41:84: 6f:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:DC:20:4E:1B:E8:2B:69:BC:59:EC:5B:8F:3B:20:A6:28:E6:17:79 X509v3 Authority Key Identifier: keyid:B8:A6:2C:F1:DE:8B:26:2E:14:73:7D:93:EE:3E:6F:36:C3:A0:E1:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919E83B/792D148AF28111EA8A6FC66DC4F9AE02/uKYs8d6LJi4Uc32T7j5vNsOg4ck.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uKYs8d6LJi4Uc32T7j5vNsOg4ck.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E83B/792D148AF28111EA8A6FC66DC4F9AE02/E68BF368DD9911EF85614A53C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.149.58.0/23 IPv6: 2405:e3c0::/32 Signature Algorithm: sha256WithRSAEncryption 60:bf:28:d2:34:15:72:80:db:aa:92:7d:a2:d6:83:1c:1e:90: 11:8c:ed:ae:dc:52:84:cd:8c:92:3e:c3:63:83:58:15:70:e3: 95:24:9d:ad:7c:ea:33:82:d2:9e:90:c5:38:69:2d:6f:4e:9a: 38:c5:6c:0a:06:4a:9e:c8:e6:c5:d2:bf:e4:7a:9d:b1:28:72: 76:48:eb:d3:ca:92:db:44:91:42:6e:74:7f:0f:08:d6:47:4c: 05:8e:56:be:d2:b4:fd:51:10:2c:4e:fc:60:ae:fc:7a:4e:bf: 83:d0:08:99:37:67:d4:54:2c:c5:d0:bf:2e:8e:cb:17:cf:23: 47:01:7c:f3:e0:19:2e:19:5d:a3:cf:38:77:cd:2f:5f:39:12: 73:5e:cb:ed:df:80:91:63:24:3f:06:b7:6a:ff:fa:23:2d:17: a8:07:f4:c1:22:73:f4:3d:df:74:95:1d:c5:5d:85:97:17:4c: 83:eb:11:16:38:0b:ed:a7:b6:c8:11:7b:15:ea:34:0b:2b:87: 6e:14:68:e6:e2:1c:5a:57:a9:3b:43:9d:53:d4:0a:8b:28:01: a0:25:13:8c:bb:0b:01:01:17:6b:7f:64:73:30:fc:ee:1a:d4: 43:88:bb:7d:db:f2:00:6d:5c:1c:f1:28:06:11:0e:18:d4:84: 74:84:db:73 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICB7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUU4M0IxMTAvBgNVBAUTKEI4QTYyQ0YxREU4QjI2MkUxNDczN0Q5M0VFM0U2RjM2 QzNBMEUxQzkwHhcNMjUwMTI4MTcwNjAyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzk5MGU3YS1iNTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxKjR4tPv3salUJXaNbZ084MzVNRvGD9thhxd3lzCgJsxzf3EqPTO6KlkbEnV 1ZT/qs5Gp05j8JEf3rj1rnp/gcUsKc8bTrcNs9fVDV5MPhhkdtO2XSXuweQUxuab OeIHDHT+CuAxlkK1N2Fe2jPorMwR41zZphGvcmnuDpAkATK1bB5tgAQCHaqwNxSD 0i7oa0gUX7QoNqk7YPmzPT7//MvQ2SF7mintUVaKurog8lIedsjMYTThXVJ45C0Z FULCZlyKe99gAu8hYLkOrIWLKai8JTWROVi3OfOmpW21cNQMYkukNzt4ocp5likP vD3Pn/71YFT/m2JP/HWmQYRv7wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEfcIE4b 6CtpvFnsW487IKYo5hd5MB8GA1UdIwQYMBaAFLimLPHeiyYuFHN9k+4+bzbDoOHJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTgzQi83OTJEMTQ4QUYy ODExMUVBOEE2RkM2NkRDNEY5QUUwMi91S1lzOGQ2TEppNFVjMzJUN2o1dk5zT2c0 Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VLWXM4ZDZMSmk0VWMzMlQ3ajV2TnNPZzRjay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUU4M0IvNzkyRDE0OEFGMjgxMTFFQThBNkZDNjZEQzRGOUFFMDIvRTY4QkYzNjhE RDk5MTFFRjg1NjE0QTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnlTowDQQCAAIwBwMFACQF48AwDQYJKoZIhvcNAQELBQAD ggEBAGC/KNI0FXKA26qSfaLWgxwekBGM7a7cUoTNjJI+w2ODWBVw45Ukna186jOC 0p6QxThpLW9OmjjFbAoGSp7I5sXSv+R6nbEocnZI69PKkttEkUJudH8PCNZHTAWO Vr7StP1RECxO/GCu/HpOv4PQCJk3Z9RULMXQvy6OyxfPI0cBfPPgGS4ZXaPPOHfN L185EnNey+3fgJFjJD8Gt2r/+iMtF6gH9MEic/Q933SVHcVdhZcXTIPrERY4C+2n tsgRexXqNAsrh24UaObiHFpXqTtDnVPUCosoAaAlE4y7CwEBF2t/ZHMw/O4a1EOI u33b8gBtXBzxKAYRDhjUhHSE23M= -----END CERTIFICATE-----Generated at Wed Feb 19 22:03:20 2025 by rpki-client