$ rpki-client -vvf rpki.apnic.net/member_repository/A9133F6B/9852933E74A611EFAB4B053CC4F9AE02/CDB922F074AF11EFA0B26646C4F9AE02.roa File: CDB922F074AF11EFA0B26646C4F9AE02.roa (raw, json) Hash identifier: Z9wgm3vGJOLLYnMtYAwUdfFZW4JgmPyeFWsMY0AhztU= Subject key identifier: 05:DA:F6:7A:D2:64:41:EE:24:36:EF:5E:5D:FE:DD:C8:7E:65:B5:2F Certificate issuer: /CN=A9133F6B/serialNumber=34D7BD614396AE445170E058E0AEDCEBAD49405F Certificate serial: 7A Authority key identifier: 34:D7:BD:61:43:96:AE:44:51:70:E0:58:E0:AE:DC:EB:AD:49:40:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNe9YUOWrkRRcOBY4K7c661JQF8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9133F6B/9852933E74A611EFAB4B053CC4F9AE02/CDB922F074AF11EFA0B26646C4F9AE02.roa Signing time: Sat 03 May 2025 06:12:57 +0000 ROA not before: Sat 03 May 2025 06:12:57 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 132300 IP address blocks: 103.212.36.0/22 maxlen: 22 103.212.36.0/24 maxlen: 24 103.212.37.0/24 maxlen: 24 103.212.38.0/24 maxlen: 24 103.212.39.0/24 maxlen: 24 139.5.144.0/24 maxlen: 24 139.5.145.0/24 maxlen: 24 139.5.146.0/24 maxlen: 24 139.5.147.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9133F6B/9852933E74A611EFAB4B053CC4F9AE02/NNe9YUOWrkRRcOBY4K7c661JQF8.crl rsync://rpki.apnic.net/member_repository/A9133F6B/9852933E74A611EFAB4B053CC4F9AE02/NNe9YUOWrkRRcOBY4K7c661JQF8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNe9YUOWrkRRcOBY4K7c661JQF8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 05:27:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 122 (0x7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9133F6B, serialNumber=34D7BD614396AE445170E058E0AEDCEBAD49405F Validity Not Before: May 3 06:12:57 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6815b3e8-58a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:12:89:aa:35:2a:58:92:ab:cc:dd:7d:de:25: 4f:a4:76:26:6b:55:b8:79:0a:4f:15:55:0d:31:11: 46:ce:f4:ba:62:21:e9:db:f5:36:76:10:09:58:05: 47:1d:da:8c:fb:2f:b2:e3:1b:01:b5:05:15:ca:9e: d0:d8:0e:04:54:60:96:43:53:31:78:0f:c7:35:ee: 11:e7:06:53:cd:2f:d1:4b:26:4f:ae:80:c7:b4:83: 34:27:ea:bb:1e:85:4c:80:79:d6:e3:63:51:21:71: b3:6e:26:c3:a5:d4:da:f6:2e:88:af:7c:61:7b:d2: be:b3:3c:6a:77:29:3d:52:3e:c2:2f:df:20:7e:ee: 25:d8:c2:4a:88:5f:4b:31:6f:7b:eb:54:88:db:de: 77:dc:2f:94:1f:df:da:57:c8:e3:a7:88:5c:39:51: fb:fd:7a:1e:17:ad:1a:77:59:a0:f1:0a:3d:b7:30: ac:7a:7f:4f:82:2a:cc:e1:92:5e:9e:23:8a:b6:f1: 4f:76:f3:c0:e5:86:59:5b:c0:52:fc:cf:eb:02:3f: d6:26:0d:73:73:47:e8:1e:1c:ef:aa:14:f0:77:ca: 65:75:c6:09:af:cb:c3:c5:f3:51:91:b7:0a:39:76: 1a:db:03:6a:4b:14:65:c1:49:46:f1:97:55:26:87: 6c:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:DA:F6:7A:D2:64:41:EE:24:36:EF:5E:5D:FE:DD:C8:7E:65:B5:2F X509v3 Authority Key Identifier: keyid:34:D7:BD:61:43:96:AE:44:51:70:E0:58:E0:AE:DC:EB:AD:49:40:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9133F6B/9852933E74A611EFAB4B053CC4F9AE02/NNe9YUOWrkRRcOBY4K7c661JQF8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNe9YUOWrkRRcOBY4K7c661JQF8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9133F6B/9852933E74A611EFAB4B053CC4F9AE02/CDB922F074AF11EFA0B26646C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.212.36.0/22 139.5.144.0/22 Signature Algorithm: sha256WithRSAEncryption ac:c1:f9:be:47:e0:ff:af:d5:0a:3e:70:0a:55:b9:f5:7a:fb: 37:08:2d:85:4a:51:6b:8e:b0:e1:f3:bd:c9:0b:74:8f:91:35: 22:14:43:34:8a:9d:96:62:c2:79:41:59:bf:eb:ba:2b:03:a4: 84:8e:3f:f3:de:29:fb:79:58:91:fa:60:c1:9e:75:2b:40:4c: b4:b8:4e:68:29:87:0e:fb:2a:b6:32:04:16:c9:03:87:35:c2: c0:90:24:c7:86:f2:7d:86:16:b7:b1:f7:84:31:e3:85:08:55: 0f:59:39:3f:f1:bf:2b:27:cc:43:ec:90:e0:5c:77:d1:99:d7: e5:82:6f:cd:e9:18:c4:96:98:19:48:f0:94:5b:02:90:13:fa: 0a:bc:a8:99:a4:36:80:13:29:7f:a3:54:ef:32:e2:ee:c7:16: dc:8e:5a:76:98:50:9c:08:3f:af:91:a3:f9:14:d5:df:30:f8: 27:30:d0:1c:1b:ce:6b:df:86:9b:41:b7:eb:0c:61:ae:40:0b: 8f:fd:6d:f5:0d:1e:d4:db:a6:69:83:a1:27:71:41:6c:b7:41: 57:8f:80:8c:69:5a:bd:69:64:cf:37:54:bb:ae:c4:83:d7:08: 62:26:95:8d:81:ac:9b:ec:17:ab:1f:ce:a6:0c:c2:a4:0c:a9: 07:20:7b:21 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIBejANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz M0Y2QjExMC8GA1UEBRMoMzREN0JENjE0Mzk2QUU0NDUxNzBFMDU4RTBBRURDRUJB RDQ5NDA1RjAeFw0yNTA1MDMwNjEyNTdaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MTViM2U4LTU4YTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGEomqNSpYkqvM3X3eJU+kdiZrVbh5Ck8VVQ0xEUbO9LpiIenb9TZ2EAlYBUcd 2oz7L7LjGwG1BRXKntDYDgRUYJZDUzF4D8c17hHnBlPNL9FLJk+ugMe0gzQn6rse hUyAedbjY1EhcbNuJsOl1Nr2LoivfGF70r6zPGp3KT1SPsIv3yB+7iXYwkqIX0sx b3vrVIjb3nfcL5Qf39pXyOOniFw5Ufv9eh4XrRp3WaDxCj23MKx6f0+CKszhkl6e I4q28U9288DlhllbwFL8z+sCP9YmDXNzR+geHO+qFPB3ymV1xgmvy8PF81GRtwo5 dhrbA2pLFGXBSUbxl1Umh2z1AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUBdr2etJk Qe4kNu9eXf7dyH5ltS8wHwYDVR0jBBgwFoAUNNe9YUOWrkRRcOBY4K7c661JQF8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMzRjZCLzk4NTI5MzNFNzRB NjExRUZBQjRCMDUzQ0M0RjlBRTAyL05OZTlZVU9XcmtSUmNPQlk0SzdjNjYxSlFG OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTk5lOVlVT1dya1JSY09CWTRLN2M2NjFKUUY4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz M0Y2Qi85ODUyOTMzRTc0QTYxMUVGQUI0QjA1M0NDNEY5QUUwMi9DREI5MjJGMDc0 QUYxMUVGQTBCMjY2NDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW MBQwEgQCAAEwDAMEAmfUJAMEAosFkDANBgkqhkiG9w0BAQsFAAOCAQEArMH5vkfg /6/VCj5wClW59Xr7NwgthUpRa46w4fO9yQt0j5E1IhRDNIqdlmLCeUFZv+u6KwOk hI4/894p+3lYkfpgwZ51K0BMtLhOaCmHDvsqtjIEFskDhzXCwJAkx4byfYYWt7H3 hDHjhQhVD1k5P/G/KyfMQ+yQ4Fx30ZnX5YJvzekYxJaYGUjwlFsCkBP6CryomaQ2 gBMpf6NU7zLi7scW3I5adphQnAg/r5Gj+RTV3zD4JzDQHBvOa9+Gm0G36wxhrkAL j/1t9Q0e1NumaYOhJ3FBbLdBV4+AjGlavWlkzzdUu67Eg9cIYiaVjYGsm+wXqx/O pgzCpAypByB7IQ== -----END CERTIFICATE-----Generated at Sun May 11 17:11:46 2025 by rpki-client