$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/18DDC828563A11F092DD586EC4F9AE02.roa File: 18DDC828563A11F092DD586EC4F9AE02.roa (raw, json) Hash identifier: 67lb01k3Vi4epFgUoL++9A+Du7KcTPfzsnSPIkwlWlo= Subject key identifier: C5:D0:91:25:E9:3B:3D:7D:79:37:A7:7A:AF:DF:BD:8B:BB:8B:03:35 Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013 Certificate serial: 071C Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/18DDC828563A11F092DD586EC4F9AE02.roa Signing time: Tue 01 Jul 2025 05:16:24 +0000 ROA not before: Tue 01 Jul 2025 05:16:24 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 932 IP address blocks: 43.247.132.0/22 maxlen: 24 43.254.164.0/22 maxlen: 24 43.255.120.0/22 maxlen: 24 43.255.156.0/22 maxlen: 24 103.30.76.0/22 maxlen: 24 103.171.34.0/23 maxlen: 24 2401:2660:1000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 23:44:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1820 (0x71c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9139322, serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013 Validity Not Before: Jul 1 05:16:24 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=68636f27-e72a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:9d:d2:9a:a7:4a:47:85:ea:6b:98:d4:df:10: b5:e8:90:81:79:1d:68:2e:ee:c0:9f:68:18:c6:1d: 5b:3d:12:a4:25:bc:8a:f9:b5:6d:c4:e4:35:e5:fc: a9:48:4d:99:49:ed:40:43:08:ac:80:ae:c6:23:85: 22:9b:4e:74:35:9c:bd:63:23:3e:4f:76:0f:96:d3: 6a:95:96:ee:4a:50:6a:45:2d:02:76:f4:38:8a:f0: 7d:a3:8c:7e:13:b7:93:e8:14:f0:09:6a:7a:1a:23: 9f:b6:87:19:df:9b:b5:a8:df:f6:b3:56:3a:71:52: 32:6e:b0:00:00:16:43:63:7e:42:8f:41:27:c2:d4: 81:a8:dc:4b:d3:e6:1a:64:85:bd:50:87:ab:a6:a5: 30:e3:f7:64:52:ab:2b:7d:33:f7:37:27:b9:13:cb: 60:d1:8b:71:26:d5:1a:cf:a3:aa:a3:54:72:70:6d: d4:2c:30:c9:8e:a3:45:16:57:4c:e1:e4:e2:1e:b8: 4d:9e:43:b5:61:40:44:8b:c5:18:29:0a:0e:98:59: 9b:70:f7:30:8e:2e:71:27:9e:aa:09:ad:32:c3:ef: 63:bc:43:91:e9:79:75:d2:d2:0d:0e:a9:41:b7:dd: c6:73:a0:f6:55:29:a8:d0:2d:51:f5:e7:fd:7b:26: 92:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:D0:91:25:E9:3B:3D:7D:79:37:A7:7A:AF:DF:BD:8B:BB:8B:03:35 X509v3 Authority Key Identifier: keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/18DDC828563A11F092DD586EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.247.132.0/22 43.254.164.0/22 43.255.120.0/22 43.255.156.0/22 103.30.76.0/22 103.171.34.0/23 IPv6: 2401:2660:1000::/36 Signature Algorithm: sha256WithRSAEncryption 11:ce:3d:bd:ef:54:50:b5:c6:9f:99:1c:3f:39:06:17:95:72: f0:9d:8c:7c:8d:c8:43:f6:d0:ba:46:80:3c:c3:51:1a:34:7a: 25:59:8e:f9:db:4b:2f:d9:f0:ad:a8:50:fb:70:69:a8:91:4a: d4:c7:ef:07:56:e0:2e:1a:20:c4:51:57:ee:45:14:32:a6:4f: 1f:9e:3c:7a:51:bf:0e:be:c5:e7:8c:9b:e1:76:4a:b3:d0:6a: 80:68:fc:0c:dd:70:ea:1c:62:12:e6:68:90:8b:9b:7a:49:17: 04:7d:9b:0b:cb:14:e8:ea:92:f3:c3:eb:0f:77:cf:42:47:db: 3d:1a:90:e2:29:a2:64:d3:38:bb:2b:13:b5:bd:0d:61:9f:61: 31:3b:c3:c1:64:e8:66:d1:bf:e9:b2:0b:e5:9c:ab:28:ce:cd: d5:c0:01:ec:13:a0:d8:48:b9:d1:ba:99:b4:5d:66:66:08:91: 75:5e:1f:42:e1:e4:62:86:46:9e:f7:4f:b8:b9:fe:d1:1f:1e: c3:14:40:ae:c1:f8:2f:9e:8e:14:25:6d:d9:cd:58:49:00:91: 3e:85:52:56:fe:70:5b:cb:3e:c5:a7:52:bb:ee:66:af:f1:51: 83:45:3e:53:04:a0:f4:1c:cd:03:80:a0:13:1d:17:0b:5b:b1: 46:8b:69:55 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgICBxwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF QTNDNzEwMTMwHhcNMjUwNzAxMDUxNjI0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODYzNmYyNy1lNzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuZ3SmqdKR4Xqa5jU3xC16JCBeR1oLu7An2gYxh1bPRKkJbyK+bVtxOQ15fyp SE2ZSe1AQwisgK7GI4Uim050NZy9YyM+T3YPltNqlZbuSlBqRS0CdvQ4ivB9o4x+ E7eT6BTwCWp6GiOftocZ35u1qN/2s1Y6cVIybrAAABZDY35Cj0EnwtSBqNxL0+Ya ZIW9UIerpqUw4/dkUqsrfTP3Nye5E8tg0YtxJtUaz6Oqo1RycG3ULDDJjqNFFldM 4eTiHrhNnkO1YUBEi8UYKQoOmFmbcPcwji5xJ56qCa0yw+9jvEOR6Xl10tINDqlB t93Gc6D2VSmo0C1R9ef9eyaSNwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFMXQkSXp Oz19eTeneq/fvYu7iwM1MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2 NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvMThEREM4Mjg1 NjNBMTFGMDkyREQ1ODZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E PjA8MCoEAgABMCQDBAIr94QDBAIr/qQDBAIr/3gDBAIr/5wDBAJnHkwDBAFnqyIw DgQCAAIwCAMGBCQBJmAQMA0GCSqGSIb3DQEBCwUAA4IBAQARzj2971RQtcafmRw/ OQYXlXLwnYx8jchD9tC6RoA8w1EaNHolWY7520sv2fCtqFD7cGmokUrUx+8HVuAu GiDEUVfuRRQypk8fnjx6Ub8OvsXnjJvhdkqz0GqAaPwM3XDqHGIS5miQi5t6SRcE fZsLyxTo6pLzw+sPd89CR9s9GpDiKaJk0zi7KxO1vQ1hn2ExO8PBZOhm0b/psgvl nKsozs3VwAHsE6DYSLnRupm0XWZmCJF1Xh9C4eRihkae90+4uf7RHx7DFECuwfgv no4UJW3ZzVhJAJE+hVJW/nBbyz7Fp1K77mav8VGDRT5TBKD0HM0DgKATHRcLW7FG i2lV -----END CERTIFICATE-----Generated at Fri Jul 4 02:20:36 2025 by rpki-client