$ rpki-client -vvf rpki.apnic.net/member_repository/A9148E9A/03F47D8AC17711EDA039F22FC4F9AE02/20BD79FAC17A11ED8F7A315FC4F9AE02.roa File: 20BD79FAC17A11ED8F7A315FC4F9AE02.roa (raw, json) Hash identifier: jHvBpbPikdEm8qDyFLwKqOP7PFtCpJ8WS2O/wf5HHhg= Subject key identifier: F6:24:1F:94:42:C0:1C:AE:45:09:71:96:B1:78:4C:8B:5C:BC:70:C7 Certificate issuer: /CN=A9148E9A/serialNumber=E7E904AD261549E31DBD59F46B3074C6BFA6DAB2 Certificate serial: 0192 Authority key identifier: E7:E9:04:AD:26:15:49:E3:1D:BD:59:F4:6B:30:74:C6:BF:A6:DA:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5-kErSYVSeMdvVn0azB0xr-m2rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148E9A/03F47D8AC17711EDA039F22FC4F9AE02/20BD79FAC17A11ED8F7A315FC4F9AE02.roa Signing time: Tue 29 Apr 2025 03:39:47 +0000 ROA not before: Tue 29 Apr 2025 03:39:47 +0000 ROA not after: Thu 28 Aug 2025 00:00:00 +0000 asID: 134703 IP address blocks: 103.107.242.0/24 maxlen: 24 103.107.243.0/24 maxlen: 24 2001:df2:1640::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148E9A/03F47D8AC17711EDA039F22FC4F9AE02/5-kErSYVSeMdvVn0azB0xr-m2rI.crl rsync://rpki.apnic.net/member_repository/A9148E9A/03F47D8AC17711EDA039F22FC4F9AE02/5-kErSYVSeMdvVn0azB0xr-m2rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5-kErSYVSeMdvVn0azB0xr-m2rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:22:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 402 (0x192) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148E9A, serialNumber=E7E904AD261549E31DBD59F46B3074C6BFA6DAB2 Validity Not Before: Apr 29 03:39:47 2025 GMT Not After : Aug 28 00:00:00 2025 GMT Subject: CN=68104a03-d570 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:96:1c:03:08:34:92:82:2d:bd:f6:22:db:f0: f1:de:09:b5:84:1c:37:96:96:a1:ad:67:83:32:d3: 48:99:85:53:61:37:9d:3d:f3:90:8c:a0:e0:2a:0d: 07:52:a0:77:61:2a:de:07:ed:48:bd:83:26:1c:f5: 26:2b:e7:19:00:53:fd:d1:2e:b5:c7:40:ef:96:6f: cd:5f:ae:90:27:ce:b2:44:93:4f:60:77:ce:26:15: 61:67:6f:72:9e:af:ea:4d:47:23:bb:34:b8:98:61: f3:09:a1:7d:f3:98:93:03:03:b4:72:4e:9d:80:a8: f2:5f:c7:a8:7f:f1:bf:fd:60:2e:30:f2:85:4e:8b: a4:2e:aa:f5:6e:17:ea:a1:f4:74:0b:62:90:54:63: ca:c2:6e:99:f6:de:11:69:97:bf:90:5d:7d:14:bc: 61:d8:c9:04:ca:b6:0b:06:0c:3a:7e:b0:b8:71:3e: c4:3e:c8:87:50:bf:5b:ac:43:e4:b8:2f:25:39:6a: da:da:14:79:f7:89:83:38:0b:d7:dc:12:e8:23:71: 5e:ea:a3:12:ce:85:a8:91:4b:d7:f5:71:ee:4f:70: e8:f5:8c:ca:2a:9c:c9:5f:75:aa:bc:6e:3f:48:a5: 53:08:8b:16:cb:a3:9c:8f:b0:2c:0e:7d:7d:ec:5f: bf:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:24:1F:94:42:C0:1C:AE:45:09:71:96:B1:78:4C:8B:5C:BC:70:C7 X509v3 Authority Key Identifier: keyid:E7:E9:04:AD:26:15:49:E3:1D:BD:59:F4:6B:30:74:C6:BF:A6:DA:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148E9A/03F47D8AC17711EDA039F22FC4F9AE02/5-kErSYVSeMdvVn0azB0xr-m2rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5-kErSYVSeMdvVn0azB0xr-m2rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148E9A/03F47D8AC17711EDA039F22FC4F9AE02/20BD79FAC17A11ED8F7A315FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.107.242.0/23 IPv6: 2001:df2:1640::/48 Signature Algorithm: sha256WithRSAEncryption af:28:fc:8a:1b:dc:c4:13:d6:73:81:e3:a1:91:81:b2:6e:26: 60:61:9c:22:f2:ed:56:67:e1:67:07:5c:62:0a:7f:f9:eb:de: 74:99:7f:b0:41:59:fe:88:f5:dc:08:96:f9:98:96:d2:be:35: 6a:dd:f6:24:8a:4d:52:a5:7a:10:bc:5d:cf:db:0c:0c:c4:64: 84:bf:46:18:03:b4:34:94:cc:06:39:73:82:39:c8:29:80:56: 50:ab:47:de:f7:01:8e:0b:dc:cf:d2:b0:b7:65:0b:52:85:c3: 43:f7:19:4a:85:24:6e:21:a7:be:72:0a:09:5a:0d:1b:ae:74: 58:a1:97:ad:16:f8:10:ec:2c:d3:2d:2a:1b:bc:e6:7e:95:c1: 11:68:c2:20:99:c7:3c:a8:41:29:dd:d2:be:9c:9f:d8:61:42: c5:73:40:11:fc:4a:de:58:b5:e4:36:ff:54:03:02:4b:9c:72: 5a:fa:dd:35:29:1f:3d:02:69:9f:c3:99:68:ec:90:6d:17:ae: 1d:c3:c7:37:61:19:08:02:f6:d0:32:b4:a4:f6:c7:70:a6:5c: ba:46:6b:14:5c:77:dc:e5:4b:05:67:f5:23:04:c2:ca:92:8f: 34:db:8d:d6:ea:96:bd:28:c0:43:4d:01:e3:71:be:87:91:e1: 18:ba:d0:54 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAZIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhFOUExMTAvBgNVBAUTKEU3RTkwNEFEMjYxNTQ5RTMxREJENTlGNDZCMzA3NEM2 QkZBNkRBQjIwHhcNMjUwNDI5MDMzOTQ3WhcNMjUwODI4MDAwMDAwWjAYMRYwFAYD VQQDEw02ODEwNGEwMy1kNTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlpYcAwg0koItvfYi2/Dx3gm1hBw3lpahrWeDMtNImYVTYTedPfOQjKDgKg0H UqB3YSreB+1IvYMmHPUmK+cZAFP90S61x0Dvlm/NX66QJ86yRJNPYHfOJhVhZ29y nq/qTUcjuzS4mGHzCaF985iTAwO0ck6dgKjyX8eof/G//WAuMPKFToukLqr1bhfq ofR0C2KQVGPKwm6Z9t4RaZe/kF19FLxh2MkEyrYLBgw6frC4cT7EPsiHUL9brEPk uC8lOWra2hR594mDOAvX3BLoI3Fe6qMSzoWokUvX9XHuT3Do9YzKKpzJX3WqvG4/ SKVTCIsWy6Ocj7AsDn197F+/dQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPYkH5RC wByuRQlxlrF4TItcvHDHMB8GA1UdIwQYMBaAFOfpBK0mFUnjHb1Z9GswdMa/ptqy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEU5QS8wM0Y0N0Q4QUMx NzcxMUVEQTAzOUYyMkZDNEY5QUUwMi81LWtFclNZVlNlTWR2Vm4wYXpCMHhyLW0y ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzUta0VyU1lWU2VNZHZWbjBhekIweHItbTJySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDhFOUEvMDNGNDdEOEFDMTc3MTFFREEwMzlGMjJGQzRGOUFFMDIvMjBCRDc5RkFD MTdBMTFFRDhGN0EzMTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFna/IwDwQCAAIwCQMHACABDfIWQDANBgkqhkiG9w0BAQsF AAOCAQEAryj8ihvcxBPWc4HjoZGBsm4mYGGcIvLtVmfhZwdcYgp/+evedJl/sEFZ /oj13AiW+ZiW0r41at32JIpNUqV6ELxdz9sMDMRkhL9GGAO0NJTMBjlzgjnIKYBW UKtH3vcBjgvcz9Kwt2ULUoXDQ/cZSoUkbiGnvnIKCVoNG650WKGXrRb4EOws0y0q G7zmfpXBEWjCIJnHPKhBKd3Svpyf2GFCxXNAEfxK3li15Db/VAMCS5xyWvrdNSkf PQJpn8OZaOyQbReuHcPHN2EZCAL20DK0pPbHcKZcukZrFFx33OVLBWf1IwTCypKP NNuN1uqWvSjAQ00B43G+h5HhGLrQVA== -----END CERTIFICATE-----Generated at Mon May 12 21:46:58 2025 by rpki-client