$ rpki-client -vvf rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/8A6AA178556111EDB7E45424C4F9AE02.roa File: 8A6AA178556111EDB7E45424C4F9AE02.roa (raw, json) Hash identifier: cQpAURqDM/34gPKhgVHe+OBCLHcXpgoxll5j5sk3a4o= Subject key identifier: 1F:39:EA:44:2B:E7:0A:D4:C2:F1:1F:B8:9B:7B:D7:93:59:D1:08:FF Certificate issuer: /CN=A917F879/serialNumber=6447E361B1A4496BA0128DF695657448E95E2B95 Certificate serial: 09B7 Authority key identifier: 64:47:E3:61:B1:A4:49:6B:A0:12:8D:F6:95:65:74:48:E9:5E:2B:95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZEfjYbGkSWugEo32lWV0SOleK5U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/8A6AA178556111EDB7E45424C4F9AE02.roa Signing time: Fri 02 May 2025 20:30:21 +0000 ROA not before: Fri 02 May 2025 20:30:21 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 45267 IP address blocks: 103.88.144.0/22 maxlen: 23 103.88.144.0/23 maxlen: 24 103.88.146.0/24 maxlen: 24 203.96.248.0/22 maxlen: 24 2400:e3c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/ZEfjYbGkSWugEo32lWV0SOleK5U.crl rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/ZEfjYbGkSWugEo32lWV0SOleK5U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZEfjYbGkSWugEo32lWV0SOleK5U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:50:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2487 (0x9b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F879, serialNumber=6447E361B1A4496BA0128DF695657448E95E2B95 Validity Not Before: May 2 20:30:21 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68152b5d-9035 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:05:d0:dd:01:cd:80:e9:06:f5:3c:28:52:48: 1e:71:3f:c3:6e:28:d4:dd:f5:ab:7b:ed:f8:cf:63: a9:0d:74:e6:c6:d0:b4:6f:1d:77:96:cf:65:b8:56: 29:09:dd:43:6d:8c:42:60:4a:d7:6a:7f:16:2e:db: 37:91:80:69:67:8c:d3:02:e3:fe:1c:65:0f:60:62: 38:5e:d9:f1:a2:ff:2b:b6:d1:9f:50:a5:f7:e3:51: 17:81:4a:33:87:2e:5d:a8:83:c4:3b:90:4b:72:73: 2d:01:40:f9:03:86:33:b1:2a:a3:73:87:a7:5f:34: f0:b5:e1:74:ce:07:41:63:e4:c8:bd:ab:dd:96:89: a4:81:ce:d7:b2:39:73:7a:64:24:01:a9:c8:58:c7: 1d:b1:96:22:c5:bc:5e:4f:9a:77:61:7e:83:fb:d3: 7a:8c:5d:43:da:0c:2c:a9:64:f2:f0:34:56:a0:75: 9a:d5:92:c8:80:a3:1e:4a:13:f7:f0:a5:0e:df:0d: bc:19:f0:8c:f3:62:9a:98:93:4c:0d:f7:1f:1a:9b: 83:e3:53:66:b9:e4:ba:23:27:75:07:09:86:83:97: 7a:cd:ad:02:7d:bd:d9:ac:da:e1:76:14:cd:b5:6f: 80:72:2c:c7:cd:e3:20:c7:70:77:6b:10:d4:eb:a2: 8d:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:39:EA:44:2B:E7:0A:D4:C2:F1:1F:B8:9B:7B:D7:93:59:D1:08:FF X509v3 Authority Key Identifier: keyid:64:47:E3:61:B1:A4:49:6B:A0:12:8D:F6:95:65:74:48:E9:5E:2B:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/ZEfjYbGkSWugEo32lWV0SOleK5U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZEfjYbGkSWugEo32lWV0SOleK5U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F879/AAFCEF0A834911EA89DE697BC4F9AE02/8A6AA178556111EDB7E45424C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.88.144.0/22 203.96.248.0/22 IPv6: 2400:e3c0::/32 Signature Algorithm: sha256WithRSAEncryption 76:58:fa:84:2b:a9:6f:7f:6c:b9:5e:c6:d5:f3:6f:a6:80:5c: 99:3c:24:0a:46:bf:dd:f1:93:8c:65:54:6d:2a:0f:80:70:ba: 71:0f:d7:a9:e1:3a:82:09:12:4e:37:d0:fd:f1:1b:50:78:89: 78:01:58:4b:41:6f:63:b5:ac:e1:14:ca:e9:df:28:63:75:6e: ea:09:7d:72:8a:94:70:0f:8c:6c:0a:1a:17:bb:b6:e3:15:98: 05:fc:46:a3:d6:a6:00:aa:4c:18:06:7c:c1:7d:d4:5c:6d:97: 3b:ac:41:a7:a8:6c:0c:5c:51:70:02:8c:ab:f1:30:7e:9f:36: 2b:23:b8:41:ff:1f:5f:cd:ef:3f:d3:42:24:3e:b8:77:79:35: a3:ea:42:bf:c9:7f:cd:9c:bb:83:c7:29:ad:1d:52:65:ff:e2: f4:cd:0c:ef:d6:a6:00:83:3d:41:c5:ed:91:3b:e1:7f:51:41: b9:ee:d1:a9:ff:5d:38:89:e2:d4:4e:49:b8:00:5d:4a:e4:1b: 97:a7:e6:c3:d2:48:e5:da:72:0c:f0:2e:8a:44:11:0d:2f:82: f6:b9:2c:43:0d:76:fb:81:44:4b:53:35:ce:c1:a4:a2:e5:9f: 56:d4:05:80:8b:8d:45:2b:fa:73:37:9d:0d:2c:51:29:88:df: 14:38:72:23 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICCbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Y4NzkxMTAvBgNVBAUTKDY0NDdFMzYxQjFBNDQ5NkJBMDEyOERGNjk1NjU3NDQ4 RTk1RTJCOTUwHhcNMjUwNTAyMjAzMDIxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE1MmI1ZC05MDM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuAXQ3QHNgOkG9TwoUkgecT/DbijU3fWre+34z2OpDXTmxtC0bx13ls9luFYp Cd1DbYxCYErXan8WLts3kYBpZ4zTAuP+HGUPYGI4Xtnxov8rttGfUKX341EXgUoz hy5dqIPEO5BLcnMtAUD5A4YzsSqjc4enXzTwteF0zgdBY+TIvavdlomkgc7Xsjlz emQkAanIWMcdsZYixbxeT5p3YX6D+9N6jF1D2gwsqWTy8DRWoHWa1ZLIgKMeShP3 8KUO3w28GfCM82KamJNMDfcfGpuD41NmueS6Iyd1BwmGg5d6za0Cfb3ZrNrhdhTN tW+AcizHzeMgx3B3axDU66KN/wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFB856kQr 5wrUwvEfuJt715NZ0Qj/MB8GA1UdIwQYMBaAFGRH42GxpElroBKN9pVldEjpXiuV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Rjg3OS9BQUZDRUYwQTgz NDkxMUVBODlERTY5N0JDNEY5QUUwMi9aRWZqWWJHa1NXdWdFbzMybFdWMFNPbGVL NVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pFZmpZYkdrU1d1Z0VvMzJsV1YwU09sZUs1VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0Y4NzkvQUFGQ0VGMEE4MzQ5MTFFQTg5REU2OTdCQzRGOUFFMDIvOEE2QUExNzg1 NTYxMTFFREI3RTQ1NDI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnWJADBALLYPgwDQQCAAIwBwMFACQA48AwDQYJKoZIhvcN AQELBQADggEBAHZY+oQrqW9/bLlextXzb6aAXJk8JApGv93xk4xlVG0qD4BwunEP 16nhOoIJEk430P3xG1B4iXgBWEtBb2O1rOEUyunfKGN1buoJfXKKlHAPjGwKGhe7 tuMVmAX8RqPWpgCqTBgGfMF91FxtlzusQaeobAxcUXACjKvxMH6fNisjuEH/H1/N 7z/TQiQ+uHd5NaPqQr/Jf82cu4PHKa0dUmX/4vTNDO/WpgCDPUHF7ZE74X9RQbnu 0an/XTiJ4tROSbgAXUrkG5en5sPSSOXacgzwLopEEQ0vgva5LEMNdvuBREtTNc7B pKLln1bUBYCLjUUr+nM3nQ0sUSmI3xQ4ciM= -----END CERTIFICATE-----Generated at Wed May 14 21:33:18 2025 by rpki-client