$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/C38EA6882B3411F0929A5143C4F9AE02.roa File: C38EA6882B3411F0929A5143C4F9AE02.roa (raw, json) Hash identifier: 1ftKxi53udwRZlcIfmsn+TIlrSuLjuthPp7NNwJDMOM= Subject key identifier: CE:D2:71:67:15:2B:D0:E3:EE:52:2A:D4:45:33:5D:8E:92:AD:CA:48 Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7 Certificate serial: 35C7 Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/C38EA6882B3411F0929A5143C4F9AE02.roa Signing time: Wed 07 May 2025 23:24:51 +0000 ROA not before: Wed 07 May 2025 23:24:51 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 45725 IP address blocks: 43.230.152.0/24 maxlen: 24 43.230.153.0/24 maxlen: 24 43.230.154.0/24 maxlen: 24 43.230.155.0/24 maxlen: 24 103.245.136.0/24 maxlen: 24 103.245.137.0/24 maxlen: 24 103.245.138.0/24 maxlen: 24 103.245.139.0/24 maxlen: 24 180.211.88.0/21 maxlen: 24 202.150.160.0/21 maxlen: 24 202.150.168.0/21 maxlen: 24 2402:780::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 02:39:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13767 (0x35c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7 Validity Not Before: May 7 23:24:51 2025 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=681bebc3-b466 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:6c:11:75:8c:10:7b:29:7f:a2:1d:90:e9:7a: a3:e9:41:c6:c4:9d:d7:95:92:f3:07:2d:b0:b7:de: 1c:95:43:07:d4:3c:0e:f9:d4:83:1f:f6:84:28:4b: 3b:41:b3:4d:1e:ab:a6:25:14:33:2c:a1:07:82:09: aa:a2:fe:f2:ce:67:c9:9d:81:5b:46:a3:14:17:59: a6:25:69:da:49:05:53:21:a2:88:71:e3:11:70:f7: c1:ef:27:f6:aa:c3:41:35:c0:62:88:9e:81:99:0e: d4:43:f8:9c:0d:a0:75:a7:83:34:c0:22:10:9a:2e: cf:30:dd:c9:f9:76:d4:dd:09:d0:f6:cd:6b:05:15: dc:1c:a1:a9:0c:51:66:e6:2a:6d:a4:ba:d6:76:e3: dc:06:40:43:49:82:f5:97:5c:a5:da:31:03:0d:2d: 49:c2:18:95:f9:2c:17:dc:a6:d7:da:5d:60:3a:ac: 83:c0:ae:e8:6e:e3:ec:52:ef:d0:d6:d4:6c:13:61: 11:98:9a:4a:c1:9f:dd:0f:b9:a1:11:fe:1d:c1:a9: 46:1b:29:2d:13:3a:99:35:95:cd:31:17:48:21:19: 8d:64:ae:a9:ad:50:db:3f:95:c0:0e:fc:b7:25:36: 26:bf:20:4e:90:a9:35:45:23:42:d9:e5:dc:2f:a0: f0:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:D2:71:67:15:2B:D0:E3:EE:52:2A:D4:45:33:5D:8E:92:AD:CA:48 X509v3 Authority Key Identifier: keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/C38EA6882B3411F0929A5143C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.152.0/22 103.245.136.0/22 180.211.88.0/21 202.150.160.0/20 IPv6: 2402:780::/32 Signature Algorithm: sha256WithRSAEncryption 6e:bc:22:4a:12:04:65:19:e4:28:7c:cc:91:db:7e:67:90:ab: b4:55:14:7d:e7:14:4f:9c:43:36:45:2a:bf:06:29:97:7c:4d: 71:b9:23:af:36:d8:17:27:6e:58:f0:a9:16:05:c4:07:24:66: 11:09:8b:6a:e2:5b:99:9e:6c:80:1c:77:38:a8:cb:0f:6a:47: ee:23:4b:24:ef:bc:e8:87:b4:72:66:d0:60:86:4f:a4:50:47: 55:81:f1:38:cf:25:18:99:49:d6:b6:07:5d:0b:4c:1e:55:6e: 26:5f:a8:a8:06:eb:47:29:7e:d3:61:ed:d6:79:95:ae:93:e6: c6:17:8a:bd:c3:a8:74:d7:ca:d5:d7:17:6d:fc:85:de:c7:62: 9e:f4:b4:20:34:22:cf:88:8c:e0:8d:c2:ff:25:c0:d6:0b:89: 8f:1a:a4:f5:4b:f6:f9:39:55:20:44:d9:ec:19:eb:74:cd:a5: 11:da:8d:e1:fb:a1:70:36:ce:8a:84:7c:28:e9:4b:ed:74:cd: f7:be:2d:34:fb:55:59:d4:88:8a:c0:7f:01:4c:b7:00:bc:ae: 93:9a:ed:33:b0:8e:9f:38:87:91:aa:2b:09:02:ff:38:a2:a2: b4:ef:97:1b:a4:c2:05:01:f1:c9:21:09:5b:47:52:90:f8:20: c0:ea:d4:7c -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICNccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG QUIyNEQ3RTcwHhcNMjUwNTA3MjMyNDUxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFiZWJjMy1iNDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2GwRdYwQeyl/oh2Q6Xqj6UHGxJ3XlZLzBy2wt94clUMH1DwO+dSDH/aEKEs7 QbNNHqumJRQzLKEHggmqov7yzmfJnYFbRqMUF1mmJWnaSQVTIaKIceMRcPfB7yf2 qsNBNcBiiJ6BmQ7UQ/icDaB1p4M0wCIQmi7PMN3J+XbU3QnQ9s1rBRXcHKGpDFFm 5iptpLrWduPcBkBDSYL1l1yl2jEDDS1JwhiV+SwX3KbX2l1gOqyDwK7obuPsUu/Q 1tRsE2ERmJpKwZ/dD7mhEf4dwalGGyktEzqZNZXNMRdIIRmNZK6prVDbP5XADvy3 JTYmvyBOkKk1RSNC2eXcL6DwawIDAQABo4ICtjCCArIwHQYDVR0OBBYEFM7ScWcV K9Dj7lIq1EUzXY6SrcpIMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvQzM4RUE2ODgy QjM0MTFGMDkyOUE1MTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr5pgDBAJn9YgDBAO001gDBATKlqAwDQQCAAIwBwMFACQC B4AwDQYJKoZIhvcNAQELBQADggEBAG68IkoSBGUZ5Ch8zJHbfmeQq7RVFH3nFE+c QzZFKr8GKZd8TXG5I6822BcnbljwqRYFxAckZhEJi2riW5mebIAcdzioyw9qR+4j SyTvvOiHtHJm0GCGT6RQR1WB8TjPJRiZSda2B10LTB5VbiZfqKgG60cpftNh7dZ5 la6T5sYXir3DqHTXytXXF238hd7HYp70tCA0Is+IjOCNwv8lwNYLiY8apPVL9vk5 VSBE2ewZ63TNpRHajeH7oXA2zoqEfCjpS+10zfe+LTT7VVnUiIrAfwFMtwC8rpOa 7TOwjp84h5GqKwkC/ziiorTvlxukwgUB8ckhCVtHUpD4IMDq1Hw= -----END CERTIFICATE-----Generated at Tue May 13 04:39:12 2025 by rpki-client