$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0073781CB17611ECA770DF50C4F9AE02.roa File: 0073781CB17611ECA770DF50C4F9AE02.roa (raw, json) Hash identifier: yGRb3mOQ1DiCEZQNnAH8Nv5rmZ6yBotMAkAtEfJwxa8= Subject key identifier: 20:94:AB:BE:6D:E2:E3:83:E4:FC:03:05:02:DC:46:3A:F3:FE:9B:09 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B2F1 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0073781CB17611ECA770DF50C4F9AE02.roa Signing time: Thu 08 May 2025 16:03:10 +0000 ROA not before: Thu 08 May 2025 16:03:10 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 135193 IP address blocks: 103.164.161.0/24 maxlen: 24 103.167.29.0/24 maxlen: 24 103.180.72.0/24 maxlen: 24 103.180.73.0/24 maxlen: 24 103.181.212.0/24 maxlen: 24 103.190.198.0/24 maxlen: 24 2001:df1:f9c0::/48 maxlen: 48 2407:3ec0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 13:22:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45809 (0xb2f1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:03:10 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd5bd-64db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:3f:ba:47:2c:57:75:dd:23:2e:73:8a:1d:f0: a0:04:ac:34:04:4e:54:76:38:ee:a8:c7:7f:1f:83: b5:10:c4:1f:4f:9d:e1:f4:0b:7e:d1:46:62:de:d3: 97:80:d7:7f:be:56:9b:25:ec:7a:a1:41:9a:4b:da: 33:fd:11:2f:38:c4:72:95:9b:44:56:17:79:5a:ad: dd:19:30:14:42:48:18:26:c7:9b:02:fa:f3:90:ef: 21:40:eb:a5:a9:a7:91:4e:03:62:ba:05:1c:f7:8d: 45:c6:b8:a8:0a:2f:7f:18:b1:4e:de:68:a1:b1:f6: 5d:6f:c4:44:27:93:32:c4:98:0b:2b:26:23:83:3c: 7f:4f:65:77:2d:04:a9:36:8b:6d:d0:ed:63:d3:a2: c3:b4:6c:e9:29:31:35:74:36:6a:d6:da:72:ed:98: f2:8a:9d:73:a9:49:5a:60:f6:68:d8:46:f8:64:e8: d5:4c:f5:aa:56:32:cd:04:d6:e8:66:d3:39:5c:53: b1:09:c0:f6:19:36:84:b1:1f:24:ec:01:ad:f0:97: 82:7e:86:a7:b7:05:bf:25:e6:cf:2c:7c:7e:7e:b7: fe:cf:bd:8f:a5:6c:be:00:57:c8:ed:c6:86:0c:54: 5d:25:8f:c6:b7:62:ff:4d:e0:a7:04:6b:be:63:51: 30:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:94:AB:BE:6D:E2:E3:83:E4:FC:03:05:02:DC:46:3A:F3:FE:9B:09 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0073781CB17611ECA770DF50C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.164.161.0/24 103.167.29.0/24 103.180.72.0/23 103.181.212.0/24 103.190.198.0/24 IPv6: 2001:df1:f9c0::/48 2407:3ec0::/32 Signature Algorithm: sha256WithRSAEncryption 75:0b:14:75:92:c8:51:cc:9e:49:d3:d3:e0:7f:63:27:cf:51: 65:0a:f8:4e:b1:0d:f9:26:ec:6f:d5:c4:e2:a0:de:49:f0:27: 56:01:ca:b9:40:23:87:ac:af:87:ab:f8:83:29:f5:53:64:9c: 99:9b:21:65:a5:9f:c0:de:e1:01:4d:e8:d8:ad:a5:2f:a1:2c: 55:e0:bd:cd:5b:3c:a0:65:5f:83:42:05:d8:f1:af:8d:8a:b4: 6d:1e:b7:8f:a4:88:92:cc:ab:87:bb:ce:6c:7e:87:54:b1:66: d2:5f:2c:2f:a1:ae:21:4d:84:83:68:c6:73:76:f5:9a:d4:d0: 74:f1:76:cc:6d:0d:a5:7f:e3:1f:2f:07:3f:aa:18:04:61:b4: 89:a9:01:71:60:03:b2:87:e4:37:f7:e6:86:ac:55:2b:66:e6: d5:2f:be:bb:c1:82:97:ad:07:81:05:8d:4d:ef:83:9a:95:0f: 1c:51:13:f6:b2:9e:95:0d:75:21:7f:e3:81:46:4e:b4:7a:2b: f6:cc:37:c0:ac:ea:77:c4:f9:56:c9:33:87:20:34:c3:7d:5c: af:12:be:f5:a6:78:20:54:dd:3f:bf:da:df:91:cc:c0:3a:82: cc:41:11:a3:b2:f1:c5:6a:8e:82:e9:bb:99:40:d9:33:58:12: e0:61:ed:67 -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgIDALLxMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDMxMFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q1YmQtNjRkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM4/ukcsV3XdIy5zih3woASsNAROVHY47qjHfx+DtRDEH0+d4fQLftFGYt7T l4DXf75WmyXseqFBmkvaM/0RLzjEcpWbRFYXeVqt3RkwFEJIGCbHmwL685DvIUDr pamnkU4DYroFHPeNRca4qAovfxixTt5oobH2XW/ERCeTMsSYCysmI4M8f09ldy0E qTaLbdDtY9Oiw7Rs6SkxNXQ2atbacu2Y8oqdc6lJWmD2aNhG+GTo1Uz1qlYyzQTW 6GbTOVxTsQnA9hk2hLEfJOwBrfCXgn6Gp7cFvyXmzyx8fn63/s+9j6VsvgBXyO3G hgxUXSWPxrdi/03gpwRrvmNRMC8CAwEAAaOCAsUwggLBMB0GA1UdDgQWBBQglKu+ beLjg+T8AwUC3EY68/6bCTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzAwNzM3ODFD QjE3NjExRUNBNzcwREY1MEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sME8GCCsGAQUFBwEHAQH/ BEAwPjAkBAIAATAeAwQAZ6ShAwQAZ6cdAwQBZ7RIAwQAZ7XUAwQAZ77GMBYEAgAC MBADBwAgAQ3x+cADBQAkBz7AMA0GCSqGSIb3DQEBCwUAA4IBAQB1CxR1kshRzJ5J 09Pgf2Mnz1FlCvhOsQ35Juxv1cTioN5J8CdWAcq5QCOHrK+Hq/iDKfVTZJyZmyFl pZ/A3uEBTejYraUvoSxV4L3NWzygZV+DQgXY8a+NirRtHrePpIiSzKuHu85sfodU sWbSXywvoa4hTYSDaMZzdvWa1NB08XbMbQ2lf+MfLwc/qhgEYbSJqQFxYAOyh+Q3 9+aGrFUrZubVL767wYKXrQeBBY1N74OalQ8cURP2sp6VDXUhf+OBRk60eiv2zDfA rOp3xPlWyTOHIDTDfVyvEr71pnggVN0/v9rfkczAOoLMQRGjsvHFao6C6buZQNkz WBLgYe1n -----END CERTIFICATE-----Generated at Tue May 13 22:42:56 2025 by rpki-client