$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0D72E57A370A11EC89F66342C4F9AE02.roa File: 0D72E57A370A11EC89F66342C4F9AE02.roa (raw, json) Hash identifier: PxLasfX4vf+BVz/LmyVT1YlKxRmvp5o4H8PMtNuJ+F4= Subject key identifier: D9:12:68:62:B3:CE:C7:41:F7:19:54:F2:D5:C4:08:28:3B:EC:52:EE Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: BA64 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0D72E57A370A11EC89F66342C4F9AE02.roa Signing time: Thu 08 May 2025 16:32:11 +0000 ROA not before: Thu 08 May 2025 16:32:11 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 59173 IP address blocks: 103.41.88.0/24 maxlen: 24 103.41.89.0/24 maxlen: 24 103.41.91.0/24 maxlen: 24 103.77.238.0/23 maxlen: 24 2001:df0:fc00::/48 maxlen: 48 2001:df0:fc01::/48 maxlen: 48 2400:daa0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 13:22:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47716 (0xba64) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:32:11 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cdc8a-7b02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:86:93:ba:e5:95:8a:f6:68:4e:30:4f:27:f6: fb:bd:47:55:2b:79:d3:76:2d:6f:bd:89:7d:f6:32: b3:a5:65:4a:ce:64:70:33:14:42:84:ac:8e:cb:39: 05:1c:02:99:f2:c4:0e:eb:44:69:6e:55:24:ef:68: 92:af:81:20:0a:c4:80:2e:8c:bd:d0:d8:29:ee:0d: 3a:b3:8d:c5:45:4e:d0:09:ad:07:50:6d:dc:9e:ba: d5:16:6f:8f:27:01:15:f6:b8:65:48:56:eb:7d:85: 75:9e:02:3c:f4:ac:75:6c:34:03:3b:14:d9:3f:02: 4c:58:78:30:5e:d1:12:79:f7:92:97:22:2c:51:88: 9c:63:0b:d2:6e:26:29:4d:49:b0:7d:0a:1f:32:c3: 36:b4:69:6f:cb:58:ac:89:35:ee:a4:cc:07:91:be: a1:f7:25:f2:e9:3d:e0:46:2e:1b:42:77:26:4b:29: 95:d7:36:37:ba:d1:cb:98:07:5d:1a:1e:df:77:2a: 10:b0:b9:96:91:50:5e:0a:38:e5:40:2d:07:2c:74: 5c:15:a6:80:93:ff:04:c4:59:a8:84:32:79:66:72: 91:a4:fa:72:77:60:25:f0:ff:3a:70:50:df:6a:d8: c9:b9:0d:d9:a2:b3:42:75:bd:00:ed:be:57:72:6b: d4:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:12:68:62:B3:CE:C7:41:F7:19:54:F2:D5:C4:08:28:3B:EC:52:EE X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0D72E57A370A11EC89F66342C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.41.88.0/23 103.41.91.0/24 103.77.238.0/23 IPv6: 2001:df0:fc00::/47 2400:daa0::/32 Signature Algorithm: sha256WithRSAEncryption 4b:34:5e:1b:b4:2e:68:1a:7c:fa:4b:26:6f:bc:d0:73:88:43: 87:b7:c0:c6:a8:f0:06:f7:e6:5a:6b:8f:4c:62:45:60:eb:b7: 8b:7d:d7:0b:a7:10:86:00:7a:6e:7e:53:fa:c6:bc:52:a9:04: cf:c4:c7:a6:49:8b:c2:f9:23:42:e4:2c:98:b2:62:fb:22:34: 6e:b2:db:cb:5e:c1:a6:39:52:f9:87:31:c5:de:40:ec:9e:7e: 9c:31:92:f2:42:1d:0b:8f:40:5a:94:98:a0:fe:bf:1c:ee:5e: 40:ea:d1:10:e0:38:0c:71:d0:c5:47:3d:27:58:1c:ea:8c:b5: 81:f8:eb:d0:ba:f6:68:0b:22:27:3a:4d:a0:66:6d:38:24:39: 36:17:00:db:16:1a:09:32:dd:c4:76:ba:a6:c7:1d:46:99:82: c4:df:c4:77:97:f7:17:00:40:a7:7c:bb:5c:89:8d:20:af:26: 92:78:c3:e0:c3:e2:24:15:32:a6:3d:53:9b:d1:b0:4d:86:ca: df:b3:71:30:32:a0:28:64:91:cb:9c:fe:ce:7f:6e:77:c5:a8: ec:ae:7b:63:4f:a0:2f:44:d3:ea:89:5c:de:f1:80:24:9f:32: d5:4e:b9:69:af:c3:38:e3:fb:18:91:71:70:ec:81:82:2a:a6: de:37:34:ea -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgIDALpkMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MzIxMVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2RjOGEtN2IwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJiGk7rllYr2aE4wTyf2+71HVSt503Ytb72JffYys6VlSs5kcDMUQoSsjss5 BRwCmfLEDutEaW5VJO9okq+BIArEgC6MvdDYKe4NOrONxUVO0AmtB1Bt3J661RZv jycBFfa4ZUhW632FdZ4CPPSsdWw0AzsU2T8CTFh4MF7REnn3kpciLFGInGML0m4m KU1JsH0KHzLDNrRpb8tYrIk17qTMB5G+ofcl8uk94EYuG0J3Jkspldc2N7rRy5gH XRoe33cqELC5lpFQXgo45UAtByx0XBWmgJP/BMRZqIQyeWZykaT6cndgJfD/OnBQ 32rYybkN2aKzQnW9AO2+V3Jr1FsCAwEAAaOCArkwggK1MB0GA1UdDgQWBBTZEmhi s87HQfcZVPLVxAgoO+xS7jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzBENzJFNTdB MzcwQTExRUM4OUY2NjM0MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEMGCCsGAQUFBwEHAQH/ BDQwMjAYBAIAATASAwQBZylYAwQAZylbAwQBZ03uMBYEAgACMBADBwEgAQ3w/AAD BQAkANqgMA0GCSqGSIb3DQEBCwUAA4IBAQBLNF4btC5oGnz6SyZvvNBziEOHt8DG qPAG9+Zaa49MYkVg67eLfdcLpxCGAHpuflP6xrxSqQTPxMemSYvC+SNC5CyYsmL7 IjRustvLXsGmOVL5hzHF3kDsnn6cMZLyQh0Lj0BalJig/r8c7l5A6tEQ4DgMcdDF Rz0nWBzqjLWB+OvQuvZoCyInOk2gZm04JDk2FwDbFhoJMt3Edrqmxx1GmYLE38R3 l/cXAECnfLtciY0gryaSeMPgw+IkFTKmPVOb0bBNhsrfs3EwMqAoZJHLnP7Of253 xajsrntjT6AvRNPqiVze8YAknzLVTrlpr8M44/sYkXFw7IGCKqbeNzTq -----END CERTIFICATE-----Generated at Wed May 14 01:57:42 2025 by rpki-client