$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A309C02FD8611EFB0589357C4F9AE02.roa File: 2A309C02FD8611EFB0589357C4F9AE02.roa (raw, json) Hash identifier: RsGxCmfwZaJSgXkBhUPTqp4zbEEpL9iEAqXsYU2ARZ8= Subject key identifier: B8:CB:B8:A5:15:E2:96:D5:EC:46:1F:8F:F5:EC:AD:EA:8D:00:27:79 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B926 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A309C02FD8611EFB0589357C4F9AE02.roa Signing time: Thu 08 May 2025 16:27:21 +0000 ROA not before: Thu 08 May 2025 16:27:21 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 151690 IP address blocks: 43.228.166.0/23 maxlen: 24 103.96.15.0/24 maxlen: 24 103.109.220.0/22 maxlen: 24 103.147.93.0/24 maxlen: 24 103.157.162.0/23 maxlen: 24 103.172.56.0/24 maxlen: 24 103.185.100.0/24 maxlen: 24 103.216.99.0/24 maxlen: 24 103.225.70.0/24 maxlen: 24 103.239.12.0/23 maxlen: 24 2001:df2:23c0::/48 maxlen: 48 2001:df2:9640::/48 maxlen: 48 2001:df3:29c0::/48 maxlen: 48 2001:df4:88c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 09:38:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47398 (0xb926) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:27:21 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cdb68-ae4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:4f:70:bb:c8:0d:ce:0f:52:93:7f:0b:52:c6: 1c:6a:71:da:f1:70:d1:59:eb:58:7a:61:39:b5:ff: b4:79:46:c4:8a:e8:d0:f7:6c:46:33:28:b0:61:b9: c5:9c:85:2d:d2:a0:43:fd:2a:c0:bf:c8:19:2d:ff: af:3b:75:b5:83:65:eb:d9:82:7f:e5:a7:9a:cf:b4: c5:0a:6d:89:ba:46:1d:71:07:5b:13:c1:7a:a9:17: 77:d0:41:ec:50:60:4d:b1:2e:e3:5a:b5:f8:05:6d: c6:2b:ad:88:80:5d:bb:62:a9:f1:8b:0b:48:0d:a4: d7:10:2e:c4:7a:18:ea:d9:a1:a5:9e:d0:54:7a:71: b8:d1:56:5c:a1:41:f0:44:c5:d9:e2:d3:13:e1:6b: 0a:48:7d:2b:75:a8:6e:77:da:de:5d:d9:d3:25:2b: e7:29:92:ea:e3:c4:81:64:7e:0e:34:dc:39:97:b2: dd:75:33:4c:9c:7f:53:b9:b6:3d:43:4c:ee:89:99: f0:ac:ad:2c:e2:61:37:98:93:37:ab:cb:68:86:55: 72:40:fb:86:98:45:fc:49:4a:13:c5:31:b7:c5:5b: 2e:47:c6:7d:48:ef:3f:3e:db:db:cd:6d:d2:09:4d: c7:03:2f:49:d9:a9:fb:f4:ec:76:de:56:1a:dd:a4: 0c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:CB:B8:A5:15:E2:96:D5:EC:46:1F:8F:F5:EC:AD:EA:8D:00:27:79 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A309C02FD8611EFB0589357C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.166.0/23 103.96.15.0/24 103.109.220.0/22 103.147.93.0/24 103.157.162.0/23 103.172.56.0/24 103.185.100.0/24 103.216.99.0/24 103.225.70.0/24 103.239.12.0/23 IPv6: 2001:df2:23c0::/48 2001:df2:9640::/48 2001:df3:29c0::/48 2001:df4:88c0::/48 Signature Algorithm: sha256WithRSAEncryption 44:fe:27:0b:3f:bd:73:71:73:63:78:cc:f5:04:01:3b:cc:a5: 17:66:1f:18:fe:35:a1:1a:1e:7d:52:ea:6e:de:be:4c:16:11: b7:e6:54:2c:ec:a3:91:09:1e:a7:d1:52:f4:90:da:09:69:d5: 22:1c:db:8e:30:c6:3b:f5:48:f6:ad:db:45:c1:6b:da:43:aa: 7c:e3:7b:35:9f:e2:dd:33:ba:4d:6b:4b:93:2a:40:38:d4:ec: e2:07:da:db:54:80:0d:7a:48:5b:35:98:35:c9:aa:3a:18:42: f0:1c:f3:be:a4:11:35:96:2a:ad:99:eb:c3:96:0c:81:a2:94: 01:b2:4c:36:a1:f1:b9:3c:6e:8d:00:9a:04:81:e2:c9:69:9c: 00:c0:36:34:a9:0d:0c:b4:36:09:9b:16:b8:ec:74:4f:ea:4f: 96:77:9a:af:54:7d:4f:f1:f1:d3:c9:1e:89:ae:ca:32:3c:a1: 2c:6f:88:32:fe:93:77:b3:f5:c0:a2:61:9b:a2:ce:98:12:ac: 87:69:bf:af:a5:62:ef:f9:f6:7c:57:8f:70:d7:05:d5:1d:bd: 8f:66:3c:35:65:93:e1:83:0c:e6:fb:a5:64:a2:d3:d9:e6:c8: 34:6f:d5:9c:d8:93:ae:b1:93:f1:aa:82:25:b9:7a:f2:d5:d2: 57:99:33:d7 -----BEGIN CERTIFICATE----- MIIF1TCCBL2gAwIBAgIDALkmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MjcyMVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2RiNjgtYWU0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANFPcLvIDc4PUpN/C1LGHGpx2vFw0VnrWHphObX/tHlGxIro0PdsRjMosGG5 xZyFLdKgQ/0qwL/IGS3/rzt1tYNl69mCf+Wnms+0xQptibpGHXEHWxPBeqkXd9BB 7FBgTbEu41q1+AVtxiutiIBdu2Kp8YsLSA2k1xAuxHoY6tmhpZ7QVHpxuNFWXKFB 8ETF2eLTE+FrCkh9K3Wobnfa3l3Z0yUr5ymS6uPEgWR+DjTcOZey3XUzTJx/U7m2 PUNM7omZ8KytLOJhN5iTN6vLaIZVckD7hphF/ElKE8Uxt8VbLkfGfUjvPz7b281t 0glNxwMvSdmp+/Tsdt5WGt2kDBUCAwEAAaOCAvgwggL0MB0GA1UdDgQWBBS4y7il FeKW1exGH4/17K3qjQAneTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJBMzA5QzAy RkQ4NjExRUZCMDU4OTM1N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGBBggrBgEFBQcBBwEB /wRyMHAwQgQCAAEwPAMEASvkpgMEAGdgDwMEAmdt3AMEAGeTXQMEAWedogMEAGes OAMEAGe5ZAMEAGfYYwMEAGfhRgMEAWfvDDAqBAIAAjAkAwcAIAEN8iPAAwcAIAEN 8pZAAwcAIAEN8ynAAwcAIAEN9IjAMA0GCSqGSIb3DQEBCwUAA4IBAQBE/icLP71z cXNjeMz1BAE7zKUXZh8Y/jWhGh59Uupu3r5MFhG35lQs7KORCR6n0VL0kNoJadUi HNuOMMY79Uj2rdtFwWvaQ6p843s1n+LdM7pNa0uTKkA41OziB9rbVIANekhbNZg1 yao6GELwHPO+pBE1liqtmevDlgyBopQBskw2ofG5PG6NAJoEgeLJaZwAwDY0qQ0M tDYJmxa47HRP6k+Wd5qvVH1P8fHTyR6JrsoyPKEsb4gy/pN3s/XAomGbos6YEqyH ab+vpWLv+fZ8V49w1wXVHb2PZjw1ZZPhgwzm+6VkotPZ5sg0b9Wc2JOusZPxqoIl uXry1dJXmTPX -----END CERTIFICATE-----Generated at Mon May 12 01:33:21 2025 by rpki-client