$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A64BEEAE22611EFB2F11E4CC4F9AE02.roa File: 2A64BEEAE22611EFB2F11E4CC4F9AE02.roa (raw, json) Hash identifier: Z2FcnCxPGhDapbtxu/80bVVYJpITagkSPApnutHXtkQ= Subject key identifier: B3:D5:BB:C6:E4:E8:34:E4:8A:FD:90:AD:48:09:74:FB:E3:CA:5A:14 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B538 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A64BEEAE22611EFB2F11E4CC4F9AE02.roa Signing time: Thu 08 May 2025 16:12:09 +0000 ROA not before: Thu 08 May 2025 16:12:09 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 138738 IP address blocks: 103.70.156.0/22 maxlen: 22 103.70.156.0/24 maxlen: 24 103.70.157.0/24 maxlen: 24 103.70.158.0/24 maxlen: 24 103.70.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 18:54:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46392 (0xb538) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:12:09 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd7d9-1179 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:40:27:72:bc:2b:24:d6:3e:b6:dd:4f:95:f5: b6:db:47:e8:14:20:f3:8b:02:46:b9:0d:40:41:f6: 67:6c:0a:ee:6d:ed:16:fb:ad:e8:ce:de:cd:a4:25: 46:3a:e4:51:65:3a:4b:fe:79:41:6d:4e:3c:38:bd: d3:da:af:dd:85:ed:d4:d9:d5:82:f4:2e:60:63:94: f9:2a:d4:58:26:7c:20:eb:d3:85:5a:dc:a4:0b:f0: 0f:d2:49:78:21:16:41:a6:f0:27:57:76:15:fd:95: e9:00:16:49:fd:1f:f6:b6:97:d4:a8:91:80:1a:64: d3:93:60:0c:69:29:4b:b7:8d:eb:72:95:e6:f3:0c: 2e:f4:63:e5:cb:8c:06:fb:54:c1:63:bb:a2:7a:79: aa:02:b3:a1:cb:dc:aa:76:c9:f6:f6:bb:31:84:75: 7c:80:ab:86:ca:a1:73:bc:e9:c4:d7:4e:f2:c6:60: de:43:2d:2c:97:a2:1f:29:09:a1:bb:61:c3:ce:26: d8:8b:53:7d:05:ed:a4:c5:fb:f1:89:a6:ed:5b:f5: 56:c4:35:0e:13:79:45:ba:63:46:24:7c:73:5d:d6: 3a:58:87:6d:a8:ea:49:69:d1:e0:09:09:ff:7d:3d: 52:4a:a4:3a:48:a5:a4:8c:13:fd:f4:30:e0:1e:6e: b4:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:D5:BB:C6:E4:E8:34:E4:8A:FD:90:AD:48:09:74:FB:E3:CA:5A:14 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A64BEEAE22611EFB2F11E4CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.70.156.0/22 Signature Algorithm: sha256WithRSAEncryption 29:19:83:1b:60:bb:e3:b8:50:12:8b:df:8f:71:6d:bc:11:a3: c7:b0:f1:ef:0e:f0:7b:5b:ad:8e:6e:bc:6c:f6:00:e5:5f:5f: f7:ae:76:8e:e5:0e:bc:f7:72:66:90:62:80:2e:c9:d4:f2:3a: 11:98:5e:74:4b:9b:04:64:c6:1b:01:b8:79:53:09:82:50:27: 62:cd:af:af:e7:d4:cc:fd:22:bf:67:63:81:bf:ea:9d:7b:aa: 07:01:90:b1:d7:48:ab:7f:3c:64:a0:fd:f0:dc:c6:8e:34:bb: 10:20:2f:1b:12:34:bb:6c:d7:d7:73:a8:b0:22:58:00:9b:7a: 42:7e:2a:79:09:b8:4d:b1:c0:bf:39:78:96:8a:0e:00:fa:8b: 50:e0:0b:6c:67:77:1e:ef:44:e6:bc:d1:b6:26:0d:e5:72:05: 06:6f:fd:96:f6:5b:4f:5a:4f:3b:da:fd:47:d3:d0:d9:6d:83: e3:10:ec:25:8b:46:c4:ed:11:fa:25:9d:62:13:7e:32:65:39: 27:1f:31:09:8a:1d:7b:b0:25:29:cc:99:75:45:a9:81:bf:e9: 12:39:58:89:cd:df:69:1f:f5:32:73:5f:73:13:fc:fd:89:30: 8e:3c:82:eb:a2:86:ea:e8:ab:48:fe:60:ae:8e:29:03:2e:98: d8:a0:e1:c3 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgIDALU4MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MTIwOVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q3ZDktMTE3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALRAJ3K8KyTWPrbdT5X1tttH6BQg84sCRrkNQEH2Z2wK7m3tFvut6M7ezaQl RjrkUWU6S/55QW1OPDi909qv3YXt1NnVgvQuYGOU+SrUWCZ8IOvThVrcpAvwD9JJ eCEWQabwJ1d2Ff2V6QAWSf0f9raX1KiRgBpk05NgDGkpS7eN63KV5vMMLvRj5cuM BvtUwWO7onp5qgKzocvcqnbJ9va7MYR1fICrhsqhc7zpxNdO8sZg3kMtLJeiHykJ obthw84m2ItTfQXtpMX78Ymm7Vv1VsQ1DhN5RbpjRiR8c13WOliHbajqSWnR4AkJ /309UkqkOkilpIwT/fQw4B5utNMCAwEAAaOCApUwggKRMB0GA1UdDgQWBBSz1bvG 5Og05Ir9kK1ICXT748paFDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJBNjRCRUVB RTIyNjExRUZCMkYxMUU0Q0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/ BBAwDjAMBAIAATAGAwQCZ0acMA0GCSqGSIb3DQEBCwUAA4IBAQApGYMbYLvjuFAS i9+PcW28EaPHsPHvDvB7W62Obrxs9gDlX1/3rnaO5Q6893JmkGKALsnU8joRmF50 S5sEZMYbAbh5UwmCUCdiza+v59TM/SK/Z2OBv+qde6oHAZCx10irfzxkoP3w3MaO NLsQIC8bEjS7bNfXc6iwIlgAm3pCfip5CbhNscC/OXiWig4A+otQ4AtsZ3ce70Tm vNG2Jg3lcgUGb/2W9ltPWk872v1H09DZbYPjEOwli0bE7RH6JZ1iE34yZTknHzEJ ih17sCUpzJl1RamBv+kSOViJzd9pH/Uyc19zE/z9iTCOPILroobq6KtI/mCujikD LpjYoOHD -----END CERTIFICATE-----Generated at Tue May 13 02:24:54 2025 by rpki-client