$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2F6DB518360911F0BD7C4161C4F9AE02.roa File: 2F6DB518360911F0BD7C4161C4F9AE02.roa (raw, json) Hash identifier: snNflA5nGxFabzLswJdPXH2uER5AFyJLD6BzIsASsdw= Subject key identifier: FF:C2:A2:F3:AA:68:FC:D4:02:D1:FE:53:EE:41:88:67:FE:96:95:FB Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: BE46 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2F6DB518360911F0BD7C4161C4F9AE02.roa Signing time: Mon 16 Jun 2025 12:08:53 +0000 ROA not before: Mon 16 Jun 2025 12:08:53 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 136373 IP address blocks: 103.57.66.0/23 maxlen: 24 103.69.88.0/22 maxlen: 24 103.122.200.0/23 maxlen: 24 103.143.39.0/24 maxlen: 24 103.163.68.0/23 maxlen: 24 103.164.176.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 15:29:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48710 (0xbe46) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jun 16 12:08:53 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68500955-2d8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:37:2e:24:c8:c4:fe:1c:aa:b1:2b:c9:d9:4d: e8:39:9a:87:a7:29:b0:30:aa:96:d8:ca:ce:c6:da: ee:e9:52:09:bc:03:8d:6a:46:1a:32:83:15:0b:f3: 5f:4e:c0:39:64:d4:5b:e6:f3:5a:1e:97:70:3e:c5: 85:69:b8:5d:d4:09:06:14:cf:3b:0c:1b:b3:bf:ea: d4:c4:6c:a1:21:0d:fc:35:89:8e:67:a7:52:fe:33: 8f:1b:d5:09:aa:55:2d:58:5b:4f:c2:39:1a:9f:ec: 4d:62:52:94:15:98:0e:c3:7e:41:e0:ff:89:fe:cd: 2a:b3:95:53:15:1d:64:80:9a:a9:29:1a:ac:8c:27: e8:93:0b:86:03:9f:f5:6e:92:1c:ac:79:1f:92:50: 42:08:99:d5:77:23:67:cd:86:62:26:81:01:05:0e: bf:fc:e8:ba:8a:cf:62:01:f6:79:09:ae:a1:4a:0e: 9e:30:b1:8b:6e:50:9a:e4:21:c2:41:d5:67:86:04: 95:21:83:e5:7d:4e:81:39:74:28:69:0b:a0:2a:ee: 62:bd:e9:91:84:9f:4a:d2:35:d0:02:c4:8a:78:e1: 9f:20:b8:73:77:57:15:46:d7:bb:02:e0:95:63:16: 3c:11:9b:c9:94:1e:e9:90:d9:d1:4b:de:9d:f5:64: 4d:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:C2:A2:F3:AA:68:FC:D4:02:D1:FE:53:EE:41:88:67:FE:96:95:FB X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2F6DB518360911F0BD7C4161C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.57.66.0/23 103.69.88.0/22 103.122.200.0/23 103.143.39.0/24 103.163.68.0/23 103.164.176.0/23 Signature Algorithm: sha256WithRSAEncryption 4b:92:c2:18:59:69:73:f4:8c:0d:a7:4a:3c:91:99:5b:1e:cf: 95:a6:5c:36:26:69:76:8a:2a:61:e4:80:58:07:0e:fe:3c:7d: ed:a6:bc:90:8a:0c:e1:bb:2e:0a:4f:6d:69:0b:2c:9d:df:48: ed:fb:6b:de:e8:eb:65:f9:2c:91:37:4e:d7:d1:44:09:24:4b: 67:d2:73:fc:79:3f:02:12:8e:3f:47:04:f9:f1:88:10:aa:81: 3c:41:9e:7c:ed:f1:e7:cf:1c:6a:40:f2:53:40:de:9a:fe:16: db:8b:5a:70:af:bb:8d:b6:bc:df:93:39:38:b0:9f:1f:eb:c8: c3:f8:1f:8c:ac:b6:b1:6f:2a:18:fa:5c:24:b2:e0:48:83:2a: b9:c3:e5:00:69:af:82:f9:2f:17:cf:69:41:2f:04:2e:a6:98: 24:73:63:43:53:c6:0e:d3:2e:dc:36:4a:29:2d:32:53:98:fb: 1d:3d:e6:0b:a6:aa:c9:7f:0d:9c:ca:05:36:a2:f4:21:33:f8: 54:f3:cc:a9:d5:d6:52:c7:43:49:a7:07:f6:ad:38:3c:e3:8c: 4c:5e:99:64:48:a0:1b:86:7b:d6:83:0a:15:f5:9b:a1:33:1b: b8:e7:d7:45:9e:fb:82:32:1c:91:0c:37:43:84:7d:c1:94:af: 4b:89:51:93 -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgIDAL5GMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDYxNjEyMDg1M1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjg1MDA5NTUtMmQ4ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMU3LiTIxP4cqrErydlN6Dmah6cpsDCqltjKzsba7ulSCbwDjWpGGjKDFQvz X07AOWTUW+bzWh6XcD7FhWm4XdQJBhTPOwwbs7/q1MRsoSEN/DWJjmenUv4zjxvV CapVLVhbT8I5Gp/sTWJSlBWYDsN+QeD/if7NKrOVUxUdZICaqSkarIwn6JMLhgOf 9W6SHKx5H5JQQgiZ1XcjZ82GYiaBAQUOv/zouorPYgH2eQmuoUoOnjCxi25QmuQh wkHVZ4YElSGD5X1OgTl0KGkLoCruYr3pkYSfStI10ALEinjhnyC4c3dXFUbXuwLg lWMWPBGbyZQe6ZDZ0UvenfVkTVUCAwEAAaOCArMwggKvMB0GA1UdDgQWBBT/wqLz qmj81ALR/lPuQYhn/paV+zAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJGNkRCNTE4 MzYwOTExRjBCRDdDNDE2MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMD0GCCsGAQUFBwEHAQH/ BC4wLDAqBAIAATAkAwQBZzlCAwQCZ0VYAwQBZ3rIAwQAZ48nAwQBZ6NEAwQBZ6Sw MA0GCSqGSIb3DQEBCwUAA4IBAQBLksIYWWlz9IwNp0o8kZlbHs+Vplw2Jml2iiph 5IBYBw7+PH3tpryQigzhuy4KT21pCyyd30jt+2ve6Otl+SyRN07X0UQJJEtn0nP8 eT8CEo4/RwT58YgQqoE8QZ587fHnzxxqQPJTQN6a/hbbi1pwr7uNtrzfkzk4sJ8f 68jD+B+MrLaxbyoY+lwksuBIgyq5w+UAaa+C+S8Xz2lBLwQuppgkc2NDU8YO0y7c NkopLTJTmPsdPeYLpqrJfw2cygU2ovQhM/hU88yp1dZSx0NJpwf2rTg844xMXplk SKAbhnvWgwoV9ZuhMxu459dFnvuCMhyRDDdDhH3BlK9LiVGT -----END CERTIFICATE-----Generated at Thu Jul 3 06:06:02 2025 by rpki-client