$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C85D8EADF1611EC8F85991EC4F9AE02.roa File: 3C85D8EADF1611EC8F85991EC4F9AE02.roa (raw, json) Hash identifier: HFMtrbfgIPaBfv4ml7ZxWN4EiPljSFaeRU2OV5EwE/A= Subject key identifier: 47:9A:7F:2D:8B:3D:06:52:7D:20:BD:29:C4:4E:C7:22:1F:BB:CB:0A Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B667 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C85D8EADF1611EC8F85991EC4F9AE02.roa Signing time: Thu 08 May 2025 16:16:44 +0000 ROA not before: Thu 08 May 2025 16:16:44 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 141527 IP address blocks: 103.173.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 18:54:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46695 (0xb667) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:16:44 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd8ec-8c27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:5d:30:0d:fa:a4:86:39:0c:14:79:22:ce:d8: 51:7d:bf:ff:05:09:89:71:09:59:ac:e8:c0:f2:53: ba:e6:91:50:c7:a3:67:bd:89:72:4d:db:d9:82:c4: 1b:00:ad:ba:9a:ec:5f:79:4a:40:9b:e0:d7:1e:d1: 35:62:20:bb:84:ad:9d:59:10:b7:47:1c:72:57:e7: ab:59:28:26:bf:ff:d6:c9:97:cd:94:08:71:78:ee: 69:50:9f:c8:01:8d:80:2e:44:66:a6:1c:68:4f:bd: 9c:e1:c1:a8:9c:9c:c7:06:0b:1c:f9:42:8b:55:82: fb:fb:b0:e8:87:ae:4b:b7:2f:5d:ab:6f:7e:6d:35: 6a:b4:f4:13:65:0a:00:52:2d:7f:37:37:63:53:a9: 42:17:5b:8e:54:3e:77:f7:be:43:99:6c:98:d9:81: f0:0a:24:13:6b:38:64:18:89:e5:86:fa:14:13:4b: 06:ce:1d:90:50:df:e4:d5:d9:86:43:cf:d3:07:12: 3f:3e:68:a6:86:57:0b:81:0b:d1:04:0f:01:c3:72: 97:49:a7:07:00:90:c5:6a:ef:e6:6c:55:a5:c0:53: ea:a4:3d:b3:3b:aa:1d:49:24:1f:f4:84:49:9d:53: b8:bd:04:6f:14:40:21:20:aa:9d:30:1d:d9:c7:bc: 42:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:9A:7F:2D:8B:3D:06:52:7D:20:BD:29:C4:4E:C7:22:1F:BB:CB:0A X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C85D8EADF1611EC8F85991EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.173.249.0/24 Signature Algorithm: sha256WithRSAEncryption 40:38:ff:43:03:98:57:e1:63:e6:28:15:64:27:e8:ab:8e:e0: 01:8f:4c:d0:ef:24:93:35:40:da:85:f0:88:8e:d2:99:27:0f: 04:af:17:ea:82:74:c7:67:69:36:6e:7d:a6:48:b8:1e:64:34: 0f:1e:b0:8f:4f:16:97:78:73:d2:c7:65:2f:54:44:f3:13:b3: 17:4c:b6:ca:64:fc:4e:1e:3f:27:c1:95:d9:1a:56:f3:9d:98: 3c:ad:a1:c0:8b:c9:65:79:3e:58:c8:27:37:19:49:cc:38:49: f8:0d:fd:ae:e2:e2:e3:ae:7c:2e:90:43:fc:2d:40:ec:f2:bd: 19:ba:a8:90:18:f0:97:c6:a6:bc:cc:43:88:b3:16:1a:48:79: b3:e7:71:4b:30:a1:2b:f2:21:9a:a6:ae:0f:f8:95:f4:ff:3a: c1:bb:c6:92:84:bf:ff:f4:02:c0:f2:a0:05:05:bf:2f:c0:8a: 71:04:96:b4:c0:ee:7c:54:d3:37:94:b2:93:03:a9:59:9e:5b: 11:7a:85:d3:75:62:a8:03:8c:a4:58:3f:ff:ed:e3:d8:c2:51: be:52:c7:12:6c:d0:ba:14:10:58:4d:80:16:93:a2:cf:89:41: ba:e6:f1:9c:42:d8:e1:84:a4:bd:d4:d1:99:5c:cd:15:6f:10: f3:7c:1c:b9 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgIDALZnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MTY0NFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q4ZWMtOGMyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJhdMA36pIY5DBR5Is7YUX2//wUJiXEJWazowPJTuuaRUMejZ72Jck3b2YLE GwCtuprsX3lKQJvg1x7RNWIgu4StnVkQt0ccclfnq1koJr//1smXzZQIcXjuaVCf yAGNgC5EZqYcaE+9nOHBqJycxwYLHPlCi1WC+/uw6IeuS7cvXatvfm01arT0E2UK AFItfzc3Y1OpQhdbjlQ+d/e+Q5lsmNmB8AokE2s4ZBiJ5Yb6FBNLBs4dkFDf5NXZ hkPP0wcSPz5opoZXC4EL0QQPAcNyl0mnBwCQxWrv5mxVpcBT6qQ9szuqHUkkH/SE SZ1TuL0EbxRAISCqnTAd2ce8QmMCAwEAAaOCApUwggKRMB0GA1UdDgQWBBRHmn8t iz0GUn0gvSnETsciH7vLCjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzNDODVEOEVB REYxNjExRUM4Rjg1OTkxRUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/ BBAwDjAMBAIAATAGAwQAZ635MA0GCSqGSIb3DQEBCwUAA4IBAQBAOP9DA5hX4WPm KBVkJ+irjuABj0zQ7ySTNUDahfCIjtKZJw8ErxfqgnTHZ2k2bn2mSLgeZDQPHrCP TxaXeHPSx2UvVETzE7MXTLbKZPxOHj8nwZXZGlbznZg8raHAi8lleT5YyCc3GUnM OEn4Df2u4uLjrnwukEP8LUDs8r0ZuqiQGPCXxqa8zEOIsxYaSHmz53FLMKEr8iGa pq4P+JX0/zrBu8aShL//9ALA8qAFBb8vwIpxBJa0wO58VNM3lLKTA6lZnlsReoXT dWKoA4ykWD//7ePYwlG+UscSbNC6FBBYTYAWk6LPiUG65vGcQtjhhKS91NGZXM0V bxDzfBy5 -----END CERTIFICATE-----Generated at Tue May 13 01:19:06 2025 by rpki-client