$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E29AA9EC6C911EFB4CA8564C4F9AE02.roa File: 3E29AA9EC6C911EFB4CA8564C4F9AE02.roa (raw, json) Hash identifier: /nZI1dP783JosTikm93uM31AXlS5lpmkWOKL4LNLQCA= Subject key identifier: 02:DA:0D:3A:11:8A:25:F1:AD:A5:1C:8D:15:61:D6:D5:2D:F8:16:04 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: BA6C Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E29AA9EC6C911EFB4CA8564C4F9AE02.roa Signing time: Thu 08 May 2025 16:32:18 +0000 ROA not before: Thu 08 May 2025 16:32:18 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 59191 IP address blocks: 45.120.56.0/22 maxlen: 24 103.115.236.0/23 maxlen: 24 103.118.164.0/22 maxlen: 24 103.139.224.0/23 maxlen: 24 103.157.112.0/23 maxlen: 24 103.173.252.0/23 maxlen: 24 103.183.104.0/23 maxlen: 24 103.218.132.0/22 maxlen: 24 113.30.168.0/22 maxlen: 24 2400:6220::/32 maxlen: 36 2407:f440::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 06:52:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47724 (0xba6c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:32:18 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cdc92-4a8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:62:f6:a4:00:16:8e:ce:08:eb:45:55:94:bc: 3a:13:03:a0:57:d1:aa:2e:30:6d:5c:c0:71:eb:04: b3:80:65:72:69:5c:50:c2:a4:93:f2:51:ab:bd:7a: 53:1a:0b:51:aa:b0:4c:79:9a:7b:b6:20:cd:0d:1e: ab:3d:af:e4:0b:4f:bc:44:da:a9:9f:9a:c2:3d:1d: 30:7a:fc:f0:5f:96:cd:43:f8:ed:8b:42:a4:d1:f4: 8e:f4:d4:55:53:59:11:7b:ad:d8:c0:ec:8c:b4:e9: dc:73:28:ab:27:35:5f:93:22:7f:0b:ab:0a:a2:e3: 59:08:da:e4:de:9e:16:5b:32:77:04:b7:d8:c5:45: 9a:4d:f9:ee:e0:5e:ed:c4:da:eb:14:43:06:06:f9: 05:f5:d6:c5:1c:43:ca:1c:6c:2e:f0:71:e9:a8:2b: 5f:cb:63:88:0a:94:13:4d:b6:28:c0:a0:f2:e2:46: 36:16:36:0e:11:6c:8b:16:23:b5:bf:96:88:69:53: 6a:01:06:16:b6:62:65:5a:41:27:9b:ab:5f:21:02: cf:76:85:c9:cf:7a:ee:cc:37:a9:e4:f9:1d:72:90: 43:a3:84:f2:35:69:83:0d:94:18:de:c1:2d:d4:a9: 9b:e0:ed:58:cf:10:a0:83:22:b3:13:38:d3:93:26: e9:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:DA:0D:3A:11:8A:25:F1:AD:A5:1C:8D:15:61:D6:D5:2D:F8:16:04 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E29AA9EC6C911EFB4CA8564C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.120.56.0/22 103.115.236.0/23 103.118.164.0/22 103.139.224.0/23 103.157.112.0/23 103.173.252.0/23 103.183.104.0/23 103.218.132.0/22 113.30.168.0/22 IPv6: 2400:6220::/32 2407:f440::/32 Signature Algorithm: sha256WithRSAEncryption 7e:07:91:bf:60:3f:32:7c:63:c2:a5:20:e4:7b:2c:1a:84:6d: f8:5a:af:bd:df:e2:4a:55:70:52:06:45:4e:2a:fb:b3:bf:64: 68:dd:ab:85:24:ba:ba:c5:26:00:46:ad:8c:63:48:d4:de:5e: 4c:00:1d:76:74:ae:1d:86:cc:89:e9:f9:87:5c:89:74:ac:46: a6:2c:7c:d3:fb:f3:12:4a:d5:b8:30:7a:71:1c:9c:e8:c1:03: 1e:28:7e:2c:0a:be:4b:c5:ef:23:d4:d4:a5:3d:82:d3:89:f7: 7d:8e:9d:e4:a4:6e:b5:df:77:61:bf:c4:9d:31:2a:b7:93:7a: 93:4a:bd:96:8d:f1:e3:da:29:9f:db:d7:a0:68:d4:ba:98:ef: 9f:c9:83:6a:c8:5c:e0:33:cf:5a:56:a3:7e:cc:c8:b8:22:6a: bb:7d:31:24:0a:86:61:b3:dc:1a:05:25:25:15:d4:b0:d9:56: 69:d2:0d:dd:30:aa:8e:5c:88:df:04:7e:bb:6a:36:d9:68:d5: 9b:22:da:8f:32:93:57:d0:c3:b9:3f:0e:68:3a:7a:7c:38:30: 17:73:0f:79:f8:3d:d9:c5:b8:c1:ed:03:e8:22:d0:66:4c:0c: 32:20:ae:01:71:40:1f:f0:eb:85:f2:92:d2:fe:f9:6a:de:5e: 7f:07:23:52 -----BEGIN CERTIFICATE----- MIIFuDCCBKCgAwIBAgIDALpsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MzIxOFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2RjOTItNGE4ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL1i9qQAFo7OCOtFVZS8OhMDoFfRqi4wbVzAcesEs4BlcmlcUMKkk/JRq716 UxoLUaqwTHmae7YgzQ0eqz2v5AtPvETaqZ+awj0dMHr88F+WzUP47YtCpNH0jvTU VVNZEXut2MDsjLTp3HMoqyc1X5MifwurCqLjWQja5N6eFlsydwS32MVFmk357uBe 7cTa6xRDBgb5BfXWxRxDyhxsLvBx6agrX8tjiAqUE022KMCg8uJGNhY2DhFsixYj tb+WiGlTagEGFrZiZVpBJ5urXyECz3aFyc967sw3qeT5HXKQQ6OE8jVpgw2UGN7B LdSpm+DtWM8QoIMisxM405Mm6aMCAwEAAaOCAtswggLXMB0GA1UdDgQWBBQC2g06 EYol8a2lHI0VYdbVLfgWBDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzNFMjlBQTlF QzZDOTExRUZCNENBODU2NEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGUGCCsGAQUFBwEHAQH/ BFYwVDA8BAIAATA2AwQCLXg4AwQBZ3PsAwQCZ3akAwQBZ4vgAwQBZ51wAwQBZ638 AwQBZ7doAwQCZ9qEAwQCcR6oMBQEAgACMA4DBQAkAGIgAwUAJAf0QDANBgkqhkiG 9w0BAQsFAAOCAQEAfgeRv2A/MnxjwqUg5HssGoRt+Fqvvd/iSlVwUgZFTir7s79k aN2rhSS6usUmAEatjGNI1N5eTAAddnSuHYbMien5h1yJdKxGpix80/vzEkrVuDB6 cRyc6MEDHih+LAq+S8XvI9TUpT2C04n3fY6d5KRutd93Yb/EnTEqt5N6k0q9lo3x 49opn9vXoGjUupjvn8mDashc4DPPWlajfszIuCJqu30xJAqGYbPcGgUlJRXUsNlW adIN3TCqjlyI3wR+u2o22WjVmyLajzKTV9DDuT8OaDp6fDgwF3MPefg92cW4we0D 6CLQZkwMMiCuAXFAH/DrhfKS0v75at5efwcjUg== -----END CERTIFICATE-----Generated at Tue May 13 08:59:47 2025 by rpki-client