$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/40D23A70BCF811EA815A1024C4F9AE02.roa File: 40D23A70BCF811EA815A1024C4F9AE02.roa (raw, json) Hash identifier: uUJwV3wVgFFNpaMyIOgv8We1YTx0sT6rJ0d8XmG+vIU= Subject key identifier: D7:DE:54:EE:5B:BA:4E:2A:A0:E0:7F:6E:30:4D:25:62:9C:C3:75:94 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B436 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/40D23A70BCF811EA815A1024C4F9AE02.roa Signing time: Thu 08 May 2025 16:08:12 +0000 ROA not before: Thu 08 May 2025 16:08:12 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 136700 IP address blocks: 103.102.96.0/22 maxlen: 24 2405:6240::/36 maxlen: 36 2405:6240:1000::/36 maxlen: 36 2405:6240:2000::/36 maxlen: 36 2405:6240:3000::/36 maxlen: 36 2405:6240:4000::/36 maxlen: 36 2405:6240:5000::/36 maxlen: 36 2405:6240:6000::/36 maxlen: 36 2405:6240:7000::/36 maxlen: 36 2405:6240:8000::/36 maxlen: 36 2405:6240:9000::/36 maxlen: 36 2405:6240:a000::/36 maxlen: 36 2405:6240:b000::/36 maxlen: 36 2405:6240:c000::/36 maxlen: 36 2405:6240:d000::/36 maxlen: 36 2405:6240:e000::/36 maxlen: 36 2405:6240:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 06:02:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46134 (0xb436) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:08:12 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd6ec-96e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e8:7a:73:02:79:b7:f4:cc:c5:e1:36:51:90: 72:dd:f4:fa:b1:39:53:93:63:d3:4d:0f:11:b9:42: 79:4b:eb:a7:8f:5e:72:1d:c1:eb:62:3d:da:3b:b2: b5:3a:ab:4d:30:c6:87:56:46:07:09:79:97:d7:30: 28:a5:4a:87:08:37:40:a4:20:d3:b4:7a:9e:6f:bd: 44:9c:2c:8e:3c:6b:2c:0c:fb:ea:5f:8a:1e:06:b9: 35:68:7d:8b:cf:a7:a3:d6:f5:92:b4:7d:87:eb:7d: 86:3c:46:1d:85:32:c2:ee:29:6b:e3:c8:77:ae:e8: d2:b9:05:b8:07:a9:1e:c3:01:ab:d6:d9:41:d5:25: 32:5c:6a:6d:b1:a9:45:52:b8:38:b4:8f:7f:c2:18: bd:1b:f9:90:c3:c7:66:ca:c3:3b:1f:c7:e3:75:0a: 7a:1c:da:92:ce:bb:7b:2a:9f:7f:89:97:77:0e:96: 6d:2a:f2:1a:d8:2b:e9:99:cf:80:9d:08:8e:7a:74: 9b:ca:2a:45:f3:95:71:8c:3e:3b:87:40:52:da:cf: 25:3b:80:66:9a:a9:25:4b:d6:57:07:e6:ca:5d:86: 32:98:54:1b:1d:aa:68:07:54:9f:34:eb:b1:7a:31: ae:af:3a:2c:24:c8:74:ec:45:4d:94:85:0c:61:00: 7b:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:DE:54:EE:5B:BA:4E:2A:A0:E0:7F:6E:30:4D:25:62:9C:C3:75:94 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/40D23A70BCF811EA815A1024C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.102.96.0/22 IPv6: 2405:6240::/32 Signature Algorithm: sha256WithRSAEncryption 86:21:b6:b6:be:47:fa:a8:a2:64:01:9f:cb:ba:27:f9:7e:dc: 03:27:a2:bf:28:79:03:f8:66:da:81:84:04:bc:71:76:e7:67: bb:54:26:1f:b3:fc:3e:0f:83:f7:83:f7:37:66:6c:62:6a:a2: 0b:c5:7c:a6:10:e2:61:86:9b:69:f3:11:b4:4b:a7:54:e7:88: d2:4f:fb:2a:47:89:45:6d:e2:3f:cb:bd:cb:0d:df:f6:5b:bb: 0f:6c:40:2b:e6:6d:a5:fd:d3:cc:f6:c1:e4:c4:41:4d:a7:8d: cf:e3:03:ea:d0:f6:6c:6e:1a:cc:a5:c9:4c:26:84:af:52:ea: a0:82:24:95:ae:3e:78:e5:9f:93:ff:1c:1f:83:ca:e1:e9:a9: ef:c9:84:1a:1a:20:5a:f5:17:38:4f:19:86:5b:84:5d:0f:e3: bb:e7:9e:a2:99:cf:b1:5f:78:ff:d5:d7:9f:81:0f:a5:ad:2d: d5:c1:f5:72:29:99:08:b0:83:d5:49:6a:81:6e:a7:3c:a5:26: 29:35:a8:25:4b:1f:9c:b9:45:22:a8:2d:57:bc:17:6b:d9:ec: 8b:ed:b2:fc:97:35:45:58:a0:c0:ed:2f:0a:32:80:8d:bb:d0: ad:33:99:1c:08:35:68:fe:11:74:5e:2a:67:74:05:40:97:8c: b4:53:3e:97 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIDALQ2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDgxMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q2ZWMtOTZlOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPoenMCebf0zMXhNlGQct30+rE5U5Nj000PEblCeUvrp49ech3B62I92juy tTqrTTDGh1ZGBwl5l9cwKKVKhwg3QKQg07R6nm+9RJwsjjxrLAz76l+KHga5NWh9 i8+no9b1krR9h+t9hjxGHYUywu4pa+PId67o0rkFuAepHsMBq9bZQdUlMlxqbbGp RVK4OLSPf8IYvRv5kMPHZsrDOx/H43UKehzaks67eyqff4mXdw6WbSryGtgr6ZnP gJ0Ijnp0m8oqRfOVcYw+O4dAUtrPJTuAZpqpJUvWVwfmyl2GMphUGx2qaAdUnzTr sXoxrq86LCTIdOxFTZSFDGEAe6kCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBTX3lTu W7pOKqDgf24wTSVinMN1lDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQwRDIzQTcw QkNGODExRUE4MTVBMTAyNEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMC4GCCsGAQUFBwEHAQH/ BB8wHTAMBAIAATAGAwQCZ2ZgMA0EAgACMAcDBQAkBWJAMA0GCSqGSIb3DQEBCwUA A4IBAQCGIba2vkf6qKJkAZ/Luif5ftwDJ6K/KHkD+GbagYQEvHF252e7VCYfs/w+ D4P3g/c3ZmxiaqILxXymEOJhhptp8xG0S6dU54jST/sqR4lFbeI/y73LDd/2W7sP bEAr5m2l/dPM9sHkxEFNp43P4wPq0PZsbhrMpclMJoSvUuqggiSVrj545Z+T/xwf g8rh6anvyYQaGiBa9Rc4TxmGW4RdD+O7556imc+xX3j/1defgQ+lrS3VwfVyKZkI sIPVSWqBbqc8pSYpNaglSx+cuUUiqC1XvBdr2eyL7bL8lzVFWKDA7S8KMoCNu9Ct M5kcCDVo/hF0XipndAVAl4y0Uz6X -----END CERTIFICATE-----Generated at Wed May 14 08:20:03 2025 by rpki-client