$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/432B190C0FA711EBA1FABB7EC4F9AE02.roa File: 432B190C0FA711EBA1FABB7EC4F9AE02.roa (raw, json) Hash identifier: mhrhecuueECR2Iz8jdyQDT1jcQRxVJK7u3tLxCwUYIw= Subject key identifier: 4A:A4:AB:AF:0A:16:37:51:BB:59:16:DA:CB:72:06:5C:FE:6B:1B:33 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B224 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/432B190C0FA711EBA1FABB7EC4F9AE02.roa Signing time: Thu 08 May 2025 15:59:58 +0000 ROA not before: Thu 08 May 2025 15:59:58 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 133989 IP address blocks: 103.55.104.0/24 maxlen: 24 103.55.105.0/24 maxlen: 24 103.55.106.0/24 maxlen: 24 103.55.107.0/24 maxlen: 24 103.84.202.0/23 maxlen: 24 103.101.100.0/22 maxlen: 24 103.110.6.0/23 maxlen: 24 111.223.0.0/22 maxlen: 22 111.223.0.0/24 maxlen: 24 111.223.1.0/24 maxlen: 24 111.223.2.0/24 maxlen: 24 111.223.3.0/24 maxlen: 24 2001:df6:7680::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 18:54:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45604 (0xb224) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 15:59:58 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd4fe-8ef3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:23:93:a7:57:e6:a7:31:f8:0b:fa:ef:ff:91: 8f:e7:fd:a5:92:a9:51:14:b4:6f:5a:09:90:bb:b2: 19:5c:6f:f8:bd:9e:7b:bc:58:d5:ec:1e:d9:34:16: cf:99:ec:70:7c:0d:5c:5c:32:a3:bc:63:6e:b6:db: 2d:91:c1:29:c7:1a:b0:dc:bf:47:81:56:ff:f2:8b: 05:bd:f2:b5:57:c6:01:24:99:3e:38:3d:f0:ca:15: 66:68:f2:3c:2e:36:17:85:2e:de:b6:bd:24:4b:77: 45:b7:79:84:1d:c4:63:b3:01:0a:b2:6f:96:fb:8a: 2e:6e:70:78:38:08:02:97:04:b9:5a:a0:cd:02:83: dd:68:31:52:3b:24:41:56:d2:a5:64:a6:3f:1b:f3: 17:4a:fd:23:d0:bd:bb:1b:de:4e:f9:8d:ba:0f:f3: a9:c5:32:50:2a:c9:8e:b1:57:91:91:c5:32:1a:65: 7b:54:0b:4e:43:33:a4:b5:73:6c:fa:9c:50:ad:61: 34:41:74:65:a9:8c:37:5e:7e:87:b6:c3:7e:fc:54: 58:bf:3f:1f:ca:6a:4c:31:67:4e:af:f6:2a:68:03: 8f:b9:fa:2b:eb:75:20:18:e0:be:fe:b7:61:c5:55: 62:53:a0:bc:5f:af:70:8a:bf:98:c3:99:fd:3a:61: d2:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:A4:AB:AF:0A:16:37:51:BB:59:16:DA:CB:72:06:5C:FE:6B:1B:33 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/432B190C0FA711EBA1FABB7EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.55.104.0/22 103.84.202.0/23 103.101.100.0/22 103.110.6.0/23 111.223.0.0/22 IPv6: 2001:df6:7680::/48 Signature Algorithm: sha256WithRSAEncryption 25:4c:a2:c5:63:58:0f:07:54:11:c7:7c:d9:f8:56:31:00:8d: 33:f1:91:40:3e:fe:92:0c:53:cb:4a:60:e9:7b:67:1c:9a:95: c5:d5:ac:fc:fd:f3:1c:1f:d0:8f:55:00:03:b3:26:8a:c7:44: 12:3e:1d:0b:d1:a3:7e:9b:4c:35:4d:b8:b4:c7:23:ec:05:85: 69:09:0c:df:84:0a:59:6a:9b:b8:01:89:5a:0f:eb:01:04:ae: 1e:cb:c4:37:c0:28:a2:0b:96:52:26:2c:6b:a7:5a:39:aa:db: 14:d0:90:39:63:3d:d8:fc:cc:0a:d1:7a:3e:36:b6:e0:e6:12: c7:e0:ad:25:fe:47:4f:a8:b8:45:97:a3:e7:a6:64:36:b4:d3: a6:fd:4e:95:3b:97:50:b9:69:49:1c:22:8a:b1:1f:8c:e8:8b: 80:96:17:29:46:09:02:a8:2e:ec:39:3f:0b:f9:9e:3b:06:cd: 08:a4:d0:8b:84:73:0c:46:d6:d0:dc:b6:34:6b:e7:fe:de:d5: 83:12:37:bc:87:2f:af:c0:a9:93:40:0b:20:bc:1e:13:1b:1b: 6e:82:78:c9:d1:68:52:d3:bd:f6:88:99:fe:87:34:20:9d:23: d6:e8:07:bf:82:69:8d:90:97:6c:d8:bc:92:9e:ba:36:2d:80: e7:88:b2:9b -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIDALIkMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE1NTk1OFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q0ZmUtOGVmMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANAjk6dX5qcx+Av67/+Rj+f9pZKpURS0b1oJkLuyGVxv+L2ee7xY1ewe2TQW z5nscHwNXFwyo7xjbrbbLZHBKccasNy/R4FW//KLBb3ytVfGASSZPjg98MoVZmjy PC42F4Uu3ra9JEt3Rbd5hB3EY7MBCrJvlvuKLm5weDgIApcEuVqgzQKD3WgxUjsk QVbSpWSmPxvzF0r9I9C9uxveTvmNug/zqcUyUCrJjrFXkZHFMhple1QLTkMzpLVz bPqcUK1hNEF0ZamMN15+h7bDfvxUWL8/H8pqTDFnTq/2KmgDj7n6K+t1IBjgvv63 YcVVYlOgvF+vcIq/mMOZ/Tph0lsCAwEAAaOCAr4wggK6MB0GA1UdDgQWBBRKpKuv ChY3UbtZFtrLcgZc/msbMzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQzMkIxOTBD MEZBNzExRUJBMUZBQkI3RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEgGCCsGAQUFBwEHAQH/ BDkwNzAkBAIAATAeAwQCZzdoAwQBZ1TKAwQCZ2VkAwQBZ24GAwQCb98AMA8EAgAC MAkDBwAgAQ32doAwDQYJKoZIhvcNAQELBQADggEBACVMosVjWA8HVBHHfNn4VjEA jTPxkUA+/pIMU8tKYOl7ZxyalcXVrPz98xwf0I9VAAOzJorHRBI+HQvRo36bTDVN uLTHI+wFhWkJDN+ECllqm7gBiVoP6wEErh7LxDfAKKILllImLGunWjmq2xTQkDlj Pdj8zArRej42tuDmEsfgrSX+R0+ouEWXo+emZDa006b9TpU7l1C5aUkcIoqxH4zo i4CWFylGCQKoLuw5Pwv5njsGzQik0IuEcwxG1tDctjRr5/7e1YMSN7yHL6/AqZNA CyC8HhMbG26CeMnRaFLTvfaImf6HNCCdI9boB7+CaY2Ql2zYvJKeujYtgOeIsps= -----END CERTIFICATE-----Generated at Tue May 13 00:09:27 2025 by rpki-client