$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/48B486AEC1DE11EF86829237C4F9AE02.roa File: 48B486AEC1DE11EF86829237C4F9AE02.roa (raw, json) Hash identifier: HIPscer5VmMKo6X+Lp94sHlpYpxhHEYzFPUIbVP4+Qo= Subject key identifier: B4:D1:17:B5:6F:5E:3A:78:78:7F:F1:34:D8:17:D3:63:41:16:4C:0B Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B24D Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/48B486AEC1DE11EF86829237C4F9AE02.roa Signing time: Thu 08 May 2025 16:00:39 +0000 ROA not before: Thu 08 May 2025 16:00:38 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 134053 IP address blocks: 36.255.232.0/22 maxlen: 24 45.116.0.0/22 maxlen: 24 103.40.72.0/22 maxlen: 24 103.56.40.0/22 maxlen: 24 103.79.252.0/22 maxlen: 24 103.97.92.0/22 maxlen: 24 103.123.50.0/23 maxlen: 24 103.190.92.0/23 maxlen: 24 103.210.48.0/22 maxlen: 24 2001:df3:cc00::/48 maxlen: 48 2406:9840::/32 maxlen: 32 2406:9840::/40 maxlen: 48 2406:9840:1111::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 09:52:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45645 (0xb24d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:00:38 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd526-189a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:22:be:ff:0a:c3:08:a9:18:0e:04:76:d7:d0: bc:f2:8a:59:f2:3a:75:6f:cb:32:13:7e:b6:7f:03: a1:35:f9:b4:e7:ac:aa:76:b6:47:ca:22:12:c3:dd: 2b:da:a5:36:50:b6:b8:ba:72:07:e4:3f:bd:5c:a2: 2e:cf:48:85:39:a4:1f:a1:45:5e:43:3e:94:29:56: b1:b4:95:ea:5a:68:46:20:d4:73:1b:94:7d:fd:9f: 75:fc:82:5e:06:af:12:6d:0b:10:87:e1:53:77:65: 96:c2:d1:47:6e:3c:94:d8:16:0c:74:e9:16:84:89: 08:f1:57:3c:6c:87:bb:22:50:96:15:c1:67:ca:e1: e2:c6:34:3e:a1:57:bf:90:bd:aa:07:1a:2a:65:60: b6:39:c5:fa:6c:bc:09:e0:a9:a6:1b:f1:4f:75:91: 91:f8:85:c3:d7:be:97:20:fe:70:70:4d:34:77:41: ba:d7:40:1e:0a:c8:63:88:36:63:44:f0:4c:9e:2d: fd:37:88:a8:1c:d6:b7:d0:67:d9:35:b0:8a:72:15: 62:21:b4:e9:fc:ab:a8:2a:41:46:5d:13:26:cc:5e: 7e:ec:e7:44:4b:d2:29:d7:57:81:2f:5e:84:32:d9: f6:47:3d:7e:95:cf:9b:66:4c:47:31:d2:d1:e9:ff: 79:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:D1:17:B5:6F:5E:3A:78:78:7F:F1:34:D8:17:D3:63:41:16:4C:0B X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/48B486AEC1DE11EF86829237C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.255.232.0/22 45.116.0.0/22 103.40.72.0/22 103.56.40.0/22 103.79.252.0/22 103.97.92.0/22 103.123.50.0/23 103.190.92.0/23 103.210.48.0/22 IPv6: 2001:df3:cc00::/48 2406:9840::/32 Signature Algorithm: sha256WithRSAEncryption a3:2e:51:5e:d8:b1:3b:81:03:9e:ed:31:25:c8:6c:d7:2a:3c: 85:8e:b7:bc:59:ea:33:c2:c6:2b:34:70:bf:9e:7f:53:19:63: 3a:71:d3:bc:d9:44:66:72:54:41:ec:14:04:06:9c:2d:22:b1: c6:41:4a:eb:05:23:0d:ae:81:d4:92:53:0c:e7:97:26:93:0a: 9b:76:4e:21:e5:0b:35:31:e5:06:bd:8a:9b:bf:21:d6:ad:a3: 89:35:a0:f2:35:fe:69:71:c8:f9:9f:13:e4:84:3e:15:9d:1e: 86:34:87:ce:76:2c:05:ed:27:f4:27:f9:85:5d:c7:25:39:b4: bc:fc:56:10:87:05:94:84:9e:c3:7f:1d:ac:fa:36:7b:c4:34: 0a:df:c8:2c:87:05:54:f1:ba:34:d6:41:fd:82:2a:99:de:e1: 25:c4:c8:b6:24:7d:94:ed:18:22:a2:fc:dd:0c:4a:bf:67:28: d5:1e:4c:5b:76:6c:3a:4b:b7:1d:f9:7e:af:17:9e:4a:8d:4b: f9:ba:97:3d:ff:d0:5a:42:7e:14:3c:46:e7:dd:4e:e9:fa:64: af:5f:5a:bd:8c:34:f8:99:69:d1:c7:ba:1e:c9:e7:c4:d3:a1: 23:8c:95:c5:52:c3:1e:fa:85:63:a2:f9:a8:ea:e7:ec:f2:e8: f4:1e:41:50 -----BEGIN CERTIFICATE----- MIIFujCCBKKgAwIBAgIDALJNMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDAzOFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q1MjYtMTg5YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMcivv8KwwipGA4EdtfQvPKKWfI6dW/LMhN+tn8DoTX5tOesqna2R8oiEsPd K9qlNlC2uLpyB+Q/vVyiLs9IhTmkH6FFXkM+lClWsbSV6lpoRiDUcxuUff2fdfyC XgavEm0LEIfhU3dllsLRR248lNgWDHTpFoSJCPFXPGyHuyJQlhXBZ8rh4sY0PqFX v5C9qgcaKmVgtjnF+my8CeCpphvxT3WRkfiFw9e+lyD+cHBNNHdButdAHgrIY4g2 Y0TwTJ4t/TeIqBzWt9Bn2TWwinIVYiG06fyrqCpBRl0TJsxefuznREvSKddXgS9e hDLZ9kc9fpXPm2ZMRzHS0en/eVUCAwEAAaOCAt0wggLZMB0GA1UdDgQWBBS00Re1 b146eHh/8TTYF9NjQRZMCzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQ4QjQ4NkFF QzFERTExRUY4NjgyOTIzN0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGcGCCsGAQUFBwEHAQH/ BFgwVjA8BAIAATA2AwQCJP/oAwQCLXQAAwQCZyhIAwQCZzgoAwQCZ0/8AwQCZ2Fc AwQBZ3syAwQBZ75cAwQCZ9IwMBYEAgACMBADBwAgAQ3zzAADBQAkBphAMA0GCSqG SIb3DQEBCwUAA4IBAQCjLlFe2LE7gQOe7TElyGzXKjyFjre8WeozwsYrNHC/nn9T GWM6cdO82URmclRB7BQEBpwtIrHGQUrrBSMNroHUklMM55cmkwqbdk4h5Qs1MeUG vYqbvyHWraOJNaDyNf5pccj5nxPkhD4VnR6GNIfOdiwF7Sf0J/mFXcclObS8/FYQ hwWUhJ7Dfx2s+jZ7xDQK38gshwVU8bo01kH9giqZ3uElxMi2JH2U7RgiovzdDEq/ ZyjVHkxbdmw6S7cd+X6vF55KjUv5upc9/9BaQn4UPEbn3U7p+mSvX1q9jDT4mWnR x7oeyefE06EjjJXFUsMe+oVjovmo6ufs8uj0HkFQ -----END CERTIFICATE-----Generated at Wed May 14 14:08:10 2025 by rpki-client