$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7857BF18F8BE11EF9BA47822C4F9AE02.roa File: 7857BF18F8BE11EF9BA47822C4F9AE02.roa (raw, json) Hash identifier: vAx+PlyuVJs6rj7EsaZ9DYnQ6I6jr78caYhGuZugTrA= Subject key identifier: F4:2D:1E:F8:C4:4B:4B:FB:69:6B:E0:40:20:A6:5A:FA:96:04:68:FB Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B44E Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7857BF18F8BE11EF9BA47822C4F9AE02.roa Signing time: Thu 08 May 2025 16:08:33 +0000 ROA not before: Thu 08 May 2025 16:08:33 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 137083 IP address blocks: 103.57.96.0/24 maxlen: 24 103.57.97.0/24 maxlen: 24 103.105.228.0/24 maxlen: 24 103.105.229.0/24 maxlen: 24 103.108.73.0/24 maxlen: 24 103.157.8.0/24 maxlen: 24 103.157.9.0/24 maxlen: 24 103.175.116.0/23 maxlen: 24 2001:df4:f40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 07:03:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46158 (0xb44e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:08:33 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd701-b7be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:20:01:9f:36:bb:56:c3:d0:5b:f0:0f:cd:7c: 4d:d5:20:5b:5d:a6:da:48:fa:8d:e2:98:36:63:8e: ff:35:10:5c:c4:65:fc:e3:2f:5e:16:1b:38:57:f0: 80:6e:72:83:08:34:81:29:af:8c:19:57:01:27:09: 71:20:72:69:15:78:f9:fa:03:14:f4:07:d0:89:45: b4:90:bc:d3:b9:28:d1:cc:f7:45:50:cc:89:58:1f: 69:44:af:58:81:a9:99:17:aa:b3:28:97:92:51:7e: 45:70:41:d9:fb:6a:05:93:09:18:e3:73:51:0b:49: 0a:c2:e6:09:b9:ce:a7:37:c1:97:39:8c:d0:28:d4: ef:1a:af:4a:a3:2e:f6:31:21:5a:05:76:18:b8:80: b0:8d:b1:0d:4d:e0:d5:cf:16:ee:41:65:35:0a:97: 4c:e2:2b:e6:7c:28:10:53:74:f0:fe:87:49:5d:05: 7b:cc:8f:ea:a6:c2:1d:aa:9e:42:54:19:0b:d0:e0: b1:62:a8:5c:0b:23:ae:78:af:01:13:2f:43:52:c5: 68:1c:7e:c4:9a:f2:26:e9:8c:ce:80:2d:6c:97:c9: b4:52:f3:c2:3d:41:cf:73:e0:c3:92:c0:15:b6:d6: 7c:ba:72:f6:24:6a:9c:83:31:ae:8d:06:4a:74:2b: b0:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:2D:1E:F8:C4:4B:4B:FB:69:6B:E0:40:20:A6:5A:FA:96:04:68:FB X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7857BF18F8BE11EF9BA47822C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.57.96.0/23 103.105.228.0/23 103.108.73.0/24 103.157.8.0/23 103.175.116.0/23 IPv6: 2001:df4:f40::/48 Signature Algorithm: sha256WithRSAEncryption 70:35:6c:26:c1:64:8d:cd:21:9a:4d:fc:11:99:c7:71:de:47: 40:22:6a:72:f5:38:a6:dd:b7:8d:ca:a7:3c:0a:9d:03:93:7a: 51:d6:51:59:2e:e1:a5:33:af:a2:4a:4d:7f:5f:3e:aa:f1:50: fa:d4:34:96:8e:2e:11:60:94:6a:a9:c8:36:d7:b7:6f:7f:dc: ec:3d:88:f4:96:f4:e5:7a:4a:eb:6e:76:07:8c:43:59:2c:f0: 7d:77:7a:54:03:5a:e6:61:0c:a1:41:da:4c:5f:4a:e8:c9:b2: 73:14:57:ca:ea:82:7c:f1:88:32:3b:fc:d7:b2:9d:e2:5d:47: 43:c4:9b:dc:24:6d:59:27:01:f6:e8:19:b0:f1:fc:53:32:2b: 93:b4:be:37:f1:aa:c5:13:bd:a2:17:72:fd:42:ef:ae:3f:d9: aa:57:3a:1b:4f:d0:cf:b8:b3:c4:fb:ca:23:26:ee:c7:93:73: 1e:80:13:0f:a1:73:d0:05:b6:ce:fa:9c:db:73:f9:bc:56:95: 08:57:91:93:82:60:df:8e:2d:e1:20:f8:06:2a:98:45:d5:5f: 28:e5:34:8c:53:1f:0a:12:56:ef:86:7e:d6:f0:19:95:4b:11: 18:cf:cf:02:9f:59:9f:d0:c5:af:71:e3:c1:58:7f:de:5e:ad: da:dc:05:db -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIDALROMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDgzM1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q3MDEtYjdiZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANIgAZ82u1bD0FvwD818TdUgW12m2kj6jeKYNmOO/zUQXMRl/OMvXhYbOFfw gG5ygwg0gSmvjBlXAScJcSByaRV4+foDFPQH0IlFtJC807ko0cz3RVDMiVgfaUSv WIGpmReqsyiXklF+RXBB2ftqBZMJGONzUQtJCsLmCbnOpzfBlzmM0CjU7xqvSqMu 9jEhWgV2GLiAsI2xDU3g1c8W7kFlNQqXTOIr5nwoEFN08P6HSV0Fe8yP6qbCHaqe QlQZC9DgsWKoXAsjrnivARMvQ1LFaBx+xJryJumMzoAtbJfJtFLzwj1Bz3Pgw5LA FbbWfLpy9iRqnIMxro0GSnQrsMUCAwEAAaOCAr4wggK6MB0GA1UdDgQWBBT0LR74 xEtL+2lr4EAgplr6lgRo+zAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc4NTdCRjE4 RjhCRTExRUY5QkE0NzgyMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEgGCCsGAQUFBwEHAQH/ BDkwNzAkBAIAATAeAwQBZzlgAwQBZ2nkAwQAZ2xJAwQBZ50IAwQBZ690MA8EAgAC MAkDBwAgAQ30D0AwDQYJKoZIhvcNAQELBQADggEBAHA1bCbBZI3NIZpN/BGZx3He R0AianL1OKbdt43KpzwKnQOTelHWUVku4aUzr6JKTX9fPqrxUPrUNJaOLhFglGqp yDbXt29/3Ow9iPSW9OV6SutudgeMQ1ks8H13elQDWuZhDKFB2kxfSujJsnMUV8rq gnzxiDI7/NeyneJdR0PEm9wkbVknAfboGbDx/FMyK5O0vjfxqsUTvaIXcv1C764/ 2apXOhtP0M+4s8T7yiMm7seTcx6AEw+hc9AFts76nNtz+bxWlQhXkZOCYN+OLeEg +AYqmEXVXyjlNIxTHwoSVu+GftbwGZVLERjPzwKfWZ/Qxa9x48FYf95erdrcBds= -----END CERTIFICATE-----Generated at Wed May 14 11:47:41 2025 by rpki-client