$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/87D07C20CD5D11EDBB5F326AC4F9AE02.roa File: 87D07C20CD5D11EDBB5F326AC4F9AE02.roa (raw, json) Hash identifier: Bly5uwuu8lL4pD4ococMAmR1EgQNKo2aHnPMBEax5nc= Subject key identifier: 13:5A:F9:DF:BD:9E:D8:C5:FA:7E:BE:25:92:BD:07:77:5E:07:6E:F4 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B348 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/87D07C20CD5D11EDBB5F326AC4F9AE02.roa Signing time: Thu 08 May 2025 16:04:31 +0000 ROA not before: Thu 08 May 2025 16:04:31 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 135724 IP address blocks: 45.117.28.0/24 maxlen: 24 45.117.29.0/24 maxlen: 24 45.117.30.0/24 maxlen: 24 45.117.31.0/24 maxlen: 24 103.57.80.0/24 maxlen: 24 103.57.81.0/24 maxlen: 24 103.57.82.0/24 maxlen: 24 103.57.83.0/24 maxlen: 24 103.69.20.0/22 maxlen: 24 116.66.188.0/22 maxlen: 24 2001:df3:3200::/48 maxlen: 48 2001:df4:5c00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 13:22:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45896 (0xb348) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:04:31 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd60d-21c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:9f:9d:cd:82:1c:c1:3d:2e:bb:77:7b:e6:99: 10:a6:dc:8d:a0:f0:3f:6d:09:ef:95:c1:bf:16:7b: 4a:6c:b2:86:87:ee:e6:64:81:55:cc:84:98:0d:ed: bd:47:74:3f:42:17:f2:88:51:5a:28:19:24:36:20: 00:66:90:3d:88:72:c4:46:23:76:f6:f0:e7:a7:ca: 4a:6d:50:5d:af:82:04:61:53:0e:c5:1d:4a:dd:6c: 05:d9:60:67:dd:3a:b1:e4:71:8f:bb:ce:b0:20:6c: 58:a7:43:36:10:29:1b:f5:b8:6b:bd:16:fb:31:cb: ca:4e:7a:06:c7:f5:a1:f0:e9:82:e9:63:40:24:c2: 0c:e1:d4:e6:0f:38:2f:41:0e:31:a2:78:4c:cf:3b: 56:17:ce:98:bf:8d:68:1c:d3:f4:65:6d:98:8e:10: f0:d2:f6:07:d1:24:7c:6a:68:bb:25:34:5f:c1:f4: 70:53:50:b1:46:1a:a4:8d:dc:01:a3:49:34:96:5e: 79:fc:71:b6:1e:1b:b7:f2:fa:a3:09:b1:ca:08:73: a6:52:d4:43:b0:6e:3f:42:45:91:07:28:e8:b9:d6: 56:20:45:c6:63:4e:c7:55:0b:74:2d:92:6f:0f:46: af:60:36:74:45:c2:d4:15:e4:d9:c1:76:19:a4:a4: 8c:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:5A:F9:DF:BD:9E:D8:C5:FA:7E:BE:25:92:BD:07:77:5E:07:6E:F4 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/87D07C20CD5D11EDBB5F326AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.117.28.0/22 103.57.80.0/22 103.69.20.0/22 116.66.188.0/22 IPv6: 2001:df3:3200::/48 2001:df4:5c00::/48 Signature Algorithm: sha256WithRSAEncryption 75:9a:db:0b:ba:83:83:5c:70:38:8b:a3:1f:62:da:e1:c4:65: 37:fc:ce:7f:d0:f3:39:97:aa:93:21:22:a1:79:03:05:a6:0c: 5d:d9:16:1d:8b:04:0f:75:f3:14:4c:9b:4b:c8:05:0f:78:a1: 59:fc:ae:9d:24:08:f3:9a:5d:d1:6d:29:4d:f4:75:b4:f5:ff: 56:c6:53:78:56:cb:4c:ec:11:49:17:21:06:66:ec:9c:5d:aa: 0f:a9:0f:60:29:a4:94:03:52:d0:f6:d1:90:45:87:c0:bb:70: c5:d3:ad:dc:88:6e:3b:c7:f1:3d:05:b3:b4:59:8a:fc:6a:3e: ff:2b:47:90:8c:f4:45:49:f2:c2:7b:0f:3d:ad:5d:e0:84:d2: 72:7f:22:f2:0c:7c:8a:8e:6b:c1:39:3e:40:85:0a:27:1a:00: 17:60:df:72:3a:5c:0f:dc:83:f4:f0:bb:c0:08:7d:db:d2:cd: d6:22:63:c3:b5:14:3d:19:6d:82:ba:42:68:30:3f:92:fa:fc: 95:0f:e2:a1:10:14:4b:c8:9e:76:ab:d3:94:4f:7c:ed:57:89: 86:ad:63:aa:ed:dc:43:86:ff:2a:e7:24:fd:be:58:96:65:68: bb:b1:01:5f:78:e1:ad:62:0d:f3:7f:4a:6e:c0:4f:fa:f6:0d: e5:96:81:d4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIDALNIMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDQzMVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q2MGQtMjFjNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO2fnc2CHME9Lrt3e+aZEKbcjaDwP20J75XBvxZ7Smyyhofu5mSBVcyEmA3t vUd0P0IX8ohRWigZJDYgAGaQPYhyxEYjdvbw56fKSm1QXa+CBGFTDsUdSt1sBdlg Z906seRxj7vOsCBsWKdDNhApG/W4a70W+zHLyk56Bsf1ofDpguljQCTCDOHU5g84 L0EOMaJ4TM87VhfOmL+NaBzT9GVtmI4Q8NL2B9EkfGpouyU0X8H0cFNQsUYapI3c AaNJNJZeefxxth4bt/L6owmxyghzplLUQ7BuP0JFkQco6LnWViBFxmNOx1ULdC2S bw9Gr2A2dEXC1BXk2cF2GaSkjBMCAwEAAaOCAsEwggK9MB0GA1UdDgQWBBQTWvnf vZ7Yxfp+viWSvQd3Xgdu9DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzg3RDA3QzIw Q0Q1RDExRURCQjVGMzI2QUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEsGCCsGAQUFBwEHAQH/ BDwwOjAeBAIAATAYAwQCLXUcAwQCZzlQAwQCZ0UUAwQCdEK8MBgEAgACMBIDBwAg AQ3zMgADBwAgAQ30XAAwDQYJKoZIhvcNAQELBQADggEBAHWa2wu6g4NccDiLox9i 2uHEZTf8zn/Q8zmXqpMhIqF5AwWmDF3ZFh2LBA918xRMm0vIBQ94oVn8rp0kCPOa XdFtKU30dbT1/1bGU3hWy0zsEUkXIQZm7Jxdqg+pD2AppJQDUtD20ZBFh8C7cMXT rdyIbjvH8T0Fs7RZivxqPv8rR5CM9EVJ8sJ7Dz2tXeCE0nJ/IvIMfIqOa8E5PkCF CicaABdg33I6XA/cg/Twu8AIfdvSzdYiY8O1FD0ZbYK6QmgwP5L6/JUP4qEQFEvI nnar05RPfO1XiYatY6rt3EOG/yrnJP2+WJZlaLuxAV944a1iDfN/Sm7AT/r2DeWW gdQ= -----END CERTIFICATE-----Generated at Tue May 13 19:32:40 2025 by rpki-client