$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BF50D9DCFE6711EFB5B0F316C4F9AE02.roa File: BF50D9DCFE6711EFB5B0F316C4F9AE02.roa (raw, json) Hash identifier: B8pQXm+PlE/k9XX6GOMFMDDUIDDNPNzsu/jVA+FVshM= Subject key identifier: 85:CF:39:CC:DE:0F:FF:56:93:54:DC:DF:83:9C:5B:C6:BD:0F:66:8F Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B2A2 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BF50D9DCFE6711EFB5B0F316C4F9AE02.roa Signing time: Thu 08 May 2025 16:01:55 +0000 ROA not before: Thu 08 May 2025 16:01:55 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 134863 IP address blocks: 103.127.188.0/22 maxlen: 24 103.207.4.0/22 maxlen: 24 103.237.56.0/22 maxlen: 24 117.120.56.0/22 maxlen: 24 210.16.88.0/22 maxlen: 24 2404:f240::/36 maxlen: 36 2404:f240:1000::/36 maxlen: 36 2404:f240:2000::/36 maxlen: 36 2404:f240:3000::/36 maxlen: 36 2404:f240:4000::/36 maxlen: 36 2404:f240:5000::/36 maxlen: 36 2404:f240:6000::/36 maxlen: 36 2404:f240:7000::/36 maxlen: 36 2404:f240:8000::/36 maxlen: 36 2404:f240:9000::/36 maxlen: 36 2404:f240:a000::/36 maxlen: 36 2404:f240:b000::/36 maxlen: 36 2404:f240:c000::/36 maxlen: 36 2404:f240:d000::/36 maxlen: 36 2404:f240:e000::/36 maxlen: 36 2404:f240:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 18:54:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45730 (0xb2a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:01:55 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd572-f2b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:d3:45:75:45:05:ab:61:91:a9:28:42:0f:9b: d0:fa:a5:a4:97:dc:2a:0b:61:25:c9:57:a4:f2:8a: c3:21:fb:9b:22:24:72:f0:ac:f4:3f:3c:2c:39:65: e5:f0:ab:e6:18:bb:72:b5:c2:7d:e0:42:1b:24:31: 0c:b2:fb:ff:97:4c:80:58:7d:23:7a:91:de:00:d3: 49:17:dd:6e:3d:58:8b:84:ec:c4:1a:58:1c:79:a8: 00:0d:e1:0b:84:ba:e2:9e:47:7a:fa:5f:ce:63:35: 56:f5:bd:ce:ca:81:ae:45:54:7f:d3:3f:48:f4:a3: ec:b9:65:23:6e:90:dc:e9:29:73:2f:e5:52:8f:77: 6b:5e:83:3e:2c:27:7f:ec:03:e1:02:45:74:d7:51: d2:29:98:ca:f8:0e:05:0d:71:e4:af:ea:b7:a2:c9: 30:15:7e:da:04:4d:ea:7a:69:1c:3e:45:94:68:0d: 0d:87:ac:02:1a:0a:26:a1:57:14:10:1a:86:ef:42: a9:0b:64:e2:b0:88:b0:9e:8e:c1:e0:09:91:50:0d: 46:e4:b9:eb:2a:7d:52:54:03:15:08:7d:69:0e:f1: b7:3f:1d:04:5e:44:b9:43:0d:c9:40:42:46:4b:49: 2c:0b:b1:46:76:33:e8:a3:33:59:64:7f:11:3d:4c: a8:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:CF:39:CC:DE:0F:FF:56:93:54:DC:DF:83:9C:5B:C6:BD:0F:66:8F X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BF50D9DCFE6711EFB5B0F316C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.127.188.0/22 103.207.4.0/22 103.237.56.0/22 117.120.56.0/22 210.16.88.0/22 IPv6: 2404:f240::/32 Signature Algorithm: sha256WithRSAEncryption 07:17:6f:34:8d:a4:1f:8c:cf:c0:a1:f6:af:1c:ef:4d:81:25: 26:80:eb:10:39:5a:83:55:da:c7:37:c4:f4:8f:ff:64:61:47: 86:8e:b2:c1:18:f7:1f:17:99:9f:07:f7:1f:a3:47:31:36:cc: 30:d0:d5:21:ea:e7:1b:fd:06:31:85:f6:37:c8:3e:86:56:d4: c0:85:ac:ad:8d:10:bb:81:98:61:8f:05:5b:a0:4a:9b:e0:1b: 54:3e:5b:2b:dd:7c:83:fb:d6:44:ff:06:57:45:61:ce:18:cc: 6c:d0:91:e8:1c:1b:3c:f2:8f:52:fb:45:94:82:43:2d:60:51: 3b:be:5c:24:16:f4:a8:7e:4a:52:20:eb:c6:3c:da:35:28:b9: 97:cd:4b:b9:96:a1:0d:de:d8:7d:b5:94:2e:40:51:e9:de:97: 68:cb:8e:1d:25:29:33:c6:47:7b:32:ad:65:62:e7:15:d8:9e: 49:d0:6f:c5:d1:19:fc:40:a5:fb:50:d3:12:f7:14:43:fa:72: 3b:39:4e:bd:62:36:2e:73:12:04:2f:78:3c:64:e0:bd:0a:32: e1:c2:71:0d:a5:10:64:43:05:6a:a1:0a:93:81:6f:1b:e3:f9: e5:e2:be:a6:8d:ea:cb:85:59:69:fa:9b:c0:2a:a1:61:4d:16: ac:a8:97:cd -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgIDALKiMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDE1NVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q1NzItZjJiODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANvTRXVFBathkakoQg+b0PqlpJfcKgthJclXpPKKwyH7myIkcvCs9D88LDll 5fCr5hi7crXCfeBCGyQxDLL7/5dMgFh9I3qR3gDTSRfdbj1Yi4TsxBpYHHmoAA3h C4S64p5HevpfzmM1VvW9zsqBrkVUf9M/SPSj7LllI26Q3Okpcy/lUo93a16DPiwn f+wD4QJFdNdR0imYyvgOBQ1x5K/qt6LJMBV+2gRN6nppHD5FlGgNDYesAhoKJqFX FBAahu9CqQtk4rCIsJ6OweAJkVANRuS56yp9UlQDFQh9aQ7xtz8dBF5EuUMNyUBC RktJLAuxRnYz6KMzWWR/ET1MqG8CAwEAAaOCArwwggK4MB0GA1UdDgQWBBSFzznM 3g//VpNU3N+DnFvGvQ9mjzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0JGNTBEOURD RkU2NzExRUZCNUIwRjMxNkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEYGCCsGAQUFBwEHAQH/ BDcwNTAkBAIAATAeAwQCZ3+8AwQCZ88EAwQCZ+04AwQCdXg4AwQC0hBYMA0EAgAC MAcDBQAkBPJAMA0GCSqGSIb3DQEBCwUAA4IBAQAHF280jaQfjM/AofavHO9NgSUm gOsQOVqDVdrHN8T0j/9kYUeGjrLBGPcfF5mfB/cfo0cxNsww0NUh6ucb/QYxhfY3 yD6GVtTAhaytjRC7gZhhjwVboEqb4BtUPlsr3XyD+9ZE/wZXRWHOGMxs0JHoHBs8 8o9S+0WUgkMtYFE7vlwkFvSofkpSIOvGPNo1KLmXzUu5lqEN3th9tZQuQFHp3pdo y44dJSkzxkd7Mq1lYucV2J5J0G/F0Rn8QKX7UNMS9xRD+nI7OU69YjYucxIEL3g8 ZOC9CjLhwnENpRBkQwVqoQqTgW8b4/nl4r6mjerLhVlp+pvAKqFhTRasqJfN -----END CERTIFICATE-----Generated at Tue May 13 00:12:58 2025 by rpki-client