$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CFEFC3605CBD11ECACDFE47BC4F9AE02.roa File: CFEFC3605CBD11ECACDFE47BC4F9AE02.roa (raw, json) Hash identifier: 6rfwWxpq1B7B9EHkWBODZJCBACYGozVM1KwvJDLBJW0= Subject key identifier: B9:FE:01:F3:6D:A4:2E:1A:48:55:96:2A:C2:7C:94:3A:D8:8C:81:4F Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B274 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CFEFC3605CBD11ECACDFE47BC4F9AE02.roa Signing time: Thu 08 May 2025 16:01:14 +0000 ROA not before: Thu 08 May 2025 16:01:14 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 134302 IP address blocks: 103.121.116.0/22 maxlen: 24 2001:df3:6840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 18:54:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45684 (0xb274) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:01:14 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd54a-d717 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:bb:c4:67:e0:8d:d5:6b:75:b3:6c:5e:e2:e0: 29:8c:be:61:65:6c:64:e3:45:0a:b9:df:d2:80:00: 22:e4:10:e9:d9:c0:3f:76:03:2c:48:e0:6a:49:e1: 6e:17:4d:ff:fa:7f:a4:6b:06:09:9d:45:36:cf:58: a0:ff:dd:d3:f2:b7:18:61:55:64:ea:c1:95:72:10: 76:a8:a5:5c:ac:52:09:cc:6b:e8:cb:ff:5e:d0:a2: d9:c7:47:13:b8:3f:b7:5f:3c:fc:dd:45:02:5b:28: 07:39:68:95:de:48:b9:7e:9d:5a:d8:c9:de:44:32: 57:dd:29:0c:26:7f:da:e8:e8:fd:f1:1f:b9:f3:15: fc:46:70:d8:e6:8a:73:ab:df:a6:a4:3d:14:7c:f8: 80:24:01:d3:16:9d:5e:f7:10:11:18:d4:56:91:40: 32:dd:ee:ae:87:b7:ce:05:4c:02:c5:8d:27:69:7a: ef:10:64:ff:7d:d5:fe:b2:ca:8a:c6:d8:50:55:1b: 73:1e:49:a9:fc:64:39:0c:f3:94:1f:52:0e:5e:95: 52:a0:fa:8c:ae:60:9c:62:e1:0b:3f:19:57:fd:ff: a2:3a:90:71:76:39:5d:04:bd:ba:9c:09:c3:c0:3f: 24:f9:2c:fd:2f:32:ee:78:a5:dc:d7:b0:63:77:d1: dc:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:FE:01:F3:6D:A4:2E:1A:48:55:96:2A:C2:7C:94:3A:D8:8C:81:4F X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CFEFC3605CBD11ECACDFE47BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.121.116.0/22 IPv6: 2001:df3:6840::/48 Signature Algorithm: sha256WithRSAEncryption 1f:d1:32:70:70:17:77:9f:e6:2a:a1:82:d7:54:69:f8:19:46: 78:c8:db:f2:37:88:01:ea:2e:19:64:6a:72:e3:a7:1f:f9:fa: 3b:be:53:06:5f:e7:bf:e9:08:b8:75:87:bc:ed:8a:36:e4:23: ad:9f:53:0b:b2:5b:b7:d4:87:10:c3:7c:6e:3b:58:0f:83:81: d7:c1:70:6b:4d:18:e8:d3:7b:62:e3:bc:f7:5f:a5:23:e4:75: e9:25:2c:03:a2:6c:b6:89:1f:db:f2:8e:09:12:20:b6:50:4a: 5a:50:63:99:dd:e7:10:79:39:b9:e4:d5:30:e7:d2:a4:73:6a: 6d:48:40:7b:8f:7b:87:b6:49:74:dc:3b:63:53:25:d7:0a:86: 8a:86:54:68:1d:60:8c:32:07:53:34:f9:02:d7:96:7a:ad:58: 8c:dc:c9:64:7f:d7:8b:d3:ee:39:03:bb:34:2c:bb:6e:4d:74: db:42:7c:a6:9b:d0:2d:72:2d:2a:31:cd:6b:70:00:1e:83:62: b1:53:22:37:8b:9e:35:95:59:11:d0:77:05:e5:30:8e:22:c5: f7:42:47:f6:3d:a3:9f:0b:ec:ec:47:fa:6b:e0:89:2d:77:f8: 77:71:5e:d3:87:ec:78:da:66:d0:09:3d:e2:b3:70:b3:3b:cf: 41:73:39:3e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIDALJ0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDExNFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q1NGEtZDcxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALO7xGfgjdVrdbNsXuLgKYy+YWVsZONFCrnf0oAAIuQQ6dnAP3YDLEjgaknh bhdN//p/pGsGCZ1FNs9YoP/d0/K3GGFVZOrBlXIQdqilXKxSCcxr6Mv/XtCi2cdH E7g/t188/N1FAlsoBzlold5IuX6dWtjJ3kQyV90pDCZ/2ujo/fEfufMV/EZw2OaK c6vfpqQ9FHz4gCQB0xadXvcQERjUVpFAMt3uroe3zgVMAsWNJ2l67xBk/33V/rLK isbYUFUbcx5JqfxkOQzzlB9SDl6VUqD6jK5gnGLhCz8ZV/3/ojqQcXY5XQS9upwJ w8A/JPks/S8y7nil3NewY3fR3NsCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBS5/gHz baQuGkhVlirCfJQ62IyBTzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0NGRUZDMzYw NUNCRDExRUNBQ0RGRTQ3QkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/ BCEwHzAMBAIAATAGAwQCZ3l0MA8EAgACMAkDBwAgAQ3zaEAwDQYJKoZIhvcNAQEL BQADggEBAB/RMnBwF3ef5iqhgtdUafgZRnjI2/I3iAHqLhlkanLjpx/5+ju+UwZf 57/pCLh1h7ztijbkI62fUwuyW7fUhxDDfG47WA+DgdfBcGtNGOjTe2LjvPdfpSPk deklLAOibLaJH9vyjgkSILZQSlpQY5nd5xB5Obnk1TDn0qRzam1IQHuPe4e2SXTc O2NTJdcKhoqGVGgdYIwyB1M0+QLXlnqtWIzcyWR/14vT7jkDuzQsu25NdNtCfKab 0C1yLSoxzWtwAB6DYrFTIjeLnjWVWRHQdwXlMI4ixfdCR/Y9o58L7OxH+mvgiS13 +HdxXtOH7HjaZtAJPeKzcLM7z0FzOT4= -----END CERTIFICATE-----Generated at Tue May 13 00:15:16 2025 by rpki-client