$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E00B9C4E2C1E11EC8EB0E280C4F9AE02.roa File: E00B9C4E2C1E11EC8EB0E280C4F9AE02.roa (raw, json) Hash identifier: GaKXDPAu8ctbrNfU2+EeV4lChWS6y4ISmJtHJCWhOsc= Subject key identifier: C4:E5:32:A4:8F:03:05:89:3C:5B:47:A9:FC:F9:DD:44:AD:2C:21:96 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B7A1 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E00B9C4E2C1E11EC8EB0E280C4F9AE02.roa Signing time: Thu 08 May 2025 16:21:29 +0000 ROA not before: Thu 08 May 2025 16:21:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 147289 IP address blocks: 103.172.132.0/24 maxlen: 24 2001:df1:d3c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 May 2025 07:03:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47009 (0xb7a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:21:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cda08-c440 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:c7:5f:0d:e1:1a:3c:98:54:56:6d:fb:6f:a1: ff:d6:00:c0:e4:1d:be:18:53:c4:a2:b8:91:46:74: d0:96:2c:07:75:5a:f0:f4:e4:d0:80:0f:77:9d:96: b1:31:07:76:82:cc:61:0c:66:b7:e2:30:50:4c:71: f5:48:5b:8d:32:dc:51:3e:7d:eb:62:cf:c7:90:76: 16:e2:60:16:00:ef:2c:9e:bb:c6:19:a0:fd:08:8a: da:9b:99:23:c7:cc:fe:f3:4c:c8:86:3a:1d:1b:58: 28:bd:1d:a9:51:e8:2b:67:e6:68:31:9d:04:44:c2: c5:61:da:b8:26:d5:5b:78:16:cd:95:d2:8b:f7:a7: 12:3c:6e:17:a7:7e:9a:e3:c2:49:d1:5b:a0:6d:17: aa:0f:62:e6:6f:fa:61:d4:7e:77:9f:10:5e:b1:fc: d8:0c:6b:b7:0f:04:f4:ec:36:23:73:16:d3:5a:c8: 53:78:46:79:75:b9:3c:86:65:06:97:31:66:6c:12: 18:de:72:af:fd:f3:e8:42:09:3e:d3:39:bc:cc:b4: 33:ba:25:fd:cf:b5:80:01:53:ca:55:c9:87:74:ff: 7a:02:8e:7a:90:72:bc:06:50:2a:a7:26:57:f8:59: 12:d6:cb:7b:d2:a1:ee:3a:f0:5e:bb:5c:36:e5:ae: 2b:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:E5:32:A4:8F:03:05:89:3C:5B:47:A9:FC:F9:DD:44:AD:2C:21:96 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E00B9C4E2C1E11EC8EB0E280C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.172.132.0/24 IPv6: 2001:df1:d3c0::/48 Signature Algorithm: sha256WithRSAEncryption 9d:cd:46:4e:8f:fc:de:3f:78:0e:62:db:e1:ec:c4:8a:c7:1c: b1:90:12:f4:35:3a:d1:7a:e6:42:59:8d:36:68:9c:49:c9:85: a0:53:6e:9f:82:7a:02:16:87:46:4e:95:84:d2:85:e8:4e:20: 9b:b3:4d:a9:7f:ef:1d:67:7b:2f:e3:64:2d:fa:84:ec:61:f7: d5:4d:4b:21:42:f6:75:fe:77:d9:09:fc:6c:71:d3:4b:0c:e0: b1:f0:a2:6c:f7:b6:ce:b1:d7:a5:81:d3:1f:e6:8b:a0:19:74: 45:5b:39:ec:34:87:30:55:cc:f9:f1:a1:1b:62:23:89:06:74: 53:48:46:0c:49:b3:b5:4e:62:9f:38:9a:cd:32:95:28:71:d4: 8a:03:59:12:8d:d9:27:29:70:a9:19:4a:93:9c:eb:4c:f1:8c: ec:6c:91:bc:c2:25:9f:22:cd:e6:ba:88:ec:34:f2:73:8c:6a: d2:b8:8d:c7:38:0c:50:6c:ec:bb:e9:3f:ef:f0:f4:1e:55:b1: a3:74:06:be:54:66:6c:57:3a:23:77:aa:c0:2d:68:a3:d0:35: 40:f7:34:97:ae:0b:3e:dd:7d:6b:48:9c:e1:ee:a2:59:6a:44: e3:b9:38:9b:5c:db:dc:01:fa:9d:65:ea:15:09:ee:0e:c8:07: 85:d5:9c:a8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIDALehMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MjEyOVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2RhMDgtYzQ0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANrHXw3hGjyYVFZt+2+h/9YAwOQdvhhTxKK4kUZ00JYsB3Va8PTk0IAPd52W sTEHdoLMYQxmt+IwUExx9UhbjTLcUT5962LPx5B2FuJgFgDvLJ67xhmg/QiK2puZ I8fM/vNMyIY6HRtYKL0dqVHoK2fmaDGdBETCxWHauCbVW3gWzZXSi/enEjxuF6d+ muPCSdFboG0Xqg9i5m/6YdR+d58QXrH82Axrtw8E9Ow2I3MW01rIU3hGeXW5PIZl BpcxZmwSGN5yr/3z6EIJPtM5vMy0M7ol/c+1gAFTylXJh3T/egKOepByvAZQKqcm V/hZEtbLe9Kh7jrwXrtcNuWuK/kCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBTE5TKk jwMFiTxbR6n8+d1ErSwhljAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0UwMEI5QzRF MkMxRTExRUM4RUIwRTI4MEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/ BCEwHzAMBAIAATAGAwQAZ6yEMA8EAgACMAkDBwAgAQ3x08AwDQYJKoZIhvcNAQEL BQADggEBAJ3NRk6P/N4/eA5i2+HsxIrHHLGQEvQ1OtF65kJZjTZonEnJhaBTbp+C egIWh0ZOlYTShehOIJuzTal/7x1ney/jZC36hOxh99VNSyFC9nX+d9kJ/Gxx00sM 4LHwomz3ts6x16WB0x/mi6AZdEVbOew0hzBVzPnxoRtiI4kGdFNIRgxJs7VOYp84 ms0ylShx1IoDWRKN2ScpcKkZSpOc60zxjOxskbzCJZ8izea6iOw08nOMatK4jcc4 DFBs7LvpP+/w9B5VsaN0Br5UZmxXOiN3qsAtaKPQNUD3NJeuCz7dfWtInOHuollq ROO5OJtc29wB+p1l6hUJ7g7IB4XVnKg= -----END CERTIFICATE-----Generated at Wed May 14 11:36:02 2025 by rpki-client