$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F9A16356FE5B11EFB2B3047EC4F9AE02.roa File: F9A16356FE5B11EFB2B3047EC4F9AE02.roa (raw, json) Hash identifier: +eRNOxfamm5bXRoqy1QMhMI6PF9dw7o0X3/5VoLU7Fk= Subject key identifier: 9D:69:8C:94:CA:24:BD:E2:AA:A1:26:96:EF:0F:8B:FF:08:CC:23:E9 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B318 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F9A16356FE5B11EFB2B3047EC4F9AE02.roa Signing time: Thu 08 May 2025 16:03:45 +0000 ROA not before: Thu 08 May 2025 16:03:45 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 135247 IP address blocks: 45.251.32.0/22 maxlen: 24 103.219.204.0/22 maxlen: 24 202.53.4.0/22 maxlen: 24 203.28.245.0/24 maxlen: 24 2001:df2:6200::/48 maxlen: 48 2407:36c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 12:03:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45848 (0xb318) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:03:45 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd5e0-af60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:b2:f3:b4:e0:ec:8f:d6:77:38:9d:ef:ee:9c: 7f:7d:a2:03:ca:25:b1:81:ac:e8:28:2a:fc:f0:31: fe:d6:9d:68:51:f7:93:82:15:80:01:81:19:d3:61: 25:ef:01:de:c7:2c:2b:0f:63:47:4f:3e:01:87:f6: 46:d1:1b:78:6c:3a:71:69:43:0f:cd:09:e0:6a:1e: a0:27:c0:2b:4b:3d:f1:cd:72:7c:92:5c:64:a0:4c: 66:24:14:cb:a7:33:b1:3d:c9:e8:96:fa:63:d3:d6: 51:da:be:7a:12:13:8d:96:18:7d:de:3c:25:9d:41: 46:b2:cb:b4:dc:09:b1:85:1e:1c:18:3d:2b:b7:97: 46:6e:57:9b:a6:56:06:15:4d:45:ba:c5:9d:72:87: 31:96:d9:50:cc:c0:62:7d:9c:b2:f7:61:69:8c:b1: d8:27:d0:4b:e9:ad:0f:23:cb:1d:25:df:d0:bf:80: 3e:1d:00:1d:0a:b9:93:79:78:eb:08:6d:7d:f6:c4: 95:10:ad:af:57:28:e4:f9:ea:41:18:a6:33:72:b6: 61:d8:e3:56:20:52:20:39:c8:43:65:a3:84:b4:48: 55:c5:da:55:1e:c8:5f:87:6d:74:57:be:d4:6f:11: 1b:6d:8c:f5:57:e7:9f:af:c2:1d:9a:8e:b8:08:49: c7:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:69:8C:94:CA:24:BD:E2:AA:A1:26:96:EF:0F:8B:FF:08:CC:23:E9 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F9A16356FE5B11EFB2B3047EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.251.32.0/22 103.219.204.0/22 202.53.4.0/22 203.28.245.0/24 IPv6: 2001:df2:6200::/48 2407:36c0::/32 Signature Algorithm: sha256WithRSAEncryption 6e:da:30:6f:7d:92:77:1b:d5:87:da:c5:9a:ef:f0:b9:9c:e8: 3a:7c:72:c3:a6:7c:26:3d:62:58:00:75:c8:3c:d2:a3:6d:85: c8:00:3d:a0:f6:c6:19:58:14:98:ae:d8:0b:1d:3c:d3:d3:35: e1:7a:6b:ef:0e:b6:d2:0f:48:0b:b0:3b:6f:8c:c7:24:09:f0: 0c:85:b1:6c:08:1f:b2:b4:a7:71:b0:cc:c3:06:62:30:b2:34: 77:00:1f:77:27:bc:90:ce:c2:ca:78:13:26:fb:5c:13:f9:6d: 38:bf:e9:3f:23:d1:e4:a1:c6:52:19:c6:a6:08:03:fe:21:0e: 61:f3:cf:c6:bf:96:34:96:56:5d:71:40:ae:a5:63:2a:3d:8d: a5:f8:0d:5b:ed:d3:81:9f:b4:3e:7d:e7:95:67:0a:c1:20:10: fe:d7:39:10:e7:fa:a5:74:53:75:fd:65:63:a6:0c:91:bf:ea: 9a:81:48:30:e7:30:aa:43:7c:7b:e5:2b:b1:ea:ac:49:69:18: 16:b4:24:ca:70:31:d3:51:8f:69:7c:53:f9:2b:e4:b9:7c:b4: 38:98:03:e2:0c:64:3a:6b:24:53:16:34:b0:f2:b4:e4:b9:6f: 65:a4:38:a3:db:15:5e:69:47:0f:66:28:dd:60:84:54:ee:ed: 5f:5d:03:9c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIDALMYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDM0NVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q1ZTAtYWY2MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKKy87Tg7I/Wdzid7+6cf32iA8olsYGs6Cgq/PAx/tadaFH3k4IVgAGBGdNh Je8B3scsKw9jR08+AYf2RtEbeGw6cWlDD80J4GoeoCfAK0s98c1yfJJcZKBMZiQU y6czsT3J6Jb6Y9PWUdq+ehITjZYYfd48JZ1BRrLLtNwJsYUeHBg9K7eXRm5Xm6ZW BhVNRbrFnXKHMZbZUMzAYn2csvdhaYyx2CfQS+mtDyPLHSXf0L+APh0AHQq5k3l4 6whtffbElRCtr1co5PnqQRimM3K2YdjjViBSIDnIQ2WjhLRIVcXaVR7IX4dtdFe+ 1G8RG22M9Vfnn6/CHZqOuAhJx3kCAwEAAaOCAr8wggK7MB0GA1UdDgQWBBSdaYyU yiS94qqhJpbvD4v/CMwj6TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y5QTE2MzU2 RkU1QjExRUZCMkIzMDQ3RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEkGCCsGAQUFBwEHAQH/ BDowODAeBAIAATAYAwQCLfsgAwQCZ9vMAwQCyjUEAwQAyxz1MBYEAgACMBADBwAg AQ3yYgADBQAkBzbAMA0GCSqGSIb3DQEBCwUAA4IBAQBu2jBvfZJ3G9WH2sWa7/C5 nOg6fHLDpnwmPWJYAHXIPNKjbYXIAD2g9sYZWBSYrtgLHTzT0zXhemvvDrbSD0gL sDtvjMckCfAMhbFsCB+ytKdxsMzDBmIwsjR3AB93J7yQzsLKeBMm+1wT+W04v+k/ I9HkocZSGcamCAP+IQ5h88/Gv5Y0llZdcUCupWMqPY2l+A1b7dOBn7Q+feeVZwrB IBD+1zkQ5/qldFN1/WVjpgyRv+qagUgw5zCqQ3x75Sux6qxJaRgWtCTKcDHTUY9p fFP5K+S5fLQ4mAPiDGQ6ayRTFjSw8rTkuW9lpDij2xVeaUcPZijdYIRU7u1fXQOc -----END CERTIFICATE-----Generated at Mon May 12 15:46:49 2025 by rpki-client