$ rpki-client -vvf rpki.apnic.net/member_repository/A918FF9D/CF86D58A9FE511EABB863A80C4F9AE02/2A1AD3BA9FE711EAAFA97B81C4F9AE02.roa File: 2A1AD3BA9FE711EAAFA97B81C4F9AE02.roa (raw, json) Hash identifier: McDtUaMk7e01xsshJ/22xBrdGiD8USZ0rSk/8TzyXxM= Subject key identifier: 9C:7E:30:F8:D7:87:78:D4:2A:B0:C0:67:85:A9:62:72:DB:DB:30:A5 Certificate issuer: /CN=A918FF9D/serialNumber=A5FE5129D481ED1A00E55E99CE30E008B63D6CEE Certificate serial: 091C Authority key identifier: A5:FE:51:29:D4:81:ED:1A:00:E5:5E:99:CE:30:E0:08:B6:3D:6C:EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pf5RKdSB7RoA5V6ZzjDgCLY9bO4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918FF9D/CF86D58A9FE511EABB863A80C4F9AE02/2A1AD3BA9FE711EAAFA97B81C4F9AE02.roa Signing time: Mon 28 Apr 2025 21:00:18 +0000 ROA not before: Mon 28 Apr 2025 21:00:18 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 140669 IP address blocks: 103.151.182.0/23 maxlen: 23 103.151.182.0/24 maxlen: 24 103.151.183.0/24 maxlen: 24 2001:df3:d280::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918FF9D/CF86D58A9FE511EABB863A80C4F9AE02/pf5RKdSB7RoA5V6ZzjDgCLY9bO4.crl rsync://rpki.apnic.net/member_repository/A918FF9D/CF86D58A9FE511EABB863A80C4F9AE02/pf5RKdSB7RoA5V6ZzjDgCLY9bO4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pf5RKdSB7RoA5V6ZzjDgCLY9bO4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2332 (0x91c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918FF9D, serialNumber=A5FE5129D481ED1A00E55E99CE30E008B63D6CEE Validity Not Before: Apr 28 21:00:18 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=680fec62-e130 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:83:9c:4c:ce:c7:bd:9e:25:d3:83:79:a5:6c: e1:a2:93:e9:f5:f5:d0:07:ae:2f:82:3f:2d:f0:4a: 1e:db:49:a7:d2:bd:1c:13:8d:09:5a:a4:cd:9b:fa: 52:21:b3:a7:96:9e:18:e2:2a:eb:46:19:5f:82:11: 1c:94:3b:a3:16:9b:3a:21:e8:18:5e:64:d4:b7:71: 7b:cd:7f:9f:58:a6:ba:c3:98:64:dd:ef:35:21:b0: 29:62:17:92:23:0e:0f:b0:7a:1a:bf:07:15:97:e4: 3e:3c:6f:d4:44:cf:0d:d4:99:22:bf:c6:55:16:5e: eb:33:3c:a5:78:ed:84:01:e7:0f:7a:b6:1d:28:b2: 0f:6e:1e:d7:76:c7:b5:23:b2:99:19:23:b2:9a:37: df:78:37:27:3e:bb:b2:57:9b:e7:f9:16:bb:21:66: d9:8a:e3:2b:31:9c:81:a9:78:97:ea:ca:e8:47:dc: 50:9d:24:05:55:f5:0a:b8:6c:a4:d4:4c:a7:98:cb: d1:fd:4f:6f:5b:7b:a1:09:32:2e:e0:b7:02:54:68: 8c:6c:84:33:66:5a:c7:af:71:86:32:bb:f2:a6:43: dc:e2:03:9d:77:f5:92:e7:95:b9:ab:c5:14:c0:07: a4:7e:d6:3e:4d:81:aa:fe:c8:01:20:e3:f4:8d:5f: b0:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:7E:30:F8:D7:87:78:D4:2A:B0:C0:67:85:A9:62:72:DB:DB:30:A5 X509v3 Authority Key Identifier: keyid:A5:FE:51:29:D4:81:ED:1A:00:E5:5E:99:CE:30:E0:08:B6:3D:6C:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918FF9D/CF86D58A9FE511EABB863A80C4F9AE02/pf5RKdSB7RoA5V6ZzjDgCLY9bO4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pf5RKdSB7RoA5V6ZzjDgCLY9bO4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FF9D/CF86D58A9FE511EABB863A80C4F9AE02/2A1AD3BA9FE711EAAFA97B81C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.151.182.0/23 IPv6: 2001:df3:d280::/48 Signature Algorithm: sha256WithRSAEncryption 97:84:ff:1b:e4:d6:ea:62:94:3a:b0:e4:b6:91:99:db:e8:b7: 72:d2:e4:73:fd:9a:13:69:d7:47:b7:e1:86:50:5d:19:f6:e4: cc:7f:fb:3d:52:03:2e:af:61:29:a3:1a:fb:4d:17:14:45:6b: 1b:96:03:d4:f7:2b:da:21:24:5a:76:b8:6e:52:ca:fe:35:4c: 70:ef:61:8c:0e:a4:68:03:a0:b5:9a:8b:d2:79:5c:65:11:8a: 74:cd:99:2f:bd:e2:2a:6d:29:3a:8c:3a:b0:bd:52:4b:fe:62: d6:20:bc:01:91:ae:a9:85:24:0e:b0:38:0e:95:54:3c:3b:a7: 6c:7b:b2:c5:17:f3:77:09:95:d3:5c:ba:ac:96:57:50:8b:e1: 69:5d:b5:1c:ce:a3:56:5f:d4:22:c3:96:02:4a:af:69:82:6e: 17:20:27:c8:c9:8b:5e:25:00:39:18:95:a9:ff:b3:eb:0e:41: ce:b9:b4:34:db:f6:c9:98:02:86:7f:dd:a9:92:53:8a:d8:ae: f4:36:6a:30:6f:f5:46:a3:b5:8e:c5:66:1d:bf:c0:48:13:57: f7:6f:7b:95:ef:b8:38:30:77:15:ea:ac:a3:7c:b2:e6:e0:b4: ea:68:43:6f:f0:43:8c:bf:51:2b:9b:ae:91:07:57:a3:58:4e: 64:8b:7d:23 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICCRwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEZGOUQxMTAvBgNVBAUTKEE1RkU1MTI5RDQ4MUVEMUEwMEU1NUU5OUNFMzBFMDA4 QjYzRDZDRUUwHhcNMjUwNDI4MjEwMDE4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODBmZWM2Mi1lMTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApYOcTM7HvZ4l04N5pWzhopPp9fXQB64vgj8t8Eoe20mn0r0cE40JWqTNm/pS IbOnlp4Y4irrRhlfghEclDujFps6IegYXmTUt3F7zX+fWKa6w5hk3e81IbApYheS Iw4PsHoavwcVl+Q+PG/URM8N1Jkiv8ZVFl7rMzyleO2EAecPerYdKLIPbh7Xdse1 I7KZGSOymjffeDcnPruyV5vn+Ra7IWbZiuMrMZyBqXiX6sroR9xQnSQFVfUKuGyk 1EynmMvR/U9vW3uhCTIu4LcCVGiMbIQzZlrHr3GGMrvypkPc4gOdd/WS55W5q8UU wAekftY+TYGq/sgBIOP0jV+w8wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJx+MPjX h3jUKrDAZ4WpYnLb2zClMB8GA1UdIwQYMBaAFKX+USnUge0aAOVemc4w4Ai2PWzu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkY5RC9DRjg2RDU4QTlG RTUxMUVBQkI4NjNBODBDNEY5QUUwMi9wZjVSS2RTQjdSb0E1VjZaempEZ0NMWTli TzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BmNVJLZFNCN1JvQTVWNlp6akRnQ0xZOWJPNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEZGOUQvQ0Y4NkQ1OEE5RkU1MTFFQUJCODYzQTgwQzRGOUFFMDIvMkExQUQzQkE5 RkU3MTFFQUFGQTk3QjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnl7YwDwQCAAIwCQMHACABDfPSgDANBgkqhkiG9w0BAQsF AAOCAQEAl4T/G+TW6mKUOrDktpGZ2+i3ctLkc/2aE2nXR7fhhlBdGfbkzH/7PVID Lq9hKaMa+00XFEVrG5YD1Pcr2iEkWna4blLK/jVMcO9hjA6kaAOgtZqL0nlcZRGK dM2ZL73iKm0pOow6sL1SS/5i1iC8AZGuqYUkDrA4DpVUPDunbHuyxRfzdwmV01y6 rJZXUIvhaV21HM6jVl/UIsOWAkqvaYJuFyAnyMmLXiUAORiVqf+z6w5Bzrm0NNv2 yZgChn/dqZJTitiu9DZqMG/1RqO1jsVmHb/ASBNX9297le+4ODB3Feqso3yy5uC0 6mhDb/BDjL9RK5uukQdXo1hOZIt9Iw== -----END CERTIFICATE-----Generated at Mon May 12 18:39:28 2025 by rpki-client