$ rpki-client -vvf rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/C4F05AA6144911EF85E2DC26C4F9AE02.roa File: C4F05AA6144911EF85E2DC26C4F9AE02.roa (raw, json) Hash identifier: j3DVuY32luQDVa/vF1hOJNJXMyj5FRS3jyl06+nliBE= Subject key identifier: 00:11:9A:A3:EE:CA:56:A3:B1:23:FD:B3:6C:37:BC:11:71:B2:5E:F5 Certificate issuer: /CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A Certificate serial: 21FA Authority key identifier: 13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/C4F05AA6144911EF85E2DC26C4F9AE02.roa Signing time: Tue 06 May 2025 16:23:34 +0000 ROA not before: Tue 06 May 2025 16:23:34 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 132296 IP address blocks: 103.255.115.0/24 maxlen: 24 202.134.144.0/24 maxlen: 24 202.134.145.0/24 maxlen: 24 202.134.146.0/24 maxlen: 24 202.134.147.0/24 maxlen: 24 202.134.148.0/24 maxlen: 24 202.134.149.0/24 maxlen: 24 202.134.150.0/24 maxlen: 24 202.134.151.0/24 maxlen: 24 202.134.152.0/24 maxlen: 24 202.134.153.0/24 maxlen: 24 202.134.157.0/24 maxlen: 24 202.134.158.0/24 maxlen: 24 202.134.159.0/24 maxlen: 24 202.134.162.0/24 maxlen: 24 202.134.167.0/24 maxlen: 24 202.134.168.0/24 maxlen: 24 202.134.173.0/24 maxlen: 24 202.134.174.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 15:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8698 (0x21fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919DAF2, serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A Validity Not Before: May 6 16:23:34 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681a3786-8234 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f4:7a:33:1b:c1:03:0b:3e:c4:3d:1a:4d:4d: ee:04:aa:12:2f:4a:4d:a7:76:cd:58:98:52:03:7e: 17:e5:5a:9a:5c:4b:72:94:54:68:03:3c:28:12:4e: 1f:3e:cc:82:5b:f4:57:0a:a0:df:ca:14:37:9a:b3: c7:df:53:7a:5d:ea:db:44:4a:8a:0b:d9:c9:da:32: 6c:ef:e5:bf:45:32:e1:ed:35:93:96:bd:f1:ce:08: d5:f0:ad:80:ea:e0:f5:6c:3b:c0:d5:f8:ff:e5:88: 7f:67:43:db:ff:f9:11:0b:fd:e4:c8:2d:9d:2f:de: 64:50:fa:6f:45:0e:ad:0f:92:f3:cd:c3:bd:45:47: 09:0c:75:03:40:eb:73:31:b3:ef:4a:6c:52:fa:a0: 21:7c:3d:b8:ff:15:93:a0:64:44:a9:bd:d2:d6:5d: 5d:91:7c:ac:7c:a8:87:71:5e:8a:39:92:4b:2d:4f: 00:07:23:2d:f8:0a:06:62:94:ef:72:02:ab:ff:aa: 31:19:92:6b:a4:34:a2:e2:4d:47:9b:c8:39:a2:b7: 69:43:2c:c3:24:6d:e0:79:02:56:90:66:0e:50:fc: d8:69:d1:8d:25:1c:3f:ed:1d:35:7f:2a:6a:07:92: 54:dd:dc:11:e3:f5:3c:3d:b8:e8:c8:17:b4:89:03: a7:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:11:9A:A3:EE:CA:56:A3:B1:23:FD:B3:6C:37:BC:11:71:B2:5E:F5 X509v3 Authority Key Identifier: keyid:13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/C4F05AA6144911EF85E2DC26C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.255.115.0/24 202.134.144.0-202.134.153.255 202.134.157.0-202.134.159.255 202.134.162.0/24 202.134.167.0-202.134.168.255 202.134.173.0-202.134.174.255 Signature Algorithm: sha256WithRSAEncryption 28:67:44:f4:df:98:a3:fa:ef:09:2d:a0:32:b3:82:45:a0:8f: 0b:79:e1:3e:77:13:8c:be:f4:17:e0:6e:69:db:e8:9f:60:0c: cb:f8:a8:e4:cb:a8:36:bc:ce:00:e0:84:e3:dc:b0:4b:26:6f: 8c:29:47:d3:56:0a:b0:e1:ed:51:1b:28:2e:46:a0:4b:ad:47: c4:f4:09:ad:6e:60:7e:ff:26:9f:ad:b3:0a:e4:91:66:a3:c3: 75:1a:6c:33:a2:88:3b:f2:47:04:bb:27:26:c9:f8:e9:1c:8b: 74:ba:c7:a3:30:21:b1:47:1b:1e:c4:5f:32:73:3f:eb:71:ca: c8:3b:37:a3:db:d5:4b:c0:b3:5e:82:da:c5:d6:3f:26:37:0b: 45:0b:59:2f:e6:45:b5:86:2f:e6:f0:51:fc:8b:1a:03:0f:cc: 2c:8e:00:03:1c:93:26:0d:fa:cd:82:6c:54:0c:a0:4b:4c:a1: bc:9e:33:04:5f:95:3a:ca:6f:db:d4:be:68:25:8c:99:4f:f7: 93:bf:ec:b5:8c:a8:31:f2:6e:9c:ba:25:bf:7e:53:a9:3e:0f: c4:42:23:1e:a6:cb:69:99:ce:b9:67:ae:8f:4a:79:cc:6e:41: 58:2f:60:31:6d:99:58:de:dd:26:8d:e0:d4:eb:4d:e0:2c:84: fd:d8:5f:46 -----BEGIN CERTIFICATE----- MIIFrzCCBJegAwIBAgICIfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OURBRjIxMTAvBgNVBAUTKDEzOUNDMURCNkI5RDI0QjkzQjE0OTI4QTc1MThEMDRF QjNCMjZBM0EwHhcNMjUwNTA2MTYyMzM0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODFhMzc4Ni04MjM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqPR6MxvBAws+xD0aTU3uBKoSL0pNp3bNWJhSA34X5VqaXEtylFRoAzwoEk4f PsyCW/RXCqDfyhQ3mrPH31N6XerbREqKC9nJ2jJs7+W/RTLh7TWTlr3xzgjV8K2A 6uD1bDvA1fj/5Yh/Z0Pb//kRC/3kyC2dL95kUPpvRQ6tD5LzzcO9RUcJDHUDQOtz MbPvSmxS+qAhfD24/xWToGREqb3S1l1dkXysfKiHcV6KOZJLLU8AByMt+AoGYpTv cgKr/6oxGZJrpDSi4k1Hm8g5ordpQyzDJG3geQJWkGYOUPzYadGNJRw/7R01fypq B5JU3dwR4/U8PbjoyBe0iQOnYwIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFAARmqPu ylajsSP9s2w3vBFxsl71MB8GA1UdIwQYMBaAFBOcwdtrnSS5OxSSinUY0E6zsmo6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REFGMi8yNkVDNkREQUQz REExMUU1OEM1Q0Q0MEZDNEY5QUUwMi9FNXpCMjJ1ZEpMazdGSktLZFJqUVRyT3lh am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0U1ekIyMnVkSkxrN0ZKS0tkUmpRVHJPeWFqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OURBRjIvMjZFQzZEREFEM0RBMTFFNThDNUNENDBGQzRGOUFFMDIvQzRGMDVBQTYx NDQ5MTFFRjg1RTJEQzI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E TjBMMEoEAgABMEQDBABn/3MwDAMEBMqGkAMEAcqGmDAMAwQAyoadAwQFyoaAAwQA yoaiMAwDBADKhqcDBADKhqgwDAMEAMqGrQMEAMqGrjANBgkqhkiG9w0BAQsFAAOC AQEAKGdE9N+Yo/rvCS2gMrOCRaCPC3nhPncTjL70F+Buadvon2AMy/io5MuoNrzO AOCE49ywSyZvjClH01YKsOHtURsoLkagS61HxPQJrW5gfv8mn62zCuSRZqPDdRps M6KIO/JHBLsnJsn46RyLdLrHozAhsUcbHsRfMnM/63HKyDs3o9vVS8CzXoLaxdY/ JjcLRQtZL+ZFtYYv5vBR/IsaAw/MLI4AAxyTJg36zYJsVAygS0yhvJ4zBF+VOspv 29S+aCWMmU/3k7/stYyoMfJunLolv35TqT4PxEIjHqbLaZnOuWeuj0p5zG5BWC9g MW2ZWN7dJo3g1OtN4CyE/dhfRg== -----END CERTIFICATE-----Generated at Sun May 11 06:28:12 2025 by rpki-client