$ rpki-client -vvf rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/EDDDD55C252E11EEB91A8941C4F9AE02.roa File: EDDDD55C252E11EEB91A8941C4F9AE02.roa (raw, json) Hash identifier: FVltAYipOD9ESgI+qOY0I+92Q4+raVRl2aTMJVFkTA0= Subject key identifier: B1:FB:5C:58:BC:9B:0D:8F:83:D8:19:FC:00:56:A3:41:CB:40:26:BA Certificate issuer: /CN=A911AE24/serialNumber=24223D0C7D101DB7AD7E3CB8DDB170629365CAEE Certificate serial: 0160 Authority key identifier: 24:22:3D:0C:7D:10:1D:B7:AD:7E:3C:B8:DD:B1:70:62:93:65:CA:EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCI9DH0QHbetfjy43bFwYpNlyu4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/EDDDD55C252E11EEB91A8941C4F9AE02.roa Signing time: Thu 20 Feb 2025 15:46:09 +0000 ROA not before: Thu 20 Feb 2025 15:46:09 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 151333 IP address blocks: 103.199.140.0/24 maxlen: 24 103.199.141.0/24 maxlen: 24 2001:df2:70c0::/48 maxlen: 48 2001:df2:70c1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/JCI9DH0QHbetfjy43bFwYpNlyu4.crl rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/JCI9DH0QHbetfjy43bFwYpNlyu4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCI9DH0QHbetfjy43bFwYpNlyu4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:59:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 352 (0x160) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911AE24, serialNumber=24223D0C7D101DB7AD7E3CB8DDB170629365CAEE Validity Not Before: Feb 20 15:46:09 2025 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=67b74e41-851a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:37:5f:33:d0:ce:d8:8f:ef:e8:d9:05:c6:bf: 3d:07:6c:28:7f:50:7a:88:16:3c:89:1b:0a:9b:5e: fe:8b:aa:db:7d:50:6c:88:86:72:d2:9f:a5:0c:17: bf:c8:96:22:01:89:1c:ba:11:66:7e:1c:b8:c4:86: 51:38:d1:fe:df:f9:31:5a:4e:5f:04:a2:4a:ab:bb: 69:d9:b6:ca:3b:be:fd:ab:4a:6d:29:24:86:0e:f1: 35:8e:c3:a6:23:4d:83:63:55:17:2a:f8:9d:2e:97: dc:e2:a9:b7:b1:ad:be:36:75:b0:39:1a:73:19:e6: c1:a2:4c:f6:4b:20:e4:7a:c3:f4:b5:e3:19:80:cd: ce:a0:ba:53:00:7a:e0:4d:26:ee:06:41:e1:cb:72: 0c:81:11:71:a6:62:ad:b5:54:5d:e1:9c:6e:27:8d: 81:ec:f9:f3:83:35:f3:83:85:ca:06:02:98:59:b2: 03:3b:0c:f6:dd:84:f3:a5:c5:47:0f:33:84:96:b6: 18:1a:2f:ee:f4:ab:03:bb:1f:95:a2:8c:5d:1a:bd: 3b:11:71:52:b7:de:dd:b6:9e:9c:dd:e6:bb:9f:66: e2:12:98:61:ac:2a:25:7b:8b:3e:dc:0d:c5:49:30: 82:37:f3:ae:2f:a0:41:e8:64:b9:48:de:70:16:6f: c6:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:FB:5C:58:BC:9B:0D:8F:83:D8:19:FC:00:56:A3:41:CB:40:26:BA X509v3 Authority Key Identifier: keyid:24:22:3D:0C:7D:10:1D:B7:AD:7E:3C:B8:DD:B1:70:62:93:65:CA:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/JCI9DH0QHbetfjy43bFwYpNlyu4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCI9DH0QHbetfjy43bFwYpNlyu4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AE24/F2F675FEF3FF11ED952D741CC4F9AE02/EDDDD55C252E11EEB91A8941C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.199.140.0/23 IPv6: 2001:df2:70c0::/47 Signature Algorithm: sha256WithRSAEncryption 97:f6:90:34:bf:e7:30:86:a9:d2:6a:33:70:d2:fe:b5:b4:0a: f3:0d:86:2a:a7:69:83:2f:9a:d6:26:ea:3e:39:1c:db:b9:83: 8a:66:79:ad:df:6a:4b:c6:0c:d7:c6:2f:4f:4e:23:d0:05:cf: dc:5f:ca:2a:de:1a:b6:af:1c:71:d1:31:67:56:2b:06:85:04: 11:3c:09:74:3a:c4:d5:e7:7c:2e:cb:6e:15:8d:0c:ef:12:9c: 3e:d7:e1:07:d8:1d:c0:b2:6e:1e:b6:a2:df:8b:4c:49:05:26: 3b:52:30:9d:d4:52:44:59:4a:6c:67:26:e4:37:56:8a:14:eb: 45:96:da:30:a4:93:d4:82:9c:1b:5d:38:db:ef:7d:d3:2a:c8: fe:46:ea:3c:c2:f2:21:6a:f2:0b:f9:dd:81:4f:b4:69:96:57: 44:aa:37:3e:ba:47:3e:bd:2a:3d:62:7d:6e:31:8a:3c:e8:f1: a0:59:07:62:4b:ae:46:79:69:a5:b3:44:ae:5e:59:1c:0a:43: 60:9b:b5:94:91:ca:2b:3e:61:44:90:c5:f6:e8:9d:39:6f:ed: 5c:3b:f3:68:b6:e1:82:bd:23:44:55:c9:c5:35:cc:7a:83:b5: 11:2c:5f:6a:5e:e2:53:d8:55:0e:90:d9:0f:8d:53:65:5d:14: 3c:af:90:50 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUFFMjQxMTAvBgNVBAUTKDI0MjIzRDBDN0QxMDFEQjdBRDdFM0NCOEREQjE3MDYy OTM2NUNBRUUwHhcNMjUwMjIwMTU0NjA5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2I3NGU0MS04NTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxDdfM9DO2I/v6NkFxr89B2wof1B6iBY8iRsKm17+i6rbfVBsiIZy0p+lDBe/ yJYiAYkcuhFmfhy4xIZRONH+3/kxWk5fBKJKq7tp2bbKO779q0ptKSSGDvE1jsOm I02DY1UXKvidLpfc4qm3sa2+NnWwORpzGebBokz2SyDkesP0teMZgM3OoLpTAHrg TSbuBkHhy3IMgRFxpmKttVRd4ZxuJ42B7PnzgzXzg4XKBgKYWbIDOwz23YTzpcVH DzOElrYYGi/u9KsDux+VooxdGr07EXFSt97dtp6c3ea7n2biEphhrCole4s+3A3F STCCN/OuL6BB6GS5SN5wFm/G1wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLH7XFi8 mw2Pg9gZ/ABWo0HLQCa6MB8GA1UdIwQYMBaAFCQiPQx9EB23rX48uN2xcGKTZcru MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUUyNC9GMkY2NzVGRUYz RkYxMUVEOTUyRDc0MUNDNEY5QUUwMi9KQ0k5REgwUUhiZXRmank0M2JGd1lwTmx5 dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pDSTlESDBRSGJldGZqeTQzYkZ3WXBObHl1NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUFFMjQvRjJGNjc1RkVGM0ZGMTFFRDk1MkQ3NDFDQzRGOUFFMDIvRUREREQ1NUMy NTJFMTFFRUI5MUE4OTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnx4wwDwQCAAIwCQMHASABDfJwwDANBgkqhkiG9w0BAQsF AAOCAQEAl/aQNL/nMIap0mozcNL+tbQK8w2GKqdpgy+a1ibqPjkc27mDimZ5rd9q S8YM18YvT04j0AXP3F/KKt4atq8ccdExZ1YrBoUEETwJdDrE1ed8LstuFY0M7xKc PtfhB9gdwLJuHrai34tMSQUmO1IwndRSRFlKbGcm5DdWihTrRZbaMKST1IKcG104 2+990yrI/kbqPMLyIWryC/ndgU+0aZZXRKo3PrpHPr0qPWJ9bjGKPOjxoFkHYkuu RnlppbNErl5ZHApDYJu1lJHKKz5hRJDF9uidOW/tXDvzaLbhgr0jRFXJxTXMeoO1 ESxfal7iU9hVDpDZD41TZV0UPK+QUA== -----END CERTIFICATE-----Generated at Sat Apr 26 15:19:59 2025 by rpki-client