$ rpki-client -vvf rpki.apnic.net/member_repository/A911AE4A/14135E60651611EDA632214FC4F9AE02/8317209CE04511EF8BD5FA0EC4F9AE02.roa File: 8317209CE04511EF8BD5FA0EC4F9AE02.roa (raw, json) Hash identifier: qhLrFQwrYhOLSUibHsVPDR62qBrN0Uk5urYwMKz2M7M= Subject key identifier: 58:C7:BE:85:25:CD:3F:C6:FD:24:04:D3:74:B3:71:95:49:7D:28:A5 Certificate issuer: /CN=A911AE4A/serialNumber=C070A495B383E59D4571B6B17D8A9289AAED1825 Certificate serial: 01B3 Authority key identifier: C0:70:A4:95:B3:83:E5:9D:45:71:B6:B1:7D:8A:92:89:AA:ED:18:25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wHCklbOD5Z1FcbaxfYqSiartGCU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911AE4A/14135E60651611EDA632214FC4F9AE02/8317209CE04511EF8BD5FA0EC4F9AE02.roa Signing time: Mon 03 Feb 2025 02:26:07 +0000 ROA not before: Mon 03 Feb 2025 02:26:07 +0000 ROA not after: Mon 02 Jun 2025 00:00:00 +0000 asID: 150422 IP address blocks: 103.38.208.0/23 maxlen: 23 103.38.208.0/24 maxlen: 24 103.38.209.0/24 maxlen: 24 2400:c060::/32 maxlen: 40 2400:c060::/48 maxlen: 48 2400:c060:1::/48 maxlen: 48 2400:c060:2::/48 maxlen: 48 2400:c060:3::/48 maxlen: 48 2400:c060:4::/48 maxlen: 48 2400:c060:5::/48 maxlen: 48 2400:c060:6::/48 maxlen: 48 2400:c060:7::/48 maxlen: 48 2400:c060:8::/48 maxlen: 48 2400:c060:9::/48 maxlen: 48 2400:c060:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911AE4A/14135E60651611EDA632214FC4F9AE02/wHCklbOD5Z1FcbaxfYqSiartGCU.crl rsync://rpki.apnic.net/member_repository/A911AE4A/14135E60651611EDA632214FC4F9AE02/wHCklbOD5Z1FcbaxfYqSiartGCU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wHCklbOD5Z1FcbaxfYqSiartGCU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:04:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 435 (0x1b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911AE4A, serialNumber=C070A495B383E59D4571B6B17D8A9289AAED1825 Validity Not Before: Feb 3 02:26:07 2025 GMT Not After : Jun 2 00:00:00 2025 GMT Subject: CN=67a0293e-8ca5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:60:21:1b:54:0e:cd:eb:c4:14:ae:79:8e:46: 76:5b:e4:a8:99:a0:38:2a:6b:cc:5e:f9:91:2d:91: 12:d3:6e:3a:61:05:fd:11:98:6a:e1:0b:10:84:99: 89:52:d5:a3:30:b3:f2:9b:17:36:12:fd:27:82:11: f2:a3:42:71:c7:89:98:3e:3b:28:aa:04:d6:41:2c: 44:31:7a:d9:41:39:27:90:63:6c:f9:8a:0c:82:48: 1c:37:cb:00:f0:8e:2d:9e:01:64:1a:07:4d:57:f9: 10:86:95:e4:94:71:9a:05:d4:ff:e2:ae:76:8b:7f: e9:85:3f:42:90:ee:4a:e6:1e:10:67:ac:a4:cb:b5: 98:e4:bc:83:d3:a8:d4:64:97:03:eb:03:54:f0:74: 81:87:07:56:48:ad:2d:90:4f:59:31:85:9e:a1:59: 4a:19:b0:14:c2:9d:b8:2f:ff:27:68:91:12:51:48: a7:d5:ac:88:79:d2:e7:be:2d:f5:e4:10:30:c6:c0: 0d:e9:be:c8:33:4e:e1:73:a1:c6:f1:be:1d:12:b1: a0:0e:95:16:68:08:4b:89:60:5f:7f:0a:b4:f7:06: a3:0a:49:7e:fd:70:18:a8:a0:cc:e9:85:98:51:27: bb:10:cd:ae:76:d9:46:81:63:b1:f6:de:c2:f4:8b: 56:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:C7:BE:85:25:CD:3F:C6:FD:24:04:D3:74:B3:71:95:49:7D:28:A5 X509v3 Authority Key Identifier: keyid:C0:70:A4:95:B3:83:E5:9D:45:71:B6:B1:7D:8A:92:89:AA:ED:18:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911AE4A/14135E60651611EDA632214FC4F9AE02/wHCklbOD5Z1FcbaxfYqSiartGCU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wHCklbOD5Z1FcbaxfYqSiartGCU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AE4A/14135E60651611EDA632214FC4F9AE02/8317209CE04511EF8BD5FA0EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.38.208.0/23 IPv6: 2400:c060::/32 Signature Algorithm: sha256WithRSAEncryption 42:43:c4:cb:a2:97:09:33:ae:1b:43:07:8f:a5:28:13:ba:06: 40:a1:bf:81:82:64:14:4c:58:e3:b8:d2:55:f9:f9:11:d8:dc: c0:44:d1:0b:1d:f6:1f:78:d1:d3:30:dd:08:f9:23:d9:8d:c9: 66:c3:cf:f5:d1:fc:bf:ad:e9:7d:a5:ff:e4:68:24:07:5b:52: a8:89:23:63:d2:ed:da:58:56:16:2e:a5:7f:47:a4:ec:f5:15: 2c:27:90:74:a5:2e:7b:5f:8b:57:c6:9b:b3:04:64:36:b7:e4: 6f:98:55:a6:7a:fd:c3:a2:ee:1f:55:71:31:50:07:2d:bb:db: 78:7e:50:01:26:03:24:ae:31:05:87:53:60:92:0c:69:f1:68: 0f:e7:a1:4b:99:f0:3e:39:f0:11:90:6a:c1:48:91:c5:fb:ff: 10:cd:ba:c5:9b:fe:58:80:cb:c8:47:aa:b6:56:4a:12:40:1c: bd:e4:30:df:ab:87:80:f9:dc:0d:e3:c0:3b:25:4e:15:49:95: 92:6d:84:bb:51:b6:be:7e:d8:b6:dc:7e:9d:0e:38:55:a9:9c: 08:69:4b:a4:a4:bd:44:6f:00:44:06:a7:1a:c8:70:3a:c1:44: 75:58:56:3f:6d:eb:f3:9b:a1:c8:c2:73:82:89:40:bc:0a:b1: c6:6f:69:b1 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICAbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUFFNEExMTAvBgNVBAUTKEMwNzBBNDk1QjM4M0U1OUQ0NTcxQjZCMTdEOEE5Mjg5 QUFFRDE4MjUwHhcNMjUwMjAzMDIyNjA3WhcNMjUwNjAyMDAwMDAwWjAYMRYwFAYD VQQDEw02N2EwMjkzZS04Y2E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3GAhG1QOzevEFK55jkZ2W+SomaA4KmvMXvmRLZES0246YQX9EZhq4QsQhJmJ UtWjMLPymxc2Ev0nghHyo0Jxx4mYPjsoqgTWQSxEMXrZQTknkGNs+YoMgkgcN8sA 8I4tngFkGgdNV/kQhpXklHGaBdT/4q52i3/phT9CkO5K5h4QZ6yky7WY5LyD06jU ZJcD6wNU8HSBhwdWSK0tkE9ZMYWeoVlKGbAUwp24L/8naJESUUin1ayIedLnvi31 5BAwxsAN6b7IM07hc6HG8b4dErGgDpUWaAhLiWBffwq09wajCkl+/XAYqKDM6YWY USe7EM2udtlGgWOx9t7C9ItWuwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFjHvoUl zT/G/SQE03SzcZVJfSilMB8GA1UdIwQYMBaAFMBwpJWzg+WdRXG2sX2Kkomq7Rgl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUU0QS8xNDEzNUU2MDY1 MTYxMUVEQTYzMjIxNEZDNEY5QUUwMi93SENrbGJPRDVaMUZjYmF4ZllxU2lhcnRH Q1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3dIQ2tsYk9ENVoxRmNiYXhmWXFTaWFydEdDVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUFFNEEvMTQxMzVFNjA2NTE2MTFFREE2MzIyMTRGQzRGOUFFMDIvODMxNzIwOUNF MDQ1MTFFRjhCRDVGQTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnJtAwDQQCAAIwBwMFACQAwGAwDQYJKoZIhvcNAQELBQAD ggEBAEJDxMuilwkzrhtDB4+lKBO6BkChv4GCZBRMWOO40lX5+RHY3MBE0Qsd9h94 0dMw3Qj5I9mNyWbDz/XR/L+t6X2l/+RoJAdbUqiJI2PS7dpYVhYupX9HpOz1FSwn kHSlLntfi1fGm7MEZDa35G+YVaZ6/cOi7h9VcTFQBy2723h+UAEmAySuMQWHU2CS DGnxaA/noUuZ8D458BGQasFIkcX7/xDNusWb/liAy8hHqrZWShJAHL3kMN+rh4D5 3A3jwDslThVJlZJthLtRtr5+2Lbcfp0OOFWpnAhpS6SkvURvAEQGpxrIcDrBRHVY Vj9t6/ObocjCc4KJQLwKscZvabE= -----END CERTIFICATE-----Generated at Sat Apr 26 12:27:42 2025 by rpki-client