$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/222E2FAC16EE11F09E906E12C4F9AE02.roa File: 222E2FAC16EE11F09E906E12C4F9AE02.roa (raw, json) Hash identifier: DoFm6RaZkUNcJGWZuZ/N3Vw0x/Ki25o4uY7ZTpQ6Svw= Subject key identifier: D1:6A:D0:B3:8A:F8:57:86:5B:E3:84:24:87:CA:43:6D:2F:74:EA:47 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 07A6 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/222E2FAC16EE11F09E906E12C4F9AE02.roa Signing time: Fri 11 Apr 2025 16:21:43 +0000 ROA not before: Fri 11 Apr 2025 16:21:43 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 197537 IP address blocks: 43.252.209.0/24 maxlen: 24 103.225.196.0/24 maxlen: 24 103.234.54.0/24 maxlen: 24 150.107.1.0/24 maxlen: 24 150.107.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:03:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1958 (0x7a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Apr 11 16:21:43 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67f94197-f224 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:df:6f:58:fc:ef:ee:69:dd:81:7d:7a:ea:78: 07:98:b6:bc:47:96:f3:7d:7e:a5:2c:e8:93:b1:37: 75:6d:49:1e:25:88:65:a1:94:f4:0a:82:b1:e5:0c: 63:07:01:13:5c:c9:35:49:20:ce:fc:e3:b2:75:85: eb:1a:21:96:d2:50:db:50:fe:af:43:d7:9b:05:64: 5e:e1:36:e5:86:f0:03:78:0b:81:29:9d:87:9e:ec: 5a:34:7d:39:92:fe:23:2c:12:12:28:bf:88:c1:1b: c4:15:80:db:24:3f:1c:36:31:3a:cb:e7:bc:2e:8e: ef:fd:0b:b8:35:0c:3d:e9:37:0e:23:b4:32:60:3c: 87:30:59:35:83:0f:6e:8e:38:fc:25:4f:99:60:33: e3:83:fc:b5:b1:0c:12:ed:6b:57:c1:dd:06:0b:cf: b7:3a:c2:cf:7f:87:46:1e:91:6e:4c:53:1c:e4:47: 34:65:bd:0d:90:76:f6:bb:de:0f:fa:9e:a1:35:0a: 1a:80:7e:d6:87:32:b3:e5:c4:23:7c:60:18:88:31: 58:5f:54:be:9e:3d:a2:4d:bb:2c:f6:cb:a6:2a:31: dd:f5:f8:d8:67:18:bf:60:ce:b4:45:c5:d6:8d:ab: 93:22:76:31:0a:ec:61:44:32:dc:7b:12:f2:9f:0a: ab:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:6A:D0:B3:8A:F8:57:86:5B:E3:84:24:87:CA:43:6D:2F:74:EA:47 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/222E2FAC16EE11F09E906E12C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.209.0/24 103.225.196.0/24 103.234.54.0/24 150.107.1.0-150.107.2.255 Signature Algorithm: sha256WithRSAEncryption 6b:7d:b0:61:89:8d:a0:7c:3f:35:59:6b:48:93:5d:f4:f4:23: 9f:a9:7b:a3:45:31:67:80:3c:76:77:a8:fc:0f:11:cc:74:2a: ca:58:19:ee:73:2c:c9:40:e6:7a:32:bd:18:d3:44:44:45:e8: 6e:ca:36:2c:57:96:d5:ce:16:08:a4:04:d2:ed:87:3b:9d:fc: 6e:b9:c6:ad:36:ca:a3:3c:83:6c:b0:90:0c:0c:d6:4d:92:e9: 44:0e:74:80:80:86:51:77:6f:27:6f:e1:c9:a3:5c:4c:d9:98: a5:20:3c:04:a1:af:37:8b:e4:03:8c:e1:e3:52:26:81:fa:30: 98:2b:02:09:77:cd:48:39:e4:c2:8f:f6:b0:2a:53:6f:54:da: fa:c8:91:66:84:60:6b:04:d4:f8:d3:36:da:cc:26:f9:bf:0f: b8:1d:25:08:41:96:e2:da:66:e9:a7:5a:af:d3:10:df:43:29: 57:5a:e9:08:55:8b:f7:15:68:f8:09:fb:5b:93:49:3d:e0:19: 62:6a:94:95:f1:1a:3e:75:40:9d:13:68:4f:22:96:fb:4f:16: d1:e1:b3:ab:84:cc:35:8d:bc:75:ae:42:12:9d:13:d8:ac:b8: 68:83:99:6a:53:50:fc:35:8a:a7:60:84:02:74:61:b4:70:08: 35:96:e0:23 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICB6YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUwNDExMTYyMTQzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y5NDE5Ny1mMjI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8t9vWPzv7mndgX166ngHmLa8R5bzfX6lLOiTsTd1bUkeJYhloZT0CoKx5Qxj BwETXMk1SSDO/OOydYXrGiGW0lDbUP6vQ9ebBWRe4TblhvADeAuBKZ2HnuxaNH05 kv4jLBISKL+IwRvEFYDbJD8cNjE6y+e8Lo7v/Qu4NQw96TcOI7QyYDyHMFk1gw9u jjj8JU+ZYDPjg/y1sQwS7WtXwd0GC8+3OsLPf4dGHpFuTFMc5Ec0Zb0NkHb2u94P +p6hNQoagH7WhzKz5cQjfGAYiDFYX1S+nj2iTbss9sumKjHd9fjYZxi/YM60RcXW jauTInYxCuxhRDLcexLynwqrOwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFNFq0LOK +FeGW+OEJIfKQ20vdOpHMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMjIyRTJGQUMx NkVFMTFGMDlFOTA2RTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMCYEAgABMCADBAAr/NEDBABn4cQDBABn6jYwDAMEAJZrAQMEAJZrAjANBgkq hkiG9w0BAQsFAAOCAQEAa32wYYmNoHw/NVlrSJNd9PQjn6l7o0UxZ4A8dneo/A8R zHQqylgZ7nMsyUDmejK9GNNEREXobso2LFeW1c4WCKQE0u2HO538brnGrTbKozyD bLCQDAzWTZLpRA50gICGUXdvJ2/hyaNcTNmYpSA8BKGvN4vkA4zh41ImgfowmCsC CXfNSDnkwo/2sCpTb1Ta+siRZoRgawTU+NM22swm+b8PuB0lCEGW4tpm6adar9MQ 30MpV1rpCFWL9xVo+An7W5NJPeAZYmqUlfEaPnVAnRNoTyKW+08W0eGzq4TMNY28 da5CEp0T2Ky4aIOZalNQ/DWKp2CEAnRhtHAINZbgIw== -----END CERTIFICATE-----Generated at Sat Apr 26 17:05:08 2025 by rpki-client