$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2294C59616EE11F09E906E12C4F9AE02.roa File: 2294C59616EE11F09E906E12C4F9AE02.roa (raw, json) Hash identifier: TAFLRnpDkPX0/1thH6OXxUqfDFzb/4YZ/ueijGni7sU= Subject key identifier: 6F:A9:52:A4:13:81:A4:D1:F3:5A:AE:AD:5F:3B:C6:50:DB:AB:14:53 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 07A7 Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2294C59616EE11F09E906E12C4F9AE02.roa Signing time: Fri 11 Apr 2025 16:21:44 +0000 ROA not before: Fri 11 Apr 2025 16:21:44 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 23532 IP address blocks: 43.252.209.0/24 maxlen: 24 103.225.196.0/24 maxlen: 24 103.234.54.0/24 maxlen: 24 150.107.1.0/24 maxlen: 24 150.107.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:03:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1959 (0x7a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Apr 11 16:21:44 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67f94197-fc3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:34:22:1e:93:d2:f9:d2:4a:dd:c9:78:8a:d4: 48:e8:7d:1c:28:61:6a:4f:fe:84:6c:be:e6:91:78: e1:da:60:96:74:02:b7:b6:a6:25:1e:7e:56:c6:56: b7:f2:f8:a6:6f:a2:9d:46:8d:d2:eb:fe:df:f8:ec: 14:67:2f:ab:7a:54:f4:0b:96:76:72:7b:08:6f:5d: 8d:ac:17:de:b3:77:0a:57:8a:08:3f:81:f2:3c:5a: 25:d2:5b:63:76:41:ba:97:69:0f:58:29:be:eb:46: 3f:7d:e6:06:7e:25:bd:8e:36:a7:c6:69:08:c6:6f: aa:85:58:77:43:ba:68:71:82:5e:2f:8c:28:d2:d1: ab:c8:f5:9d:ca:fe:90:8b:89:60:13:ad:c0:84:3d: dc:fb:28:4b:a3:ec:7f:8d:66:3b:07:da:ef:41:fa: 0f:cd:e5:6f:59:c8:c3:cc:87:96:67:2a:94:21:c4: 87:be:29:ed:1b:b0:88:67:b4:0a:bc:70:f7:cf:c7: c5:cf:10:a6:dd:f9:05:b1:df:e8:a8:29:b3:8f:09: ea:40:54:ee:d2:46:b0:1a:ed:2f:89:b0:f8:a2:cc: 86:62:a7:eb:9e:46:ac:39:57:78:ea:e6:1f:91:6f: 49:ea:46:df:e0:c9:60:88:1b:0d:38:42:11:4c:57: ff:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:A9:52:A4:13:81:A4:D1:F3:5A:AE:AD:5F:3B:C6:50:DB:AB:14:53 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2294C59616EE11F09E906E12C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.209.0/24 103.225.196.0/24 103.234.54.0/24 150.107.1.0-150.107.2.255 Signature Algorithm: sha256WithRSAEncryption 39:f4:8b:cf:12:96:5a:0d:91:f3:86:9f:7c:01:b6:c6:0a:88: 0e:2a:6c:06:8b:d6:a5:47:89:2d:be:dd:77:97:5c:4b:43:64: 72:2f:bb:98:65:e8:21:13:44:47:b9:c1:cc:9f:47:4e:6c:12: 3d:95:ce:74:f2:89:2b:d7:25:a3:1e:d0:72:3a:2e:d4:0c:ea: bf:6c:16:e7:b9:67:ac:fa:e1:ec:89:13:18:db:4a:e9:17:bf: 3b:ef:f0:2e:c2:19:c0:f0:f1:b0:f4:53:8b:64:5d:0a:f2:62: 4f:87:4c:e7:95:95:01:9f:e5:d5:b3:5a:4c:fd:94:f5:7d:32: df:1b:d0:f9:26:8d:d7:4f:58:c9:a4:1a:0f:93:c4:8e:d7:36: 3b:26:94:f9:c6:b0:5e:86:b0:43:b4:37:59:c2:94:0f:cb:f1: 73:71:4f:28:f7:af:b1:71:f1:49:79:a6:5b:39:3b:14:5f:2d: 59:49:7e:bf:79:b9:74:12:58:f6:95:a2:c0:8e:b4:31:e9:aa: 38:be:09:8e:0a:70:23:71:af:de:13:b5:b7:3d:ea:d9:ac:aa: c3:5a:2b:b0:b3:5c:69:66:e8:4b:95:6c:8c:f9:b7:50:94:de: ca:a1:19:91:5a:75:2f:af:27:88:fe:ef:f6:1a:77:bc:ce:24: 93:96:63:51 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICB6cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUwNDExMTYyMTQ0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y5NDE5Ny1mYzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6DQiHpPS+dJK3cl4itRI6H0cKGFqT/6EbL7mkXjh2mCWdAK3tqYlHn5Wxla3 8vimb6KdRo3S6/7f+OwUZy+relT0C5Z2cnsIb12NrBfes3cKV4oIP4HyPFol0ltj dkG6l2kPWCm+60Y/feYGfiW9jjanxmkIxm+qhVh3Q7pocYJeL4wo0tGryPWdyv6Q i4lgE63AhD3c+yhLo+x/jWY7B9rvQfoPzeVvWcjDzIeWZyqUIcSHvintG7CIZ7QK vHD3z8fFzxCm3fkFsd/oqCmzjwnqQFTu0kawGu0vibD4osyGYqfrnkasOVd46uYf kW9J6kbf4MlgiBsNOEIRTFf/PwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFG+pUqQT gaTR81qurV87xlDbqxRTMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMjI5NEM1OTYx NkVFMTFGMDlFOTA2RTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMCYEAgABMCADBAAr/NEDBABn4cQDBABn6jYwDAMEAJZrAQMEAJZrAjANBgkq hkiG9w0BAQsFAAOCAQEAOfSLzxKWWg2R84affAG2xgqIDipsBovWpUeJLb7dd5dc S0Nkci+7mGXoIRNER7nBzJ9HTmwSPZXOdPKJK9clox7Qcjou1Azqv2wW57lnrPrh 7IkTGNtK6Re/O+/wLsIZwPDxsPRTi2RdCvJiT4dM55WVAZ/l1bNaTP2U9X0y3xvQ +SaN109YyaQaD5PEjtc2OyaU+cawXoawQ7Q3WcKUD8vxc3FPKPevsXHxSXmmWzk7 FF8tWUl+v3m5dBJY9pWiwI60MemqOL4JjgpwI3Gv3hO1tz3q2ayqw1orsLNcaWbo S5VsjPm3UJTeyqEZkVp1L68niP7v9hp3vM4kk5ZjUQ== -----END CERTIFICATE-----Generated at Sat Apr 26 17:06:43 2025 by rpki-client