$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa File: 2A3B0CECF89E11EFBEB09C18C4F9AE02.roa (raw, json) Hash identifier: WvwQUH+4dWCkhf9AYHECGHhhbwO1gaxV2Z7Th1HDWV0= Subject key identifier: 23:0F:20:F1:D8:EB:B4:95:7B:EB:7B:1C:89:A1:A5:4B:EC:C1:FC:51 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 07BA Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa Signing time: Fri 11 Apr 2025 16:45:15 +0000 ROA not before: Fri 11 Apr 2025 16:45:15 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 62610 IP address blocks: 36.255.195.0/24 maxlen: 24 43.252.210.0/24 maxlen: 24 103.225.197.0/24 maxlen: 24 103.225.198.0/24 maxlen: 24 150.107.0.0/24 maxlen: 24 150.107.3.0/24 maxlen: 24 150.129.40.0/24 maxlen: 24 150.129.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:03:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1978 (0x7ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Apr 11 16:45:15 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67f9471b-bde7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:6d:53:20:0d:c7:88:97:ca:73:dd:6c:28:0e: 4f:13:95:73:9f:fb:39:bd:18:37:be:eb:c7:63:bb: a2:1f:f2:7a:e6:65:7d:08:a4:a2:cf:78:aa:ed:8a: 73:cd:7d:28:06:50:c2:2d:c6:7b:44:5d:06:cd:ae: 5e:9e:1d:7f:57:9b:15:c7:6b:a3:38:c2:48:a1:1f: 7a:46:26:c0:8c:1b:e8:87:41:32:d5:04:aa:2f:ee: 73:56:7b:5f:92:36:99:6d:5f:72:f7:5f:99:36:9a: 31:6d:7f:6a:4d:34:dd:f1:6b:dc:87:9c:8d:9a:30: c3:f6:a5:a8:74:1d:29:8c:f5:67:a9:ee:06:20:bd: f2:26:8d:06:ba:3a:44:14:81:9d:a7:79:a5:31:61: e2:e6:d5:d3:60:fd:5f:d3:3f:30:7c:68:25:d6:4e: ae:5a:15:72:c4:6a:8c:13:a1:e1:55:47:56:ec:f4: 89:a8:2d:96:44:2e:d5:6d:17:94:46:ed:a8:ad:4e: eb:8d:16:c7:cc:aa:fd:a8:b0:a4:61:0e:60:f2:1a: 12:da:f9:c9:47:cc:08:fc:98:fe:a2:d3:58:31:a8: 79:c1:0c:dd:ca:f3:65:69:f9:9d:01:8b:3b:b2:0e: 89:2e:72:96:6f:25:6e:71:49:c1:7c:07:46:28:9b: 97:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:0F:20:F1:D8:EB:B4:95:7B:EB:7B:1C:89:A1:A5:4B:EC:C1:FC:51 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2A3B0CECF89E11EFBEB09C18C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.255.195.0/24 43.252.210.0/24 103.225.197.0-103.225.198.255 150.107.0.0/24 150.107.3.0/24 150.129.40.0/24 150.129.42.0/24 Signature Algorithm: sha256WithRSAEncryption 98:df:d2:14:cb:f9:e4:54:88:f2:55:78:2e:23:9b:19:e8:0c: 59:ce:f6:de:21:99:2f:1a:00:2e:a3:72:32:45:bf:93:8a:4e: 3d:71:d4:8a:fe:43:da:98:48:61:63:57:34:1f:21:52:54:9b: e7:ed:05:54:d3:a7:78:8f:5f:43:20:48:62:df:37:34:9a:61: d3:0d:b3:9f:f6:c8:70:9c:93:e4:5b:9d:d6:f6:fa:de:de:f8: 01:87:0c:06:fd:df:95:04:74:54:8b:f6:97:c4:83:59:fa:fe: f0:a7:fe:62:4d:99:37:3b:04:8e:a8:6d:89:94:d4:07:0b:67: 09:85:c5:f9:fb:b2:9c:c5:17:00:1d:0b:29:fc:1a:2c:8b:58: 02:13:1c:ee:8b:d8:53:bf:56:33:75:a3:91:04:b8:bb:7c:bd: f1:41:09:32:30:c8:26:45:4d:55:e0:28:26:86:ff:ec:a5:b7: 03:db:5f:83:60:52:91:bb:07:e6:fc:48:b9:d5:ac:8a:68:24: ef:a9:34:30:3c:8a:5a:8e:b6:53:e7:79:73:83:60:ee:5f:3c: 48:27:c4:32:d8:de:f9:da:32:4a:5f:90:0e:76:d7:12:2a:a4: cc:5a:b6:e4:a2:ad:0a:ee:02:de:97:6a:24:c9:d2:43:99:ca: 20:ea:30:39 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICB7owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUwNDExMTY0NTE1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y5NDcxYi1iZGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx21TIA3HiJfKc91sKA5PE5Vzn/s5vRg3vuvHY7uiH/J65mV9CKSiz3iq7Ypz zX0oBlDCLcZ7RF0Gza5enh1/V5sVx2ujOMJIoR96RibAjBvoh0Ey1QSqL+5zVntf kjaZbV9y91+ZNpoxbX9qTTTd8Wvch5yNmjDD9qWodB0pjPVnqe4GIL3yJo0GujpE FIGdp3mlMWHi5tXTYP1f0z8wfGgl1k6uWhVyxGqME6HhVUdW7PSJqC2WRC7VbReU Ru2orU7rjRbHzKr9qLCkYQ5g8hoS2vnJR8wI/Jj+otNYMah5wQzdyvNlafmdAYs7 sg6JLnKWbyVucUnBfAdGKJuXowIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFCMPIPHY 67SVe+t7HImhpUvswfxRMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMkEzQjBDRUNG ODlFMTFFRkJFQjA5QzE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MDgEAgABMDIDBAAk/8MDBAAr/NIwDAMEAGfhxQMEAGfhxgMEAJZrAAMEAJZr AwMEAJaBKAMEAJaBKjANBgkqhkiG9w0BAQsFAAOCAQEAmN/SFMv55FSI8lV4LiOb GegMWc723iGZLxoALqNyMkW/k4pOPXHUiv5D2phIYWNXNB8hUlSb5+0FVNOneI9f QyBIYt83NJph0w2zn/bIcJyT5Fud1vb63t74AYcMBv3flQR0VIv2l8SDWfr+8Kf+ Yk2ZNzsEjqhtiZTUBwtnCYXF+fuynMUXAB0LKfwaLItYAhMc7ovYU79WM3WjkQS4 u3y98UEJMjDIJkVNVeAoJob/7KW3A9tfg2BSkbsH5vxIudWsimgk76k0MDyKWo62 U+d5c4Ng7l88SCfEMtje+doySl+QDnbXEiqkzFq25KKtCu4C3pdqJMnSQ5nKIOow OQ== -----END CERTIFICATE-----Generated at Sat Apr 26 17:13:13 2025 by rpki-client