$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C3DCE420F7F11F0B174675DC4F9AE02.roa File: 2C3DCE420F7F11F0B174675DC4F9AE02.roa (raw, json) Hash identifier: JtKKxCXridSwy6SJ7Mx9WW/156HamhanSTK24tMN9c0= Subject key identifier: 79:9A:CE:AD:54:A2:58:1D:92:54:D4:9D:DB:A3:70:5B:F7:94:E8:57 Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Certificate serial: 076B Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C3DCE420F7F11F0B174675DC4F9AE02.roa Signing time: Wed 02 Apr 2025 06:08:37 +0000 ROA not before: Wed 02 Apr 2025 06:08:37 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 150706 IP address blocks: 103.20.220.0/23 maxlen: 23 103.20.220.0/24 maxlen: 24 103.20.221.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:03:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1899 (0x76b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934 Validity Not Before: Apr 2 06:08:37 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67ecd464-d96a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:7d:ef:f0:f9:d7:ad:8a:43:94:f6:2f:4e:5e: 02:30:8e:d6:ad:a2:c2:36:f4:02:0d:0e:6a:bf:1e: e3:e4:20:45:b2:d2:48:5d:32:db:26:d5:a4:e6:50: 9e:ff:f1:ee:38:62:54:90:31:61:76:25:b0:bd:1d: b6:67:f8:a6:c3:93:ad:20:94:d0:1a:68:6c:59:8d: e4:d6:ba:2b:1e:78:aa:d3:4c:1a:61:49:ab:d9:77: d0:90:b7:d3:27:b5:92:b9:0e:96:fc:09:91:16:cb: a1:f4:a8:90:33:67:c1:63:1d:9b:35:24:91:45:ef: ab:d5:f4:11:c5:3f:42:7d:68:4d:cf:84:b0:6c:bb: db:6f:f5:1f:a6:34:96:91:41:2a:fd:c6:90:29:ce: 9d:3c:7d:ae:dd:12:5c:eb:23:61:57:60:d8:5c:b7: f1:7f:bb:1f:ce:75:16:52:fe:43:0d:07:81:d4:69: 76:8c:39:2f:19:ce:78:59:ae:00:ab:c3:34:01:4b: ef:08:80:de:6e:54:d2:45:7d:5a:f0:99:70:71:45: 1b:15:56:bc:14:4b:94:0e:e6:ab:8a:eb:96:98:f1: 64:b3:37:da:e5:ae:b3:2f:b1:d8:4f:8f:a4:b3:90: e8:e7:12:a5:7d:c3:d8:28:84:ef:c4:64:81:35:52: 9b:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:9A:CE:AD:54:A2:58:1D:92:54:D4:9D:DB:A3:70:5B:F7:94:E8:57 X509v3 Authority Key Identifier: keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/2C3DCE420F7F11F0B174675DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.20.220.0/23 Signature Algorithm: sha256WithRSAEncryption 0b:69:ed:6c:3d:df:b5:45:e6:97:0f:9e:41:2d:8d:f6:86:84: 2c:8a:c3:d1:be:de:da:e0:0b:5c:f0:70:38:66:a7:a3:ad:a0: 2f:94:a7:0f:e6:7e:81:97:de:f7:cd:f2:f2:5e:08:9f:5d:6d: cb:23:9f:cd:d4:ec:16:3e:09:13:25:7b:e1:df:6c:a2:ca:c8: 2d:3c:0e:8d:36:59:3c:f4:3e:71:a1:2d:3c:7b:74:9a:2f:b0: 38:26:14:34:4f:5d:32:79:f2:a4:6a:f7:9b:bb:6b:f7:72:8a: ac:c6:31:15:7a:8c:b2:1f:f0:59:2c:9e:f1:6b:3a:ea:b5:46: 57:bc:9a:c5:59:c3:e6:f7:3c:25:d3:fa:a4:92:31:fc:89:37: fa:b3:b8:4a:03:55:ba:36:fe:1c:9b:29:64:54:d3:78:aa:db: 76:11:a4:f7:81:7c:0e:b9:0f:0a:7f:6e:30:b7:ac:37:69:dd: f9:e9:36:f0:71:a7:4f:61:57:af:ce:80:5c:9f:0f:f6:cd:7b: e3:5f:a0:2a:6e:3d:c2:c4:2a:c2:1d:4c:7a:d3:c2:13:5e:a3: 01:f5:53:5d:01:44:3f:4f:51:6e:e7:c7:da:ee:73:b0:76:eb: 78:1d:80:36:d1:c3:2d:ea:39:66:13:25:ae:be:46:6e:0f:2d: 0c:bd:b5:59 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICB2swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3 RDgwQjA5MzQwHhcNMjUwNDAyMDYwODM3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2VjZDQ2NC1kOTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3X3v8PnXrYpDlPYvTl4CMI7WraLCNvQCDQ5qvx7j5CBFstJIXTLbJtWk5lCe //HuOGJUkDFhdiWwvR22Z/imw5OtIJTQGmhsWY3k1rorHniq00waYUmr2XfQkLfT J7WSuQ6W/AmRFsuh9KiQM2fBYx2bNSSRRe+r1fQRxT9CfWhNz4SwbLvbb/UfpjSW kUEq/caQKc6dPH2u3RJc6yNhV2DYXLfxf7sfznUWUv5DDQeB1Gl2jDkvGc54Wa4A q8M0AUvvCIDeblTSRX1a8JlwcUUbFVa8FEuUDuariuuWmPFkszfa5a6zL7HYT4+k s5Do5xKlfcPYKITvxGSBNVKbsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHmazq1U olgdklTUndujcFv3lOhXMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMkMzRENFNDIw RjdGMTFGMEIxNzQ2NzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnFNwwDQYJKoZIhvcNAQELBQADggEBAAtp7Ww937VF5pcP nkEtjfaGhCyKw9G+3trgC1zwcDhmp6OtoC+Upw/mfoGX3vfN8vJeCJ9dbcsjn83U 7BY+CRMle+HfbKLKyC08Do02WTz0PnGhLTx7dJovsDgmFDRPXTJ58qRq95u7a/dy iqzGMRV6jLIf8FksnvFrOuq1Rle8msVZw+b3PCXT+qSSMfyJN/qzuEoDVbo2/hyb KWRU03iq23YRpPeBfA65Dwp/bjC3rDdp3fnpNvBxp09hV6/OgFyfD/bNe+NfoCpu PcLEKsIdTHrTwhNeowH1U10BRD9PUW7nx9ruc7B263gdgDbRwy3qOWYTJa6+Rm4P LQy9tVk= -----END CERTIFICATE-----Generated at Sat Apr 26 15:19:16 2025 by rpki-client