$ rpki-client -vvf rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/EDB1F68E3C8811EC889B9D78C4F9AE02.roa File: EDB1F68E3C8811EC889B9D78C4F9AE02.roa (raw, json) Hash identifier: 8OgnHoASF/UsFAo8WcuH4tg18eHyDNchCEmDTI3RcYo= Subject key identifier: 1E:D5:48:E0:48:B1:90:AC:8B:BA:52:4B:8C:0D:A5:1D:70:3A:CA:F0 Certificate issuer: /CN=A9120AC1/serialNumber=8F2BD4C12636F0059B408D0716AF32C8F54069A5 Certificate serial: 0481 Authority key identifier: 8F:2B:D4:C1:26:36:F0:05:9B:40:8D:07:16:AF:32:C8:F5:40:69:A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jyvUwSY28AWbQI0HFq8yyPVAaaU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/EDB1F68E3C8811EC889B9D78C4F9AE02.roa Signing time: Tue 04 Feb 2025 23:42:54 +0000 ROA not before: Tue 04 Feb 2025 23:42:54 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 45753 IP address blocks: 43.225.196.0/22 maxlen: 22 43.225.196.0/24 maxlen: 24 43.225.197.0/24 maxlen: 24 43.225.198.0/24 maxlen: 24 43.225.199.0/24 maxlen: 24 103.44.160.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/jyvUwSY28AWbQI0HFq8yyPVAaaU.crl rsync://rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/jyvUwSY28AWbQI0HFq8yyPVAaaU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jyvUwSY28AWbQI0HFq8yyPVAaaU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:44:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1153 (0x481) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120AC1, serialNumber=8F2BD4C12636F0059B408D0716AF32C8F54069A5 Validity Not Before: Feb 4 23:42:54 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67a2a5fe-b6a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b5:cf:ae:a0:e6:18:9d:fb:c3:54:6e:db:a4: 92:01:9c:a3:ac:96:4c:af:40:5e:15:f3:71:d8:9c: f6:73:54:5a:3b:bb:cf:18:3c:91:bf:fe:4c:77:21: 95:aa:2a:eb:21:c8:fe:a6:f8:75:e1:5b:c1:02:86: ae:b0:10:5a:6a:a3:93:13:61:f5:08:4a:b7:62:09: b6:f6:fe:d3:bb:e2:4b:ab:9b:30:9b:56:67:1b:0d: 66:55:ab:10:76:47:c3:0c:6c:fb:df:79:40:33:86: bc:60:87:55:b9:01:73:55:32:4f:11:e0:90:02:96: f9:02:c3:22:cf:f5:c4:fb:4e:04:1c:89:4d:db:4d: f6:f7:e6:f9:0b:2d:3c:ca:ca:54:82:63:2f:e7:25: c8:b4:2e:4a:2a:40:b1:57:d8:02:dd:65:e3:8d:45: d2:33:1c:f9:c7:21:6c:55:bd:79:69:a1:f1:11:8b: b6:1f:3a:ca:47:ee:95:23:c0:89:ff:f4:a4:cb:c8: 39:11:a3:96:1d:f7:3e:37:e0:46:ac:85:85:66:ed: c2:8d:3e:c7:66:5c:4b:48:3b:57:d9:7f:7f:b9:b5: b4:fc:6a:73:5d:3a:f5:57:76:ce:5d:93:4b:68:ae: ba:3b:ab:82:7e:e6:58:dc:bb:1c:c9:83:32:c8:76: 66:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:D5:48:E0:48:B1:90:AC:8B:BA:52:4B:8C:0D:A5:1D:70:3A:CA:F0 X509v3 Authority Key Identifier: keyid:8F:2B:D4:C1:26:36:F0:05:9B:40:8D:07:16:AF:32:C8:F5:40:69:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/jyvUwSY28AWbQI0HFq8yyPVAaaU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jyvUwSY28AWbQI0HFq8yyPVAaaU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120AC1/48017D38309711ECB285A64BC4F9AE02/EDB1F68E3C8811EC889B9D78C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.196.0/22 103.44.160.0/22 Signature Algorithm: sha256WithRSAEncryption 1e:c8:45:3f:0d:f4:75:a9:aa:ee:65:fe:eb:83:18:84:49:39: ed:10:58:21:4f:ac:4f:e8:12:32:30:50:3c:59:85:78:b7:30: 44:ba:c6:cd:4d:f7:37:b9:e2:04:ef:19:e3:52:99:6f:4c:38: 44:95:36:03:11:0c:58:e5:9f:cd:e7:21:9f:18:f6:dd:de:b0: 42:e1:d1:cb:12:57:c9:fb:55:3d:54:6d:c3:b4:a9:6d:b2:50: 51:d4:4a:a1:9c:a0:c4:99:7e:49:68:87:52:c1:bd:41:c7:2c: f2:81:09:85:ce:2f:fc:e7:9d:a9:d1:a8:83:90:9b:77:f0:fe: 52:1e:d5:e9:26:08:10:1d:6b:9e:30:22:e0:74:c5:9a:09:1d: 39:7c:82:fb:84:d9:43:70:2d:bb:0b:4f:b6:50:43:41:b0:f6: 63:09:1d:01:1a:e9:e9:03:34:f9:c1:d1:df:f5:39:14:11:54: 13:06:a7:90:49:c6:a7:ba:e0:25:80:66:c5:0a:40:e7:2d:cb: 0c:ac:3a:62:4e:cb:eb:17:f9:10:56:d7:f0:db:8e:74:0f:de: 1a:07:01:04:c6:35:b2:48:29:67:80:79:2d:c1:9f:4f:c0:ca: fb:e1:64:93:fd:c3:a0:b2:fd:0e:1e:72:5d:fc:98:fa:62:8d: c7:0a:96:ec -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBQzExMTAvBgNVBAUTKDhGMkJENEMxMjYzNkYwMDU5QjQwOEQwNzE2QUYzMkM4 RjU0MDY5QTUwHhcNMjUwMjA0MjM0MjU0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2EyYTVmZS1iNmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy7XPrqDmGJ37w1Ru26SSAZyjrJZMr0BeFfNx2Jz2c1RaO7vPGDyRv/5MdyGV qirrIcj+pvh14VvBAoausBBaaqOTE2H1CEq3Ygm29v7Tu+JLq5swm1ZnGw1mVasQ dkfDDGz733lAM4a8YIdVuQFzVTJPEeCQApb5AsMiz/XE+04EHIlN20329+b5Cy08 yspUgmMv5yXItC5KKkCxV9gC3WXjjUXSMxz5xyFsVb15aaHxEYu2HzrKR+6VI8CJ //Sky8g5EaOWHfc+N+BGrIWFZu3CjT7HZlxLSDtX2X9/ubW0/GpzXTr1V3bOXZNL aK66O6uCfuZY3LscyYMyyHZmMwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFB7VSOBI sZCsi7pSS4wNpR1wOsrwMB8GA1UdIwQYMBaAFI8r1MEmNvAFm0CNBxavMsj1QGml MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEFDMS80ODAxN0QzODMw OTcxMUVDQjI4NUE2NEJDNEY5QUUwMi9qeXZVd1NZMjhBV2JRSTBIRnE4eXlQVkFh YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2p5dlV3U1kyOEFXYlFJMEhGcTh5eVBWQWFhVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjBBQzEvNDgwMTdEMzgzMDk3MTFFQ0IyODVBNjRCQzRGOUFFMDIvRURCMUY2OEUz Qzg4MTFFQzg4OUI5RDc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr4cQDBAJnLKAwDQYJKoZIhvcNAQELBQADggEBAB7IRT8N 9HWpqu5l/uuDGIRJOe0QWCFPrE/oEjIwUDxZhXi3MES6xs1N9ze54gTvGeNSmW9M OESVNgMRDFjln83nIZ8Y9t3esELh0csSV8n7VT1UbcO0qW2yUFHUSqGcoMSZfklo h1LBvUHHLPKBCYXOL/znnanRqIOQm3fw/lIe1ekmCBAda54wIuB0xZoJHTl8gvuE 2UNwLbsLT7ZQQ0Gw9mMJHQEa6ekDNPnB0d/1ORQRVBMGp5BJxqe64CWAZsUKQOct ywysOmJOy+sX+RBW1/DbjnQP3hoHAQTGNbJIKWeAeS3Bn0/AyvvhZJP9w6Cy/Q4e cl38mPpijccKluw= -----END CERTIFICATE-----Generated at Sat Apr 26 17:07:00 2025 by rpki-client