$ rpki-client -vvf rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/0F2AF0F0AFDA11EAAED1C066C4F9AE02.roa File: 0F2AF0F0AFDA11EAAED1C066C4F9AE02.roa (raw, json) Hash identifier: FZkT4Kxe1dq9738R7EN3qc8IS8Q1dJKnESpThw2bzlo= Subject key identifier: 4E:63:16:7E:D0:BE:1B:59:B5:62:39:3D:B8:B6:FB:28:E7:61:73:16 Certificate issuer: /CN=A9123E38/serialNumber=D54BF399BE1B659B132314B821933A20BA38B96A Certificate serial: 16C1 Authority key identifier: D5:4B:F3:99:BE:1B:65:9B:13:23:14:B8:21:93:3A:20:BA:38:B9:6A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/0F2AF0F0AFDA11EAAED1C066C4F9AE02.roa Signing time: Wed 30 Apr 2025 16:55:38 +0000 ROA not before: Wed 30 Apr 2025 16:55:38 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 132513 IP address blocks: 103.228.252.0/24 maxlen: 24 141.164.101.0/24 maxlen: 24 141.164.102.0/24 maxlen: 24 2400:c180:19::/48 maxlen: 48 2400:c180:20::/48 maxlen: 48 2400:c180:21::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.crl rsync://rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 16:37:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5825 (0x16c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9123E38, serialNumber=D54BF399BE1B659B132314B821933A20BA38B96A Validity Not Before: Apr 30 16:55:38 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6812560a-dbc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b9:43:d3:a8:80:f9:3b:e4:6c:37:fd:fd:e4: f9:e3:5d:68:1b:e1:cf:4e:ba:ed:77:bf:bd:5b:12: 00:e1:d2:03:85:59:8b:15:9e:b7:9f:80:4c:ab:88: a7:92:fd:51:42:12:58:85:45:cb:7b:d2:84:33:11: ec:1a:75:e9:83:4d:f2:92:df:4f:7f:3b:00:06:20: 1b:57:9e:20:7d:c5:9b:8e:8a:71:a7:4a:46:33:1b: 33:9e:91:70:3e:5f:5c:05:8d:c0:d6:f2:c7:00:da: 28:e9:54:ad:2b:12:26:5f:4a:ae:20:79:18:0e:8a: 2c:38:b9:68:1c:7b:93:0a:f3:fe:30:39:bb:75:b4: 3a:0d:1c:a6:d6:50:79:7a:95:c2:d8:5e:4a:42:b3: bf:45:e3:4a:62:62:f5:df:57:02:e7:83:8a:54:b6: 83:90:a9:42:f4:eb:0b:36:47:58:31:0d:33:6d:2e: 8a:0b:49:4a:22:b0:99:fb:8f:e3:80:ef:0b:a2:14: 26:04:f9:80:e4:db:82:d7:51:6c:cc:45:b7:e9:56: b7:73:b8:a9:f9:71:78:82:d0:df:36:2d:67:f1:1a: 29:20:79:0d:95:71:1f:5a:85:1f:62:f2:70:ce:ea: 68:6f:14:d8:69:e9:9a:81:7f:72:d5:25:8a:2e:de: c8:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:63:16:7E:D0:BE:1B:59:B5:62:39:3D:B8:B6:FB:28:E7:61:73:16 X509v3 Authority Key Identifier: keyid:D5:4B:F3:99:BE:1B:65:9B:13:23:14:B8:21:93:3A:20:BA:38:B9:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/0F2AF0F0AFDA11EAAED1C066C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.228.252.0/24 141.164.101.0-141.164.102.255 IPv6: 2400:c180:19::/48 2400:c180:20::/47 Signature Algorithm: sha256WithRSAEncryption 6e:84:32:3b:d6:1f:d7:b2:c7:96:0c:00:90:42:28:2f:67:3f: 70:9a:e7:50:3e:55:9b:5a:fd:72:9b:22:a7:7b:12:db:71:8e: 2c:dc:4b:78:74:c2:49:4e:6c:53:2d:fb:0d:0a:36:1f:a4:5e: e2:73:57:71:4b:19:78:8e:5b:04:da:c3:9d:88:82:78:5f:91: 23:5c:66:c5:e2:24:1c:dd:31:35:d8:b5:ac:98:a8:0a:00:71: 49:18:7a:ba:cd:67:c6:21:ad:17:29:2e:3e:94:9a:81:17:1a: e6:09:0d:26:b9:80:17:c1:b0:1c:e9:e5:f6:8d:eb:0f:0b:d6: 96:9a:e5:7d:41:a1:24:87:f6:33:5d:20:f1:b8:37:34:57:38: 21:14:62:aa:92:43:4b:c3:a3:79:54:8d:a4:31:64:33:09:1f: 24:ff:cf:8d:82:d4:36:9c:df:c2:15:a5:47:cb:8f:28:8c:de: 57:94:8e:07:34:9b:21:47:c6:c4:a4:ff:65:57:96:f0:5e:55: ff:76:ab:d0:30:60:a5:dc:ab:27:c0:42:38:6a:39:d9:a8:54: f3:38:4d:0c:c8:f5:95:77:13:5f:74:d6:03:bf:e3:ef:87:6e: cc:e6:f1:55:ef:cc:ae:77:f1:3c:91:22:df:7d:9e:65:37:5c: 4c:ae:3a:dc -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICFsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjNFMzgxMTAvBgNVBAUTKEQ1NEJGMzk5QkUxQjY1OUIxMzIzMTRCODIxOTMzQTIw QkEzOEI5NkEwHhcNMjUwNDMwMTY1NTM4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODEyNTYwYS1kYmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArrlD06iA+TvkbDf9/eT5411oG+HPTrrtd7+9WxIA4dIDhVmLFZ63n4BMq4in kv1RQhJYhUXLe9KEMxHsGnXpg03ykt9PfzsABiAbV54gfcWbjopxp0pGMxsznpFw Pl9cBY3A1vLHANoo6VStKxImX0quIHkYDoosOLloHHuTCvP+MDm7dbQ6DRym1lB5 epXC2F5KQrO/ReNKYmL131cC54OKVLaDkKlC9OsLNkdYMQ0zbS6KC0lKIrCZ+4/j gO8LohQmBPmA5NuC11FszEW36Va3c7ip+XF4gtDfNi1n8RopIHkNlXEfWoUfYvJw zupobxTYaemagX9y1SWKLt7I0wIDAQABo4ICvTCCArkwHQYDVR0OBBYEFE5jFn7Q vhtZtWI5Pbi2+yjnYXMWMB8GA1UdIwQYMBaAFNVL85m+G2WbEyMUuCGTOiC6OLlq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0UzOC9BMTA4N0QzNjAw RUExMUU4QkM5M0IxNkJDNEY5QUUwMi8xVXZ6bWI0Ylpac1RJeFM0SVpNNklMbzR1 V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFVdnptYjRiWlpzVEl4UzRJWk02SUxvNHVXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjNFMzgvQTEwODdEMzYwMEVBMTFFOEJDOTNCMTZCQzRGOUFFMDIvMEYyQUYwRjBB RkRBMTFFQUFFRDFDMDY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MBoEAgABMBQDBABn5PwwDAMEAI2kZQMEAI2kZjAYBAIAAjASAwcAJADBgAAZ AwcBJADBgAAgMA0GCSqGSIb3DQEBCwUAA4IBAQBuhDI71h/XsseWDACQQigvZz9w mudQPlWbWv1ymyKnexLbcY4s3Et4dMJJTmxTLfsNCjYfpF7ic1dxSxl4jlsE2sOd iIJ4X5EjXGbF4iQc3TE12LWsmKgKAHFJGHq6zWfGIa0XKS4+lJqBFxrmCQ0muYAX wbAc6eX2jesPC9aWmuV9QaEkh/YzXSDxuDc0VzghFGKqkkNLw6N5VI2kMWQzCR8k /8+NgtQ2nN/CFaVHy48ojN5XlI4HNJshR8bEpP9lV5bwXlX/dqvQMGCl3KsnwEI4 ajnZqFTzOE0MyPWVdxNfdNYDv+Pvh27M5vFV78yud/E8kSLffZ5lN1xMrjrc -----END CERTIFICATE-----Generated at Mon May 5 22:26:51 2025 by rpki-client