$ rpki-client -vvf rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/33E27678B25C11EF8946BE4FC4F9AE02.roa File: 33E27678B25C11EF8946BE4FC4F9AE02.roa (raw, json) Hash identifier: whsP0rGTkG8RSV2Qy8jBlFrFbh7vJj6CFR5fP6gvCmU= Subject key identifier: 64:92:6D:73:83:47:15:B2:95:19:56:6E:10:B3:B6:EE:E9:32:BA:42 Certificate issuer: /CN=A913F721/serialNumber=1DD717B229936190CEB667C7CE1CA9F9BFB5FAC4 Certificate serial: 0ABF Authority key identifier: 1D:D7:17:B2:29:93:61:90:CE:B6:67:C7:CE:1C:A9:F9:BF:B5:FA:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/33E27678B25C11EF8946BE4FC4F9AE02.roa Signing time: Thu 26 Dec 2024 11:52:54 +0000 ROA not before: Thu 26 Dec 2024 11:52:54 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 137703 IP address blocks: 103.113.192.0/22 maxlen: 24 2404:5e40::/48 maxlen: 48 2404:5e40:1::/48 maxlen: 48 2404:5e40:2::/48 maxlen: 48 2404:5e40:3::/48 maxlen: 48 2404:5e40:4::/48 maxlen: 48 2404:5e40:5::/48 maxlen: 48 2404:5e40:6::/48 maxlen: 48 2404:5e40:7::/48 maxlen: 48 2404:5e40:8::/48 maxlen: 48 2404:5e40:9::/48 maxlen: 48 2404:5e40:a::/48 maxlen: 48 2404:5e40:b::/48 maxlen: 48 2404:5e40:c::/48 maxlen: 48 2404:5e40:d::/48 maxlen: 48 2404:5e40:e::/48 maxlen: 48 2404:5e40:f::/48 maxlen: 48 2404:5e40:8000::/48 maxlen: 48 2404:5e40:8001::/48 maxlen: 48 2404:5e40:8002::/48 maxlen: 48 2404:5e40:8003::/48 maxlen: 48 2404:5e40:8004::/48 maxlen: 48 2404:5e40:8005::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2751 (0xabf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913F721, serialNumber=1DD717B229936190CEB667C7CE1CA9F9BFB5FAC4 Validity Not Before: Dec 26 11:52:54 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=676d4396-56fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:50:66:4f:78:9a:a7:ba:76:97:e6:21:5a:1a: d8:66:a3:97:86:a4:0a:5b:46:51:78:61:b0:8d:f7: 82:fc:71:f6:e1:b8:4c:9a:a0:c3:66:71:cb:76:59: b3:a1:56:98:e5:46:f9:4e:2e:38:05:c6:a8:13:7e: f4:fb:ec:3f:0a:3a:cb:4e:fc:02:1e:54:da:8c:af: ca:e1:56:f8:33:b8:db:1e:2e:e5:8e:f7:ad:ca:f8: b0:ac:6c:7a:b9:6f:26:08:eb:4d:b7:7e:1f:0c:2b: 3c:f3:c2:fe:fa:06:5c:69:54:8c:f4:5e:29:3b:14: e3:21:00:76:42:5c:ec:fb:e9:bb:33:a1:26:25:69: 27:6a:3c:e9:27:d9:b2:e6:4a:14:69:88:5c:d2:e4: d6:b9:b5:80:ca:31:74:dd:aa:4b:98:02:76:92:e4: 0d:35:da:36:98:c9:b9:e9:15:81:f2:80:b2:5d:57: a9:a7:e4:d6:10:c5:bd:fd:45:e4:57:c7:d6:90:e6: 6f:d0:d9:ab:0a:8f:06:20:00:f9:4c:e0:91:73:38: 82:f2:c3:30:8e:ec:fb:33:57:21:7d:3b:69:da:a7: 51:2d:ca:5e:dd:f8:c0:e2:e3:a3:02:8c:49:f6:e2: 28:e1:3d:3a:f9:92:dc:af:f8:de:83:99:bf:00:96: d9:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:92:6D:73:83:47:15:B2:95:19:56:6E:10:B3:B6:EE:E9:32:BA:42 X509v3 Authority Key Identifier: keyid:1D:D7:17:B2:29:93:61:90:CE:B6:67:C7:CE:1C:A9:F9:BF:B5:FA:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/HdcXsimTYZDOtmfHzhyp-b-1-sQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdcXsimTYZDOtmfHzhyp-b-1-sQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F721/6442437A53AC11EA9AD54B2FC4F9AE02/33E27678B25C11EF8946BE4FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.113.192.0/22 IPv6: 2404:5e40::/44 2404:5e40:8000::-2404:5e40:8005:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 0f:76:6a:20:34:8e:b2:83:80:f4:cf:b6:c3:ca:11:b7:f1:0a: d5:fa:1b:d6:7c:7e:f0:7d:6c:19:04:9c:f3:01:10:22:fd:f9: 34:0d:98:f4:9b:35:82:f7:ff:8a:63:92:dd:95:38:c0:dc:71: ed:7f:e1:59:ff:f6:c8:b5:24:12:28:9b:ae:e2:3f:45:09:24: fd:e4:e8:76:f5:16:3d:32:64:ba:87:39:22:e0:fe:ca:fb:21: 8e:f8:7f:e9:71:ed:ec:49:54:f9:28:29:ea:c1:e5:53:8a:40: e9:f9:7a:1e:cd:99:07:c0:32:79:61:10:e5:ee:14:a8:b1:82: 92:0f:55:0b:20:7d:d3:d9:12:70:a4:a7:82:7a:09:fd:da:07: 12:68:9e:05:be:23:3f:cc:d7:60:e4:f2:ba:b3:da:ce:20:89: 40:36:57:0f:53:74:83:4b:63:cd:e0:55:24:20:72:fc:33:e1: 72:20:5b:3c:5d:2c:e1:88:82:80:05:50:a6:c2:e3:bf:35:39: 9d:0e:3e:40:c9:ac:03:12:74:11:ce:1a:14:37:39:14:d5:45: a5:07:85:2f:af:f8:1c:90:c7:86:46:1d:d4:4c:12:60:42:b8: 8e:b8:68:d9:5f:47:67:75:35:44:bf:36:3b:fb:0f:d8:64:da: 4b:3d:57:0d -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICCr8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0Y3MjExMTAvBgNVBAUTKDFERDcxN0IyMjk5MzYxOTBDRUI2NjdDN0NFMUNBOUY5 QkZCNUZBQzQwHhcNMjQxMjI2MTE1MjU0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzZkNDM5Ni01NmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqVBmT3iap7p2l+YhWhrYZqOXhqQKW0ZReGGwjfeC/HH24bhMmqDDZnHLdlmz oVaY5Ub5Ti44BcaoE370++w/CjrLTvwCHlTajK/K4Vb4M7jbHi7ljvetyviwrGx6 uW8mCOtNt34fDCs888L++gZcaVSM9F4pOxTjIQB2Qlzs++m7M6EmJWknajzpJ9my 5koUaYhc0uTWubWAyjF03apLmAJ2kuQNNdo2mMm56RWB8oCyXVepp+TWEMW9/UXk V8fWkOZv0NmrCo8GIAD5TOCRcziC8sMwjuz7M1chfTtp2qdRLcpe3fjA4uOjAoxJ 9uIo4T06+ZLcr/jeg5m/AJbZfQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFGSSbXOD RxWylRlWbhCztu7pMrpCMB8GA1UdIwQYMBaAFB3XF7Ipk2GQzrZnx84cqfm/tfrE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjcyMS82NDQyNDM3QTUz QUMxMUVBOUFENTRCMkZDNEY5QUUwMi9IZGNYc2ltVFlaRE90bWZIemh5cC1iLTEt c1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hkY1hzaW1UWVpET3RtZkh6aHlwLWItMS1zUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0Y3MjEvNjQ0MjQzN0E1M0FDMTFFQTlBRDU0QjJGQzRGOUFFMDIvMzNFMjc2NzhC MjVDMTFFRjg5NDZCRTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMAwEAgABMAYDBAJnccAwIgQCAAIwHAMHBCQEXkAAADARAwYHJAReQIADBwEk BF5AgAQwDQYJKoZIhvcNAQELBQADggEBAA92aiA0jrKDgPTPtsPKEbfxCtX6G9Z8 fvB9bBkEnPMBECL9+TQNmPSbNYL3/4pjkt2VOMDcce1/4Vn/9si1JBIom67iP0UJ JP3k6Hb1Fj0yZLqHOSLg/sr7IY74f+lx7exJVPkoKerB5VOKQOn5eh7NmQfAMnlh EOXuFKixgpIPVQsgfdPZEnCkp4J6Cf3aBxJongW+Iz/M12Dk8rqz2s4giUA2Vw9T dINLY83gVSQgcvwz4XIgWzxdLOGIgoAFUKbC4781OZ0OPkDJrAMSdBHOGhQ3ORTV RaUHhS+v+ByQx4ZGHdRMEmBCuI64aNlfR2d1NUS/Njv7D9hk2ks9Vw0= -----END CERTIFICATE-----Generated at Sat Apr 26 17:06:32 2025 by rpki-client