$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/8FC6588099D711EFB8A4757AC4F9AE02.roa File: 8FC6588099D711EFB8A4757AC4F9AE02.roa (raw, json) Hash identifier: mTkhvut0IA7Ui5L84PzCm16DVCFntDxfgQs8avD4lEI= Subject key identifier: E1:25:FE:4D:22:CC:5E:B3:4A:8D:CD:3D:17:F4:00:21:4B:99:7D:DF Certificate issuer: /CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4 Certificate serial: 268E Authority key identifier: 9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/8FC6588099D711EFB8A4757AC4F9AE02.roa Signing time: Thu 10 Apr 2025 15:52:57 +0000 ROA not before: Thu 10 Apr 2025 15:52:57 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 64005 IP address blocks: 103.228.200.0/24 maxlen: 24 2001:df4:3800::/48 maxlen: 48 2400:eb80::/32 maxlen: 32 2400:eb80::/48 maxlen: 48 2400:eb80:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/m8dlGsS6v4xEeFNPraYQrNp0a9Q.crl rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/m8dlGsS6v4xEeFNPraYQrNp0a9Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:44:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9870 (0x268e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143DB0, serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4 Validity Not Before: Apr 10 15:52:57 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67f7e958-3b52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:dc:59:56:bc:be:8c:4d:0c:11:93:96:58:6c: d3:0b:f4:ef:3e:32:be:e6:c1:cd:06:78:2d:ea:01: 1d:34:0c:58:46:ea:fa:6e:83:82:8e:9b:e2:77:ed: da:2d:37:21:c7:61:8e:53:bb:e5:f1:5f:91:c3:8f: 23:d3:4a:7b:14:ee:e1:27:a2:37:4d:be:ef:36:eb: 05:a1:91:14:42:90:1a:80:1d:8d:6f:f2:3a:5f:55: b5:5d:18:6f:be:d3:cb:ee:2a:21:50:dd:54:91:dd: 22:b7:58:ea:f1:9d:aa:75:36:56:6f:5d:1e:ed:41: f1:be:30:8c:97:20:af:87:9d:3f:41:4a:4b:ba:6d: 9d:d0:56:d7:35:17:ce:07:9c:ad:3a:dc:89:50:5e: 80:02:24:38:86:00:a8:8b:3f:aa:7e:cc:c8:4f:1c: 0c:ba:93:dc:75:21:01:03:f3:01:63:51:97:90:24: 99:95:09:f5:34:7a:dd:60:6d:af:80:28:6f:4c:eb: 7f:03:3d:2e:0b:02:c5:37:3e:61:6f:2f:72:f5:7c: 6d:c5:be:18:bf:ec:78:74:bc:21:80:d5:bb:45:d9: 91:6e:f1:3a:f8:54:20:d5:6e:e0:16:5a:32:41:09: a4:7e:cc:37:63:3d:cc:4a:7b:35:4e:71:68:48:77: 7d:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:25:FE:4D:22:CC:5E:B3:4A:8D:CD:3D:17:F4:00:21:4B:99:7D:DF X509v3 Authority Key Identifier: keyid:9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/m8dlGsS6v4xEeFNPraYQrNp0a9Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/8FC6588099D711EFB8A4757AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.228.200.0/24 IPv6: 2001:df4:3800::/48 2400:eb80::/32 Signature Algorithm: sha256WithRSAEncryption 99:34:c3:e3:41:fd:09:e1:eb:ca:1b:e8:37:c2:5f:7f:da:12: 5f:45:a3:51:dd:12:9a:cd:5e:f6:1e:00:8c:d5:eb:20:49:16: 2e:3d:ff:9a:5b:26:b2:02:2b:b3:cc:98:b4:0b:54:9b:85:4f: a1:e7:7c:d5:8c:18:ef:fb:de:c2:11:2c:f6:51:27:77:67:e7: 11:8a:08:dc:6b:68:89:12:57:82:c1:33:9e:4f:09:0b:e6:1e: a0:df:b2:80:fe:dd:2d:42:e5:8c:c4:cb:46:a8:39:fc:d1:95: 60:75:9b:0e:04:41:90:65:c9:ea:8d:8d:7b:e7:eb:1c:7a:14: 9c:23:a7:2e:5e:f5:c1:18:ee:2b:a2:1a:64:34:24:51:30:7c: 9a:af:b0:de:fb:45:28:35:4c:80:4f:db:b8:f5:0e:27:87:8e: b2:07:74:e3:4e:ee:c2:8b:4f:0c:ce:ed:0c:d9:3b:8c:d6:c2: da:53:b6:79:2d:a9:e3:ad:77:66:3e:43:04:d3:8b:6b:f1:68: b9:2e:c5:62:51:ce:63:12:5e:ed:ff:a3:87:e6:c7:64:44:c5: a7:95:5a:6c:a7:c5:ec:6e:3d:b2:f5:1a:a0:05:64:34:5b:dd: a6:e3:57:7a:a3:46:76:ec:92:9b:c4:ff:b2:fe:3f:20:30:63: b6:49:38:a8 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICJo4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNEQjAxMTAvBgNVBAUTKDlCQzc2NTFBQzRCQUJGOEM0NDc4NTM0RkFEQTYxMEFD REE3NDZCRDQwHhcNMjUwNDEwMTU1MjU3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y3ZTk1OC0zYjUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAztxZVry+jE0MEZOWWGzTC/TvPjK+5sHNBngt6gEdNAxYRur6boOCjpvid+3a LTchx2GOU7vl8V+Rw48j00p7FO7hJ6I3Tb7vNusFoZEUQpAagB2Nb/I6X1W1XRhv vtPL7iohUN1Ukd0it1jq8Z2qdTZWb10e7UHxvjCMlyCvh50/QUpLum2d0FbXNRfO B5ytOtyJUF6AAiQ4hgCoiz+qfszITxwMupPcdSEBA/MBY1GXkCSZlQn1NHrdYG2v gChvTOt/Az0uCwLFNz5hby9y9Xxtxb4Yv+x4dLwhgNW7RdmRbvE6+FQg1W7gFloy QQmkfsw3Yz3MSns1TnFoSHd9ewIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFOEl/k0i zF6zSo3NPRf0ACFLmX3fMB8GA1UdIwQYMBaAFJvHZRrEur+MRHhTT62mEKzadGvU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RCMC9CODk1QUY3NDA1 MTUxMUU1OEQ0OUFFNDJDNEY5QUUwMi9tOGRsR3NTNnY0eEVlRk5QcmFZUXJOcDBh OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL204ZGxHc1M2djR4RWVGTlByYVlRck5wMGE5US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDNEQjAvQjg5NUFGNzQwNTE1MTFFNThENDlBRTQyQzRGOUFFMDIvOEZDNjU4ODA5 OUQ3MTFFRkI4QTQ3NTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMAwEAgABMAYDBABn5MgwFgQCAAIwEAMHACABDfQ4AAMFACQA64AwDQYJKoZI hvcNAQELBQADggEBAJk0w+NB/Qnh68ob6DfCX3/aEl9Fo1HdEprNXvYeAIzV6yBJ Fi49/5pbJrICK7PMmLQLVJuFT6HnfNWMGO/73sIRLPZRJ3dn5xGKCNxraIkSV4LB M55PCQvmHqDfsoD+3S1C5YzEy0aoOfzRlWB1mw4EQZBlyeqNjXvn6xx6FJwjpy5e 9cEY7iuiGmQ0JFEwfJqvsN77RSg1TIBP27j1DieHjrIHdONO7sKLTwzO7QzZO4zW wtpTtnktqeOtd2Y+QwTTi2vxaLkuxWJRzmMSXu3/o4fmx2RExaeVWmynxexuPbL1 GqAFZDRb3abjV3qjRnbskpvE/7L+PyAwY7ZJOKg= -----END CERTIFICATE-----Generated at Sat Apr 26 14:13:12 2025 by rpki-client