$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa File: 3A58D9F499E611EAB3C00943C4F9AE02.roa (raw, json) Hash identifier: +eSXmzBbgmezGg93b3TG7JXzkYgFkvNOYfX8lsh6cSU= Subject key identifier: 05:4A:7F:11:B3:E4:36:13:9A:2B:65:D2:84:3D:9A:27:DB:8D:92:5D Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Certificate serial: 0951 Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa Signing time: Thu 20 Mar 2025 20:30:38 +0000 ROA not before: Thu 20 Mar 2025 20:30:38 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 134520 IP address blocks: 43.245.220.0/22 maxlen: 22 103.209.100.0/24 maxlen: 24 103.209.101.0/24 maxlen: 24 103.209.102.0/24 maxlen: 24 103.209.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:08:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2385 (0x951) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156342, serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Validity Not Before: Mar 20 20:30:38 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67dc7aee-a237 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:7b:19:c6:f2:89:7f:b8:05:e7:c8:e4:be:53: d8:6d:da:63:55:b6:41:83:50:13:21:0a:23:39:c3: 8b:ad:11:b2:83:f3:1b:cd:d6:21:e3:56:51:51:94: 6b:34:24:77:0d:83:42:a1:77:b1:50:62:fd:be:2c: e7:cc:84:5c:e4:5a:ae:19:2e:fc:dc:3e:48:ee:97: 6c:e0:1e:c8:34:ae:1c:91:8b:45:1f:af:88:9a:de: 4c:1d:c1:38:80:39:53:1c:b0:ab:11:76:41:40:61: d0:f7:f4:58:ce:cd:8b:3f:58:53:c8:dc:bf:b3:57: e9:e7:ad:9e:8a:a3:4a:87:d0:26:6f:cb:60:8c:36: 94:55:be:c9:89:50:95:2d:6a:34:b1:f0:66:66:c2: 9c:07:33:82:b9:fe:b1:df:33:8d:49:ee:ff:7a:b6: e1:d2:e2:e0:a0:f4:47:c8:af:d2:7e:2c:9d:93:70: d9:38:f3:42:67:e9:2a:6a:17:2c:e5:aa:48:72:1e: 05:4f:5f:94:c1:80:94:43:bf:5c:9e:c9:2b:f5:03: c7:fd:a8:ca:47:f0:ff:20:bf:1d:af:43:4a:e1:d5: f0:7a:bb:ab:92:e5:24:ab:2d:fa:81:f0:a0:1b:0d: 3c:79:c0:d7:97:ca:49:25:30:33:9e:8d:92:da:bd: 39:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:4A:7F:11:B3:E4:36:13:9A:2B:65:D2:84:3D:9A:27:DB:8D:92:5D X509v3 Authority Key Identifier: keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.220.0/22 103.209.100.0/22 Signature Algorithm: sha256WithRSAEncryption 05:d5:c2:ef:5a:da:2a:e8:9c:03:02:dc:4a:30:65:62:47:b6: 93:23:90:ac:af:eb:45:c5:e8:0e:dc:7a:4f:3a:ed:f3:31:5c: 70:8f:01:6b:85:61:12:56:a4:13:28:5e:b9:21:cb:c7:c6:24: 7b:31:10:70:0c:55:fb:c3:6a:86:d0:39:d6:f9:1f:93:8d:ac: 03:c5:76:99:d7:f4:54:05:d3:54:da:aa:8e:30:e0:bb:e1:84: 9e:f6:c3:74:5d:9b:b2:0f:e1:6c:17:c1:3e:fe:14:c7:80:dd: b9:51:27:f3:70:c0:1e:2a:b3:86:58:8a:53:bd:2b:76:db:e3: c8:88:f1:9e:e7:d3:64:86:27:ac:bf:35:fd:89:49:54:c8:28: e9:6b:b2:e7:b7:d2:5f:61:3c:b1:23:fa:52:92:51:55:d9:f1: 14:94:1c:43:3d:d0:c7:e3:75:6b:72:8c:d7:0c:fd:e7:f8:6f: 4c:19:ae:5b:15:80:69:c0:a7:24:14:04:1d:88:5b:25:83:17: ed:8e:98:91:e6:9f:fb:27:07:9a:f7:72:be:bd:c6:14:50:e3: bf:db:b8:80:a7:72:1c:94:43:64:f4:74:f1:5b:36:5d:4d:a1: 36:28:01:41:4a:68:16:97:0b:fa:1b:bb:c5:bb:d8:e4:ee:48: ed:04:a4:2a -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD Q0I2RThFMzcwHhcNMjUwMzIwMjAzMDM4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2RjN2FlZS1hMjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt3sZxvKJf7gF58jkvlPYbdpjVbZBg1ATIQojOcOLrRGyg/MbzdYh41ZRUZRr NCR3DYNCoXexUGL9viznzIRc5FquGS783D5I7pds4B7INK4ckYtFH6+Imt5MHcE4 gDlTHLCrEXZBQGHQ9/RYzs2LP1hTyNy/s1fp562eiqNKh9Amb8tgjDaUVb7JiVCV LWo0sfBmZsKcBzOCuf6x3zONSe7/erbh0uLgoPRHyK/Sfiydk3DZOPNCZ+kqahcs 5apIch4FT1+UwYCUQ79cnskr9QPH/ajKR/D/IL8dr0NK4dXwerurkuUkqy36gfCg Gw08ecDXl8pJJTAzno2S2r05XwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAVKfxGz 5DYTmitl0oQ9mifbjZJdMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5 RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0E1OEQ5RjQ5 OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr9dwDBAJn0WQwDQYJKoZIhvcNAQELBQADggEBAAXVwu9a 2ironAMC3EowZWJHtpMjkKyv60XF6A7cek867fMxXHCPAWuFYRJWpBMoXrkhy8fG JHsxEHAMVfvDaobQOdb5H5ONrAPFdpnX9FQF01Taqo4w4LvhhJ72w3Rdm7IP4WwX wT7+FMeA3blRJ/NwwB4qs4ZYilO9K3bb48iI8Z7n02SGJ6y/Nf2JSVTIKOlrsue3 0l9hPLEj+lKSUVXZ8RSUHEM90MfjdWtyjNcM/ef4b0wZrlsVgGnApyQUBB2IWyWD F+2OmJHmn/snB5r3cr69xhRQ47/buICnchyUQ2T0dPFbNl1NoTYoAUFKaBaXC/ob u8W72OTuSO0EpCo= -----END CERTIFICATE-----Generated at Sat Apr 26 08:29:09 2025 by rpki-client