$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3AFD491C99E611EAB3C00943C4F9AE02.roa File: 3AFD491C99E611EAB3C00943C4F9AE02.roa (raw, json) Hash identifier: fDQ1zYNxLplPrz4Qpls9Fd7tB57/fNGS1+72t/RyA84= Subject key identifier: 06:76:41:2D:44:83:A1:79:89:2E:E1:98:87:A1:BB:94:EA:01:34:1D Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Certificate serial: 0952 Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3AFD491C99E611EAB3C00943C4F9AE02.roa Signing time: Thu 20 Mar 2025 20:30:39 +0000 ROA not before: Thu 20 Mar 2025 20:30:39 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 55799 IP address blocks: 43.245.220.0/22 maxlen: 22 43.245.220.0/24 maxlen: 24 43.245.222.0/24 maxlen: 24 43.245.223.0/24 maxlen: 24 103.209.100.0/24 maxlen: 24 103.209.101.0/24 maxlen: 24 103.209.102.0/24 maxlen: 24 103.209.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:08:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2386 (0x952) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156342, serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Validity Not Before: Mar 20 20:30:39 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67dc7aef-ab30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:de:d5:cd:71:97:7a:36:3c:7c:31:8d:c7:ac: 53:96:96:de:14:ef:91:fa:70:d4:21:05:ad:b9:ed: 4e:a7:f5:4f:96:f5:ee:e0:cf:b5:81:5e:ab:3d:89: 85:f1:b7:93:d8:02:b5:9b:1b:02:cd:65:61:f8:ca: f0:a0:76:41:0f:b5:4f:61:9d:bd:f5:e5:c4:dd:b8: 99:8f:ce:c0:b0:19:a3:85:c8:c6:26:09:fb:86:dc: 51:99:23:e4:cf:df:b4:06:6b:c6:93:4c:64:06:43: 57:dd:86:29:99:94:0c:7d:1f:c8:3a:ee:8a:6e:a7: 8f:ee:2b:e9:36:92:51:87:97:3e:c3:89:37:ad:73: 0c:98:16:fc:32:60:8a:7c:e0:89:1f:71:dc:0f:c3: e9:05:63:17:43:8a:25:f5:27:30:a2:1a:fe:35:bd: e8:1a:9f:97:2a:d0:54:16:11:bd:c8:57:92:0d:e2: 3c:68:f9:b3:4b:8f:de:27:8b:84:91:4c:e8:37:3f: 6c:45:70:64:3c:f2:2f:e5:00:33:13:58:18:75:4e: 8f:ff:6b:f1:7a:6e:60:d2:1e:df:b8:30:0b:9c:89: cd:5e:37:f8:5c:58:ff:4f:b3:9d:b3:73:ce:90:49: 85:97:b5:0e:8e:a8:f3:a7:1e:55:75:4f:37:59:0c: f6:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:76:41:2D:44:83:A1:79:89:2E:E1:98:87:A1:BB:94:EA:01:34:1D X509v3 Authority Key Identifier: keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3AFD491C99E611EAB3C00943C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.220.0/22 103.209.100.0/22 Signature Algorithm: sha256WithRSAEncryption 15:ad:7d:0f:a1:d0:7c:1a:47:59:31:04:09:d3:56:1d:49:86: 05:b5:ca:96:cb:3c:22:a0:46:26:b1:5e:bd:0d:ef:5b:7c:d8: ed:ef:af:c7:cd:6d:86:d9:e9:ae:73:a4:49:bd:43:a3:70:4b: 15:8c:55:5b:f7:14:ce:53:d3:18:c5:c9:06:50:b4:86:3f:5c: 04:19:60:33:ba:ef:7c:4e:47:10:20:3c:31:2b:0d:50:f9:15: ca:6e:06:77:c9:74:03:9b:25:3c:c9:43:80:f8:80:bf:73:69: ea:db:fc:ff:0f:4e:0b:a2:4e:f6:fd:58:15:6e:c0:f1:ee:96: 69:d7:54:3e:76:64:0a:bd:ca:4c:d4:72:7d:31:93:29:6a:bf: 4a:48:5a:60:75:e6:13:51:6e:52:69:f6:4e:62:0f:ee:34:4d: 96:3b:a0:26:6d:ab:08:f1:34:39:20:43:a5:1a:29:25:31:43: 0a:ba:05:36:2e:45:93:b4:2d:0c:e3:96:a1:d2:8e:74:81:a9: 18:38:3a:94:69:c9:fd:e1:7d:11:b9:b1:ce:69:7a:a8:03:07: 78:6e:67:12:0e:bc:ba:22:b8:d8:a5:88:c4:ae:28:32:00:c5: 8e:22:8d:4d:16:a1:d4:67:42:67:75:b5:5d:de:0e:5e:bb:91: df:5e:1b:96 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCVIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD Q0I2RThFMzcwHhcNMjUwMzIwMjAzMDM5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2RjN2FlZi1hYjMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp97VzXGXejY8fDGNx6xTlpbeFO+R+nDUIQWtue1Op/VPlvXu4M+1gV6rPYmF 8beT2AK1mxsCzWVh+MrwoHZBD7VPYZ299eXE3biZj87AsBmjhcjGJgn7htxRmSPk z9+0BmvGk0xkBkNX3YYpmZQMfR/IOu6KbqeP7ivpNpJRh5c+w4k3rXMMmBb8MmCK fOCJH3HcD8PpBWMXQ4ol9Scwohr+Nb3oGp+XKtBUFhG9yFeSDeI8aPmzS4/eJ4uE kUzoNz9sRXBkPPIv5QAzE1gYdU6P/2vxem5g0h7fuDALnInNXjf4XFj/T7Ods3PO kEmFl7UOjqjzpx5VdU83WQz2VQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAZ2QS1E g6F5iS7hmIehu5TqATQdMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5 RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0FGRDQ5MUM5 OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr9dwDBAJn0WQwDQYJKoZIhvcNAQELBQADggEBABWtfQ+h 0HwaR1kxBAnTVh1JhgW1ypbLPCKgRiaxXr0N71t82O3vr8fNbYbZ6a5zpEm9Q6Nw SxWMVVv3FM5T0xjFyQZQtIY/XAQZYDO673xORxAgPDErDVD5FcpuBnfJdAObJTzJ Q4D4gL9zaerb/P8PTguiTvb9WBVuwPHulmnXVD52ZAq9ykzUcn0xkylqv0pIWmB1 5hNRblJp9k5iD+40TZY7oCZtqwjxNDkgQ6UaKSUxQwq6BTYuRZO0LQzjlqHSjnSB qRg4OpRpyf3hfRG5sc5peqgDB3huZxIOvLoiuNiliMSuKDIAxY4ijU0WodRnQmd1 tV3eDl67kd9eG5Y= -----END CERTIFICATE-----Generated at Sat Apr 26 08:32:51 2025 by rpki-client