$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E5A47506DFCE11EFBC4CD631C4F9AE02.roa File: E5A47506DFCE11EFBC4CD631C4F9AE02.roa (raw, json) Hash identifier: c4SXQlCG+2MPlFiFY6VkhLPxbsV0onAe5fUK8o5OyyY= Subject key identifier: 03:15:7D:9E:E6:94:54:FC:47:E0:80:7C:C9:69:A3:BE:21:A2:AE:6B Certificate issuer: /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Certificate serial: 3488 Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E5A47506DFCE11EFBC4CD631C4F9AE02.roa Signing time: Mon 14 Apr 2025 14:50:45 +0000 ROA not before: Mon 14 Apr 2025 14:50:45 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 45193 IP address blocks: 103.39.252.0/22 maxlen: 22 119.252.123.0/24 maxlen: 24 119.252.124.0/23 maxlen: 23 119.252.124.0/24 maxlen: 24 119.252.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:35:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13448 (0x3488) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Validity Not Before: Apr 14 14:50:45 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=67fd20c5-6036 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:03:f8:e9:0f:30:60:6c:e4:58:87:15:50:6a: 85:b5:b4:d4:df:22:92:7e:04:47:5c:b9:a9:c1:a3: a0:cc:c4:10:7b:51:fe:37:9b:ed:f6:e5:47:ba:2e: df:3a:08:93:92:0a:d0:ae:67:98:be:44:b2:50:6c: 82:9d:f6:c9:97:66:c1:3e:56:df:6b:c7:49:49:77: 70:a7:0c:a3:43:b9:fc:de:ed:30:8d:76:60:f9:c5: 66:31:1e:08:80:d3:b4:2e:01:94:5b:bc:b9:cc:02: 8b:37:2b:42:63:d1:32:6e:c7:88:78:c2:ac:d6:b3: be:d4:ac:ab:62:30:54:6d:d5:9c:03:53:b9:a4:e2: e8:74:fe:fe:53:9d:09:aa:df:e2:cf:33:f6:42:52: 15:9f:48:39:96:97:23:cf:a0:81:9e:0c:79:ae:25: 54:49:52:14:4e:7b:3c:7b:65:80:4e:33:7e:3c:58: 5b:d7:9b:3a:66:20:58:13:03:38:e8:e6:bf:5d:b0: 16:e2:00:1a:2d:ee:4e:5d:1e:7d:25:18:49:15:a7: 90:92:38:f7:f9:20:a7:79:c8:a1:fb:d9:c3:a4:3f: c7:aa:01:2a:ae:7b:8b:fa:5f:95:a7:95:a0:1f:d4: b4:18:05:54:7e:33:ca:c7:ad:67:39:a0:8e:82:60: 7d:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:15:7D:9E:E6:94:54:FC:47:E0:80:7C:C9:69:A3:BE:21:A2:AE:6B X509v3 Authority Key Identifier: keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E5A47506DFCE11EFBC4CD631C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.39.252.0/22 119.252.123.0-119.252.125.255 Signature Algorithm: sha256WithRSAEncryption 9c:ae:a9:9e:22:93:70:b9:53:37:ca:79:1d:82:0e:0f:7a:9c: 5d:ac:eb:77:44:48:8d:14:b7:1b:bd:05:5f:e2:02:6e:bc:56: 76:4a:35:0c:e7:f8:38:a1:58:34:cb:94:04:71:3c:35:ac:4e: ee:41:18:9c:2e:d0:e1:87:31:b9:e5:bf:d8:45:0e:aa:4c:f7: e6:5a:86:cc:93:8d:53:cf:d9:4e:90:52:dd:44:66:3b:46:a1: 16:38:19:a5:a9:53:ee:a5:0c:9d:08:08:a2:e0:01:30:09:b1: 21:d0:85:53:b6:e6:19:29:c4:ce:c8:c5:3d:a1:cc:35:1c:e3: c4:00:9c:fe:1c:13:45:f1:11:69:23:a4:e1:0a:7e:20:cc:75: d9:52:3f:b4:6d:94:8a:6a:2f:1e:a1:d5:ca:ef:62:5b:a8:7d: 48:89:42:00:56:f7:98:71:84:7a:ee:d0:39:93:a7:26:be:cf: a8:d9:70:f3:b0:90:99:fb:a9:56:79:b8:7c:0f:c2:62:33:c5: 24:61:ae:41:13:58:31:a1:80:6a:95:77:64:6d:cf:63:25:4f: 8d:e6:a3:07:8b:45:57:cd:a3:eb:50:ed:d2:f4:10:a6:fe:7b: b1:df:08:25:74:b4:71:dd:60:b4:9b:58:42:f0:09:3e:ff:11: e2:9e:44:6d -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICNIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5 NDgxRjFDNDQwHhcNMjUwNDE0MTQ1MDQ1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2ZkMjBjNS02MDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3wP46Q8wYGzkWIcVUGqFtbTU3yKSfgRHXLmpwaOgzMQQe1H+N5vt9uVHui7f OgiTkgrQrmeYvkSyUGyCnfbJl2bBPlbfa8dJSXdwpwyjQ7n83u0wjXZg+cVmMR4I gNO0LgGUW7y5zAKLNytCY9EybseIeMKs1rO+1KyrYjBUbdWcA1O5pOLodP7+U50J qt/izzP2QlIVn0g5lpcjz6CBngx5riVUSVIUTns8e2WATjN+PFhb15s6ZiBYEwM4 6Oa/XbAW4gAaLe5OXR59JRhJFaeQkjj3+SCnecih+9nDpD/HqgEqrnuL+l+Vp5Wg H9S0GAVUfjPKx61nOaCOgmB92QIDAQABo4ICozCCAp8wHQYDVR0OBBYEFAMVfZ7m lFT8R+CAfMlpo74hoq5rMB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdEQTAvM0EwRDkzMTAxRDhDMTFFMjhFRkY1N0U3MDhCMDJDRDIvRTVBNDc1MDZE RkNFMTFFRkJDNENENjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQDBAJnJ/wwDAMEAHf8ewMEAXf8fDANBgkqhkiG9w0BAQsFAAOC AQEAnK6pniKTcLlTN8p5HYIOD3qcXazrd0RIjRS3G70FX+ICbrxWdko1DOf4OKFY NMuUBHE8NaxO7kEYnC7Q4YcxueW/2EUOqkz35lqGzJONU8/ZTpBS3URmO0ahFjgZ palT7qUMnQgIouABMAmxIdCFU7bmGSnEzsjFPaHMNRzjxACc/hwTRfERaSOk4Qp+ IMx12VI/tG2UimovHqHVyu9iW6h9SIlCAFb3mHGEeu7QOZOnJr7PqNlw87CQmfup Vnm4fA/CYjPFJGGuQRNYMaGAapV3ZG3PYyVPjeajB4tFV82j61Dt0vQQpv57sd8I JXS0cd1gtJtYQvAJPv8R4p5EbQ== -----END CERTIFICATE-----Generated at Sat Apr 26 12:24:33 2025 by rpki-client