$ rpki-client -vvf rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa File: 5A9BEA702D7611EB9827C368C4F9AE02.roa (raw, json) Hash identifier: ebO9+Vms5oQoG4HlIUTD5BkVkXKCz/huR2BUpn+lQwI= Subject key identifier: D4:F4:33:FB:D4:9C:9D:E7:4D:1D:1F:42:29:C8:1F:99:C1:57:C2:4F Certificate issuer: /CN=A915DAF1/serialNumber=BB9F42CFCE388EDC4B29EA65DEB6162B256D2102 Certificate serial: 071D Authority key identifier: BB:9F:42:CF:CE:38:8E:DC:4B:29:EA:65:DE:B6:16:2B:25:6D:21:02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u59Cz844jtxLKepl3rYWKyVtIQI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa Signing time: Sun 02 Mar 2025 23:00:07 +0000 ROA not before: Sun 02 Mar 2025 23:00:07 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 140224 IP address blocks: 103.148.186.0/24 maxlen: 24 103.148.187.0/24 maxlen: 24 2001:df2:e380::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/u59Cz844jtxLKepl3rYWKyVtIQI.crl rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/u59Cz844jtxLKepl3rYWKyVtIQI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u59Cz844jtxLKepl3rYWKyVtIQI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 21:35:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1821 (0x71d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915DAF1, serialNumber=BB9F42CFCE388EDC4B29EA65DEB6162B256D2102 Validity Not Before: Mar 2 23:00:07 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67c4e2f7-e549 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:95:ba:7d:c4:15:0a:09:32:23:b1:d8:11:ee: ef:60:72:6d:a6:e4:46:22:95:c5:b0:79:a0:96:3a: c0:b8:3c:47:f3:ad:15:07:cc:81:b0:a6:11:ba:e7: 83:7d:3e:78:fd:97:e3:4f:a5:59:bc:a2:c5:1b:8f: e2:f6:c1:74:4a:da:95:e3:98:c0:5e:a1:c7:2a:9c: 8e:d6:58:b8:b1:eb:67:6f:bc:c4:21:6c:70:ab:62: 81:bb:b5:e5:36:e7:96:3b:34:6f:1e:ef:03:66:a1: b9:6d:6a:30:b2:84:00:39:f4:05:7b:8b:3e:d9:29: f8:58:c3:19:08:58:be:4e:e8:37:28:5b:fa:72:f0: 27:93:d7:c5:30:76:ba:f9:bf:f6:33:5c:7a:a7:b9: 8c:4c:e6:60:e4:f4:b0:24:63:68:90:6f:71:40:73: f3:96:e0:db:56:39:d8:93:70:30:ef:9f:85:84:ae: 4a:f7:e4:ee:8c:57:80:25:94:a3:09:34:c4:5a:93: 89:e4:94:41:d0:61:77:99:25:72:fc:d5:6c:04:0a: 00:a6:cb:fb:62:62:b4:fa:25:8a:9b:ae:ab:b2:a5: ed:7f:73:c1:37:b7:fc:a8:b8:4f:67:90:0d:a0:aa: 13:e6:c5:e8:88:0c:04:b5:d6:62:78:87:81:f3:32: ae:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:F4:33:FB:D4:9C:9D:E7:4D:1D:1F:42:29:C8:1F:99:C1:57:C2:4F X509v3 Authority Key Identifier: keyid:BB:9F:42:CF:CE:38:8E:DC:4B:29:EA:65:DE:B6:16:2B:25:6D:21:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/u59Cz844jtxLKepl3rYWKyVtIQI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u59Cz844jtxLKepl3rYWKyVtIQI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.148.186.0/23 IPv6: 2001:df2:e380::/48 Signature Algorithm: sha256WithRSAEncryption 70:32:a7:f6:a6:d5:d7:59:e5:8c:5b:0d:84:b5:a1:db:91:fb: ac:23:ad:07:0b:cb:74:40:d4:2a:cf:26:01:83:c9:0c:39:64: d8:4a:b9:8a:63:84:f2:e3:db:fb:c2:0e:9f:93:91:98:18:c5: 96:df:e0:b5:59:83:75:b3:28:30:51:a5:2a:37:28:00:0b:a6: 51:16:ce:e3:b6:c9:b2:26:5a:c2:7f:42:0c:d2:fb:87:03:15: 83:c5:e5:58:7b:f3:c2:86:fa:b3:52:ba:06:82:2c:0d:24:2b: 13:af:e1:2c:77:70:24:b9:46:8e:c4:8f:20:37:30:61:e0:29: 2d:60:4b:5b:28:54:5d:41:2c:cd:7c:5b:94:77:68:25:b4:26: 78:bd:d6:9d:25:6b:a4:95:bd:27:e9:08:ae:64:0a:0b:cb:64: 9f:dd:20:14:35:2c:ff:25:21:a6:78:88:a9:f9:54:50:c1:fc: 03:a1:07:32:4e:46:26:1f:ec:95:e9:32:6c:38:93:10:47:df: d1:b7:99:3d:89:55:d6:1e:be:69:76:96:31:db:85:7a:91:e7: 0a:80:62:4e:7a:cc:fe:3d:a6:58:99:0c:50:f1:b5:aa:bd:df: 42:e1:69:06:be:e5:1f:78:1a:39:bc:c6:43:47:b0:8a:62:a4: 3e:76:59:9d -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBx0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NURBRjExMTAvBgNVBAUTKEJCOUY0MkNGQ0UzODhFREM0QjI5RUE2NURFQjYxNjJC MjU2RDIxMDIwHhcNMjUwMzAyMjMwMDA3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2M0ZTJmNy1lNTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvZW6fcQVCgkyI7HYEe7vYHJtpuRGIpXFsHmgljrAuDxH860VB8yBsKYRuueD fT54/ZfjT6VZvKLFG4/i9sF0StqV45jAXqHHKpyO1li4setnb7zEIWxwq2KBu7Xl NueWOzRvHu8DZqG5bWowsoQAOfQFe4s+2Sn4WMMZCFi+Tug3KFv6cvAnk9fFMHa6 +b/2M1x6p7mMTOZg5PSwJGNokG9xQHPzluDbVjnYk3Aw75+FhK5K9+TujFeAJZSj CTTEWpOJ5JRB0GF3mSVy/NVsBAoApsv7YmK0+iWKm66rsqXtf3PBN7f8qLhPZ5AN oKoT5sXoiAwEtdZieIeB8zKuzwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNT0M/vU nJ3nTR0fQinIH5nBV8JPMB8GA1UdIwQYMBaAFLufQs/OOI7cSynqZd62FislbSEC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1REFGMS8wQjJCOTBBNDJE NzUxMUVCOTM2RTM0NThDNEY5QUUwMi91NTlDejg0NGp0eExLZXBsM3JZV0t5VnRJ UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3U1OUN6ODQ0anR4TEtlcGwzcllXS3lWdElRSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NURBRjEvMEIyQjkwQTQyRDc1MTFFQjkzNkUzNDU4QzRGOUFFMDIvNUE5QkVBNzAy RDc2MTFFQjk4MjdDMzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnlLowDwQCAAIwCQMHACABDfLjgDANBgkqhkiG9w0BAQsF AAOCAQEAcDKn9qbV11nljFsNhLWh25H7rCOtBwvLdEDUKs8mAYPJDDlk2Eq5imOE 8uPb+8IOn5ORmBjFlt/gtVmDdbMoMFGlKjcoAAumURbO47bJsiZawn9CDNL7hwMV g8XlWHvzwob6s1K6BoIsDSQrE6/hLHdwJLlGjsSPIDcwYeApLWBLWyhUXUEszXxb lHdoJbQmeL3WnSVrpJW9J+kIrmQKC8tkn90gFDUs/yUhpniIqflUUMH8A6EHMk5G Jh/slekybDiTEEff0beZPYlV1h6+aXaWMduFepHnCoBiTnrM/j2mWJkMUPG1qr3f QuFpBr7lH3gaObzGQ0ewimKkPnZZnQ== -----END CERTIFICATE-----Generated at Sat Apr 26 08:04:45 2025 by rpki-client