$ rpki-client -vvf rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/D97D5F6A3FEB11E9882E830FC4F9AE02.roa File: D97D5F6A3FEB11E9882E830FC4F9AE02.roa (raw, json) Hash identifier: RQ9qhLaDGLXZG82auuWSpjUE055Bze4DBt1aGvXRSH4= Subject key identifier: 10:D7:E1:59:CB:B6:96:4B:D9:42:25:67:6F:06:BB:33:97:77:F3:E4 Certificate issuer: /CN=A9162DD6/serialNumber=0E2870631FA0EFEAE94531DB0E26045CA3BC819B Certificate serial: 102F Authority key identifier: 0E:28:70:63:1F:A0:EF:EA:E9:45:31:DB:0E:26:04:5C:A3:BC:81:9B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DihwYx-g7-rpRTHbDiYEXKO8gZs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/D97D5F6A3FEB11E9882E830FC4F9AE02.roa Signing time: Thu 10 Apr 2025 17:56:05 +0000 ROA not before: Thu 10 Apr 2025 17:56:05 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 18225 IP address blocks: 103.161.218.0/24 maxlen: 24 103.161.219.0/24 maxlen: 24 202.154.160.0/21 maxlen: 21 202.154.168.0/24 maxlen: 24 202.154.169.0/24 maxlen: 24 202.154.170.0/24 maxlen: 24 202.154.171.0/24 maxlen: 24 202.154.172.0/24 maxlen: 24 202.154.173.0/24 maxlen: 24 202.154.174.0/24 maxlen: 24 202.154.175.0/24 maxlen: 24 2406:de00:100::/40 maxlen: 40 2406:de00:200::/40 maxlen: 40 2406:de00:400::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.crl rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DihwYx-g7-rpRTHbDiYEXKO8gZs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:26:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4143 (0x102f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162DD6, serialNumber=0E2870631FA0EFEAE94531DB0E26045CA3BC819B Validity Not Before: Apr 10 17:56:05 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67f80635-6487 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:78:ab:a4:de:79:df:0d:df:16:1a:42:c6:27: ee:47:16:58:81:f9:eb:52:83:4a:a3:ca:69:e7:ab: 52:75:c1:85:e9:74:ea:bc:10:75:44:57:3d:b3:7b: de:4f:31:48:2f:15:8f:db:48:d6:49:fc:69:54:94: 5c:ec:2c:ef:fa:67:73:fd:c2:fa:e4:40:39:1d:c7: 5a:d4:70:e9:bf:c7:7a:f1:29:22:03:3c:24:bb:22: a6:40:60:cd:b0:65:72:78:93:76:23:82:d7:27:01: c7:c8:8a:06:fe:6d:24:b0:ce:4d:c9:8f:a3:50:11: 8c:18:88:d2:c4:74:c0:74:da:0e:b3:4a:46:52:50: 2f:0f:e2:c1:a0:69:e5:63:8c:d3:b1:36:d9:b7:96: ab:1f:4d:78:f6:4b:1d:f9:79:ea:74:90:ba:68:ac: fe:b7:64:36:31:37:62:25:b7:0b:07:34:63:53:18: 69:dc:c5:f6:93:ce:09:30:68:94:39:f3:1e:25:33: 0e:10:2e:06:d1:d9:34:24:d5:85:f8:1a:b6:44:17: 21:bc:30:ba:95:b6:d9:71:3c:02:8a:d9:df:57:a1: 22:83:17:aa:79:8c:79:41:53:da:75:b9:6c:c7:5f: 6d:7e:01:65:3f:98:15:81:35:35:da:7c:e8:98:c5: 7c:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:D7:E1:59:CB:B6:96:4B:D9:42:25:67:6F:06:BB:33:97:77:F3:E4 X509v3 Authority Key Identifier: keyid:0E:28:70:63:1F:A0:EF:EA:E9:45:31:DB:0E:26:04:5C:A3:BC:81:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/DihwYx-g7-rpRTHbDiYEXKO8gZs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DihwYx-g7-rpRTHbDiYEXKO8gZs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162DD6/9CD7CB0A3FEA11E991839D0DC4F9AE02/D97D5F6A3FEB11E9882E830FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.161.218.0/23 202.154.160.0/20 IPv6: 2406:de00:100::-2406:de00:2ff:ffff:ffff:ffff:ffff:ffff 2406:de00:400::/40 Signature Algorithm: sha256WithRSAEncryption 56:19:9d:e6:a8:af:25:bd:8e:8a:31:c1:b2:19:44:96:80:e6: 50:41:ca:ef:da:a7:9f:0b:61:18:5c:34:13:a6:2f:a9:33:fc: 24:89:f8:9e:f4:8e:10:2b:e4:88:55:46:8a:a3:b2:56:cd:b3: 00:99:1c:ad:7b:88:d6:17:c5:90:43:5a:bb:e0:08:f2:82:3c: 57:e0:19:81:08:d2:b6:86:2f:10:41:f0:d2:60:1a:14:f3:2c: f6:e7:21:25:3c:e2:40:29:8a:d5:7d:82:51:cc:14:20:c6:98: 2c:57:5d:2b:3a:10:a9:33:f9:d0:28:5c:09:64:3a:65:44:e0: 5f:f0:84:e3:13:78:9d:e2:2f:73:58:83:a3:c0:7d:62:b0:1b: 5a:45:90:19:19:52:d2:52:e0:8b:b3:87:5e:ea:d3:86:31:1a: 54:12:bc:07:b5:14:d6:d4:d7:99:ea:58:d0:e1:8e:8d:2f:47: b6:77:58:d9:c4:76:ab:71:b0:26:8f:75:cc:8a:4c:a0:24:26: a7:16:92:e7:ac:fe:bd:85:d9:40:ca:e3:b9:50:7d:7b:e4:5d: 23:cb:7d:9f:ae:b5:10:63:5f:65:fe:af:d6:8a:db:f0:58:1e: 35:2e:03:fe:fe:63:7c:19:12:b6:5e:8d:7e:d9:78:67:1d:be: 8f:16:b8:8b -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICEC8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjJERDYxMTAvBgNVBAUTKDBFMjg3MDYzMUZBMEVGRUFFOTQ1MzFEQjBFMjYwNDVD QTNCQzgxOUIwHhcNMjUwNDEwMTc1NjA1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y4MDYzNS02NDg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwnirpN553w3fFhpCxifuRxZYgfnrUoNKo8pp56tSdcGF6XTqvBB1RFc9s3ve TzFILxWP20jWSfxpVJRc7Czv+mdz/cL65EA5Hcda1HDpv8d68SkiAzwkuyKmQGDN sGVyeJN2I4LXJwHHyIoG/m0ksM5NyY+jUBGMGIjSxHTAdNoOs0pGUlAvD+LBoGnl Y4zTsTbZt5arH0149ksd+XnqdJC6aKz+t2Q2MTdiJbcLBzRjUxhp3MX2k84JMGiU OfMeJTMOEC4G0dk0JNWF+Bq2RBchvDC6lbbZcTwCitnfV6EigxeqeYx5QVPadbls x19tfgFlP5gVgTU12nzomMV8SQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFBDX4VnL tpZL2UIlZ28GuzOXd/PkMB8GA1UdIwQYMBaAFA4ocGMfoO/q6UUx2w4mBFyjvIGb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkRENi85Q0Q3Q0IwQTNG RUExMUU5OTE4MzlEMERDNEY5QUUwMi9EaWh3WXgtZzctcnBSVEhiRGlZRVhLTzhn WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RpaHdZeC1nNy1ycFJUSGJEaVlFWEtPOGdacy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjJERDYvOUNEN0NCMEEzRkVBMTFFOTkxODM5RDBEQzRGOUFFMDIvRDk3RDVGNkEz RkVCMTFFOTg4MkU4MzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MBIEAgABMAwDBAFnodoDBATKmqAwIAQCAAIwGjAQAwYAJAbeAAEDBgAkBt4A AgMGACQG3gAEMA0GCSqGSIb3DQEBCwUAA4IBAQBWGZ3mqK8lvY6KMcGyGUSWgOZQ Qcrv2qefC2EYXDQTpi+pM/wkifie9I4QK+SIVUaKo7JWzbMAmRyte4jWF8WQQ1q7 4AjygjxX4BmBCNK2hi8QQfDSYBoU8yz25yElPOJAKYrVfYJRzBQgxpgsV10rOhCp M/nQKFwJZDplROBf8ITjE3id4i9zWIOjwH1isBtaRZAZGVLSUuCLs4de6tOGMRpU ErwHtRTW1NeZ6ljQ4Y6NL0e2d1jZxHarcbAmj3XMikygJCanFpLnrP69hdlAyuO5 UH175F0jy32frrUQY19l/q/WitvwWB41LgP+/mN8GRK2Xo1+2XhnHb6PFriL -----END CERTIFICATE-----Generated at Sat Apr 26 17:08:22 2025 by rpki-client