$ rpki-client -vvf rpki.apnic.net/member_repository/A917A468/CE4943768C3A11E3BA0EAD2C5911EA32/7C48D49CFFBE11EBB443B639C4F9AE02.roa File: 7C48D49CFFBE11EBB443B639C4F9AE02.roa (raw, json) Hash identifier: KaEa0+ICUzmdVpJmeqF6gZvo9E5P1icY0eEIrchjO98= Subject key identifier: AB:B4:0F:59:F0:F1:6A:34:F7:3F:F3:86:90:1F:C4:78:8C:76:D1:D9 Certificate issuer: /CN=A917A468/serialNumber=64351608EE2AEA074C9EFFAE908C612AE7DCD369 Certificate serial: 2D4F Authority key identifier: 64:35:16:08:EE:2A:EA:07:4C:9E:FF:AE:90:8C:61:2A:E7:DC:D3:69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZDUWCO4q6gdMnv-ukIxhKufc02k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A468/CE4943768C3A11E3BA0EAD2C5911EA32/7C48D49CFFBE11EBB443B639C4F9AE02.roa Signing time: Thu 06 Mar 2025 15:32:13 +0000 ROA not before: Thu 06 Mar 2025 15:32:13 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 132588 IP address blocks: 58.84.48.0/22 maxlen: 22 58.84.48.0/24 maxlen: 24 58.84.49.0/24 maxlen: 24 58.84.50.0/24 maxlen: 24 58.84.51.0/24 maxlen: 24 103.240.152.0/22 maxlen: 22 103.240.152.0/24 maxlen: 24 103.240.153.0/24 maxlen: 24 103.240.154.0/24 maxlen: 24 103.240.155.0/24 maxlen: 24 103.254.0.0/24 maxlen: 24 103.254.1.0/24 maxlen: 24 103.254.2.0/24 maxlen: 24 103.254.3.0/24 maxlen: 24 116.204.136.0/22 maxlen: 22 116.204.136.0/24 maxlen: 24 116.204.137.0/24 maxlen: 24 116.204.138.0/24 maxlen: 24 116.204.139.0/24 maxlen: 24 2406:2300::/32 maxlen: 32 2407:c100::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A468/CE4943768C3A11E3BA0EAD2C5911EA32/ZDUWCO4q6gdMnv-ukIxhKufc02k.crl rsync://rpki.apnic.net/member_repository/A917A468/CE4943768C3A11E3BA0EAD2C5911EA32/ZDUWCO4q6gdMnv-ukIxhKufc02k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZDUWCO4q6gdMnv-ukIxhKufc02k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:31:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11599 (0x2d4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A468, serialNumber=64351608EE2AEA074C9EFFAE908C612AE7DCD369 Validity Not Before: Mar 6 15:32:13 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c9bffd-0cb7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:68:91:7b:6d:a8:cf:af:f4:ea:5a:9e:00:28: 83:f5:7d:53:15:50:1d:26:57:e6:72:5b:ac:46:a8: 95:f8:98:c8:a6:79:c4:60:76:40:1b:94:73:94:76: 62:2d:e1:20:76:bc:2b:81:af:84:be:2e:a7:5e:ba: 81:e7:bb:f2:1b:60:4a:d9:a2:ee:81:aa:81:c7:32: 87:12:1f:59:e0:af:13:e1:88:10:70:1d:1e:72:dc: 5b:2b:fa:b6:08:1b:a2:d9:43:38:97:f1:d7:91:d5: 17:e0:e6:3f:bc:e3:54:1d:f5:26:09:a8:a1:c8:1a: af:33:37:ac:81:39:40:3b:d8:c1:65:1a:a9:3d:d7: 58:27:59:79:4b:9a:58:b0:f0:f1:17:b0:95:e2:12: e7:58:80:67:89:65:e7:fc:24:21:74:41:17:ad:ff: 10:58:03:d9:bb:2f:66:2e:a0:0c:ff:08:a3:2a:f2: 77:5b:da:f3:29:16:6d:3c:9b:65:c3:2b:db:bb:93: 8e:1c:44:69:d0:84:c9:a3:8e:21:26:f3:72:0e:bf: 60:65:b2:d1:73:51:3c:40:95:25:b9:84:d5:48:06: 59:45:75:6b:b7:c1:60:fc:0d:06:b5:57:12:e6:6a: 7a:30:88:ff:47:f6:02:06:f5:3b:3f:40:02:b2:00: f4:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:B4:0F:59:F0:F1:6A:34:F7:3F:F3:86:90:1F:C4:78:8C:76:D1:D9 X509v3 Authority Key Identifier: keyid:64:35:16:08:EE:2A:EA:07:4C:9E:FF:AE:90:8C:61:2A:E7:DC:D3:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A468/CE4943768C3A11E3BA0EAD2C5911EA32/ZDUWCO4q6gdMnv-ukIxhKufc02k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZDUWCO4q6gdMnv-ukIxhKufc02k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A468/CE4943768C3A11E3BA0EAD2C5911EA32/7C48D49CFFBE11EBB443B639C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.84.48.0/22 103.240.152.0/22 103.254.0.0/22 116.204.136.0/22 IPv6: 2406:2300::/32 2407:c100::/32 Signature Algorithm: sha256WithRSAEncryption 4b:9a:79:ff:f6:9b:ce:d9:be:5a:83:5b:8d:df:39:bf:aa:5b: 9f:c1:31:06:f3:ec:68:d2:a6:57:6c:52:99:ae:3a:66:57:a6: b2:41:50:bb:77:45:c6:b6:bd:ad:38:b3:7f:17:7f:b0:4c:63: 50:73:dd:84:b6:c8:b6:79:1e:b2:a2:90:cb:18:f1:5a:e1:04: 72:c3:2f:da:bd:81:6d:1b:65:56:12:fb:69:de:ab:a0:60:5d: b8:26:87:be:62:85:04:23:1e:6b:94:e6:8d:79:48:38:c2:8c: 6a:df:96:85:43:92:fe:08:89:6c:18:8d:7c:5f:bd:f2:72:56: 7c:32:37:2a:ee:6a:d9:e5:8c:2a:ea:04:d7:06:d5:0b:39:26: af:1b:aa:35:f1:dc:01:22:9d:8b:1a:ec:32:c6:2e:8b:b6:59: 28:55:ee:a2:95:7a:dd:23:5d:e2:54:b1:89:45:10:80:1d:ff: 1c:24:89:9a:34:48:bd:f2:bb:aa:64:78:81:ab:b7:ad:12:eb: 6e:4a:d0:75:6f:78:5d:ae:d1:2a:fc:90:2a:d1:56:9b:72:24: 80:f5:2a:05:91:2b:92:04:6b:bf:f2:f6:f0:18:c4:f2:54:b4: 12:43:77:2e:02:50:5d:e5:ff:5a:87:e0:9b:84:37:a5:64:b0: 6a:31:44:4e -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICLU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E0NjgxMTAvBgNVBAUTKDY0MzUxNjA4RUUyQUVBMDc0QzlFRkZBRTkwOEM2MTJB RTdEQ0QzNjkwHhcNMjUwMzA2MTUzMjEzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2M5YmZmZC0wY2I3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA62iRe22oz6/06lqeACiD9X1TFVAdJlfmclusRqiV+JjIpnnEYHZAG5RzlHZi LeEgdrwrga+Evi6nXrqB57vyG2BK2aLugaqBxzKHEh9Z4K8T4YgQcB0ectxbK/q2 CBui2UM4l/HXkdUX4OY/vONUHfUmCaihyBqvMzesgTlAO9jBZRqpPddYJ1l5S5pY sPDxF7CV4hLnWIBniWXn/CQhdEEXrf8QWAPZuy9mLqAM/wijKvJ3W9rzKRZtPJtl wyvbu5OOHERp0ITJo44hJvNyDr9gZbLRc1E8QJUluYTVSAZZRXVrt8Fg/A0GtVcS 5mp6MIj/R/YCBvU7P0ACsgD0tQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFKu0D1nw 8Wo09z/zhpAfxHiMdtHZMB8GA1UdIwQYMBaAFGQ1FgjuKuoHTJ7/rpCMYSrn3NNp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTQ2OC9DRTQ5NDM3NjhD M0ExMUUzQkEwRUFEMkM1OTExRUEzMi9aRFVXQ080cTZnZE1udi11a0l4aEt1ZmMw MmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pEVVdDTzRxNmdkTW52LXVrSXhoS3VmYzAyay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0E0NjgvQ0U0OTQzNzY4QzNBMTFFM0JBMEVBRDJDNTkxMUVBMzIvN0M0OEQ0OUNG RkJFMTFFQkI0NDNCNjM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MB4EAgABMBgDBAI6VDADBAJn8JgDBAJn/gADBAJ0zIgwFAQCAAIwDgMFACQG IwADBQAkB8EAMA0GCSqGSIb3DQEBCwUAA4IBAQBLmnn/9pvO2b5ag1uN3zm/qluf wTEG8+xo0qZXbFKZrjpmV6ayQVC7d0XGtr2tOLN/F3+wTGNQc92Etsi2eR6yopDL GPFa4QRywy/avYFtG2VWEvtp3qugYF24Joe+YoUEIx5rlOaNeUg4woxq35aFQ5L+ CIlsGI18X73yclZ8Mjcq7mrZ5Ywq6gTXBtULOSavG6o18dwBIp2LGuwyxi6Ltlko Ve6ilXrdI13iVLGJRRCAHf8cJImaNEi98ruqZHiBq7etEutuStB1b3hdrtEq/JAq 0VabciSA9SoFkSuSBGu/8vbwGMTyVLQSQ3cuAlBd5f9ah+CbhDelZLBqMURO -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:07 2025 by rpki-client