$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/87F433B2234C11EBA94AE637C4F9AE02.roa File: 87F433B2234C11EBA94AE637C4F9AE02.roa (raw, json) Hash identifier: aPQE1e4nKCiHqR/TnLkZpZpyO3+vgwvIqog88dCR8mk= Subject key identifier: 5E:05:2E:CC:72:39:9B:60:96:9A:68:C0:F8:C1:75:0F:CF:A8:88:C1 Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Certificate serial: 1CFA Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/87F433B2234C11EBA94AE637C4F9AE02.roa Signing time: Sat 22 Feb 2025 18:29:36 +0000 ROA not before: Sat 22 Feb 2025 18:29:36 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 141031 IP address blocks: 113.203.192.0/24 maxlen: 24 113.203.194.0/24 maxlen: 24 113.203.196.0/24 maxlen: 24 113.203.197.0/24 maxlen: 24 113.203.198.0/24 maxlen: 24 113.203.199.0/24 maxlen: 24 118.103.224.0/24 maxlen: 24 118.103.225.0/24 maxlen: 24 2406:d00:ee00::/48 maxlen: 48 2406:d00:ee01::/48 maxlen: 48 2406:d00:ee0a::/48 maxlen: 48 2406:d00:ee0b::/48 maxlen: 48 2406:d00:ee0c::/48 maxlen: 48 2406:d00:ee0d::/48 maxlen: 48 2406:d00:ee0e::/48 maxlen: 48 2406:d00:ee0f::/48 maxlen: 48 2406:d00:ee55::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:12:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7418 (0x1cfa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A Validity Not Before: Feb 22 18:29:36 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=67ba178f-0d83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:f7:f5:6a:db:24:84:d9:6c:3a:6b:33:3e:9c: d7:65:63:7d:08:c1:0f:7f:20:6f:be:81:25:6f:f7: 3d:ff:c9:f8:82:70:1e:48:5a:af:64:97:4f:06:25: 29:8d:b1:1e:8b:83:12:4a:96:e5:83:77:b5:98:d0: ca:9d:11:2c:45:6a:35:41:35:c3:f3:24:8d:84:b8: e3:6b:c2:ff:c8:1c:f1:98:96:bc:4d:d7:bc:0d:fa: bc:90:2d:79:f5:fe:5e:99:e6:6f:c8:6a:0f:df:f6: 0d:5b:73:a7:95:d9:b0:b1:c2:04:b0:31:61:fc:c7: 76:34:ce:bf:66:3c:a2:02:ce:19:c7:d3:6a:24:6b: 65:13:7a:ff:45:ae:da:16:ba:84:46:17:ce:46:34: 30:ab:82:74:e1:51:56:f5:e2:7c:22:c8:40:29:a7: 87:81:b8:c8:cc:be:1b:24:9d:6c:42:5f:c8:4f:76: 6f:d4:d3:61:ed:f0:6c:25:a5:20:c3:50:7c:a1:7b: 03:c6:39:80:b6:f4:ab:b3:75:d0:31:5f:6b:de:81: d5:8a:1d:94:3f:7a:fa:e1:a9:d9:28:ac:d9:db:f3: 5e:10:25:ed:b9:df:3d:12:37:7b:37:18:67:57:8d: 29:d4:b9:72:1d:67:a4:3a:3c:fc:de:58:98:6f:c5: eb:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:05:2E:CC:72:39:9B:60:96:9A:68:C0:F8:C1:75:0F:CF:A8:88:C1 X509v3 Authority Key Identifier: keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/87F433B2234C11EBA94AE637C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 113.203.192.0/24 113.203.194.0/24 113.203.196.0/22 118.103.224.0/23 IPv6: 2406:d00:ee00::/47 2406:d00:ee0a::-2406:d00:ee0f:ffff:ffff:ffff:ffff:ffff 2406:d00:ee55::/48 Signature Algorithm: sha256WithRSAEncryption 5d:c1:d1:8f:ce:c8:8a:19:23:c4:21:6f:d6:71:11:25:67:aa: 91:2a:1b:2d:33:91:e4:1e:a2:2c:a7:27:e6:7d:82:aa:9c:12: ef:be:a4:42:7b:87:24:12:e7:ec:91:ff:a2:cd:35:14:af:94: e6:0b:60:68:d0:67:46:33:3b:d7:30:c2:4e:e2:38:1a:0f:46: 27:bc:5c:4f:11:49:b7:d8:e3:af:e8:b3:2f:ff:c0:15:d4:ae: e4:4c:27:1d:5b:6e:cd:6c:2f:d9:ef:27:8b:62:2c:9d:34:dc: 24:97:5f:93:ef:b4:96:d2:08:cf:18:fd:9a:45:3a:84:e4:47: eb:84:a4:bb:f3:29:db:87:c5:5d:cd:98:be:75:01:e1:49:56: 16:93:b2:a0:e4:c3:16:26:34:40:0c:b0:80:88:3c:81:9e:9d: 93:83:a8:b0:46:73:bf:a5:e9:5d:42:5e:58:15:8a:63:94:68: ae:aa:1e:90:69:6c:12:a0:2d:5b:0a:10:09:71:38:31:6f:b6: d3:f1:e6:00:65:53:9f:73:9e:56:95:ba:28:be:4b:dc:37:92: 00:c7:25:b2:9c:22:8f:ab:50:ca:95:6f:f9:63:1b:8d:22:a0: c4:50:09:ab:83:4e:4e:dc:df:ce:42:66:8d:e8:dd:49:a7:b7: 13:a2:21:47 -----BEGIN CERTIFICATE----- MIIFsTCCBJmgAwIBAgICHPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB ODEzOTYwM0EwHhcNMjUwMjIyMTgyOTM2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2JhMTc4Zi0wZDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3/f1atskhNlsOmszPpzXZWN9CMEPfyBvvoElb/c9/8n4gnAeSFqvZJdPBiUp jbEei4MSSpblg3e1mNDKnREsRWo1QTXD8ySNhLjja8L/yBzxmJa8Tde8Dfq8kC15 9f5emeZvyGoP3/YNW3OnldmwscIEsDFh/Md2NM6/ZjyiAs4Zx9NqJGtlE3r/Ra7a FrqERhfORjQwq4J04VFW9eJ8IshAKaeHgbjIzL4bJJ1sQl/IT3Zv1NNh7fBsJaUg w1B8oXsDxjmAtvSrs3XQMV9r3oHVih2UP3r64anZKKzZ2/NeECXtud89Ejd7Nxhn V40p1LlyHWekOjz83liYb8Xr2QIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFF4FLsxy OZtglppowPjBdQ/PqIjBMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvODdGNDMzQjIy MzRDMTFFQkE5NEFFNjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E UDBOMB4EAgABMBgDBABxy8ADBABxy8IDBAJxy8QDBAF2Z+AwLAQCAAIwJgMHASQG DQDuADASAwcBJAYNAO4KAwcEJAYNAO4AAwcAJAYNAO5VMA0GCSqGSIb3DQEBCwUA A4IBAQBdwdGPzsiKGSPEIW/WcRElZ6qRKhstM5HkHqIspyfmfYKqnBLvvqRCe4ck Eufskf+izTUUr5TmC2Bo0GdGMzvXMMJO4jgaD0YnvFxPEUm32OOv6LMv/8AV1K7k TCcdW27NbC/Z7yeLYiydNNwkl1+T77SW0gjPGP2aRTqE5EfrhKS78ynbh8VdzZi+ dQHhSVYWk7Kg5MMWJjRADLCAiDyBnp2Tg6iwRnO/peldQl5YFYpjlGiuqh6QaWwS oC1bChAJcTgxb7bT8eYAZVOfc55WlboovkvcN5IAxyWynCKPq1DKlW/5YxuNIqDE UAmrg05O3N/OQmaN6N1Jp7cToiFH -----END CERTIFICATE-----Generated at Sat Apr 26 13:06:50 2025 by rpki-client