$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/DFDEC4D007A411EFAB20A473C4F9AE02.roa File: DFDEC4D007A411EFAB20A473C4F9AE02.roa (raw, json) Hash identifier: 7IvSDjzOnduUJw7RWGwLnfhpYyQetoihd7LmFjagsvg= Subject key identifier: 32:8F:22:EE:D0:C4:91:DB:DF:92:2F:B8:5C:80:C8:81:70:23:A1:27 Certificate issuer: /CN=A917D9B8/serialNumber=567826162754B460CB5866DAC314880C7035461D Certificate serial: B4 Authority key identifier: 56:78:26:16:27:54:B4:60:CB:58:66:DA:C3:14:88:0C:70:35:46:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VngmFidUtGDLWGbawxSIDHA1Rh0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/DFDEC4D007A411EFAB20A473C4F9AE02.roa Signing time: Mon 14 Apr 2025 11:31:24 +0000 ROA not before: Mon 14 Apr 2025 11:31:24 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 152710 IP address blocks: 103.49.124.0/24 maxlen: 24 103.49.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.crl rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VngmFidUtGDLWGbawxSIDHA1Rh0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:57:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 180 (0xb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D9B8, serialNumber=567826162754B460CB5866DAC314880C7035461D Validity Not Before: Apr 14 11:31:24 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67fcf20c-0385 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ee:82:d9:32:4d:6d:18:7f:68:a2:4c:00:ca: 07:61:85:3c:53:18:30:9e:9a:5d:6f:76:81:3b:9e: bd:d2:e0:c9:ff:33:4d:59:24:fc:e1:fa:14:dc:46: 54:aa:85:97:c8:07:7c:c7:31:15:bd:d2:e2:96:24: 09:ae:b5:85:74:43:f7:3d:de:9c:7d:8f:7b:15:4d: 82:c1:38:ad:1a:f9:7d:f7:75:35:e4:35:fc:4e:26: c5:53:69:94:e5:a4:92:cd:2f:bf:39:49:4e:50:c5: ea:ad:94:6c:a1:c6:5a:c7:c9:4e:55:58:da:40:56: 09:87:94:7e:f7:9c:f3:54:7e:4e:1e:2c:bc:1f:c1: b7:a8:50:11:a7:c4:16:3a:49:2f:86:9d:5e:3d:c5: 92:c4:0d:41:1d:e5:8f:97:15:f8:c1:d2:46:d3:9a: 64:d3:ab:c5:f5:e8:06:98:6a:a8:38:af:bf:5b:33: 1c:f9:69:6d:f5:4d:cc:01:39:04:c4:a5:11:d7:00: 3e:85:c2:77:e4:39:a9:d2:21:c4:0d:83:1c:5a:39: dd:9e:de:8e:8a:7b:1b:51:1d:23:ef:f8:2a:08:d6: 4d:d7:6b:f2:a0:e7:80:c6:20:99:3d:e9:26:93:54: b3:0d:e5:83:65:f1:10:55:79:28:13:5d:21:0d:26: 2c:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:8F:22:EE:D0:C4:91:DB:DF:92:2F:B8:5C:80:C8:81:70:23:A1:27 X509v3 Authority Key Identifier: keyid:56:78:26:16:27:54:B4:60:CB:58:66:DA:C3:14:88:0C:70:35:46:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/VngmFidUtGDLWGbawxSIDHA1Rh0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VngmFidUtGDLWGbawxSIDHA1Rh0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9B8/C8B1D44E07A111EF84F3D26AC4F9AE02/DFDEC4D007A411EFAB20A473C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.49.124.0/23 Signature Algorithm: sha256WithRSAEncryption a6:2e:45:c9:fa:21:0c:1f:48:dc:76:04:b4:0e:5b:d8:de:25: d2:60:47:d1:9c:4a:d3:f2:50:96:05:c9:38:80:c8:14:6a:24: b1:0c:df:f3:3a:b9:05:47:c6:3f:1b:f3:b2:21:37:9a:04:74: 06:27:a4:80:7b:ba:67:ad:16:bd:97:92:e5:6a:57:d1:58:5c: 91:7e:fc:71:0a:54:7b:13:18:43:0b:f1:0f:d5:e2:66:2d:81: 29:a3:fb:69:0a:ff:2d:bb:3d:a0:ee:40:44:09:8e:f9:cc:ab: c1:da:1c:9d:1e:65:55:86:86:94:bf:30:9d:3c:02:80:92:d1: 87:69:c3:49:6a:2b:e9:91:64:f0:bd:e2:ee:18:bc:a5:0d:9b: 04:2a:6d:9e:bd:2c:9c:c2:29:1b:3f:1e:44:35:80:0e:64:22: b6:80:0d:97:54:da:b2:9a:ff:33:65:f1:f6:f3:b1:a9:be:4c: 04:c5:2b:13:ac:a5:8a:73:8c:8c:27:76:09:a0:16:8a:bf:6f: 4b:e1:42:3a:e0:6d:59:6e:f3:b7:54:48:ef:1c:03:62:0f:5b: 2b:d5:f1:f1:01:30:26:3d:39:33:85:9a:47:f3:b4:81:74:01: 4d:cd:8c:1f:55:5c:56:19:94:e3:d6:5f:fe:b4:67:a2:1c:29: 3b:ec:00:c8 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICALQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q5QjgxMTAvBgNVBAUTKDU2NzgyNjE2Mjc1NEI0NjBDQjU4NjZEQUMzMTQ4ODBD NzAzNTQ2MUQwHhcNMjUwNDE0MTEzMTI0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2ZjZjIwYy0wMzg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs+6C2TJNbRh/aKJMAMoHYYU8Uxgwnppdb3aBO5690uDJ/zNNWST84foU3EZU qoWXyAd8xzEVvdLiliQJrrWFdEP3Pd6cfY97FU2CwTitGvl993U15DX8TibFU2mU 5aSSzS+/OUlOUMXqrZRsocZax8lOVVjaQFYJh5R+95zzVH5OHiy8H8G3qFARp8QW Okkvhp1ePcWSxA1BHeWPlxX4wdJG05pk06vF9egGmGqoOK+/WzMc+Wlt9U3MATkE xKUR1wA+hcJ35Dmp0iHEDYMcWjndnt6OinsbUR0j7/gqCNZN12vyoOeAxiCZPekm k1SzDeWDZfEQVXkoE10hDSYs8wIDAQABo4IClTCCApEwHQYDVR0OBBYEFDKPIu7Q xJHb35IvuFyAyIFwI6EnMB8GA1UdIwQYMBaAFFZ4JhYnVLRgy1hm2sMUiAxwNUYd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlCOC9DOEIxRDQ0RTA3 QTExMUVGODRGM0QyNkFDNEY5QUUwMi9WbmdtRmlkVXRHRExXR2Jhd3hTSURIQTFS aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZuZ21GaWRVdEdETFdHYmF3eFNJREhBMVJoMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0Q5QjgvQzhCMUQ0NEUwN0ExMTFFRjg0RjNEMjZBQzRGOUFFMDIvREZERUM0RDAw N0E0MTFFRkFCMjBBNDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAFnMXwwDQYJKoZIhvcNAQELBQADggEBAKYuRcn6IQwfSNx2 BLQOW9jeJdJgR9GcStPyUJYFyTiAyBRqJLEM3/M6uQVHxj8b87IhN5oEdAYnpIB7 umetFr2XkuVqV9FYXJF+/HEKVHsTGEML8Q/V4mYtgSmj+2kK/y27PaDuQEQJjvnM q8HaHJ0eZVWGhpS/MJ08AoCS0Ydpw0lqK+mRZPC94u4YvKUNmwQqbZ69LJzCKRs/ HkQ1gA5kIraADZdU2rKa/zNl8fbzsam+TATFKxOspYpzjIwndgmgFoq/b0vhQjrg bVlu87dUSO8cA2IPWyvV8fEBMCY9OTOFmkfztIF0AU3NjB9VXFYZlOPWX/60Z6Ic KTvsAMg= -----END CERTIFICATE-----Generated at Sat Apr 26 08:09:49 2025 by rpki-client