$ rpki-client -vvf rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/5997C4D0719A11EEBBA64415C4F9AE02.roa File: 5997C4D0719A11EEBBA64415C4F9AE02.roa (raw, json) Hash identifier: OJZvptd+tocMmJD9s/jElE2hQgWZLbxuwcVBqNbj/eE= Subject key identifier: AC:E4:DD:86:B0:4F:1C:48:91:7C:04:66:61:7C:31:4C:EF:62:2F:BC Certificate issuer: /CN=A918BB4D/serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24 Certificate serial: 06AA Authority key identifier: EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/5997C4D0719A11EEBBA64415C4F9AE02.roa Signing time: Mon 07 Apr 2025 07:50:08 +0000 ROA not before: Mon 07 Apr 2025 07:50:08 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 6134 IP address blocks: 43.254.216.0/22 maxlen: 24 103.238.224.0/22 maxlen: 24 103.244.88.0/22 maxlen: 24 116.206.176.0/22 maxlen: 24 2001:df5:8300::/48 maxlen: 48 2401:e9e0::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.crl rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1706 (0x6aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918BB4D, serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24 Validity Not Before: Apr 7 07:50:08 2025 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=67f383b0-cfd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:6e:39:b7:89:80:7d:8c:6f:40:82:4c:2b:e1: 90:25:d7:e9:0e:17:70:bf:f1:c4:b1:0c:d3:00:7c: 8f:69:30:39:63:82:b3:3e:cd:cd:a8:25:ac:c4:01: 76:4c:9a:7d:d1:18:81:46:8f:47:e6:40:bb:3e:fb: 0e:84:6d:62:3a:98:a3:1d:a0:c3:10:ab:22:0c:0a: 2c:c7:4d:cf:71:5e:6d:ba:36:8b:28:53:18:34:92: cf:c9:23:b5:68:06:7c:48:1c:7d:fe:19:c8:ba:bd: 93:84:fe:30:43:71:b7:62:27:6a:09:ab:75:a0:6f: 78:f7:8a:62:e2:79:af:5f:f9:bf:9f:0b:55:94:36: b9:d3:87:e6:73:44:0a:f9:6c:d8:23:30:4a:2d:9a: 90:75:44:b2:c2:a0:39:0e:ea:f6:41:30:54:67:43: d1:bf:39:d1:dc:00:f8:7b:44:46:18:80:4a:87:52: 29:e8:df:87:57:4e:47:25:92:96:33:a2:e4:5f:ca: 05:8d:57:03:bc:50:06:05:18:d4:98:9d:51:64:a9: da:a5:26:ff:50:6a:59:78:d8:ed:42:ff:42:c8:6e: 57:0b:43:d0:c1:9b:a1:44:34:23:d5:a4:01:f6:3b: a7:cf:a1:08:58:0e:4b:ce:c2:4d:d1:eb:7a:8f:66: a2:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:E4:DD:86:B0:4F:1C:48:91:7C:04:66:61:7C:31:4C:EF:62:2F:BC X509v3 Authority Key Identifier: keyid:EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/5997C4D0719A11EEBBA64415C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.254.216.0/22 103.238.224.0/22 103.244.88.0/22 116.206.176.0/22 IPv6: 2001:df5:8300::/48 2401:e9e0::/36 Signature Algorithm: sha256WithRSAEncryption 0b:32:78:64:d6:9c:74:90:30:61:21:23:48:67:a5:20:72:9d: f6:6b:17:d7:0e:d0:be:47:85:d7:0f:cd:e0:ef:51:c4:f1:49: 4d:62:7a:cb:ef:32:b1:09:71:f6:2b:73:f6:ee:be:62:cc:a8: ae:9f:b7:9c:ab:c0:d4:8d:64:a8:ca:43:cd:ca:1e:4f:e0:2b: 91:5c:80:da:a0:52:f8:4b:2c:04:53:d3:a1:a9:f0:68:ce:46: 92:ec:03:28:ae:98:94:ed:ac:93:80:86:12:36:cc:51:c9:56: dd:52:6b:88:ed:1d:9a:e3:93:c7:99:fa:7f:f2:4a:8b:7f:32: 98:0f:3f:32:23:7a:ce:40:75:03:8f:6a:e3:4f:90:cd:0f:0b: 98:cb:25:1d:0b:4d:fc:ab:59:8b:2c:74:5a:d0:06:1c:94:8a: 42:5f:77:75:ff:92:1a:62:46:82:96:2d:4e:b0:a7:cb:4e:89: 0a:da:d4:52:4c:d1:82:2f:a7:52:b9:77:75:6a:19:1a:08:9e: 77:2e:1e:91:e6:ef:d5:97:96:c4:97:8b:ed:5e:2e:16:da:a2: 13:2e:b1:17:45:97:ad:fb:e6:66:de:38:59:03:7d:69:5c:f8: 4a:91:97:70:e8:e6:97:e3:03:ed:e5:89:83:81:1d:2d:0d:d3: 9a:55:64:6c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgICBqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEJCNEQxMTAvBgNVBAUTKEVGNDAzNjQzRUE5ODIwQUU2RDlENjIyRjlBRUZEN0E0 QzkxNTRGMjQwHhcNMjUwNDA3MDc1MDA4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2YzODNiMC1jZmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsG45t4mAfYxvQIJMK+GQJdfpDhdwv/HEsQzTAHyPaTA5Y4KzPs3NqCWsxAF2 TJp90RiBRo9H5kC7PvsOhG1iOpijHaDDEKsiDAosx03PcV5tujaLKFMYNJLPySO1 aAZ8SBx9/hnIur2ThP4wQ3G3YidqCat1oG9494pi4nmvX/m/nwtVlDa504fmc0QK +WzYIzBKLZqQdUSywqA5Dur2QTBUZ0PRvznR3AD4e0RGGIBKh1Ip6N+HV05HJZKW M6LkX8oFjVcDvFAGBRjUmJ1RZKnapSb/UGpZeNjtQv9CyG5XC0PQwZuhRDQj1aQB 9junz6EIWA5LzsJN0et6j2aiFwIDAQABo4ICwDCCArwwHQYDVR0OBBYEFKzk3Yaw TxxIkXwEZmF8MUzvYi+8MB8GA1UdIwQYMBaAFO9ANkPqmCCubZ1iL5rv16TJFU8k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkI0RC9DQTU2M0JFODY1 MjIxMUVCODBGNkU5NEJDNEY5QUUwMi83MEEyUS1xWUlLNXRuV0l2bXVfWHBNa1ZU eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzcwQTJRLXFZSUs1dG5XSXZtdV9YcE1rVlR5US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEJCNEQvQ0E1NjNCRTg2NTIyMTFFQjgwRjZFOTRCQzRGOUFFMDIvNTk5N0M0RDA3 MTlBMTFFRUJCQTY0NDE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E OzA5MB4EAgABMBgDBAIr/tgDBAJn7uADBAJn9FgDBAJ0zrAwFwQCAAIwEQMHACAB DfWDAAMGBCQB6eAAMA0GCSqGSIb3DQEBCwUAA4IBAQALMnhk1px0kDBhISNIZ6Ug cp32axfXDtC+R4XXD83g71HE8UlNYnrL7zKxCXH2K3P27r5izKiun7ecq8DUjWSo ykPNyh5P4CuRXIDaoFL4SywEU9OhqfBozkaS7AMorpiU7ayTgIYSNsxRyVbdUmuI 7R2a45PHmfp/8kqLfzKYDz8yI3rOQHUDj2rjT5DNDwuYyyUdC038q1mLLHRa0AYc lIpCX3d1/5IaYkaCli1OsKfLTokK2tRSTNGCL6dSuXd1ahkaCJ53Lh6R5u/Vl5bE l4vtXi4W2qITLrEXRZet++Zm3jhZA31pXPhKkZdw6OaX4wPt5YmDgR0tDdOaVWRs -----END CERTIFICATE-----Generated at Sat Apr 26 06:43:26 2025 by rpki-client