$ rpki-client -vvf rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/C420B2B6111D11F0BE9ABA7AC4F9AE02.roa File: C420B2B6111D11F0BE9ABA7AC4F9AE02.roa (raw, json) Hash identifier: BmMWgtMQ3PCdQlZ5TlrzvWUUVUt35N0MZwh0nPjZPiY= Subject key identifier: 2B:50:C8:FA:57:04:1D:87:F1:85:4D:B8:0B:3F:DE:A7:C2:CB:90:8D Certificate issuer: /CN=A918E023/serialNumber=B9CD57E2FF4F58BB959A9541A31CFDF6697618B2 Certificate serial: 02 Authority key identifier: B9:CD:57:E2:FF:4F:58:BB:95:9A:95:41:A3:1C:FD:F6:69:76:18:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uc1X4v9PWLuVmpVBoxz99ml2GLI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/C420B2B6111D11F0BE9ABA7AC4F9AE02.roa Signing time: Fri 04 Apr 2025 06:26:39 +0000 ROA not before: Fri 04 Apr 2025 06:26:39 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 135044 IP address blocks: 163.223.234.0/23 maxlen: 23 163.223.234.0/24 maxlen: 24 163.223.235.0/24 maxlen: 24 2001:df5:5040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.crl rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uc1X4v9PWLuVmpVBoxz99ml2GLI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:06:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918E023, serialNumber=B9CD57E2FF4F58BB959A9541A31CFDF6697618B2 Validity Not Before: Apr 4 06:26:39 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=67ef7b9f-a74a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:5e:8d:5c:d6:b5:0c:4f:8b:25:97:fb:a5:dd: 06:5f:3f:92:98:54:04:52:6b:d0:14:2c:27:7d:a7: 07:ae:9d:41:47:e8:53:06:39:c1:60:a8:21:43:41: 0d:b3:38:9d:cd:1c:9d:24:f9:7a:af:ae:71:52:f0: 79:e7:a8:ed:48:40:3e:8e:4e:df:f2:25:f9:02:3c: 3d:d1:73:7f:55:85:5e:3f:d3:25:fb:1e:bd:4d:2c: 5e:48:37:b7:03:bc:e3:22:0e:da:df:55:48:b5:c8: 6c:1e:d9:f0:ed:50:9c:03:8d:d5:99:40:cd:2a:b5: 12:aa:4e:8d:65:56:80:71:61:ee:0d:ff:7f:87:7f: 94:cf:74:b4:14:70:9a:f1:ba:a2:80:20:82:12:6e: 0d:e1:42:24:01:06:84:a2:9e:1b:e8:45:01:64:f8: 31:3e:28:6a:c8:e5:2c:e1:36:0b:b0:f0:ce:51:f9: 4d:ac:bf:fa:f8:b5:33:06:a1:da:1d:dc:47:c4:0a: db:e1:66:85:3a:27:45:79:2e:2b:52:03:a6:ca:f9: 1f:1d:a7:1e:fb:2f:c5:a0:a1:19:07:91:0a:bd:ad: 35:2c:87:d3:76:8f:9d:03:69:b8:ec:96:3f:be:2b: 1c:fc:75:ae:e3:e8:dc:ce:e4:9c:30:a6:a2:09:0d: 9e:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:50:C8:FA:57:04:1D:87:F1:85:4D:B8:0B:3F:DE:A7:C2:CB:90:8D X509v3 Authority Key Identifier: keyid:B9:CD:57:E2:FF:4F:58:BB:95:9A:95:41:A3:1C:FD:F6:69:76:18:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/uc1X4v9PWLuVmpVBoxz99ml2GLI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uc1X4v9PWLuVmpVBoxz99ml2GLI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E023/A654FEF0111C11F0B15AF970C4F9AE02/C420B2B6111D11F0BE9ABA7AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 163.223.234.0/23 IPv6: 2001:df5:5040::/48 Signature Algorithm: sha256WithRSAEncryption 86:ce:3c:76:e1:b6:e2:5e:14:95:ba:ad:b3:f8:33:20:c5:bf: 5b:05:46:79:88:9d:dd:87:be:2d:35:10:8b:52:3a:4c:62:5b: b1:6e:59:87:4f:01:b3:f7:bb:c0:ac:fd:76:f6:bb:7e:e3:47: 87:7a:c1:b7:ee:99:2c:25:c5:18:81:8a:68:7f:16:33:ae:2c: b3:00:6a:73:f4:0a:b7:61:d1:ce:2f:1a:56:f9:78:4e:d1:3e: 06:68:78:7e:be:95:10:4f:b5:4e:7a:4a:17:81:71:18:e9:5a: 9c:fb:67:7e:2f:ca:92:50:d2:f9:df:da:54:ea:15:f1:3c:70: 5c:7b:4e:54:f4:b3:d7:fb:38:34:68:c8:3f:4b:47:09:f4:eb: d4:4e:db:4d:49:04:8b:ce:c8:6f:1f:97:75:64:4e:7f:1a:28: b9:db:fc:c2:22:68:8b:e5:b8:a1:47:58:c1:85:c6:7f:b8:b1: ed:d3:ee:09:1c:07:c6:f1:e6:11:99:a3:62:83:01:97:c5:2e: 20:c2:8e:e5:d9:a4:98:f4:47:97:dc:7c:92:82:e7:ca:ea:13: 61:23:30:82:d4:38:e2:0d:7f:70:9c:da:a9:1c:55:08:08:12: b8:49:d7:b7:6a:f6:16:da:6a:36:2e:e5:85:7b:ff:a2:9c:ac: 75:97:3e:f9 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 RTAyMzExMC8GA1UEBRMoQjlDRDU3RTJGRjRGNThCQjk1OUE5NTQxQTMxQ0ZERjY2 OTc2MThCMjAeFw0yNTA0MDQwNjI2MzlaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ZWY3YjlmLWE3NGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDVXo1c1rUMT4sll/ul3QZfP5KYVARSa9AULCd9pweunUFH6FMGOcFgqCFDQQ2z OJ3NHJ0k+XqvrnFS8HnnqO1IQD6OTt/yJfkCPD3Rc39VhV4/0yX7Hr1NLF5IN7cD vOMiDtrfVUi1yGwe2fDtUJwDjdWZQM0qtRKqTo1lVoBxYe4N/3+Hf5TPdLQUcJrx uqKAIIISbg3hQiQBBoSinhvoRQFk+DE+KGrI5SzhNguw8M5R+U2sv/r4tTMGodod 3EfECtvhZoU6J0V5LitSA6bK+R8dpx77L8WgoRkHkQq9rTUsh9N2j50Dabjslj++ Kxz8da7j6NzO5JwwpqIJDZ79AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUK1DI+lcE HYfxhU24Cz/ep8LLkI0wHwYDVR0jBBgwFoAUuc1X4v9PWLuVmpVBoxz99ml2GLIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThFMDIzL0E2NTRGRUYwMTEx QzExRjBCMTVBRjk3MEM0RjlBRTAyL3VjMVg0djlQV0x1Vm1wVkJveHo5OW1sMkdM SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdWMxWDR2OVBXTHVWbXBWQm94ejk5bWwyR0xJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RTAyMy9BNjU0RkVGMDExMUMxMUYwQjE1QUY5NzBDNEY5QUUwMi9DNDIwQjJCNjEx MUQxMUYwQkU5QUJBN0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAaPf6jAPBAIAAjAJAwcAIAEN9VBAMA0GCSqGSIb3DQEBCwUA A4IBAQCGzjx24bbiXhSVuq2z+DMgxb9bBUZ5iJ3dh74tNRCLUjpMYluxblmHTwGz 97vArP129rt+40eHesG37pksJcUYgYpofxYzriyzAGpz9Aq3YdHOLxpW+XhO0T4G aHh+vpUQT7VOekoXgXEY6Vqc+2d+L8qSUNL539pU6hXxPHBce05U9LPX+zg0aMg/ S0cJ9OvUTttNSQSLzshvH5d1ZE5/Gii52/zCImiL5bihR1jBhcZ/uLHt0+4JHAfG 8eYRmaNigwGXxS4gwo7l2aSY9EeX3HySgufK6hNhIzCC1DjiDX9wnNqpHFUICBK4 Sde3avYW2mo2LuWFe/+inKx1lz75 -----END CERTIFICATE-----Generated at Sat Apr 26 08:29:50 2025 by rpki-client