$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3843C1C8FA5411EFA4D3FD75C4F9AE02.roa File: 3843C1C8FA5411EFA4D3FD75C4F9AE02.roa (raw, json) Hash identifier: pY3M6nNBumH7rBoPkWOedPfAN2DlLXgId3Qamjs5vvA= Subject key identifier: 1A:57:5F:0C:1C:31:57:45:A3:5E:0A:73:71:33:C9:66:56:3E:CD:6D Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: A946 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3843C1C8FA5411EFA4D3FD75C4F9AE02.roa Signing time: Thu 06 Mar 2025 06:28:30 +0000 ROA not before: Thu 06 Mar 2025 06:28:30 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 132960 IP address blocks: 45.115.172.0/22 maxlen: 24 103.96.48.0/22 maxlen: 24 103.224.184.0/22 maxlen: 24 2407:3780::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43334 (0xa946) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Mar 6 06:28:30 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67c9408e-6676 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:a1:8f:eb:7b:dc:f3:ae:4c:12:b8:3f:05:3d: 9c:3d:5a:a3:1e:58:9b:37:9f:7a:48:0b:c9:a9:ee: de:1f:28:82:27:fb:d0:9f:10:7a:3f:19:89:0c:fa: 4f:c8:b9:ab:23:8e:2b:a6:4c:b3:55:4d:c9:e6:9d: 2f:94:25:2e:7c:0b:82:e4:05:21:06:92:4a:40:67: 39:7b:79:01:21:45:0f:7a:c3:0f:14:c4:92:b0:b0: cc:31:f4:11:ad:28:c2:a1:99:51:4d:ff:ae:7d:08: 0b:bc:2a:7b:82:e8:bd:0b:4e:78:cb:ca:dd:5e:7f: 8d:0c:e9:31:a7:03:a2:2a:44:37:01:8e:bd:46:83: 23:5a:95:11:48:f0:94:fe:81:1e:17:b0:ab:ab:dc: cf:e3:a2:d8:60:8d:c6:7f:7f:75:88:6e:22:ec:93: 52:8a:32:9c:9a:f2:d1:01:35:d9:8d:77:d0:19:b6: 4a:f8:e6:ee:27:f6:09:4b:19:a8:e2:7d:4f:5b:ec: af:e7:94:66:84:91:63:e9:ec:49:83:0e:27:4c:88: a6:6b:b8:55:53:41:cc:ce:a8:9f:70:59:fd:5f:ca: 0b:0f:13:69:ba:c7:c0:6c:b1:c2:cc:14:c4:1d:c2: 36:4f:fb:bf:93:56:b3:f1:ae:85:63:97:5a:41:5f: c6:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:57:5F:0C:1C:31:57:45:A3:5E:0A:73:71:33:C9:66:56:3E:CD:6D X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3843C1C8FA5411EFA4D3FD75C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.115.172.0/22 103.96.48.0/22 103.224.184.0/22 IPv6: 2407:3780::/32 Signature Algorithm: sha256WithRSAEncryption b0:2a:7b:78:71:5b:ab:32:5e:f1:74:9c:fb:c4:15:18:48:3c: 4f:51:c7:b2:57:0e:96:7a:de:a6:a8:0a:22:4b:a6:bd:03:05: 3e:f1:a4:68:2c:4f:95:fd:be:e7:68:d2:fc:a7:8e:ac:c0:77: 1a:c1:ef:44:4a:2f:84:7e:07:1c:35:20:f9:81:e7:29:bd:47: 6f:32:cc:72:32:f3:38:31:cf:96:f7:9c:9d:b0:55:67:f6:8b: 3e:dc:61:15:65:7e:72:5a:c7:c2:c4:36:34:e9:5f:b2:63:e2: 45:01:3b:1e:c0:dc:c7:c9:1d:04:95:0b:8f:02:02:59:6e:60: d1:b2:67:ea:ef:4d:0e:56:c6:3a:43:43:b4:91:a5:5d:59:aa: fa:61:0e:d8:76:c6:91:35:98:26:9b:7e:ec:01:de:fa:1f:70: 3a:dd:3f:a4:dd:6c:78:3c:b7:ee:04:c5:e6:30:db:b6:8b:92: 06:e1:ca:39:59:ca:f6:07:56:ad:19:37:8e:e6:cb:52:9a:5d: 4c:12:0d:27:db:af:07:ff:8e:f6:8b:96:b0:77:cc:2d:18:4d: 8d:33:f4:9c:c0:82:f2:47:f5:25:83:b3:fe:e8:bf:f4:f2:ed: 27:82:a3:4d:a6:de:b8:58:96:31:ff:3a:63:69:0c:b0:a1:aa: 18:b5:9d:4b -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgIDAKlGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDMwNjA2MjgzMFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdjOTQwOGUtNjY3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJuhj+t73POuTBK4PwU9nD1aox5YmzefekgLyanu3h8ogif70J8Qej8ZiQz6 T8i5qyOOK6ZMs1VNyeadL5QlLnwLguQFIQaSSkBnOXt5ASFFD3rDDxTEkrCwzDH0 Ea0owqGZUU3/rn0IC7wqe4LovQtOeMvK3V5/jQzpMacDoipENwGOvUaDI1qVEUjw lP6BHhewq6vcz+Oi2GCNxn9/dYhuIuyTUooynJry0QE12Y130Bm2Svjm7if2CUsZ qOJ9T1vsr+eUZoSRY+nsSYMOJ0yIpmu4VVNBzM6on3BZ/V/KCw8TabrHwGyxwswU xB3CNk/7v5NWs/GuhWOXWkFfxhsCAwEAAaOCArAwggKsMB0GA1UdDgQWBBQaV18M HDFXRaNeCnNxM8lmVj7NbTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM4NDNDMUM4 RkE1NDExRUZBNEQzRkQ3NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDoGCCsGAQUFBwEHAQH/ BCswKTAYBAIAATASAwQCLXOsAwQCZ2AwAwQCZ+C4MA0EAgACMAcDBQAkBzeAMA0G CSqGSIb3DQEBCwUAA4IBAQCwKnt4cVurMl7xdJz7xBUYSDxPUceyVw6Wet6mqAoi S6a9AwU+8aRoLE+V/b7naNL8p46swHcawe9ESi+EfgccNSD5gecpvUdvMsxyMvM4 Mc+W95ydsFVn9os+3GEVZX5yWsfCxDY06V+yY+JFATsewNzHyR0ElQuPAgJZbmDR smfq700OVsY6Q0O0kaVdWar6YQ7YdsaRNZgmm37sAd76H3A63T+k3Wx4PLfuBMXm MNu2i5IG4co5Wcr2B1atGTeO5stSml1MEg0n268H/472i5awd8wtGE2NM/ScwILy R/Ulg7P+6L/08u0ngqNNpt64WJYx/zpjaQywoaoYtZ1L -----END CERTIFICATE-----Generated at Sat Apr 26 14:10:39 2025 by rpki-client