$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CF94CE0FF1D11EFB665791AC4F9AE02.roa File: 5CF94CE0FF1D11EFB665791AC4F9AE02.roa (raw, json) Hash identifier: DRJJlCMMuxO7+McZbMzqXSyfpgVMC0RiGE+n2u+jLTk= Subject key identifier: C3:22:B7:8B:EC:DB:36:D0:F8:BA:26:85:5B:63:63:BA:47:9C:15:6C Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: AAFF Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CF94CE0FF1D11EFB665791AC4F9AE02.roa Signing time: Thu 13 Mar 2025 08:10:33 +0000 ROA not before: Thu 13 Mar 2025 08:10:33 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 133648 IP address blocks: 43.231.56.0/22 maxlen: 24 103.44.18.0/24 maxlen: 24 103.50.148.0/24 maxlen: 24 103.50.150.0/23 maxlen: 24 103.79.168.0/22 maxlen: 24 103.79.248.0/22 maxlen: 24 103.95.164.0/22 maxlen: 24 103.163.62.0/23 maxlen: 24 103.167.98.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43775 (0xaaff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Mar 13 08:10:33 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67d292f9-6c91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:8c:2d:a6:bb:3c:ab:6a:30:04:bc:b8:93:5e: fc:2e:fd:43:e5:d0:b0:70:cf:44:17:08:79:97:e1: a2:a4:a8:6f:1f:47:90:10:f7:df:44:cc:ae:f0:5a: 42:32:87:df:07:df:5a:c2:ff:31:e1:fc:7c:2f:ed: 25:2d:3e:71:c8:0c:55:9f:51:2c:7e:ea:a1:b3:73: b4:b0:10:b2:2e:75:77:53:bb:e8:29:39:84:92:c4: c8:b5:e6:29:56:e1:27:22:3e:d9:69:2a:4e:ea:b6: e3:a7:f2:d8:94:be:eb:4c:05:1f:05:6d:af:e5:b0: 98:31:50:cc:f8:9b:d8:64:ff:6c:86:60:ce:97:9d: 26:6b:bb:78:0f:27:35:c2:ba:39:47:c2:2f:14:b5: fb:11:d5:7b:64:6e:2a:0d:cf:fe:62:82:42:ff:76: 1c:54:06:2f:8c:c6:34:c3:f7:a9:24:d6:17:f4:19: 84:1e:bb:b2:f2:83:af:81:94:cf:bf:b6:8c:bd:ae: 32:7d:75:c2:ea:72:34:74:da:c3:9c:f4:23:28:5a: d9:95:77:e1:e4:d3:33:0e:81:7c:74:af:7b:aa:f8: e6:4b:37:d8:bb:4f:e8:36:7c:f1:94:7a:d6:a7:25: e7:53:2c:a9:1f:a8:1d:05:f1:43:b8:93:d9:df:2f: 1d:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:22:B7:8B:EC:DB:36:D0:F8:BA:26:85:5B:63:63:BA:47:9C:15:6C X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CF94CE0FF1D11EFB665791AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.231.56.0/22 103.44.18.0/24 103.50.148.0/24 103.50.150.0/23 103.79.168.0/22 103.79.248.0/22 103.95.164.0/22 103.163.62.0/23 103.167.98.0/23 Signature Algorithm: sha256WithRSAEncryption 66:40:ab:ee:c3:2a:9e:04:e1:32:fc:55:70:12:e5:6a:c8:9d: 86:bc:32:13:33:f4:99:d1:a5:d9:6c:1b:85:b2:98:60:f8:79: 39:59:fc:37:c0:a1:18:86:6b:8b:8e:c5:f8:7e:bc:bd:89:08: 05:c4:f9:3e:f8:b5:7f:eb:b7:35:38:f8:6a:04:62:9f:58:9a: 15:9a:fa:90:ca:22:ff:f4:3c:f0:52:c5:da:b4:5a:e9:6c:0c: 18:44:13:8a:ef:a9:8d:44:af:7d:2b:8a:25:0e:1f:c3:cc:d2: db:fe:54:31:db:34:f4:5a:b8:4f:7a:7d:45:f1:89:b6:20:b0: 88:2b:7c:ad:4c:d5:07:c1:e0:a9:0f:18:6e:42:c2:ef:37:e4: 3a:1b:62:64:9e:4a:ff:25:77:aa:07:bd:1a:ac:8b:ae:ce:7b: 50:2e:31:87:ad:fe:92:22:98:fa:ad:59:06:9a:72:80:29:f3: 06:19:f1:7a:f7:7e:55:7b:4d:20:c2:ec:80:45:2e:81:4d:be: 31:05:e2:36:d0:51:e7:0c:27:a8:48:03:ef:f5:95:32:5c:42: 90:b6:46:b7:4b:fb:30:f5:64:52:f2:d0:6a:af:42:2f:28:3b: 7c:b6:f3:f4:4e:66:67:ae:d2:d1:11:d7:51:c8:13:a1:82:b0: ff:61:69:dc -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgIDAKr/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDMxMzA4MTAzM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdkMjkyZjktNmM5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN+MLaa7PKtqMAS8uJNe/C79Q+XQsHDPRBcIeZfhoqSobx9HkBD330TMrvBa QjKH3wffWsL/MeH8fC/tJS0+ccgMVZ9RLH7qobNztLAQsi51d1O76Ck5hJLEyLXm KVbhJyI+2WkqTuq246fy2JS+60wFHwVtr+WwmDFQzPib2GT/bIZgzpedJmu7eA8n NcK6OUfCLxS1+xHVe2RuKg3P/mKCQv92HFQGL4zGNMP3qSTWF/QZhB67svKDr4GU z7+2jL2uMn11wupyNHTaw5z0Iyha2ZV34eTTMw6BfHSve6r45ks32LtP6DZ88ZR6 1qcl51MsqR+oHQXxQ7iT2d8vHRcCAwEAAaOCAsUwggLBMB0GA1UdDgQWBBTDIreL 7Ns20Pi6JoVbY2O6R5wVbDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzVDRjk0Q0Uw RkYxRDExRUZCNjY1NzkxQUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sME8GCCsGAQUFBwEHAQH/ BEAwPjA8BAIAATA2AwQCK+c4AwQAZywSAwQAZzKUAwQBZzKWAwQCZ0+oAwQCZ0/4 AwQCZ1+kAwQBZ6M+AwQBZ6diMA0GCSqGSIb3DQEBCwUAA4IBAQBmQKvuwyqeBOEy /FVwEuVqyJ2GvDITM/SZ0aXZbBuFsphg+Hk5Wfw3wKEYhmuLjsX4fry9iQgFxPk+ +LV/67c1OPhqBGKfWJoVmvqQyiL/9DzwUsXatFrpbAwYRBOK76mNRK99K4olDh/D zNLb/lQx2zT0WrhPen1F8Ym2ILCIK3ytTNUHweCpDxhuQsLvN+Q6G2Jknkr/JXeq B70arIuuzntQLjGHrf6SIpj6rVkGmnKAKfMGGfF6935Ve00gwuyARS6BTb4xBeI2 0FHnDCeoSAPv9ZUyXEKQtka3S/sw9WRS8tBqr0IvKDt8tvP0TmZnrtLREddRyBOh grD/YWnc -----END CERTIFICATE-----Generated at Sat Apr 26 12:24:50 2025 by rpki-client