$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/84DF828EF81411EF8300740EC4F9AE02.roa File: 84DF828EF81411EF8300740EC4F9AE02.roa (raw, json) Hash identifier: tNfONlqfzFRgr7jeQx2eyEePyF87lDJ6v8TDZvXuTiY= Subject key identifier: 90:4E:68:E3:F4:D7:D8:24:CB:9C:D2:15:5C:91:08:D6:E9:28:1E:5E Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: A8F5 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/84DF828EF81411EF8300740EC4F9AE02.roa Signing time: Tue 04 Mar 2025 05:30:41 +0000 ROA not before: Tue 04 Mar 2025 05:30:41 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 151685 IP address blocks: 103.72.140.0/22 maxlen: 24 103.91.100.0/22 maxlen: 24 103.141.218.0/23 maxlen: 24 103.155.240.0/23 maxlen: 24 103.209.154.0/23 maxlen: 24 2001:df4:9780::/48 maxlen: 48 2400:a3e0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43253 (0xa8f5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Mar 4 05:30:41 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67c69001-606a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:66:0c:16:5a:46:05:e6:6c:78:4c:b2:4c:98: ac:fb:42:8f:0c:03:07:a6:f1:bc:c5:22:fd:e0:08: 03:b0:42:3a:15:84:59:28:fb:50:e0:28:2d:db:ef: 54:99:b2:65:d9:bc:aa:62:27:98:d5:8b:ac:45:32: 47:9e:50:4a:c6:00:df:9b:a2:f9:f3:45:04:95:f3: 51:5e:25:73:52:f7:19:a3:d1:ea:ae:d8:f0:de:15: a5:59:4a:9c:ce:dd:b0:db:05:d4:ab:c8:8b:dc:3d: 82:41:39:bb:b9:00:41:22:c2:87:e9:51:3c:37:92: 9a:d4:15:9e:66:cb:72:b7:7b:9a:b5:cb:4b:f4:34: 34:30:ca:2f:30:95:ba:3b:99:f7:c6:0b:6f:3e:6e: b5:94:54:03:d6:84:95:17:0c:e4:8e:0f:a9:f5:b1: 18:3d:e3:75:00:0a:bf:c5:72:fa:aa:0d:51:30:ef: 83:2d:19:81:e3:a7:95:6d:66:c3:36:62:ff:ef:8a: 73:bb:59:c4:46:68:45:fb:a0:07:78:dd:68:d5:f0: 46:a3:85:fd:69:03:3a:81:19:86:7e:b5:c9:34:25: a9:69:d6:9c:a8:72:c6:11:b0:ca:fd:40:74:10:72: 98:f8:8d:f6:1b:59:90:03:9f:2d:23:12:59:65:27: 1c:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:4E:68:E3:F4:D7:D8:24:CB:9C:D2:15:5C:91:08:D6:E9:28:1E:5E X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/84DF828EF81411EF8300740EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.72.140.0/22 103.91.100.0/22 103.141.218.0/23 103.155.240.0/23 103.209.154.0/23 IPv6: 2001:df4:9780::/48 2400:a3e0::/32 Signature Algorithm: sha256WithRSAEncryption 8d:f3:ef:d1:6e:a2:ee:3e:f1:30:c1:50:27:27:e6:d9:32:70: 00:5e:8a:14:3f:21:a8:98:de:76:f6:12:88:19:52:c9:f8:0f: cb:94:b3:fd:8e:61:89:55:f8:97:d2:26:f7:d9:ec:99:32:5e: 90:a2:83:31:e8:cb:65:13:ba:be:1f:7c:d9:d2:40:8a:f8:f9: 79:b9:6e:17:b2:c9:97:03:78:79:36:01:2d:ef:56:35:59:8e: a6:14:b9:95:88:a6:da:97:f8:ed:35:0b:3c:f4:95:7c:86:21: 02:92:22:bc:4d:bd:22:3c:6c:48:0a:92:0a:4e:7e:92:97:8d: 7c:bc:38:88:24:3f:96:f3:27:ff:92:6b:82:80:10:7f:fe:0f: 96:f5:07:08:e5:02:73:73:8f:a8:a9:f3:00:65:02:08:7e:38: e8:5e:af:d4:c4:0a:7c:df:8a:ad:0a:bb:8e:fe:97:bd:ec:3e: da:4c:53:1b:b9:87:d5:f5:9c:62:e5:f7:16:98:7c:45:78:61: 4d:c0:08:52:7c:48:c4:6e:96:73:f1:cf:05:8e:72:a7:b2:c5: cc:75:50:b2:7f:a6:39:d9:26:8f:42:6c:2a:88:f6:10:aa:b1: 55:03:61:85:5a:69:72:19:c4:69:bd:13:37:c9:a8:17:0f:23: 03:d5:a0:d7 -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgIDAKj1MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDMwNDA1MzA0MVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdjNjkwMDEtNjA2YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhmDBZaRgXmbHhMskyYrPtCjwwDB6bxvMUi/eAIA7BCOhWEWSj7UOAoLdvv VJmyZdm8qmInmNWLrEUyR55QSsYA35ui+fNFBJXzUV4lc1L3GaPR6q7Y8N4VpVlK nM7dsNsF1KvIi9w9gkE5u7kAQSLCh+lRPDeSmtQVnmbLcrd7mrXLS/Q0NDDKLzCV ujuZ98YLbz5utZRUA9aElRcM5I4PqfWxGD3jdQAKv8Vy+qoNUTDvgy0ZgeOnlW1m wzZi/++Kc7tZxEZoRfugB3jdaNXwRqOF/WkDOoEZhn61yTQlqWnWnKhyxhGwyv1A dBBymPiN9htZkAOfLSMSWWUnHJcCAwEAAaOCAsUwggLBMB0GA1UdDgQWBBSQTmjj 9NfYJMuc0hVckQjW6SgeXjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzg0REY4MjhF RjgxNDExRUY4MzAwNzQwRUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sME8GCCsGAQUFBwEHAQH/ BEAwPjAkBAIAATAeAwQCZ0iMAwQCZ1tkAwQBZ43aAwQBZ5vwAwQBZ9GaMBYEAgAC MBADBwAgAQ30l4ADBQAkAKPgMA0GCSqGSIb3DQEBCwUAA4IBAQCN8+/RbqLuPvEw wVAnJ+bZMnAAXooUPyGomN529hKIGVLJ+A/LlLP9jmGJVfiX0ib32eyZMl6QooMx 6MtlE7q+H3zZ0kCK+Pl5uW4XssmXA3h5NgEt71Y1WY6mFLmViKbal/jtNQs89JV8 hiECkiK8Tb0iPGxICpIKTn6Sl418vDiIJD+W8yf/kmuCgBB//g+W9QcI5QJzc4+o qfMAZQIIfjjoXq/UxAp834qtCruO/pe97D7aTFMbuYfV9Zxi5fcWmHxFeGFNwAhS fEjEbpZz8c8FjnKnssXMdVCyf6Y52SaPQmwqiPYQqrFVA2GFWmlyGcRpvRM3yagX DyMD1aDX -----END CERTIFICATE-----Generated at Sat Apr 26 12:27:43 2025 by rpki-client