$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DCF67438BDD011EA9702FC12C4F9AE02.roa File: DCF67438BDD011EA9702FC12C4F9AE02.roa (raw, json) Hash identifier: tf5i21Ncel1oW58fVDMozTOF8OfZBmaPIEfLNChfxIk= Subject key identifier: A4:FF:43:DB:98:DC:3C:DE:2B:F0:26:95:00:A7:22:00:4E:93:68:8B Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B585 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DCF67438BDD011EA9702FC12C4F9AE02.roa Signing time: Thu 08 May 2025 16:13:20 +0000 ROA not before: Thu 08 May 2025 16:13:20 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 139516 IP address blocks: 103.147.96.0/23 maxlen: 24 2407:8a40::/48 maxlen: 48 2407:8a40:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:24:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46469 (0xb585) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:13:20 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd820-961b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5d:df:90:48:6e:d4:78:f2:bd:0c:4c:97:56: 1d:ea:7b:07:e5:11:a0:d0:2c:9e:9b:9d:fb:2e:69: 13:f6:1c:be:23:4b:6d:ce:8b:f5:fe:30:2e:36:d8: a5:63:ac:1d:63:d6:83:18:37:de:14:95:db:5b:eb: 3d:30:5b:ae:d0:5e:ec:67:a6:2e:cd:67:59:71:ce: a5:df:c5:4f:2e:d3:b7:63:2b:21:f2:b5:92:0d:a3: 47:88:f5:ea:7e:e1:30:a4:71:52:d3:d6:1c:16:6c: 23:f9:61:5c:27:84:a9:c3:68:46:a9:a5:81:56:fa: 29:d6:b8:4f:5a:0b:04:ce:ef:46:ad:af:f1:06:a8: 48:5a:82:76:5b:20:ba:56:da:4e:55:72:17:7c:12: 52:fa:2a:89:b3:cf:e7:68:a9:a9:99:50:18:e9:e3: 97:d0:1b:48:62:56:ce:20:89:a7:4a:8b:66:27:24: 69:75:9f:7c:24:ef:ca:a7:c7:3b:83:1f:d2:e8:be: 09:a7:f0:f7:5d:af:4a:8e:a9:b0:c4:57:71:3a:6e: a4:34:d7:36:d4:e1:07:2e:d0:0d:40:4c:59:c5:21: b5:64:7f:fc:a8:88:e6:eb:3d:a6:f0:4b:34:58:69: 74:8b:05:3e:31:31:56:6f:e8:88:46:41:54:a7:94: 27:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:FF:43:DB:98:DC:3C:DE:2B:F0:26:95:00:A7:22:00:4E:93:68:8B X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DCF67438BDD011EA9702FC12C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.147.96.0/23 IPv6: 2407:8a40::/48 2407:8a40:2::/48 Signature Algorithm: sha256WithRSAEncryption b4:d3:c0:91:a4:9e:3a:52:64:20:7e:1b:bc:b0:77:30:6f:8e: e0:35:aa:ca:dc:1e:0b:63:ce:f5:32:46:6c:92:21:2a:f3:eb: f1:a6:8b:9e:3a:43:d8:49:bf:3a:78:49:6e:4f:20:f8:47:4a: ba:f0:fd:d4:2c:e8:57:9c:d6:9e:3f:a5:f6:29:0f:2e:d1:0a: cc:1a:4d:a5:ce:cf:eb:c8:9e:81:e2:bd:a6:dd:68:a6:85:76: 16:2f:4f:6d:33:10:b6:78:8f:1c:b0:0e:a0:0b:9c:54:62:98: 38:41:96:aa:dc:7b:e6:da:d9:98:ee:4a:97:00:ee:d4:23:7e: ef:f5:75:fd:24:db:23:ea:b8:16:c3:7d:ce:ff:40:0b:e1:6d: 85:a9:92:16:94:be:72:71:3c:39:a0:c0:3b:e9:b2:34:9a:ff: c7:b1:d3:26:01:4a:de:5f:ab:29:62:31:df:5f:bb:04:f2:a3: e4:aa:69:0d:81:13:79:f3:aa:c5:79:dc:0c:da:a0:4a:0f:c6: 6e:61:15:1e:1c:9e:aa:06:71:8b:f9:22:2d:b6:24:8d:f2:f5: 04:0c:5e:bd:fb:6c:a0:92:16:71:2a:ad:a8:46:68:77:46:77: b5:41:7d:6c:08:69:59:72:19:4c:1d:0f:9f:24:82:24:8b:de: ce:2d:1a:dc -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgIDALWFMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MTMyMFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q4MjAtOTYxYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMld35BIbtR48r0MTJdWHep7B+URoNAsnpud+y5pE/YcviNLbc6L9f4wLjbY pWOsHWPWgxg33hSV21vrPTBbrtBe7GemLs1nWXHOpd/FTy7Tt2MrIfK1kg2jR4j1 6n7hMKRxUtPWHBZsI/lhXCeEqcNoRqmlgVb6Kda4T1oLBM7vRq2v8QaoSFqCdlsg ulbaTlVyF3wSUvoqibPP52ipqZlQGOnjl9AbSGJWziCJp0qLZickaXWffCTvyqfH O4Mf0ui+Cafw912vSo6psMRXcTpupDTXNtThBy7QDUBMWcUhtWR//KiI5us9pvBL NFhpdIsFPjExVm/oiEZBVKeUJ18CAwEAAaOCAq8wggKrMB0GA1UdDgQWBBSk/0Pb mNw83ivwJpUApyIATpNoizAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0RDRjY3NDM4 QkREMDExRUE5NzAyRkMxMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDkGCCsGAQUFBwEHAQH/ BCowKDAMBAIAATAGAwQBZ5NgMBgEAgACMBIDBwAkB4pAAAADBwAkB4pAAAIwDQYJ KoZIhvcNAQELBQADggEBALTTwJGknjpSZCB+G7ywdzBvjuA1qsrcHgtjzvUyRmyS ISrz6/Gmi546Q9hJvzp4SW5PIPhHSrrw/dQs6Fec1p4/pfYpDy7RCswaTaXOz+vI noHivabdaKaFdhYvT20zELZ4jxywDqALnFRimDhBlqrce+ba2ZjuSpcA7tQjfu/1 df0k2yPquBbDfc7/QAvhbYWpkhaUvnJxPDmgwDvpsjSa/8ex0yYBSt5fqyliMd9f uwTyo+SqaQ2BE3nzqsV53AzaoEoPxm5hFR4cnqoGcYv5Ii22JI3y9QQMXr37bKCS FnEqrahGaHdGd7VBfWwIaVlyGUwdD58kgiSL3s4tGtw= -----END CERTIFICATE-----Generated at Wed Nov 5 23:50:23 2025 by rpki-client