$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F04B4B7A02F511F094A1251BC4F9AE02.roa File: F04B4B7A02F511F094A1251BC4F9AE02.roa (raw, json) Hash identifier: XsL9injg5rcGJwIPKW53zKeaIEMh8vH4wJ9Y0tS3agQ= Subject key identifier: 86:1D:3E:F0:C4:77:F3:64:6F:D3:22:39:14:6E:CC:A5:21:D9:CD:6A Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: AD4E Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F04B4B7A02F511F094A1251BC4F9AE02.roa Signing time: Tue 01 Apr 2025 11:53:31 +0000 ROA not before: Tue 01 Apr 2025 11:53:31 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 45235 IP address blocks: 43.227.244.0/22 maxlen: 24 43.231.52.0/22 maxlen: 24 45.250.212.0/22 maxlen: 24 103.8.40.0/22 maxlen: 24 103.48.64.0/22 maxlen: 24 103.50.144.0/22 maxlen: 24 103.98.36.0/22 maxlen: 24 103.199.124.0/22 maxlen: 24 103.219.132.0/22 maxlen: 24 103.230.20.0/22 maxlen: 24 119.42.152.0/21 maxlen: 24 2400:8460::/32 maxlen: 32 2402:d500::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44366 (0xad4e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Apr 1 11:53:31 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67ebd3bb-22d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:98:dc:a2:b1:3d:84:5f:bc:c9:a9:68:70:b2: 6c:17:de:68:46:73:47:b0:17:dd:28:8a:df:96:4e: c8:49:2a:2a:cd:c2:b0:fd:86:a3:64:4f:2c:26:de: 46:69:63:4a:46:02:79:32:f8:97:d5:21:4b:2c:95: a0:3e:7b:1c:01:20:53:46:b9:fa:48:36:60:45:8f: 3e:bb:4f:e8:61:d8:39:c4:e6:ad:c4:1d:45:13:ef: aa:dc:61:3b:1b:5b:e7:5a:1e:40:37:9f:73:fe:b3: 28:75:27:86:79:98:e8:7a:4f:66:c0:ba:95:24:f7: dc:76:7e:aa:0f:51:30:32:f1:2a:0b:02:34:60:e8: 07:bf:f5:c6:f2:74:7b:f4:1c:e0:ed:16:61:b9:00: f2:f4:63:f7:84:4c:56:34:19:eb:af:9a:3f:e0:14: 66:c2:ef:1d:cd:dc:64:c6:d3:a4:2a:a5:9e:23:0d: 96:cd:96:db:3a:ee:81:85:59:d5:90:08:10:8c:de: a9:2c:d5:45:4b:ce:2d:fc:e0:93:45:c1:ea:4b:c6: 7c:03:1e:81:f2:99:ab:1e:7c:a1:da:b3:35:43:7f: b4:2e:5d:ca:59:39:3d:8b:fc:d1:9b:b0:29:d7:2d: bf:e5:68:87:f7:12:49:e7:42:be:63:e2:4d:c3:96: 3f:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:1D:3E:F0:C4:77:F3:64:6F:D3:22:39:14:6E:CC:A5:21:D9:CD:6A X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F04B4B7A02F511F094A1251BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.227.244.0/22 43.231.52.0/22 45.250.212.0/22 103.8.40.0/22 103.48.64.0/22 103.50.144.0/22 103.98.36.0/22 103.199.124.0/22 103.219.132.0/22 103.230.20.0/22 119.42.152.0/21 IPv6: 2400:8460::/32 2402:d500::/32 Signature Algorithm: sha256WithRSAEncryption 73:3d:cf:da:4f:3f:eb:51:5a:91:d9:a7:60:03:2b:b3:5e:25: a8:42:c0:c1:28:7e:df:33:f8:55:ff:63:d5:4d:a3:af:e7:36: 52:45:85:6d:bd:ab:9c:09:cb:73:8d:f6:88:08:c2:84:79:75: fe:c9:97:2d:19:3f:c5:be:bf:fc:33:4d:d6:0e:19:02:1e:41: aa:46:e2:10:97:4d:2d:24:19:50:d4:6d:27:5a:13:6c:db:f7: 70:9c:8a:64:7e:73:4b:e7:e3:8c:46:80:82:f7:ae:d4:e7:7b: d8:97:ee:e6:39:1e:f1:e3:68:6a:fd:43:be:d3:8f:30:9f:7f: d8:8b:f6:d3:ea:6a:fc:1a:8d:bb:82:41:92:0b:77:ef:87:c4: 02:fb:bd:3f:6d:c7:c0:29:9d:9c:0e:c4:31:ff:aa:11:3b:43: 6e:4b:6f:c4:60:87:32:a8:ae:f6:33:0e:41:d4:9e:bd:b7:8d: c8:56:e4:3d:5d:f5:22:0c:ab:84:37:e8:93:3a:ae:79:7e:80: 16:30:4e:14:91:5e:e0:78:1a:e4:dc:a2:6c:93:91:13:ea:92: ec:d3:ec:4e:5f:65:f5:b6:a7:32:e4:4e:5c:9b:a8:cd:92:83: 50:cb:6b:c1:f1:0f:e9:a3:81:c9:5f:79:67:42:1c:da:d2:d7: 55:3f:a8:fe -----BEGIN CERTIFICATE----- MIIFxDCCBKygAwIBAgIDAK1OMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDQwMTExNTMzMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdlYmQzYmItMjJkOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOyY3KKxPYRfvMmpaHCybBfeaEZzR7AX3SiK35ZOyEkqKs3CsP2Go2RPLCbe RmljSkYCeTL4l9UhSyyVoD57HAEgU0a5+kg2YEWPPrtP6GHYOcTmrcQdRRPvqtxh Oxtb51oeQDefc/6zKHUnhnmY6HpPZsC6lST33HZ+qg9RMDLxKgsCNGDoB7/1xvJ0 e/Qc4O0WYbkA8vRj94RMVjQZ66+aP+AUZsLvHc3cZMbTpCqlniMNls2W2zrugYVZ 1ZAIEIzeqSzVRUvOLfzgk0XB6kvGfAMegfKZqx58odqzNUN/tC5dylk5PYv80Zuw Kdctv+Voh/cSSedCvmPiTcOWP8kCAwEAAaOCAucwggLjMB0GA1UdDgQWBBSGHT7w xHfzZG/TIjkUbsylIdnNajAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0YwNEI0QjdB MDJGNTExRjA5NEExMjUxQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMHEGCCsGAQUFBwEHAQH/ BGIwYDBIBAIAATBCAwQCK+P0AwQCK+c0AwQCLfrUAwQCZwgoAwQCZzBAAwQCZzKQ AwQCZ2IkAwQCZ8d8AwQCZ9uEAwQCZ+YUAwQDdyqYMBQEAgACMA4DBQAkAIRgAwUA JALVADANBgkqhkiG9w0BAQsFAAOCAQEAcz3P2k8/61FakdmnYAMrs14lqELAwSh+ 3zP4Vf9j1U2jr+c2UkWFbb2rnAnLc432iAjChHl1/smXLRk/xb6//DNN1g4ZAh5B qkbiEJdNLSQZUNRtJ1oTbNv3cJyKZH5zS+fjjEaAgveu1Od72Jfu5jke8eNoav1D vtOPMJ9/2Iv20+pq/BqNu4JBkgt374fEAvu9P23HwCmdnA7EMf+qETtDbktvxGCH Mqiu9jMOQdSevbeNyFbkPV31IgyrhDfokzqueX6AFjBOFJFe4Hga5NyibJORE+qS 7NPsTl9l9banMuROXJuozZKDUMtrwfEP6aOByV95Z0Ic2tLXVT+o/g== -----END CERTIFICATE-----Generated at Sat Apr 26 12:23:52 2025 by rpki-client