$ rpki-client -vvf rpki.apnic.net/member_repository/A919608D/81073A30287711E99421C84CC4F9AE02/0E17B1AE78F511EC83E56014C4F9AE02.roa File: 0E17B1AE78F511EC83E56014C4F9AE02.roa (raw, json) Hash identifier: lCmO2moRnEyFjHn2T0RrSpJHfoRMsDo8flibJ/q1im8= Subject key identifier: D0:24:27:70:1D:B6:95:2A:D1:76:AE:23:13:79:DC:FF:55:D8:5D:EE Certificate issuer: /CN=A919608D/serialNumber=D2D808049A46ED797C21F9F6025234564631B3F9 Certificate serial: 10AB Authority key identifier: D2:D8:08:04:9A:46:ED:79:7C:21:F9:F6:02:52:34:56:46:31:B3:F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0tgIBJpG7Xl8Ifn2AlI0VkYxs_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919608D/81073A30287711E99421C84CC4F9AE02/0E17B1AE78F511EC83E56014C4F9AE02.roa Signing time: Thu 10 Apr 2025 17:26:12 +0000 ROA not before: Thu 10 Apr 2025 17:26:12 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 136003 IP address blocks: 103.134.36.0/23 maxlen: 23 103.134.36.0/24 maxlen: 24 2404:5c40::/32 maxlen: 32 2404:5c40::/48 maxlen: 48 2404:5c40:1::/48 maxlen: 48 2404:5c40:2::/48 maxlen: 48 2404:5c40:3::/48 maxlen: 48 2404:5c40:4::/48 maxlen: 48 2404:5c40:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919608D/81073A30287711E99421C84CC4F9AE02/0tgIBJpG7Xl8Ifn2AlI0VkYxs_k.crl rsync://rpki.apnic.net/member_repository/A919608D/81073A30287711E99421C84CC4F9AE02/0tgIBJpG7Xl8Ifn2AlI0VkYxs_k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0tgIBJpG7Xl8Ifn2AlI0VkYxs_k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 17:15:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4267 (0x10ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919608D, serialNumber=D2D808049A46ED797C21F9F6025234564631B3F9 Validity Not Before: Apr 10 17:26:12 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67f7ff34-9a21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:42:82:03:c8:23:d0:d0:ec:28:98:06:e0:df: 1d:6f:17:4a:b3:63:09:7e:c2:bc:a9:05:3c:c6:27: de:20:3a:67:33:23:e2:f3:d2:09:37:30:d4:df:ef: a8:85:e0:4f:74:f7:61:23:45:68:4e:e5:b7:8f:f2: 8d:41:74:b6:5d:b7:a1:77:ee:6a:cc:c9:3b:cb:c5: cf:77:c4:60:7f:b1:af:55:33:e1:78:aa:d2:d2:14: 60:dd:5d:6c:78:93:eb:9f:7f:b6:15:c9:30:85:7c: 5a:c4:5a:a8:2c:41:70:79:a4:4d:f8:a8:7f:5f:19: cb:98:98:54:72:aa:dc:fa:7f:80:76:fd:ee:71:9f: b0:9b:6d:85:ae:54:e5:3d:dd:22:ab:76:e9:81:44: 16:aa:e2:22:2d:5b:b6:14:6e:67:67:d7:3d:a7:2c: 11:12:43:42:dc:ed:08:7f:99:e5:f3:b4:d8:02:2b: 63:79:68:b9:e7:de:17:3d:07:db:79:b0:14:76:4d: 0f:34:a2:b7:24:bb:a9:fc:7b:a6:19:6e:ba:39:00: 7c:45:e2:3d:f8:24:53:38:8d:a1:3b:60:8d:e6:bf: d1:a3:f2:0e:d1:03:6f:24:64:f7:3d:1c:da:06:29: 94:78:38:f4:ce:c3:cc:43:f8:7a:9f:ed:a7:0d:35: ab:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:24:27:70:1D:B6:95:2A:D1:76:AE:23:13:79:DC:FF:55:D8:5D:EE X509v3 Authority Key Identifier: keyid:D2:D8:08:04:9A:46:ED:79:7C:21:F9:F6:02:52:34:56:46:31:B3:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919608D/81073A30287711E99421C84CC4F9AE02/0tgIBJpG7Xl8Ifn2AlI0VkYxs_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0tgIBJpG7Xl8Ifn2AlI0VkYxs_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919608D/81073A30287711E99421C84CC4F9AE02/0E17B1AE78F511EC83E56014C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.134.36.0/23 IPv6: 2404:5c40::/32 Signature Algorithm: sha256WithRSAEncryption 14:bd:f9:6f:01:7b:83:59:4a:da:ff:ad:62:60:6b:d8:04:e2: fe:ea:87:08:62:41:25:fd:c5:3b:42:bb:f9:52:11:62:2c:5d: 9e:56:99:3a:cd:d6:24:82:04:2f:33:ff:a4:b3:3c:f8:8e:bc: 79:3e:a5:a8:86:b7:f1:e0:da:b7:40:76:bf:ca:0c:86:f9:c5: 85:bb:e1:78:4a:f0:a6:f5:be:b9:1f:62:3e:c8:dc:fd:57:14: 30:64:48:2d:71:c0:11:99:fb:74:cc:ef:2d:8c:39:83:aa:fa: a9:67:95:cf:b2:66:75:89:f2:62:cf:ff:c3:cd:fe:57:e0:f5: c0:78:d1:9e:a3:90:69:d9:2c:1a:d6:eb:e5:1f:2c:fa:8a:52: 22:42:2a:95:79:7a:d7:4e:2b:64:0a:d9:5e:07:8c:f7:33:85: 10:02:02:dd:4d:f4:ea:1a:7e:12:18:76:92:35:d2:5a:e7:ee: 5e:b2:55:a0:c5:57:c2:62:68:e6:d1:0c:69:e0:f0:68:37:57: 79:ae:5c:08:24:0c:c8:6f:10:db:a5:16:3e:89:32:db:b6:3a: d7:88:23:00:80:2b:8f:4f:ef:db:89:35:9e:bd:55:2c:8e:72: ef:76:8c:c8:48:2f:b7:f6:9e:75:6e:45:bf:dc:8b:1f:13:4c: 3f:f8:29:cf -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICEKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTYwOEQxMTAvBgNVBAUTKEQyRDgwODA0OUE0NkVENzk3QzIxRjlGNjAyNTIzNDU2 NDYzMUIzRjkwHhcNMjUwNDEwMTcyNjEyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y3ZmYzNC05YTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA50KCA8gj0NDsKJgG4N8dbxdKs2MJfsK8qQU8xifeIDpnMyPi89IJNzDU3++o heBPdPdhI0VoTuW3j/KNQXS2Xbehd+5qzMk7y8XPd8Rgf7GvVTPheKrS0hRg3V1s eJPrn3+2FckwhXxaxFqoLEFweaRN+Kh/XxnLmJhUcqrc+n+Adv3ucZ+wm22FrlTl Pd0iq3bpgUQWquIiLVu2FG5nZ9c9pywREkNC3O0If5nl87TYAitjeWi5594XPQfb ebAUdk0PNKK3JLup/HumGW66OQB8ReI9+CRTOI2hO2CN5r/Ro/IO0QNvJGT3PRza BimUeDj0zsPMQ/h6n+2nDTWr4QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNAkJ3Ad tpUq0XauIxN53P9V2F3uMB8GA1UdIwQYMBaAFNLYCASaRu15fCH59gJSNFZGMbP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjA4RC84MTA3M0EzMDI4 NzcxMUU5OTQyMUM4NENDNEY5QUUwMi8wdGdJQkpwRzdYbDhJZm4yQWxJMFZrWXhz X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzB0Z0lCSnBHN1hsOElmbjJBbEkwVmtZeHNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTYwOEQvODEwNzNBMzAyODc3MTFFOTk0MjFDODRDQzRGOUFFMDIvMEUxN0IxQUU3 OEY1MTFFQzgzRTU2MDE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnhiQwDQQCAAIwBwMFACQEXEAwDQYJKoZIhvcNAQELBQAD ggEBABS9+W8Be4NZStr/rWJga9gE4v7qhwhiQSX9xTtCu/lSEWIsXZ5WmTrN1iSC BC8z/6SzPPiOvHk+paiGt/Hg2rdAdr/KDIb5xYW74XhK8Kb1vrkfYj7I3P1XFDBk SC1xwBGZ+3TM7y2MOYOq+qlnlc+yZnWJ8mLP/8PN/lfg9cB40Z6jkGnZLBrW6+Uf LPqKUiJCKpV5etdOK2QK2V4HjPczhRACAt1N9OoafhIYdpI10lrn7l6yVaDFV8Ji aObRDGng8Gg3V3muXAgkDMhvENulFj6JMtu2OteIIwCAK49P79uJNZ69VSyOcu92 jMhIL7f2nnVuRb/cix8TTD/4Kc8= -----END CERTIFICATE-----Generated at Sun Apr 27 05:56:45 2025 by rpki-client