$ rpki-client -vvf rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/0C77B118353C11EFB0FA2527C4F9AE02.roa File: 0C77B118353C11EFB0FA2527C4F9AE02.roa (raw, json) Hash identifier: DUbgXXzqpapSxP1SYmetX0pcnJaOWrBmkI9YsNCICSA= Subject key identifier: E3:59:25:C6:F4:AE:39:AD:70:21:DE:07:D7:43:57:F1:EC:61:8B:65 Certificate issuer: /CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06 Certificate serial: 0721 Authority key identifier: 34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/0C77B118353C11EFB0FA2527C4F9AE02.roa Signing time: Thu 03 Apr 2025 07:00:30 +0000 ROA not before: Thu 03 Apr 2025 07:00:30 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 64074 IP address blocks: 103.203.176.0/24 maxlen: 24 103.203.178.0/24 maxlen: 24 103.203.179.0/24 maxlen: 24 223.29.212.0/24 maxlen: 24 223.29.213.0/24 maxlen: 24 223.29.215.0/24 maxlen: 24 2401:b8c0::/32 maxlen: 32 2401:b8c0::/48 maxlen: 48 2401:b8c0:1::/48 maxlen: 48 2401:b8c0:2::/48 maxlen: 48 2401:b8c0:3::/48 maxlen: 48 2401:b8c0:4::/48 maxlen: 48 2401:b8c0:5::/48 maxlen: 48 2401:b8c0:6::/48 maxlen: 48 2401:b8c0:7::/48 maxlen: 48 2401:b8c0:8::/48 maxlen: 48 2401:b8c0:9::/48 maxlen: 48 2401:b8c0:b::/48 maxlen: 48 2401:b8c0:c::/48 maxlen: 48 2401:b8c0:e::/48 maxlen: 48 2401:b8c0:f::/48 maxlen: 48 2401:b8c0:8020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.crl rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 18:27:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1825 (0x721) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153646, serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06 Validity Not Before: Apr 3 07:00:30 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67ee320d-c602 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:3d:2d:7b:6c:01:81:01:58:be:cf:e9:fa:5d: f4:63:88:b4:e2:81:95:52:7b:47:60:fe:76:1f:33: ef:ca:a2:a1:0d:19:b1:12:b6:a2:da:c0:d8:72:ab: e7:ef:5d:eb:7c:2d:54:c9:05:56:c6:65:dc:b4:83: 11:72:f1:e9:ba:0a:a8:55:9d:93:d7:49:48:4d:65: 87:8f:f8:48:5e:dc:04:11:33:0e:4f:9f:5d:d0:62: fa:94:11:43:df:2b:1d:3b:4a:0d:d9:6b:99:f4:81: 3f:8d:33:57:69:f1:b3:29:8a:6b:66:dd:1b:99:f9: 52:06:46:d8:5a:35:a3:a8:ec:bb:20:bb:eb:d3:ab: e0:88:a3:46:d3:ac:9b:7e:de:09:7a:39:7f:4c:70: 80:ee:02:ae:d4:96:7a:24:b3:67:32:c8:a3:f9:ee: d3:65:65:3b:23:aa:d3:81:2b:ab:b9:c3:58:06:a8: ef:2e:4c:ce:e0:54:35:8b:b9:2e:5e:e2:5c:d1:90: a3:88:37:e6:45:c5:9c:dc:7e:ca:68:52:9d:c4:0a: e4:6f:a5:cc:15:c0:d1:cc:bf:94:f9:3d:da:e9:69: b8:77:17:2e:04:58:12:2f:d2:b8:c5:7f:6e:2d:9f: ce:7b:8e:d7:73:1b:33:c7:45:b9:75:71:42:cc:4f: e5:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:59:25:C6:F4:AE:39:AD:70:21:DE:07:D7:43:57:F1:EC:61:8B:65 X509v3 Authority Key Identifier: keyid:34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/0C77B118353C11EFB0FA2527C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.203.176.0/24 103.203.178.0/23 223.29.212.0/23 223.29.215.0/24 IPv6: 2401:b8c0::/32 Signature Algorithm: sha256WithRSAEncryption a6:aa:69:1a:46:d8:53:26:25:b2:cc:53:9d:e8:08:85:b5:42: a9:fb:b7:b5:7a:d8:ce:c2:48:b1:e3:df:f4:7d:2e:fc:a5:80: d8:b8:3e:5a:b9:9e:f9:b9:85:8c:72:63:80:1f:ba:73:0f:0f: f8:3d:69:21:97:5e:fa:2d:ad:2c:67:b1:46:78:c3:03:32:e8: c4:60:75:5f:33:44:15:36:9d:dc:52:3b:0d:93:44:42:98:9b: 42:3e:15:af:d1:67:0f:67:74:50:b0:ca:5d:08:0b:27:36:de: 0f:b1:8c:bc:6b:91:d5:5b:68:04:8a:73:fe:d6:62:da:19:70: 4c:6b:41:12:a6:4d:52:24:1f:9f:5d:ab:b1:f1:34:57:cb:a0: 14:57:4a:2e:d2:c3:c0:bd:a4:9e:eb:2e:d1:36:6c:79:8a:96: c7:31:c2:82:ce:b7:0a:ef:d0:85:7d:21:5d:59:6c:fa:d2:ae: 5e:d3:1a:a9:9f:c7:9d:c7:05:6a:82:dc:14:46:a6:bf:59:08: 19:3e:5a:75:39:94:e5:f2:c5:72:a0:d0:2d:37:db:a6:53:8b: ab:f8:d5:5b:54:5e:e1:26:12:3f:c5:9a:20:be:ef:38:89:99: 5f:02:cd:99:93:08:58:5c:ef:d0:d8:7a:fb:68:95:46:0f:91: d4:89:ca:3d -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICByEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTM2NDYxMTAvBgNVBAUTKDM0OTJFRkZFOTYyMkIxRkZGODgxNTk3MDAzNzYzQzFC QTI0QTFFMDYwHhcNMjUwNDAzMDcwMDMwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2VlMzIwZC1jNjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnD0te2wBgQFYvs/p+l30Y4i04oGVUntHYP52HzPvyqKhDRmxErai2sDYcqvn 713rfC1UyQVWxmXctIMRcvHpugqoVZ2T10lITWWHj/hIXtwEETMOT59d0GL6lBFD 3ysdO0oN2WuZ9IE/jTNXafGzKYprZt0bmflSBkbYWjWjqOy7ILvr06vgiKNG06yb ft4Jejl/THCA7gKu1JZ6JLNnMsij+e7TZWU7I6rTgSurucNYBqjvLkzO4FQ1i7ku XuJc0ZCjiDfmRcWc3H7KaFKdxArkb6XMFcDRzL+U+T3a6Wm4dxcuBFgSL9K4xX9u LZ/Oe47Xcxszx0W5dXFCzE/l4wIDAQABo4ICtjCCArIwHQYDVR0OBBYEFONZJcb0 rjmtcCHeB9dDV/HsYYtlMB8GA1UdIwQYMBaAFDSS7/6WIrH/+IFZcAN2PBuiSh4G MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzY0Ni82QjhFRkE1QUZG OTgxMUU5ODdDODBBNkFDNEY5QUUwMi9OSkx2X3BZaXNmXzRnVmx3QTNZOEc2SktI Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05KTHZfcFlpc2ZfNGdWbHdBM1k4RzZKS0hnWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTM2NDYvNkI4RUZBNUFGRjk4MTFFOTg3QzgwQTZBQzRGOUFFMDIvMEM3N0IxMTgz NTNDMTFFRkIwRkEyNTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBABny7ADBAFny7IDBAHfHdQDBADfHdcwDQQCAAIwBwMFACQB uMAwDQYJKoZIhvcNAQELBQADggEBAKaqaRpG2FMmJbLMU53oCIW1Qqn7t7V62M7C SLHj3/R9LvylgNi4Plq5nvm5hYxyY4AfunMPD/g9aSGXXvotrSxnsUZ4wwMy6MRg dV8zRBU2ndxSOw2TREKYm0I+Fa/RZw9ndFCwyl0ICyc23g+xjLxrkdVbaASKc/7W YtoZcExrQRKmTVIkH59dq7HxNFfLoBRXSi7Sw8C9pJ7rLtE2bHmKlscxwoLOtwrv 0IV9IV1ZbPrSrl7TGqmfx53HBWqC3BRGpr9ZCBk+WnU5lOXyxXKg0C0326ZTi6v4 1VtUXuEmEj/FmiC+7ziJmV8CzZmTCFhc79DYevtolUYPkdSJyj0= -----END CERTIFICATE-----Generated at Mon Apr 28 20:10:34 2025 by rpki-client on console.sobornost.net