$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa File: 1D1E9F72A05011ED8B25FE52C4F9AE02.roa (raw, json) Hash identifier: cOsKGiNuw+TOW2A6oQ6w++MvZswAsRBIZTMKNl1+jmk= Subject key identifier: 3D:87:EA:7B:72:50:D4:D6:DE:3B:99:88:9C:71:6E:D5:5B:AE:B4:FD Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Certificate serial: 2967 Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa Signing time: Tue 31 Dec 2024 15:52:45 +0000 ROA not before: Tue 31 Dec 2024 15:52:45 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 133848 IP address blocks: 49.0.124.0/24 maxlen: 24 49.231.72.0/21 maxlen: 23 49.231.73.0/24 maxlen: 24 49.231.75.0/24 maxlen: 24 49.231.76.0/22 maxlen: 24 49.231.128.0/22 maxlen: 24 49.231.132.0/22 maxlen: 24 110.49.2.0/24 maxlen: 24 110.49.99.0/24 maxlen: 24 110.49.112.0/23 maxlen: 24 2405:9800:d003::/48 maxlen: 48 2405:9800:d007::/48 maxlen: 48 2405:9800:d008::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:44:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10599 (0x2967) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911BD54, serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Validity Not Before: Dec 31 15:52:45 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=6774134d-0fa8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:4a:11:7b:df:70:25:ad:a8:f8:91:f1:2f:c4: b6:57:4c:dc:9c:e9:be:5a:30:18:bc:cc:a7:7f:cf: c5:7e:3d:36:af:f0:b9:d9:07:6f:92:52:54:12:dd: 08:e6:4d:12:4f:9d:7b:01:74:7b:c8:84:16:d8:f5: 0a:ad:76:30:83:8b:9a:0f:d2:ac:ad:f6:c9:2f:87: f4:cc:3e:a0:18:8f:56:33:f8:80:d0:7c:f8:fb:99: 0e:a9:03:a8:1a:2d:db:94:1f:64:66:43:84:aa:ae: 47:9b:a1:78:f2:9c:7b:45:39:03:40:64:38:56:3f: 4c:3d:b4:c7:df:eb:55:03:e1:c6:06:7a:d0:f1:6b: a4:29:a4:7f:d2:8e:ef:5b:a5:41:9e:b7:f0:d1:63: 22:2f:e4:d5:5d:bc:1a:73:50:08:2a:ac:68:27:bd: 35:2a:07:db:35:54:7a:a6:d4:e9:df:fa:f2:f1:87: cf:50:68:8a:92:9b:e5:41:be:03:02:43:8e:84:0e: 85:22:e1:ef:f2:f3:76:ea:15:95:69:83:b1:c3:5b: e8:d4:73:ed:ec:c0:7f:59:cd:69:17:0f:cc:4e:85: d5:6f:ce:5e:34:8c:78:75:d7:7d:e8:bc:d7:f2:b2: 40:15:b2:23:12:13:f7:00:a4:48:c4:f8:85:3f:0c: f4:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:87:EA:7B:72:50:D4:D6:DE:3B:99:88:9C:71:6E:D5:5B:AE:B4:FD X509v3 Authority Key Identifier: keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.0.124.0/24 49.231.72.0/21 49.231.128.0/21 110.49.2.0/24 110.49.99.0/24 110.49.112.0/23 IPv6: 2405:9800:d003::/48 2405:9800:d007::-2405:9800:d008:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 13:29:98:78:bc:e7:2c:8e:eb:a8:17:af:cf:02:d1:c1:bd:75: 43:1c:be:a3:d5:e5:23:51:2a:d2:82:4a:af:07:6a:b2:81:bb: 53:4b:d7:83:77:6a:76:af:e5:96:49:ce:cd:7b:cf:28:ec:61: f0:37:ea:61:f6:84:b3:00:7f:4f:07:bd:7d:11:50:90:e7:34: ae:0d:3f:86:7e:a4:b7:ed:b2:70:28:18:2e:e3:4c:08:2f:49: 04:5a:5f:52:e0:83:d9:11:1a:df:38:50:10:27:75:73:c9:e8: 9b:b4:f7:60:5b:20:4e:3b:1c:d6:1c:2c:7e:61:13:b7:4c:d3: b1:b6:3b:1e:0c:d8:6c:00:bd:24:af:c8:48:50:5d:c1:38:1e: 14:ed:76:43:65:09:f9:33:d2:58:3b:c5:54:5e:9a:a5:58:e5: 0a:8b:ef:65:a5:f9:e6:5d:c1:08:20:39:5f:7c:71:40:3b:e5: e9:f8:bb:28:6d:14:6f:fc:01:95:32:bc:05:2a:3f:ae:2a:f5: 20:4e:02:23:cc:22:0d:60:09:71:41:4d:d2:32:3e:af:2a:bc: 5a:a6:c9:6f:ce:6c:18:6d:4f:47:cd:af:9a:c4:74:87:fb:a0: fc:e5:dc:e7:07:c5:fd:e6:04:7d:f1:ed:6d:58:c8:9d:ea:0e: 67:5f:90:a7 -----BEGIN CERTIFICATE----- MIIFtDCCBJygAwIBAgICKWcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2 QUYyMDcxNUMwHhcNMjQxMjMxMTU1MjQ1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzc0MTM0ZC0wZmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvUoRe99wJa2o+JHxL8S2V0zcnOm+WjAYvMynf8/Ffj02r/C52QdvklJUEt0I 5k0ST517AXR7yIQW2PUKrXYwg4uaD9KsrfbJL4f0zD6gGI9WM/iA0Hz4+5kOqQOo Gi3blB9kZkOEqq5Hm6F48px7RTkDQGQ4Vj9MPbTH3+tVA+HGBnrQ8WukKaR/0o7v W6VBnrfw0WMiL+TVXbwac1AIKqxoJ701KgfbNVR6ptTp3/ry8YfPUGiKkpvlQb4D AkOOhA6FIuHv8vN26hWVaYOxw1vo1HPt7MB/Wc1pFw/MToXVb85eNIx4ddd96LzX 8rJAFbIjEhP3AKRIxPiFPwz0vwIDAQABo4IC2DCCAtQwHQYDVR0OBBYEFD2H6nty UNTW3juZiJxxbtVbrrT9MB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvMUQxRTlGNzJB MDUwMTFFRDhCMjVGRTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYgYIKwYBBQUHAQcBAf8E UzBRMCoEAgABMCQDBAAxAHwDBAMx50gDBAMx54ADBABuMQIDBABuMWMDBAFuMXAw IwQCAAIwHQMHACQFmADQAzASAwcAJAWYANAHAwcAJAWYANAIMA0GCSqGSIb3DQEB CwUAA4IBAQATKZh4vOcsjuuoF6/PAtHBvXVDHL6j1eUjUSrSgkqvB2qygbtTS9eD d2p2r+WWSc7Ne88o7GHwN+ph9oSzAH9PB719EVCQ5zSuDT+GfqS37bJwKBgu40wI L0kEWl9S4IPZERrfOFAQJ3VzyeibtPdgWyBOOxzWHCx+YRO3TNOxtjseDNhsAL0k r8hIUF3BOB4U7XZDZQn5M9JYO8VUXpqlWOUKi+9lpfnmXcEIIDlffHFAO+Xp+Lso bRRv/AGVMrwFKj+uKvUgTgIjzCINYAlxQU3SMj6vKrxapslvzmwYbU9Hza+axHSH +6D85dznB8X95gR98e1tWMid6g5nX5Cn -----END CERTIFICATE-----Generated at Sat Apr 26 14:05:48 2025 by rpki-client