$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/147B50A8D70411EFA945F56EC4F9AE02.roa File: 147B50A8D70411EFA945F56EC4F9AE02.roa (raw, json) Hash identifier: 0Y9Pc1HNQ+sxDRDGILyQ41ZuBAKYQLX7SItBtgH3XUE= Subject key identifier: 4E:96:14:51:2E:1C:E7:5E:56:2C:33:25:56:03:29:B9:64:54:37:ED Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C Certificate serial: 394D Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/147B50A8D70411EFA945F56EC4F9AE02.roa Signing time: Mon 20 Jan 2025 07:57:30 +0000 ROA not before: Mon 20 Jan 2025 07:57:30 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 17556 IP address blocks: 114.109.249.0/24 maxlen: 24 115.87.70.0/24 maxlen: 24 115.87.71.0/24 maxlen: 24 115.87.72.0/24 maxlen: 24 115.87.73.0/24 maxlen: 24 119.46.99.0/24 maxlen: 24 119.46.255.0/24 maxlen: 24 124.120.219.0/24 maxlen: 24 210.86.191.0/24 maxlen: 24 2001:fb0:10b2::/48 maxlen: 48 2001:fb1::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 14:20:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14669 (0x394d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9137ABC, serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C Validity Not Before: Jan 20 07:57:30 2025 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=678e01e9-8e3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:7c:37:2e:41:4d:dd:c0:68:a3:21:f0:76:8f: c1:29:64:60:ce:55:69:a9:6f:e1:45:4c:54:69:f8: 91:b8:c6:20:54:65:76:df:64:65:c1:03:2a:e4:23: d1:fe:c1:19:34:11:a4:3b:a4:1e:2b:d6:fe:58:b9: 2d:6b:93:5c:82:63:35:96:4b:1a:1e:d2:23:9d:cd: e9:0f:f3:81:0d:ad:83:84:10:0b:17:ba:7c:20:6f: f6:31:36:99:da:7d:68:bc:cf:99:39:30:46:98:42: 4a:57:7e:4a:94:a0:77:38:cc:12:8d:26:06:41:c4: 2a:42:e8:77:eb:b5:7d:df:46:fd:f5:71:98:e4:4e: 07:93:f6:96:13:fe:dd:ff:31:1c:eb:d8:51:8e:57: 5d:a7:8d:05:a8:74:88:d7:0d:7d:29:90:e7:55:54: 7c:d7:0a:59:86:f1:af:68:3e:33:28:45:53:37:b2: 55:67:50:2a:43:24:a0:58:4b:9e:a1:55:8c:ce:8d: 3c:6f:62:2d:4a:ab:0c:ef:6e:ce:f7:72:b5:6c:1b: 8b:ff:3b:a0:45:2e:ea:38:63:e9:0c:a2:fd:b1:48: 73:01:45:1e:57:2d:f0:45:0d:de:87:be:01:a6:01: 61:a2:c1:2a:42:80:7e:d0:2d:03:fa:cc:67:72:5d: 8b:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:96:14:51:2E:1C:E7:5E:56:2C:33:25:56:03:29:B9:64:54:37:ED X509v3 Authority Key Identifier: keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/147B50A8D70411EFA945F56EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 114.109.249.0/24 115.87.70.0-115.87.73.255 119.46.99.0/24 119.46.255.0/24 124.120.219.0/24 210.86.191.0/24 IPv6: 2001:fb0:10b2::/48 2001:fb1::/32 Signature Algorithm: sha256WithRSAEncryption 4d:e0:81:97:a6:90:82:eb:f8:b6:80:06:0a:47:91:18:f1:ce: 21:c5:93:4b:03:6c:e3:de:82:53:d6:a7:3a:86:3b:5c:92:6f: 5c:1d:78:d8:f6:8a:d5:9c:b0:ce:ac:a7:d1:44:79:f8:33:b5: 58:5f:f1:7a:b8:ba:30:c0:08:31:87:49:14:c7:65:81:f3:56: bd:ec:4a:eb:42:7d:b9:5a:bd:43:b2:ff:18:d5:32:e7:14:6d: bb:c9:66:e2:1d:5c:6a:65:ef:84:b2:7e:f2:30:21:d2:4e:31: d6:5a:fc:b6:a2:45:b7:80:1a:0b:9e:50:2f:d6:09:a5:d6:ae: 84:2b:34:07:96:5f:c8:83:4a:cd:64:ce:7c:11:2d:2d:81:31: 27:11:27:bd:59:51:ac:77:59:32:de:af:af:c7:a9:25:1a:d5: 19:9b:c6:06:1f:3f:cf:22:e6:a5:51:92:de:f2:a2:82:3b:04: a2:77:a9:12:86:2b:aa:60:15:a7:ac:d8:db:ac:05:fc:42:3f: e9:28:aa:62:9b:03:92:3d:dc:99:4b:2e:da:b5:f2:7e:5b:da: ee:a0:f4:da:6e:c9:9e:55:d8:6b:21:8e:63:cc:bc:3c:d2:b7: 48:db:f2:43:8c:5c:c3:e0:49:f5:f6:fc:f6:c9:ad:e2:79:d2: 76:28:d5:98 -----BEGIN CERTIFICATE----- MIIFrzCCBJegAwIBAgICOU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB NDM3QUYwMkMwHhcNMjUwMTIwMDc1NzMwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzhlMDFlOS04ZTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA53w3LkFN3cBooyHwdo/BKWRgzlVpqW/hRUxUafiRuMYgVGV232RlwQMq5CPR /sEZNBGkO6QeK9b+WLkta5NcgmM1lksaHtIjnc3pD/OBDa2DhBALF7p8IG/2MTaZ 2n1ovM+ZOTBGmEJKV35KlKB3OMwSjSYGQcQqQuh367V930b99XGY5E4Hk/aWE/7d /zEc69hRjlddp40FqHSI1w19KZDnVVR81wpZhvGvaD4zKEVTN7JVZ1AqQySgWEue oVWMzo08b2ItSqsM727O93K1bBuL/zugRS7qOGPpDKL9sUhzAUUeVy3wRQ3eh74B pgFhosEqQoB+0C0D+sxncl2LQQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFE6WFFEu HOdeViwzJVYDKblkVDftMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4 Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvMTQ3QjUwQThE NzA0MTFFRkE5NDVGNTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E TjBMMDIEAgABMCwDBABybfkwDAMEAXNXRgMEAXNXSAMEAHcuYwMEAHcu/wMEAHx4 2wMEANJWvzAWBAIAAjAQAwcAIAEPsBCyAwUAIAEPsTANBgkqhkiG9w0BAQsFAAOC AQEATeCBl6aQguv4toAGCkeRGPHOIcWTSwNs496CU9anOoY7XJJvXB142PaK1Zyw zqyn0UR5+DO1WF/xeri6MMAIMYdJFMdlgfNWvexK60J9uVq9Q7L/GNUy5xRtu8lm 4h1camXvhLJ+8jAh0k4x1lr8tqJFt4AaC55QL9YJpdauhCs0B5ZfyINKzWTOfBEt LYExJxEnvVlRrHdZMt6vr8epJRrVGZvGBh8/zyLmpVGS3vKigjsEonepEoYrqmAV p6zY26wF/EI/6SiqYpsDkj3cmUsu2rXyflva7qD02m7JnlXYayGOY8y8PNK3SNvy Q4xcw+BJ9fb89smt4nnSdijVmA== -----END CERTIFICATE-----Generated at Sat Apr 26 20:24:22 2025 by rpki-client