$ rpki-client -vvf rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/3889BE2CEDD611EC8E98151DC4F9AE02.roa File: 3889BE2CEDD611EC8E98151DC4F9AE02.roa (raw, json) Hash identifier: smF54Fbc1JDJULTqaNTlYvlIX2BHToHjC9gpmy4IEp0= Subject key identifier: 91:BD:CF:57:7E:95:EF:C9:DE:6B:70:F9:CD:FD:85:26:59:35:F4:41 Certificate issuer: /CN=A9138E67/serialNumber=B6589BAC56A5DC8A26DB0727FAD44A903A63C4CF Certificate serial: 027F Authority key identifier: B6:58:9B:AC:56:A5:DC:8A:26:DB:07:27:FA:D4:4A:90:3A:63:C4:CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlibrFal3Iom2wcn-tRKkDpjxM8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/3889BE2CEDD611EC8E98151DC4F9AE02.roa Signing time: Sat 21 Dec 2024 01:24:44 +0000 ROA not before: Sat 21 Dec 2024 01:24:44 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 7575 IP address blocks: 203.29.104.0/21 maxlen: 21 203.57.160.0/19 maxlen: 19 2406:bac0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/tlibrFal3Iom2wcn-tRKkDpjxM8.crl rsync://rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/tlibrFal3Iom2wcn-tRKkDpjxM8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlibrFal3Iom2wcn-tRKkDpjxM8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:12:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 639 (0x27f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9138E67, serialNumber=B6589BAC56A5DC8A26DB0727FAD44A903A63C4CF Validity Not Before: Dec 21 01:24:44 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=676618dc-4206 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:27:23:4e:e7:5c:4f:72:99:a0:b9:74:8f:40: 95:d1:19:f7:78:55:0c:d3:79:43:a9:2f:4b:c5:7d: a7:55:6d:31:f1:98:0f:42:31:01:ac:bc:4d:70:6e: 8a:33:21:45:7c:60:90:63:43:32:1b:94:b0:80:37: fb:9a:e9:38:2b:c6:bd:ed:34:14:dd:60:c6:07:82: 67:20:01:f9:93:b2:ef:c1:e7:d4:f0:b4:56:cb:d6: 1c:33:8a:8b:e1:09:e2:2d:ce:d4:b7:7e:86:42:bc: c1:38:c7:df:cb:d9:58:67:ce:90:66:65:a6:21:a1: 68:91:72:d9:3e:90:dc:15:a9:d8:43:9b:c7:10:4f: 20:91:db:2f:b6:6d:03:d7:fe:0a:cb:1c:97:c6:a0: 2a:90:af:25:69:94:79:ae:5a:47:62:8d:65:90:b0: 0d:ca:aa:94:a6:a8:dc:3c:d1:98:61:a0:d9:77:bb: a7:e8:f1:01:b0:1d:43:16:dd:da:9b:53:c8:87:da: 6b:50:21:42:ee:a0:d4:36:db:ad:06:bc:10:c1:27: aa:d1:bc:44:0f:58:03:9d:28:e1:29:a5:64:34:86: 96:9c:d1:79:40:ad:e7:6a:f3:12:ec:44:e3:c6:60: 52:df:96:3b:29:58:a2:0d:d1:c9:1a:34:e1:c5:c5: 9f:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:BD:CF:57:7E:95:EF:C9:DE:6B:70:F9:CD:FD:85:26:59:35:F4:41 X509v3 Authority Key Identifier: keyid:B6:58:9B:AC:56:A5:DC:8A:26:DB:07:27:FA:D4:4A:90:3A:63:C4:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/tlibrFal3Iom2wcn-tRKkDpjxM8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tlibrFal3Iom2wcn-tRKkDpjxM8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138E67/279CBF08EDCF11ECB5E74D7CC4F9AE02/3889BE2CEDD611EC8E98151DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.29.104.0/21 203.57.160.0/19 IPv6: 2406:bac0::/32 Signature Algorithm: sha256WithRSAEncryption 6e:1d:cf:3a:c6:de:f2:95:5d:01:a8:34:f7:eb:83:da:c2:e0: 5d:4f:16:0e:51:70:50:7d:6d:fd:55:8c:ad:c9:41:a7:71:9c: 24:0f:69:e9:56:03:a4:14:5d:5f:7d:59:86:d8:b8:a2:00:c1: c9:c9:10:41:0b:5a:ea:a9:4b:77:ca:6d:76:5b:d3:05:24:b2: f9:c0:16:57:28:9d:04:fb:a3:96:78:08:c3:a0:a5:62:25:33: 4f:c7:c0:74:ec:2d:c7:09:e2:c0:bf:d3:d6:b6:65:78:a1:5e: 7e:05:11:86:9e:2f:16:87:be:2a:2e:e2:dc:da:8e:d6:40:b7: 2c:20:56:38:28:af:96:6c:5d:ff:73:95:0c:ee:20:c3:63:11: 78:37:cf:20:0e:4e:ff:e7:5e:f7:61:15:78:bf:a5:f8:d7:49: f2:0a:7a:1d:bf:08:a0:3c:04:70:2a:e9:0c:ed:93:75:d7:7e: 15:f8:3d:91:ae:d3:82:69:81:16:6c:61:46:7d:55:a2:4b:cd: b0:9b:ac:18:75:05:56:7e:42:a3:aa:e9:fd:d4:3c:16:d3:d2: 99:78:e6:6a:70:af:80:9d:6f:4a:c5:22:cd:74:7e:15:d0:b4: a0:74:ac:e9:18:e3:ea:7f:5c:90:81:0a:26:84:86:92:e3:61: 01:3e:04:20 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICAn8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzhFNjcxMTAvBgNVBAUTKEI2NTg5QkFDNTZBNURDOEEyNkRCMDcyN0ZBRDQ0QTkw M0E2M0M0Q0YwHhcNMjQxMjIxMDEyNDQ0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzY2MThkYy00MjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsicjTudcT3KZoLl0j0CV0Rn3eFUM03lDqS9LxX2nVW0x8ZgPQjEBrLxNcG6K MyFFfGCQY0MyG5SwgDf7muk4K8a97TQU3WDGB4JnIAH5k7LvwefU8LRWy9YcM4qL 4QniLc7Ut36GQrzBOMffy9lYZ86QZmWmIaFokXLZPpDcFanYQ5vHEE8gkdsvtm0D 1/4KyxyXxqAqkK8laZR5rlpHYo1lkLANyqqUpqjcPNGYYaDZd7un6PEBsB1DFt3a m1PIh9prUCFC7qDUNtutBrwQwSeq0bxED1gDnSjhKaVkNIaWnNF5QK3navMS7ETj xmBS35Y7KViiDdHJGjThxcWfIQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJG9z1d+ le/J3mtw+c39hSZZNfRBMB8GA1UdIwQYMBaAFLZYm6xWpdyKJtsHJ/rUSpA6Y8TP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOEU2Ny8yNzlDQkYwOEVE Q0YxMUVDQjVFNzREN0NDNEY5QUUwMi90bGlickZhbDNJb20yd2NuLXRSS2tEcGp4 TTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RsaWJyRmFsM0lvbTJ3Y24tdFJLa0RwanhNOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzhFNjcvMjc5Q0JGMDhFRENGMTFFQ0I1RTc0RDdDQzRGOUFFMDIvMzg4OUJFMkNF REQ2MTFFQzhFOTgxNTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAPLHWgDBAXLOaAwDQQCAAIwBwMFACQGusAwDQYJKoZIhvcN AQELBQADggEBAG4dzzrG3vKVXQGoNPfrg9rC4F1PFg5RcFB9bf1VjK3JQadxnCQP aelWA6QUXV99WYbYuKIAwcnJEEELWuqpS3fKbXZb0wUksvnAFlconQT7o5Z4CMOg pWIlM0/HwHTsLccJ4sC/09a2ZXihXn4FEYaeLxaHviou4tzajtZAtywgVjgor5Zs Xf9zlQzuIMNjEXg3zyAOTv/nXvdhFXi/pfjXSfIKeh2/CKA8BHAq6Qztk3XXfhX4 PZGu04JpgRZsYUZ9VaJLzbCbrBh1BVZ+QqOq6f3UPBbT0pl45mpwr4Cdb0rFIs10 fhXQtKB0rOkY4+p/XJCBCiaEhpLjYQE+BCA= -----END CERTIFICATE-----Generated at Sat Apr 26 07:41:59 2025 by rpki-client