$ rpki-client -vvf rpki.apnic.net/member_repository/A915060F/5E7ED5E41D6C11E28ACBD0AC08B02CD2/FAB5FE6E101811EA9A30176EC4F9AE02.roa File: FAB5FE6E101811EA9A30176EC4F9AE02.roa (raw, json) Hash identifier: RqmLY0UHvoPEXEGiA3IV9LD1IHtw4IdY4hkPn7NdXpA= Subject key identifier: C9:B0:C6:7A:17:A2:78:61:81:95:E5:33:8B:21:D5:A3:D9:89:C1:9E Certificate issuer: /CN=A915060F/serialNumber=75C0717740E9187DD535116139012F0F31D84097 Certificate serial: 347E Authority key identifier: 75:C0:71:77:40:E9:18:7D:D5:35:11:61:39:01:2F:0F:31:D8:40:97 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dcBxd0DpGH3VNRFhOQEvDzHYQJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915060F/5E7ED5E41D6C11E28ACBD0AC08B02CD2/FAB5FE6E101811EA9A30176EC4F9AE02.roa Signing time: Thu 10 Apr 2025 14:20:09 +0000 ROA not before: Thu 10 Apr 2025 14:20:09 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 38712 IP address blocks: 116.212.104.0/21 maxlen: 24 120.50.0.0/19 maxlen: 19 120.50.0.0/20 maxlen: 24 120.50.16.0/21 maxlen: 24 120.50.24.0/23 maxlen: 24 120.50.26.0/23 maxlen: 24 120.50.28.0/22 maxlen: 24 2400:5800::/32 maxlen: 32 2400:5800:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915060F/5E7ED5E41D6C11E28ACBD0AC08B02CD2/dcBxd0DpGH3VNRFhOQEvDzHYQJc.crl rsync://rpki.apnic.net/member_repository/A915060F/5E7ED5E41D6C11E28ACBD0AC08B02CD2/dcBxd0DpGH3VNRFhOQEvDzHYQJc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dcBxd0DpGH3VNRFhOQEvDzHYQJc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13438 (0x347e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915060F, serialNumber=75C0717740E9187DD535116139012F0F31D84097 Validity Not Before: Apr 10 14:20:09 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67f7d399-d383 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:32:c9:b6:03:af:36:56:65:42:57:00:d1:57: 23:85:5f:23:f0:df:d5:f9:f7:cf:be:27:32:50:9a: 3c:94:b0:84:8e:2d:75:e1:70:53:40:1b:07:e6:68: 07:91:9c:e8:9a:86:d3:e9:3d:73:2b:4e:ec:23:e1: 79:7b:57:4d:67:fc:38:52:0a:86:af:a4:25:31:c2: 2f:c3:96:73:be:3b:2e:af:c2:0d:3b:17:b2:fb:52: b7:15:7e:ff:6f:98:73:f6:8f:ea:d1:4b:e2:f5:1e: 60:7b:cd:ac:0c:dd:e4:d5:00:52:e7:26:8b:1b:d5: f8:4f:83:22:3f:3b:a0:18:8d:68:a9:6c:af:1c:ee: f7:23:7e:ce:e9:6d:cd:c9:34:74:cd:bd:7c:d0:4f: 3a:d0:dc:36:74:e3:c9:37:8d:5c:21:a5:1e:c4:68: ce:7d:e2:ca:16:e3:39:8d:34:62:47:4a:7f:c4:cd: 8a:18:b5:ab:a0:4a:6d:64:05:63:e8:65:45:6c:34: 42:7b:3b:96:f4:b6:64:2d:f5:92:3c:42:1b:19:a1: fc:5c:73:92:b7:fd:da:34:38:1a:39:cc:02:37:d2: 91:b8:0f:61:4b:79:b3:ab:82:a2:07:fd:6f:f8:fd: 1e:50:f6:8a:40:d4:ba:54:6d:3c:65:25:4b:05:01: b3:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:B0:C6:7A:17:A2:78:61:81:95:E5:33:8B:21:D5:A3:D9:89:C1:9E X509v3 Authority Key Identifier: keyid:75:C0:71:77:40:E9:18:7D:D5:35:11:61:39:01:2F:0F:31:D8:40:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915060F/5E7ED5E41D6C11E28ACBD0AC08B02CD2/dcBxd0DpGH3VNRFhOQEvDzHYQJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dcBxd0DpGH3VNRFhOQEvDzHYQJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915060F/5E7ED5E41D6C11E28ACBD0AC08B02CD2/FAB5FE6E101811EA9A30176EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.212.104.0/21 120.50.0.0/19 IPv6: 2400:5800::/32 Signature Algorithm: sha256WithRSAEncryption 4c:4c:d7:1d:8c:22:c2:fe:59:e4:b1:6f:24:0f:2e:cb:72:71: be:bf:bd:23:eb:84:a4:39:85:00:a1:24:8c:a9:10:68:37:ab: e3:06:31:72:33:ed:03:83:79:d7:3f:2e:c4:38:6b:f9:21:44: 3b:2b:bf:f3:ca:bf:ab:08:1c:6e:3e:c6:8b:3c:64:60:be:ce: a5:aa:39:49:d2:58:a3:9a:f0:e0:ff:a4:8a:38:5f:7c:39:e3: 4d:56:a4:fc:3b:f8:31:c2:eb:af:55:81:34:a6:4b:f8:05:ef: 52:66:ae:30:36:cc:7f:8c:0f:b5:e1:a7:f2:35:7f:0d:47:a9: 4b:43:4d:0b:b1:58:f2:e0:c8:3b:98:19:df:54:b2:7e:89:e0: 8a:b2:13:7f:86:35:55:09:a1:f2:33:e4:fb:3b:fb:0d:bb:77: d4:64:c1:7e:ec:f5:1b:ea:3b:28:3e:c9:0b:28:e9:cf:e9:99: 23:08:8c:3d:45:d6:6c:35:4e:5f:1d:ad:b8:0c:05:95:87:87: 4a:43:99:e0:4a:71:88:82:80:68:ca:1f:cc:fb:f5:bf:29:98: 95:7c:f1:c9:f5:43:c6:40:cd:9a:82:70:a5:cd:0b:59:52:6a: 7a:f5:f8:fd:ef:fb:98:94:45:32:04:5f:01:e1:00:71:fb:50: 9b:7a:52:36 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICNH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA2MEYxMTAvBgNVBAUTKDc1QzA3MTc3NDBFOTE4N0RENTM1MTE2MTM5MDEyRjBG MzFEODQwOTcwHhcNMjUwNDEwMTQyMDA5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y3ZDM5OS1kMzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwzLJtgOvNlZlQlcA0VcjhV8j8N/V+ffPvicyUJo8lLCEji114XBTQBsH5mgH kZzomobT6T1zK07sI+F5e1dNZ/w4UgqGr6QlMcIvw5Zzvjsur8INOxey+1K3FX7/ b5hz9o/q0Uvi9R5ge82sDN3k1QBS5yaLG9X4T4MiPzugGI1oqWyvHO73I37O6W3N yTR0zb180E860Nw2dOPJN41cIaUexGjOfeLKFuM5jTRiR0p/xM2KGLWroEptZAVj 6GVFbDRCezuW9LZkLfWSPEIbGaH8XHOSt/3aNDgaOcwCN9KRuA9hS3mzq4KiB/1v +P0eUPaKQNS6VG08ZSVLBQGzLwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMmwxnoX onhhgZXlM4sh1aPZicGeMB8GA1UdIwQYMBaAFHXAcXdA6Rh91TURYTkBLw8x2ECX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDYwRi81RTdFRDVFNDFE NkMxMUUyOEFDQkQwQUMwOEIwMkNEMi9kY0J4ZDBEcEdIM1ZOUkZoT1FFdkR6SFlR SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RjQnhkMERwR0gzVk5SRmhPUUV2RHpIWVFKYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTA2MEYvNUU3RUQ1RTQxRDZDMTFFMjhBQ0JEMEFDMDhCMDJDRDIvRkFCNUZFNkUx MDE4MTFFQTlBMzAxNzZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAN01GgDBAV4MgAwDQQCAAIwBwMFACQAWAAwDQYJKoZIhvcN AQELBQADggEBAExM1x2MIsL+WeSxbyQPLstycb6/vSPrhKQ5hQChJIypEGg3q+MG MXIz7QODedc/LsQ4a/khRDsrv/PKv6sIHG4+xos8ZGC+zqWqOUnSWKOa8OD/pIo4 X3w5401WpPw7+DHC669VgTSmS/gF71JmrjA2zH+MD7Xhp/I1fw1HqUtDTQuxWPLg yDuYGd9Usn6J4IqyE3+GNVUJofIz5Ps7+w27d9RkwX7s9RvqOyg+yQso6c/pmSMI jD1F1mw1Tl8drbgMBZWHh0pDmeBKcYiCgGjKH8z79b8pmJV88cn1Q8ZAzZqCcKXN C1lSanr1+P3v+5iURTIEXwHhAHH7UJt6UjY= -----END CERTIFICATE-----Generated at Sat Apr 26 07:30:55 2025 by rpki-client