$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E4BA3CE8DFCE11EFBC4CD631C4F9AE02.roa File: E4BA3CE8DFCE11EFBC4CD631C4F9AE02.roa (raw, json) Hash identifier: MbcvEjB6bBsz71diYW6luEzJdUqDQqlK0r5oh/a4AKQ= Subject key identifier: A6:34:3E:B7:7A:A5:62:2E:86:A3:31:D9:91:85:A4:BB:F5:EA:9E:41 Certificate issuer: /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Certificate serial: 3486 Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E4BA3CE8DFCE11EFBC4CD631C4F9AE02.roa Signing time: Mon 14 Apr 2025 14:50:43 +0000 ROA not before: Mon 14 Apr 2025 14:50:43 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 139759 IP address blocks: 119.252.112.0/21 maxlen: 21 119.252.112.0/24 maxlen: 24 119.252.116.0/22 maxlen: 22 124.109.8.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 14:40:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13446 (0x3486) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Validity Not Before: Apr 14 14:50:43 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=67fd20c3-bd41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:86:6f:96:9d:f4:a5:06:f9:3b:14:1b:f2:66: d9:45:45:fb:bc:d7:93:63:6c:22:e4:a5:b3:e6:02: ca:42:b7:5f:42:ad:97:38:93:55:e2:b8:e2:e9:05: cb:a3:47:7e:e9:ef:52:2a:73:66:0c:5e:9f:7d:fb: 17:89:10:f9:71:ca:1d:a7:d2:6b:8b:f4:58:f4:dc: 81:a1:37:1f:4c:90:f5:9a:ec:65:75:b0:bf:3b:5c: 83:b7:35:8e:d5:ce:bd:36:b5:79:6a:90:47:3f:8d: b5:cf:52:42:45:aa:72:07:a3:7a:82:5f:51:01:13: cd:ca:13:8d:28:79:b5:23:ef:27:e8:a8:73:c8:15: 48:87:d7:30:b6:ef:e4:07:da:e2:b1:24:54:65:57: df:10:03:a9:22:cc:17:6c:06:ac:2b:6e:89:94:bc: 26:b0:61:01:02:ea:be:a0:f6:6f:7c:c6:f0:e2:58: 4e:76:bd:20:7a:24:c0:04:49:50:e3:19:78:25:17: 9b:01:de:17:99:10:5b:47:b1:0e:8c:41:9e:04:3d: 0e:e5:d1:5f:5c:e8:98:db:e7:b3:cd:a5:3c:54:62: d9:80:0d:12:20:f1:be:28:92:d6:48:ec:20:1f:57: d3:5c:2d:06:16:f2:9d:6b:57:6f:af:e4:c9:a9:00: 5b:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:34:3E:B7:7A:A5:62:2E:86:A3:31:D9:91:85:A4:BB:F5:EA:9E:41 X509v3 Authority Key Identifier: keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/E4BA3CE8DFCE11EFBC4CD631C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 119.252.112.0/21 124.109.8.0/22 Signature Algorithm: sha256WithRSAEncryption 02:14:29:41:ad:17:d0:d0:0f:e8:79:e7:60:29:e6:b6:c5:10: 20:76:bf:5b:00:53:b1:2d:7c:b6:06:4b:fe:d5:5f:3a:da:96: 22:49:b7:93:67:53:4c:c5:29:49:a7:a4:fe:5d:89:8d:2f:bc: 6b:81:93:33:c0:4e:bd:b7:46:66:7e:be:01:b5:41:38:e3:2f: 32:f3:d9:00:77:ac:92:1d:fd:2a:d1:89:98:a7:ce:ae:aa:5f: e7:32:3e:6c:d9:b1:4b:78:a8:ad:f9:fb:da:13:e4:5b:2b:ef: 6d:a1:61:18:03:e4:6b:23:3b:8f:a4:bc:6b:92:7e:82:e0:06: 06:e2:f8:49:0c:40:c3:d0:1c:49:ca:35:8f:7b:f5:9c:b1:49: af:7d:a9:61:91:4a:1d:ef:b6:14:8d:94:be:53:a5:13:22:51: cd:e3:64:88:91:35:6e:25:01:1a:ea:1c:b6:c9:9b:2a:77:42: ff:ec:5f:01:36:b3:c7:44:89:d9:9b:57:46:cc:8b:bc:a7:b8: aa:87:fa:14:18:70:02:ba:d1:2f:ad:41:aa:3b:fc:9f:f3:c4: 92:5c:fe:5d:16:56:c0:68:e7:b0:6c:9e:1a:92:b9:87:19:57: e9:b8:3a:7d:f9:d8:83:74:3e:89:24:11:93:f7:26:c4:a8:d8: da:30:a9:01 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICNIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5 NDgxRjFDNDQwHhcNMjUwNDE0MTQ1MDQzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2ZkMjBjMy1iZDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvoZvlp30pQb5OxQb8mbZRUX7vNeTY2wi5KWz5gLKQrdfQq2XOJNV4rji6QXL o0d+6e9SKnNmDF6fffsXiRD5ccodp9Jri/RY9NyBoTcfTJD1muxldbC/O1yDtzWO 1c69NrV5apBHP421z1JCRapyB6N6gl9RARPNyhONKHm1I+8n6KhzyBVIh9cwtu/k B9risSRUZVffEAOpIswXbAasK26JlLwmsGEBAuq+oPZvfMbw4lhOdr0geiTABElQ 4xl4JRebAd4XmRBbR7EOjEGeBD0O5dFfXOiY2+ezzaU8VGLZgA0SIPG+KJLWSOwg H1fTXC0GFvKda1dvr+TJqQBbNwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKY0Prd6 pWIuhqMx2ZGFpLv16p5BMB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdEQTAvM0EwRDkzMTAxRDhDMTFFMjhFRkY1N0U3MDhCMDJDRDIvRTRCQTNDRThE RkNFMTFFRkJDNENENjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAN3/HADBAJ8bQgwDQYJKoZIhvcNAQELBQADggEBAAIUKUGt F9DQD+h552Ap5rbFECB2v1sAU7EtfLYGS/7VXzraliJJt5NnU0zFKUmnpP5diY0v vGuBkzPATr23RmZ+vgG1QTjjLzLz2QB3rJId/SrRiZinzq6qX+cyPmzZsUt4qK35 +9oT5Fsr722hYRgD5GsjO4+kvGuSfoLgBgbi+EkMQMPQHEnKNY979ZyxSa99qWGR Sh3vthSNlL5TpRMiUc3jZIiRNW4lARrqHLbJmyp3Qv/sXwE2s8dEidmbV0bMi7yn uKqH+hQYcAK60S+tQao7/J/zxJJc/l0WVsBo57BsnhqSuYcZV+m4On352IN0Pokk EZP3JsSo2NowqQE= -----END CERTIFICATE-----Generated at Tue Apr 29 00:33:21 2025 by rpki-client