$ rpki-client -vvf rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/880E53BC852A11EE8B988A85C4F9AE02.roa File: 880E53BC852A11EE8B988A85C4F9AE02.roa (raw, json) Hash identifier: SuIwbjVFIiO//MYlkWAI7JLL+Gi6my0EIFtFpMkp/oM= Subject key identifier: 62:97:88:49:24:F4:E4:98:AB:8C:65:76:31:1A:D4:DE:4C:54:BE:E9 Certificate issuer: /CN=A916DED9/serialNumber=E16E4F65E2E397E9FCE05785A265C6197C8220C9 Certificate serial: C8 Authority key identifier: E1:6E:4F:65:E2:E3:97:E9:FC:E0:57:85:A2:65:C6:19:7C:82:20:C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4W5PZeLjl-n84FeFomXGGXyCIMk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/880E53BC852A11EE8B988A85C4F9AE02.roa Signing time: Mon 09 Dec 2024 04:07:47 +0000 ROA not before: Mon 09 Dec 2024 04:07:47 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 45666 IP address blocks: 202.89.100.0/22 maxlen: 22 202.89.100.0/24 maxlen: 24 202.89.101.0/24 maxlen: 24 202.89.102.0/24 maxlen: 24 202.89.103.0/24 maxlen: 24 203.55.53.0/24 maxlen: 24 2407:8600::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/4W5PZeLjl-n84FeFomXGGXyCIMk.crl rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/4W5PZeLjl-n84FeFomXGGXyCIMk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4W5PZeLjl-n84FeFomXGGXyCIMk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 200 (0xc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916DED9, serialNumber=E16E4F65E2E397E9FCE05785A265C6197C8220C9 Validity Not Before: Dec 9 04:07:47 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67566d12-90c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:51:96:25:3a:c1:ab:ac:ec:1c:97:8c:ec:a3: 6d:b2:ac:41:35:9e:4c:b7:4a:62:02:5a:af:a5:10: 0e:01:11:7f:ae:2a:56:45:0c:1a:99:dc:c3:b0:af: 60:f8:23:7d:7d:a1:46:1f:98:4f:4d:93:ce:b3:6f: 6a:a9:a6:5e:2c:1d:4d:6f:9d:35:05:28:e2:34:7f: 1a:18:6b:17:d9:69:47:ce:02:72:84:f3:e9:ec:d7: 7e:84:38:0e:42:f3:0e:9a:c7:4b:55:98:28:c3:70: 7f:43:f3:1f:74:65:a7:65:04:92:86:18:b8:d5:76: 0c:59:c5:0e:93:89:6a:fe:2e:8c:34:41:26:85:b6: a3:4e:aa:1c:f2:df:32:03:cb:76:01:08:ea:c4:75: 56:66:fa:23:7c:f4:10:ce:e1:b2:8a:16:be:fa:69: 20:0b:f3:88:32:c3:aa:af:88:aa:50:97:29:7a:32: 2c:31:2c:c8:82:78:4a:5d:fa:1e:49:a5:06:5c:ba: ae:bd:7b:97:35:9e:00:3a:cf:07:f1:79:03:3b:63: af:c5:f6:63:53:a7:f9:b7:33:db:02:61:26:4e:e4: 19:89:c6:99:0b:e2:88:5f:20:99:5c:35:8b:63:91: f6:19:53:2f:56:75:08:08:53:0f:b4:dc:ef:fb:99: e8:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:97:88:49:24:F4:E4:98:AB:8C:65:76:31:1A:D4:DE:4C:54:BE:E9 X509v3 Authority Key Identifier: keyid:E1:6E:4F:65:E2:E3:97:E9:FC:E0:57:85:A2:65:C6:19:7C:82:20:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/4W5PZeLjl-n84FeFomXGGXyCIMk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4W5PZeLjl-n84FeFomXGGXyCIMk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DED9/DF15B3B8852911EEAFD04C84C4F9AE02/880E53BC852A11EE8B988A85C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.89.100.0/22 203.55.53.0/24 IPv6: 2407:8600::/32 Signature Algorithm: sha256WithRSAEncryption c7:49:eb:6b:8b:de:84:bb:a4:53:16:7b:c5:e8:f1:fb:1b:6d: 40:b6:cc:b7:65:85:83:3c:40:07:45:50:98:cb:70:c0:9d:9d: 8b:5a:2c:8b:d2:f6:c0:63:d2:9c:7e:2a:19:76:0c:f0:76:0b: 93:f4:1c:e8:de:40:f3:01:4c:a9:5e:03:e1:c3:14:61:a2:0f: ec:ad:85:ca:a8:77:60:4f:a4:ef:c6:6b:75:05:56:a3:d1:ac: 68:01:98:4e:86:90:6e:75:b4:28:4f:13:a5:30:20:2b:05:98: e8:8a:8e:d7:c5:63:7c:4a:16:1a:6a:df:ea:87:7e:77:4d:8a: 87:d7:a3:24:f9:06:f3:41:84:5a:18:b4:6f:1d:45:34:c8:a0: b3:cd:4d:17:c8:1e:db:33:90:dd:04:cc:23:91:ca:6d:77:b3: 5b:9f:e0:90:ea:9c:05:7c:47:2e:c8:cf:be:f9:71:31:1b:f3: c4:2b:ee:b5:bd:3d:45:53:3d:72:a1:80:a8:c8:73:1e:c3:c3: ac:2e:a8:10:45:b3:3a:49:f0:98:9d:50:d1:f1:3e:4a:95:a0: 89:9e:8e:73:fd:37:23:11:a4:f2:81:75:d2:e4:2b:e3:4c:a1: f9:b5:41:f9:44:a9:a9:32:b8:32:64:a0:c9:71:d4:9a:85:6a: 52:93:a3:f3 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkRFRDkxMTAvBgNVBAUTKEUxNkU0RjY1RTJFMzk3RTlGQ0UwNTc4NUEyNjVDNjE5 N0M4MjIwQzkwHhcNMjQxMjA5MDQwNzQ3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzU2NmQxMi05MGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvVGWJTrBq6zsHJeM7KNtsqxBNZ5Mt0piAlqvpRAOARF/ripWRQwamdzDsK9g +CN9faFGH5hPTZPOs29qqaZeLB1Nb501BSjiNH8aGGsX2WlHzgJyhPPp7Nd+hDgO QvMOmsdLVZgow3B/Q/MfdGWnZQSShhi41XYMWcUOk4lq/i6MNEEmhbajTqoc8t8y A8t2AQjqxHVWZvojfPQQzuGyiha++mkgC/OIMsOqr4iqUJcpejIsMSzIgnhKXfoe SaUGXLquvXuXNZ4AOs8H8XkDO2OvxfZjU6f5tzPbAmEmTuQZicaZC+KIXyCZXDWL Y5H2GVMvVnUICFMPtNzv+5nocwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGKXiEkk 9OSYq4xldjEa1N5MVL7pMB8GA1UdIwQYMBaAFOFuT2Xi45fp/OBXhaJlxhl8giDJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2REVEOS9ERjE1QjNCODg1 MjkxMUVFQUZEMDRDODRDNEY5QUUwMi80VzVQWmVMamwtbjg0RmVGb21YR0dYeUNJ TWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRXNVBaZUxqbC1uODRGZUZvbVhHR1h5Q0lNay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkRFRDkvREYxNUIzQjg4NTI5MTFFRUFGRDA0Qzg0QzRGOUFFMDIvODgwRTUzQkM4 NTJBMTFFRThCOTg4QTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBALKWWQDBADLNzUwDQQCAAIwBwMFACQHhgAwDQYJKoZIhvcN AQELBQADggEBAMdJ62uL3oS7pFMWe8Xo8fsbbUC2zLdlhYM8QAdFUJjLcMCdnYta LIvS9sBj0px+Khl2DPB2C5P0HOjeQPMBTKleA+HDFGGiD+ythcqod2BPpO/Ga3UF VqPRrGgBmE6GkG51tChPE6UwICsFmOiKjtfFY3xKFhpq3+qHfndNiofXoyT5BvNB hFoYtG8dRTTIoLPNTRfIHtszkN0EzCORym13s1uf4JDqnAV8Ry7Iz775cTEb88Qr 7rW9PUVTPXKhgKjIcx7Dw6wuqBBFszpJ8JidUNHxPkqVoImejnP9NyMRpPKBddLk K+NMofm1QflEqakyuDJkoMlx1JqFalKTo/M= -----END CERTIFICATE-----Generated at Sat Apr 26 13:49:09 2025 by rpki-client