$ rpki-client -vvf rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/E397AB78866F11EBA76EED3EC4F9AE02.roa File: E397AB78866F11EBA76EED3EC4F9AE02.roa (raw, json) Hash identifier: DBPGuu5yRvDvP4FC/IjV2H3T+xTKFbXciVMjwanRb/4= Subject key identifier: 63:75:58:CB:11:7D:5A:D4:95:60:79:44:88:03:6B:2D:D1:F1:18:38 Certificate issuer: /CN=A9174EB5/serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4 Certificate serial: 0C70 Authority key identifier: 48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/E397AB78866F11EBA76EED3EC4F9AE02.roa Signing time: Wed 12 Feb 2025 19:27:04 +0000 ROA not before: Wed 12 Feb 2025 19:27:04 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 138571 IP address blocks: 45.119.4.0/23 maxlen: 23 45.119.4.0/24 maxlen: 24 103.133.92.0/23 maxlen: 24 103.133.94.0/23 maxlen: 24 203.23.176.0/24 maxlen: 24 203.23.177.0/24 maxlen: 24 203.34.110.0/24 maxlen: 24 2404:4a40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:26:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3184 (0xc70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9174EB5, serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4 Validity Not Before: Feb 12 19:27:04 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67acf608-89c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:f0:55:f1:01:ef:2a:48:a3:01:53:db:36:0f: a7:21:92:d8:46:89:3d:a9:43:b3:a3:32:81:c1:da: d1:92:0f:f8:41:87:60:f0:c5:04:95:10:b6:eb:a2: 01:2a:62:b4:aa:f6:24:03:db:10:94:c8:1e:f7:d4: 7b:34:92:b1:1c:3f:48:91:91:be:61:dc:af:a4:82: 94:22:09:bc:3e:75:05:e0:1c:aa:8c:8f:8a:e0:8b: 32:54:89:5f:cb:14:34:0b:0f:a1:c9:c1:77:d2:14: b2:ea:b3:01:51:8e:52:c1:68:2d:91:85:30:dc:ec: 19:d2:2a:ca:5c:f9:d3:61:f3:60:8a:eb:1a:3e:84: 22:f6:de:bb:f2:ee:36:25:85:87:d1:31:f9:b9:b1: 89:94:d6:3b:87:19:45:6e:4b:03:4b:37:d9:c4:83: fc:f8:16:04:94:98:a9:08:33:a0:8b:a3:58:e3:65: 1f:f9:a1:bb:3d:ff:dd:e2:d7:0d:6b:d7:d6:1a:ed: 0a:b7:00:cf:89:30:28:86:7c:c1:28:0d:a8:37:93: 7e:7f:da:5e:a1:0f:94:33:44:09:52:a8:df:36:c8: 39:37:9a:32:f3:3f:bd:c5:ca:58:c9:04:b8:f1:e4: fb:82:0f:54:bd:d8:25:d5:e4:cb:ea:fb:49:0c:d9: 92:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:75:58:CB:11:7D:5A:D4:95:60:79:44:88:03:6B:2D:D1:F1:18:38 X509v3 Authority Key Identifier: keyid:48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/E397AB78866F11EBA76EED3EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.119.4.0/23 103.133.92.0/22 203.23.176.0/23 203.34.110.0/24 IPv6: 2404:4a40::/32 Signature Algorithm: sha256WithRSAEncryption 40:ca:b4:8e:b7:7f:14:f8:70:54:a6:d7:e0:6c:59:eb:c8:1a: a5:ea:2c:ed:75:82:07:36:8d:89:df:cf:be:2f:9c:d7:0a:42: ff:16:b3:0b:72:d6:26:77:57:43:8f:2f:ad:1f:e0:3f:98:37: 5d:1c:cf:44:13:33:c0:37:4d:cb:5e:4e:91:ab:b6:75:26:cf: 29:45:5f:4a:f9:19:84:cf:3d:d6:df:9e:ca:66:7b:35:b6:87: 3d:32:95:12:63:7f:d2:35:a9:60:bc:51:a3:56:15:78:ce:7b: 14:38:c9:86:6e:e1:7c:13:20:10:42:a6:e2:1e:15:96:49:90: 02:73:f8:00:a1:f9:21:63:92:6a:d9:eb:bf:e0:9a:ee:b1:91: ba:37:ce:a1:3e:52:3a:fd:d2:1a:91:ba:f3:38:84:f6:ba:30: ed:92:db:d0:a5:81:aa:31:f4:85:26:ce:f8:36:71:8e:8a:5b: b5:27:e6:81:04:95:a4:98:d9:8e:28:37:37:16:52:cc:e2:79: f3:c4:87:e6:ac:c0:78:10:84:01:8b:49:87:13:13:11:04:96: 85:c0:25:02:90:ba:b2:1b:2a:7b:79:66:35:44:c3:40:ec:66: d6:31:d0:96:e5:97:02:a7:89:8d:12:e5:d2:44:4f:2f:8b:d3: 5b:ec:ea:b6 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICDHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzRFQjUxMTAvBgNVBAUTKDQ4RTk5ODUxQzE4OUZBOTIxQjg2NjY0RTMwQkM1N0My MEVEMUE4QzQwHhcNMjUwMjEyMTkyNzA0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2FjZjYwOC04OWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5/BV8QHvKkijAVPbNg+nIZLYRok9qUOzozKBwdrRkg/4QYdg8MUElRC266IB KmK0qvYkA9sQlMge99R7NJKxHD9IkZG+YdyvpIKUIgm8PnUF4ByqjI+K4IsyVIlf yxQ0Cw+hycF30hSy6rMBUY5SwWgtkYUw3OwZ0irKXPnTYfNgiusaPoQi9t678u42 JYWH0TH5ubGJlNY7hxlFbksDSzfZxIP8+BYElJipCDOgi6NY42Uf+aG7Pf/d4tcN a9fWGu0KtwDPiTAohnzBKA2oN5N+f9peoQ+UM0QJUqjfNsg5N5oy8z+9xcpYyQS4 8eT7gg9Uvdgl1eTL6vtJDNmSVQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFGN1WMsR fVrUlWB5RIgDay3R8Rg4MB8GA1UdIwQYMBaAFEjpmFHBifqSG4ZmTjC8V8IO0ajE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEVCNS9BRkVBMjlDMjA2 MTkxMUVBODU0QTM1MTZDNEY5QUUwMi9TT21ZVWNHSi1wSWJobVpPTUx4WHdnN1Jx TVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NPbVlVY0dKLXBJYmhtWk9NTHhYd2c3UnFNUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzRFQjUvQUZFQTI5QzIwNjE5MTFFQTg1NEEzNTE2QzRGOUFFMDIvRTM5N0FCNzg4 NjZGMTFFQkE3NkVFRDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAEtdwQDBAJnhVwDBAHLF7ADBADLIm4wDQQCAAIwBwMFACQE SkAwDQYJKoZIhvcNAQELBQADggEBAEDKtI63fxT4cFSm1+BsWevIGqXqLO11ggc2 jYnfz74vnNcKQv8Wswty1iZ3V0OPL60f4D+YN10cz0QTM8A3TcteTpGrtnUmzylF X0r5GYTPPdbfnspmezW2hz0ylRJjf9I1qWC8UaNWFXjOexQ4yYZu4XwTIBBCpuIe FZZJkAJz+ACh+SFjkmrZ67/gmu6xkbo3zqE+Ujr90hqRuvM4hPa6MO2S29Clgaox 9IUmzvg2cY6KW7Un5oEElaSY2Y4oNzcWUsziefPEh+aswHgQhAGLSYcTExEEloXA JQKQurIbKnt5ZjVEw0DsZtYx0JbllwKniY0S5dJETy+L01vs6rY= -----END CERTIFICATE-----Generated at Sat Apr 26 12:23:34 2025 by rpki-client