$ rpki-client -vvf rpki.apnic.net/member_repository/A91859A3/76435FEE638111E99A51A642C4F9AE02/65EADA381A8011ECAD1E4B30C4F9AE02.roa File: 65EADA381A8011ECAD1E4B30C4F9AE02.roa (raw, json) Hash identifier: WDBmQN8GrovE0YfJl6NcfDbYlw4MdWA6w33AFuBSc4U= Subject key identifier: A8:B0:48:76:2A:F1:78:81:7C:0A:DC:7E:C7:C2:70:F0:DC:0E:BA:FF Certificate issuer: /CN=A91859A3/serialNumber=B841C80BE818C61AAE8417940CA3E69CC141DF8F Certificate serial: 0F5B Authority key identifier: B8:41:C8:0B:E8:18:C6:1A:AE:84:17:94:0C:A3:E6:9C:C1:41:DF:8F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uEHIC-gYxhquhBeUDKPmnMFB348.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91859A3/76435FEE638111E99A51A642C4F9AE02/65EADA381A8011ECAD1E4B30C4F9AE02.roa Signing time: Wed 26 Feb 2025 18:16:09 +0000 ROA not before: Wed 26 Feb 2025 18:16:09 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 135333 IP address blocks: 45.121.239.0/24 maxlen: 24 103.214.148.0/22 maxlen: 24 124.109.16.0/22 maxlen: 22 124.109.16.0/24 maxlen: 24 124.109.17.0/24 maxlen: 24 124.109.18.0/24 maxlen: 24 124.109.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91859A3/76435FEE638111E99A51A642C4F9AE02/uEHIC-gYxhquhBeUDKPmnMFB348.crl rsync://rpki.apnic.net/member_repository/A91859A3/76435FEE638111E99A51A642C4F9AE02/uEHIC-gYxhquhBeUDKPmnMFB348.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uEHIC-gYxhquhBeUDKPmnMFB348.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:33:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3931 (0xf5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91859A3, serialNumber=B841C80BE818C61AAE8417940CA3E69CC141DF8F Validity Not Before: Feb 26 18:16:09 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67bf5a68-f8c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:74:40:c4:71:43:aa:c7:68:ed:e3:31:81:b3: 2a:39:2e:69:63:3d:71:9e:37:33:4f:c8:9d:c0:dc: 9a:55:ff:6b:3f:c8:82:a6:8c:a2:0b:0d:a3:66:88: f6:c7:e6:40:9d:41:68:4b:67:63:3c:3e:96:9d:63: 6e:74:ca:3b:11:3d:24:d6:2c:0e:05:65:15:40:8c: be:fd:7a:59:39:cb:29:37:ad:58:93:2d:29:55:18: 72:e9:c7:a1:4c:1f:c5:58:cb:2d:dc:9c:82:af:a3: 97:f4:78:30:c8:bd:be:78:73:98:13:3e:de:d1:8b: ca:1a:5c:e6:45:48:48:4e:67:79:86:94:f9:93:22: 45:da:42:ea:2f:60:ff:50:e1:02:0b:45:70:20:77: b2:1a:18:a7:f2:46:bf:8f:a7:e4:d4:23:e8:23:f4: 15:cb:9e:ae:7f:9b:a4:a3:54:0b:c9:ec:48:bc:8f: 3e:b6:3a:f0:49:c6:8c:1b:07:35:2d:50:84:5b:ed: d1:34:16:1e:f1:be:e5:4b:15:94:ea:42:54:04:43: e2:da:01:d7:69:f3:ad:dd:86:18:cc:6b:9a:e6:20: b6:bd:d2:ac:2f:5a:ef:04:a0:c2:0a:93:53:b5:2f: 10:9c:9a:f6:4d:c7:ad:1b:5c:b5:0d:68:93:67:50: e2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:B0:48:76:2A:F1:78:81:7C:0A:DC:7E:C7:C2:70:F0:DC:0E:BA:FF X509v3 Authority Key Identifier: keyid:B8:41:C8:0B:E8:18:C6:1A:AE:84:17:94:0C:A3:E6:9C:C1:41:DF:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91859A3/76435FEE638111E99A51A642C4F9AE02/uEHIC-gYxhquhBeUDKPmnMFB348.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uEHIC-gYxhquhBeUDKPmnMFB348.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91859A3/76435FEE638111E99A51A642C4F9AE02/65EADA381A8011ECAD1E4B30C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.121.239.0/24 103.214.148.0/22 124.109.16.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:06:ba:33:24:9d:fb:0a:12:91:40:24:f3:38:94:9c:1e:0f: c6:11:eb:b5:4f:7b:62:e5:43:49:d2:4e:7e:3f:9d:a6:f4:e8: 0f:3c:90:33:2a:50:3d:5d:51:92:b7:fe:d3:13:ab:87:60:8b: f3:0f:9f:b7:75:6f:2c:6a:0f:c0:6d:90:8e:c7:df:ed:08:73: 09:62:4d:94:08:db:86:c9:4c:ca:4d:c9:67:a7:0d:0f:79:e8: 3a:61:96:f8:30:06:00:a0:6c:22:f5:8b:fc:f1:71:b7:cc:0a: df:6e:f3:a5:54:cb:e4:29:ce:db:80:10:18:63:3e:29:9c:2e: d8:8b:5e:f5:84:7b:19:fe:a5:87:fe:4b:bd:0b:85:17:70:c0: e1:c7:9b:88:bd:6c:f1:54:09:01:1a:1b:63:74:f6:e0:2f:0f: d2:29:d8:59:20:88:f7:c5:02:e1:8a:d5:12:7e:6d:fb:63:7e: 5e:09:49:c3:d0:de:73:71:23:d7:d3:da:33:d6:11:d9:73:b4: c6:04:08:fc:e4:7f:04:07:15:92:e1:77:80:65:64:ac:74:d7: 28:04:cb:1a:79:03:fe:f4:96:71:bd:84:00:80:60:f5:37:07: b4:21:cf:6a:78:03:42:58:e6:1c:4c:ca:b0:94:e0:b1:49:d5: 72:6a:74:4d -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICD1swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODU5QTMxMTAvBgNVBAUTKEI4NDFDODBCRTgxOEM2MUFBRTg0MTc5NDBDQTNFNjlD QzE0MURGOEYwHhcNMjUwMjI2MTgxNjA5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2JmNWE2OC1mOGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqHRAxHFDqsdo7eMxgbMqOS5pYz1xnjczT8idwNyaVf9rP8iCpoyiCw2jZoj2 x+ZAnUFoS2djPD6WnWNudMo7ET0k1iwOBWUVQIy+/XpZOcspN61Yky0pVRhy6ceh TB/FWMst3JyCr6OX9HgwyL2+eHOYEz7e0YvKGlzmRUhITmd5hpT5kyJF2kLqL2D/ UOECC0VwIHeyGhin8ka/j6fk1CPoI/QVy56uf5uko1QLyexIvI8+tjrwScaMGwc1 LVCEW+3RNBYe8b7lSxWU6kJUBEPi2gHXafOt3YYYzGua5iC2vdKsL1rvBKDCCpNT tS8QnJr2TcetG1y1DWiTZ1DivQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKiwSHYq 8XiBfArcfsfCcPDcDrr/MB8GA1UdIwQYMBaAFLhByAvoGMYaroQXlAyj5pzBQd+P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTlBMy83NjQzNUZFRTYz ODExMUU5OUE1MUE2NDJDNEY5QUUwMi91RUhJQy1nWXhocXVoQmVVREtQbW5NRkIz NDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VFSElDLWdZeGhxdWhCZVVES1Btbk1GQjM0OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODU5QTMvNzY0MzVGRUU2MzgxMTFFOTlBNTFBNjQyQzRGOUFFMDIvNjVFQURBMzgx QTgwMTFFQ0FEMUU0QjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAAtee8DBAJn1pQDBAJ8bRAwDQYJKoZIhvcNAQELBQADggEB AG8GujMknfsKEpFAJPM4lJweD8YR67VPe2LlQ0nSTn4/nab06A88kDMqUD1dUZK3 /tMTq4dgi/MPn7d1byxqD8BtkI7H3+0IcwliTZQI24bJTMpNyWenDQ956Dphlvgw BgCgbCL1i/zxcbfMCt9u86VUy+QpztuAEBhjPimcLtiLXvWEexn+pYf+S70LhRdw wOHHm4i9bPFUCQEaG2N09uAvD9Ip2FkgiPfFAuGK1RJ+bftjfl4JScPQ3nNxI9fT 2jPWEdlztMYECPzkfwQHFZLhd4BlZKx01ygEyxp5A/70lnG9hACAYPU3B7Qhz2p4 A0JY5hxMyrCU4LFJ1XJqdE0= -----END CERTIFICATE-----Generated at Sat Apr 26 07:48:30 2025 by rpki-client