$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/6C68485C5A1D11EFA9989052C4F9AE02.roa File: 6C68485C5A1D11EFA9989052C4F9AE02.roa (raw, json) Hash identifier: eMC9itpv3oFgg3wC16WZV3uYeAr5DZklaR+zjZUUL1Q= Subject key identifier: C2:E0:24:E0:4C:4F:34:23:4B:CB:1B:94:4A:91:15:F4:2D:08:52:21 Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329 Certificate serial: 0A12 Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/6C68485C5A1D11EFA9989052C4F9AE02.roa Signing time: Wed 06 Nov 2024 20:09:52 +0000 ROA not before: Wed 06 Nov 2024 20:09:52 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 152194 IP address blocks: 1.32.192.0/18 maxlen: 24 14.128.32.0/19 maxlen: 24 27.50.48.0/20 maxlen: 24 27.124.0.0/18 maxlen: 24 118.107.0.0/18 maxlen: 24 118.107.176.0/22 maxlen: 24 180.222.204.0/22 maxlen: 24 202.36.48.0/20 maxlen: 24 202.61.128.0/21 maxlen: 24 202.61.136.0/21 maxlen: 24 202.61.144.0/20 maxlen: 24 202.61.160.0/20 maxlen: 24 202.61.176.0/21 maxlen: 24 202.61.184.0/22 maxlen: 24 202.61.188.0/22 maxlen: 24 202.79.160.0/20 maxlen: 24 202.95.0.0/22 maxlen: 24 202.95.4.0/22 maxlen: 24 202.95.8.0/21 maxlen: 24 202.95.16.0/20 maxlen: 24 202.162.96.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:54:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2578 (0xa12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C661, serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329 Validity Not Before: Nov 6 20:09:52 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=672bcd0f-e1cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:d6:52:ec:6a:ff:96:af:2a:c0:93:1f:3d:98: f1:92:95:8d:b3:bb:b3:c3:39:4d:69:d3:9f:11:f3: b7:9a:fc:0e:a2:81:b3:d7:93:92:a3:e2:dd:99:e9: bd:78:44:dd:02:5e:da:3a:1d:05:47:9b:41:5c:bb: 2f:17:ee:f3:ce:e1:e3:15:eb:cf:32:7f:12:65:c1: 52:30:61:18:c9:0d:71:3c:b2:10:f5:31:0d:92:54: c0:e2:22:5d:4c:1b:fd:4e:22:71:72:d4:11:1f:9e: 3e:66:9f:76:62:fb:bb:a6:be:e4:ad:46:7a:47:f6: d1:55:9b:8b:d7:29:4f:ab:78:f1:87:e4:d0:ef:b4: fc:57:41:74:ff:36:4c:52:35:65:75:ab:04:a3:d0: 5f:fb:38:4e:0b:b1:93:7d:5e:70:94:10:17:d3:80: 64:81:ec:f1:70:7d:0a:cd:64:fa:89:5b:ee:b7:c6: f9:9a:41:54:4c:c6:d0:46:e0:57:a1:81:56:9b:2a: 35:a7:b6:59:99:aa:3f:fd:77:9b:56:58:0b:e1:45: c2:94:c1:a5:54:4b:ed:a0:5b:9f:f3:20:78:e6:e6: ea:ad:ee:26:60:c1:2c:77:eb:f9:39:2b:34:3a:7c: 54:92:1c:2c:e9:3d:8b:fd:b7:9b:ff:29:a4:9f:7e: f7:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:E0:24:E0:4C:4F:34:23:4B:CB:1B:94:4A:91:15:F4:2D:08:52:21 X509v3 Authority Key Identifier: keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/6C68485C5A1D11EFA9989052C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 1.32.192.0/18 14.128.32.0/19 27.50.48.0/20 27.124.0.0/18 118.107.0.0/18 118.107.176.0/22 180.222.204.0/22 202.36.48.0/20 202.61.128.0/18 202.79.160.0/20 202.95.0.0/19 202.162.96.0/20 Signature Algorithm: sha256WithRSAEncryption 0e:71:05:94:ed:0a:52:66:a4:8a:53:39:7f:38:90:77:09:83: b5:6c:b0:79:8c:2a:c3:9c:57:dc:cd:01:b9:ae:63:36:79:fe: 48:b2:d7:83:26:52:ee:f6:7c:51:42:c5:ed:3e:8a:64:49:b1: 8c:17:76:67:6a:19:98:b7:9d:fa:aa:56:19:41:12:cf:44:e1: db:ad:58:08:8a:a3:ac:43:1c:34:99:66:ac:c2:95:fa:dd:33: bd:5b:c6:f1:dc:31:42:64:5f:9a:27:23:2d:4c:2e:d9:3a:1c: bd:b3:ac:d5:26:75:bf:4e:31:a0:bc:e9:3d:96:41:b4:f3:5c: a0:fa:dd:ec:15:a2:d6:73:8d:d8:b9:95:e4:56:bc:5d:ca:db: bb:73:cf:bf:24:c6:00:b1:34:84:e8:ca:ee:3c:12:bb:4c:76: 68:0f:f3:d6:6e:be:dc:fe:de:a1:5e:f9:4b:82:c5:d1:70:0e: f1:c0:9d:f5:34:1b:33:3e:76:1d:4a:57:4e:ab:20:e5:ff:de: 40:98:82:4b:33:e4:e3:fb:03:f3:b9:25:02:fb:78:c2:4d:0e: c9:a2:9c:95:0c:25:49:26:68:39:07:fd:d6:72:46:be:eb:ae: 56:fa:48:07:b4:54:a1:fc:99:d6:4c:3e:63:b5:56:5f:ca:ae: a3:06:09:52 -----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgICChIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG NEJBNDIzMjkwHhcNMjQxMTA2MjAwOTUyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzJiY2QwZi1lMWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsdZS7Gr/lq8qwJMfPZjxkpWNs7uzwzlNadOfEfO3mvwOooGz15OSo+Ldmem9 eETdAl7aOh0FR5tBXLsvF+7zzuHjFevPMn8SZcFSMGEYyQ1xPLIQ9TENklTA4iJd TBv9TiJxctQRH54+Zp92Yvu7pr7krUZ6R/bRVZuL1ylPq3jxh+TQ77T8V0F0/zZM UjVldasEo9Bf+zhOC7GTfV5wlBAX04BkgezxcH0KzWT6iVvut8b5mkFUTMbQRuBX oYFWmyo1p7ZZmao//XebVlgL4UXClMGlVEvtoFuf8yB45ubqre4mYMEsd+v5OSs0 OnxUkhws6T2L/beb/ymkn373CwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFMLgJOBM TzQjS8sblEqRFfQtCFIhMB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEM2NjEvMEJCRDlFQTI4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvNkM2ODQ4NUM1 QTFEMTFFRkE5OTg5MDUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E UjBQME4EAgABMEgDBAYBIMADBAUOgCADBAQbMjADBAYbfAADBAZ2awADBAJ2a7AD BAK03swDBATKJDADBAbKPYADBATKT6ADBAXKXwADBATKomAwDQYJKoZIhvcNAQEL BQADggEBAA5xBZTtClJmpIpTOX84kHcJg7VssHmMKsOcV9zNAbmuYzZ5/kiy14Mm Uu72fFFCxe0+imRJsYwXdmdqGZi3nfqqVhlBEs9E4dutWAiKo6xDHDSZZqzClfrd M71bxvHcMUJkX5onIy1MLtk6HL2zrNUmdb9OMaC86T2WQbTzXKD63ewVotZzjdi5 leRWvF3K27tzz78kxgCxNIToyu48ErtMdmgP89Zuvtz+3qFe+UuCxdFwDvHAnfU0 GzM+dh1KV06rIOX/3kCYgksz5OP7A/O5JQL7eMJNDsminJUMJUkmaDkH/dZyRr7r rlb6SAe0VKH8mdZMPmO1Vl/KrqMGCVI= -----END CERTIFICATE-----Generated at Sat Apr 26 17:10:45 2025 by rpki-client