$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/537DDF3A09B111EAB045B31EC4F9AE02.roa File: 537DDF3A09B111EAB045B31EC4F9AE02.roa (raw, json) Hash identifier: qAtZpYCgUE7XF72dDrj/L94aRV1ZqOTXhcPF6PCCyXI= Subject key identifier: C0:02:70:A6:52:49:49:4D:C1:35:7A:8D:E4:F5:E3:ED:6A:90:A6:78 Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0F77 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/537DDF3A09B111EAB045B31EC4F9AE02.roa Signing time: Fri 28 Feb 2025 19:29:48 +0000 ROA not before: Fri 28 Feb 2025 19:29:48 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397217 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:22:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3959 (0xf77) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 28 19:29:48 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c20eac-7a76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:47:12:13:7e:f5:9a:42:7a:04:27:19:25:46: a3:5c:31:1e:45:b6:bb:f0:ce:f8:b3:65:40:16:b3: f5:ab:2d:c9:49:58:6d:db:de:e9:c8:51:19:f0:c0: ff:aa:e9:68:f5:4a:4e:70:d4:ff:91:eb:7f:74:29: d1:bc:67:29:0a:27:bd:69:32:d8:e4:22:0d:15:94: 71:7a:c4:0e:ef:94:db:88:fd:22:7d:2a:b1:fe:c4: b3:cc:58:38:c4:52:d8:fa:34:fd:da:95:db:a4:27: 1b:09:c8:9a:22:67:34:f8:00:9d:c7:dd:50:6f:60: f5:f7:05:a7:f1:4d:2b:7e:ef:83:ac:10:67:e3:6a: 16:cb:6d:ed:55:11:1e:a6:04:8a:57:4d:7e:f2:44: ec:bf:7c:e2:47:04:25:07:f4:98:7d:c1:aa:d3:9a: 22:ce:ad:e3:7d:bb:ec:84:78:96:28:19:62:76:46: 7f:62:b5:8c:dd:40:e8:62:f6:6d:ee:e5:a6:10:bd: fb:86:f1:2d:da:8c:55:91:79:80:78:32:ff:36:75: 3a:6a:00:f0:80:27:86:a8:e4:58:1a:ce:8d:ee:68: b7:6a:38:5b:7e:e5:86:b0:bb:49:3f:74:a2:07:9f: d0:5e:48:55:7c:15:75:3a:46:7a:1b:eb:47:c3:3c: 41:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:02:70:A6:52:49:49:4D:C1:35:7A:8D:E4:F5:E3:ED:6A:90:A6:78 X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/537DDF3A09B111EAB045B31EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:5:ffff:ffff:ffff:ffff:ffff 2001:dcd:7::/48 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption a3:06:71:4d:02:74:5a:09:3b:31:67:5a:0b:a7:66:30:c0:e5: cc:94:ba:33:67:5d:d9:b8:06:12:1c:f3:f1:ac:9d:03:48:11: 7b:4f:61:b4:a7:8e:89:9b:9c:cc:b2:78:d3:57:2e:10:9e:59: 9f:d7:8f:00:e2:2b:7c:2a:f6:c6:37:5f:14:cc:1b:0c:43:62: 50:d8:93:2b:8c:8e:d7:f3:63:58:83:59:24:bf:66:43:8d:87: 4f:1a:b7:dc:ae:ce:80:e9:f0:77:5e:dc:2c:de:57:30:bd:b2: 69:ad:a5:9e:6f:4f:19:82:6f:62:46:5c:5c:44:1c:4d:7a:be: 09:37:4b:1c:fb:15:9c:c2:34:1d:5d:03:0c:5f:b6:97:70:fe: 70:0a:3e:9e:64:a4:77:b7:a8:98:36:ed:df:92:66:b6:60:1b: 7d:4e:0e:b9:27:1e:bb:64:4a:b7:d0:fe:51:0a:98:79:8c:1b: 89:86:7b:e1:a2:d0:f9:1b:84:37:b6:cc:56:f0:6a:15:95:37: d8:44:3a:63:62:70:f8:e3:8f:88:36:27:b4:d4:4c:2a:76:75: e5:14:33:29:74:6c:49:c9:db:de:ae:e1:30:29:39:93:22:c1: d3:a7:d6:c8:9c:1d:dd:85:b1:e9:95:6e:66:28:12:80:5f:15: 97:a8:c3:96 -----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgICD3cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkyOTQ4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyMGVhYy03YTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4EcSE371mkJ6BCcZJUajXDEeRba78M74s2VAFrP1qy3JSVht297pyFEZ8MD/ qulo9UpOcNT/ket/dCnRvGcpCie9aTLY5CINFZRxesQO75TbiP0ifSqx/sSzzFg4 xFLY+jT92pXbpCcbCciaImc0+ACdx91Qb2D19wWn8U0rfu+DrBBn42oWy23tVREe pgSKV01+8kTsv3ziRwQlB/SYfcGq05oizq3jfbvshHiWKBlidkZ/YrWM3UDoYvZt 7uWmEL37hvEt2oxVkXmAeDL/NnU6agDwgCeGqORYGs6N7mi3ajhbfuWGsLtJP3Si B5/QXkhVfBV1OkZ6G+tHwzxBhQIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFMACcKZS SUlNwTV6jeT14+1qkKZ4MB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNTM3RERGM0Ew OUIxMTFFQUIwNDVCMzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E TDBKMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAsBAIAAjAmMBIDBwAgAQ3N AAEDBwEgAQ3NAAQDBwAgAQ3NAAcDBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEB AKMGcU0CdFoJOzFnWgunZjDA5cyUujNnXdm4BhIc8/GsnQNIEXtPYbSnjombnMyy eNNXLhCeWZ/XjwDiK3wq9sY3XxTMGwxDYlDYkyuMjtfzY1iDWSS/ZkONh08at9yu zoDp8Hde3CzeVzC9smmtpZ5vTxmCb2JGXFxEHE16vgk3Sxz7FZzCNB1dAwxftpdw /nAKPp5kpHe3qJg27d+SZrZgG31ODrknHrtkSrfQ/lEKmHmMG4mGe+Gi0PkbhDe2 zFbwahWVN9hEOmNicPjjj4g2J7TUTCp2deUUMyl0bEnJ296u4TApOZMiwdOn1sic Hd2FsemVbmYoEoBfFZeow5Y= -----END CERTIFICATE-----Generated at Sat Apr 26 08:05:52 2025 by rpki-client