$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/7AA2CD46073111EA993EC663C4F9AE02.roa File: 7AA2CD46073111EA993EC663C4F9AE02.roa (raw, json) Hash identifier: CYK9f7PkALQsQBTl6o8dgHUkp/bZCI+9/pYzX3H0gkI= Subject key identifier: 19:06:D3:24:E5:85:1F:8E:E2:D9:D6:F7:43:8E:8B:12:80:AE:A7:AF Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0F86 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/7AA2CD46073111EA993EC663C4F9AE02.roa Signing time: Fri 28 Feb 2025 19:30:09 +0000 ROA not before: Fri 28 Feb 2025 19:30:09 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397232 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:22:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3974 (0xf86) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 28 19:30:09 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c20ec1-3847 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:4e:84:72:02:38:2c:88:1c:72:de:9a:bb:3a: b1:a2:a5:ca:f9:76:96:c0:4e:9c:eb:aa:ca:9b:22: 15:31:5d:30:53:52:51:76:e9:14:8c:6c:7f:b4:16: 3b:7f:a6:cf:2e:3f:9f:60:6f:a1:d3:96:87:6e:c9: f3:cd:a1:b3:9c:67:c2:22:97:a7:8f:6d:04:3f:75: aa:75:6e:27:8d:d7:e6:6e:7d:51:18:66:d4:83:7d: dd:7b:ef:3e:02:8e:d0:13:b7:41:07:37:fc:b8:29: 1d:24:d6:c6:85:5d:83:87:3a:6f:c8:93:40:00:7e: 8a:7e:3b:19:28:ce:bd:93:91:9a:26:e8:8c:28:90: 8c:c3:c4:f3:68:d8:4d:67:cc:b5:84:c7:63:ae:a5: 63:e1:0e:7c:21:4c:71:74:a7:0f:95:a4:dd:ec:43: 70:91:2a:4e:f7:f9:e4:9f:89:1e:84:cd:cc:27:97: ef:c5:52:fa:53:63:34:0b:9d:62:63:ee:6c:2a:eb: f3:94:01:9f:ad:46:51:d0:5a:ce:38:e8:13:06:a0: 32:2c:e6:14:da:ca:85:5a:8b:67:e5:1d:0a:f7:9c: be:b9:6f:2b:28:c0:63:cc:d3:f5:1e:cf:50:5b:d9: 28:93:49:7d:e0:28:e6:d2:6a:7e:62:dd:9a:9a:f5: 44:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:06:D3:24:E5:85:1F:8E:E2:D9:D6:F7:43:8E:8B:12:80:AE:A7:AF X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/7AA2CD46073111EA993EC663C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 89:7d:2f:0f:36:cf:db:61:65:e3:03:f2:d3:30:d5:84:40:36: ac:7c:32:cc:b5:72:aa:c9:9c:66:c7:63:7f:00:51:fa:d1:38: a2:bf:5d:5b:28:a6:86:69:2b:c7:a3:66:f6:3b:d8:75:2c:57: 3b:f0:8c:42:2f:22:bf:bb:a9:50:f0:ce:6f:a4:69:b9:5b:46: f3:ae:80:60:b6:8c:92:11:61:a5:21:1d:da:8b:9c:7d:33:ee: 8b:2b:de:37:32:ad:52:67:31:e3:3d:6e:c8:b7:bb:a4:81:54: 08:ce:22:21:23:a5:db:a7:c6:62:be:7e:34:de:db:04:ac:27: 10:56:36:d2:d8:7d:ce:86:0e:9a:eb:18:ad:00:df:63:51:9c: 07:be:07:ee:90:f0:1d:38:54:72:98:70:f0:02:15:fc:30:03: a1:42:ee:8f:80:44:c8:c0:e8:0b:81:bb:e1:25:35:c2:b3:2f: 65:e5:74:d4:3f:45:ab:41:63:44:bb:4c:0d:88:06:c3:16:77: 2d:42:6d:67:3b:bd:75:96:c7:b6:d7:0b:1a:a8:5d:11:b9:e8: 73:3a:eb:84:23:4c:dd:65:40:d3:b8:36:04:b4:f1:3a:e3:8e: 55:11:14:df:fd:f3:b3:e1:29:08:14:73:70:f5:1b:13:dd:18: 97:53:3c:bf -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICD4YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkzMDA5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyMGVjMS0zODQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA206EcgI4LIgcct6auzqxoqXK+XaWwE6c66rKmyIVMV0wU1JRdukUjGx/tBY7 f6bPLj+fYG+h05aHbsnzzaGznGfCIpenj20EP3WqdW4njdfmbn1RGGbUg33de+8+ Ao7QE7dBBzf8uCkdJNbGhV2DhzpvyJNAAH6KfjsZKM69k5GaJuiMKJCMw8TzaNhN Z8y1hMdjrqVj4Q58IUxxdKcPlaTd7ENwkSpO9/nkn4kehM3MJ5fvxVL6U2M0C51i Y+5sKuvzlAGfrUZR0FrOOOgTBqAyLOYU2sqFWotn5R0K95y+uW8rKMBjzNP1Hs9Q W9kok0l94Cjm0mp+Yt2amvVEzwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFBkG0yTl hR+O4tnW90OOixKArqevMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvN0FBMkNENDYw NzMxMTFFQTk5M0VDNjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBAIl9Lw82z9th ZeMD8tMw1YRANqx8Msy1cqrJnGbHY38AUfrROKK/XVsopoZpK8ejZvY72HUsVzvw jEIvIr+7qVDwzm+kablbRvOugGC2jJIRYaUhHdqLnH0z7osr3jcyrVJnMeM9bsi3 u6SBVAjOIiEjpdunxmK+fjTe2wSsJxBWNtLYfc6GDprrGK0A32NRnAe+B+6Q8B04 VHKYcPACFfwwA6FC7o+ARMjA6AuBu+ElNcKzL2XldNQ/RatBY0S7TA2IBsMWdy1C bWc7vXWWx7bXCxqoXRG56HM664QjTN1lQNO4NgS08TrjjlURFN/987PhKQgUc3D1 GxPdGJdTPL8= -----END CERTIFICATE-----Generated at Sat Apr 26 08:15:18 2025 by rpki-client