$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F2D46CA0099A11EAB5891D5BC4F9AE02.roa File: F2D46CA0099A11EAB5891D5BC4F9AE02.roa (raw, json) Hash identifier: Ghvi3pGT4pcObcWFUQUF1+74t/jTPSzrTwMbuA1l0j4= Subject key identifier: 6C:A0:B2:4F:C1:DF:21:F4:7F:BD:16:37:8F:DD:76:BC:BD:DE:3F:60 Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0F8B Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F2D46CA0099A11EAB5891D5BC4F9AE02.roa Signing time: Fri 28 Feb 2025 19:30:15 +0000 ROA not before: Fri 28 Feb 2025 19:30:15 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397237 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:22:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3979 (0xf8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 28 19:30:15 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c20ec7-04cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:3e:37:2f:2e:b7:18:fc:5b:62:bd:db:31:35: 94:03:4b:f2:ed:07:ea:0e:73:37:cd:45:7b:ac:e6: c2:12:26:11:a4:fc:58:24:4c:2a:f4:74:30:e3:47: 36:f9:90:9c:26:17:51:e3:2a:ce:34:be:b8:57:86: 2b:5b:31:4f:43:3d:59:6d:b2:e7:d6:fe:60:52:d6: ce:d8:16:51:a7:4e:13:fc:8e:4e:f8:3f:4a:d1:32: 44:97:c3:4b:46:7f:ce:5a:b3:4d:09:27:df:ba:99: 16:ec:c7:eb:66:b9:38:55:13:d5:55:b8:a5:21:34: 4b:87:d8:e7:1c:c2:29:ee:89:ff:cd:90:3a:08:5e: 42:42:12:4d:d3:f5:22:3d:a9:01:af:23:7a:56:1f: 44:db:b2:9d:75:e8:39:80:30:5f:7d:f6:54:25:18: 2b:1e:dd:39:59:04:0c:34:2a:11:5e:9f:b1:a3:4e: 6b:5a:01:c3:5c:4f:86:8a:bf:d7:2a:71:0e:3f:35: 1a:ff:52:66:2b:1f:c5:3c:52:33:08:51:d4:69:07: 85:08:8d:e0:f9:00:f3:4d:3d:88:8d:33:c2:29:29: 0c:d8:df:c3:60:d9:87:61:2b:bb:d1:ca:9d:fe:bb: 54:ea:1b:fa:2c:8c:34:d1:36:86:83:ff:36:2d:a5: 6b:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:A0:B2:4F:C1:DF:21:F4:7F:BD:16:37:8F:DD:76:BC:BD:DE:3F:60 X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F2D46CA0099A11EAB5891D5BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 36:c2:36:49:e0:7d:c4:f9:da:68:71:46:fc:58:4a:5f:4f:e8: 11:c2:5f:1e:3b:d0:c9:aa:42:60:ff:41:94:74:e2:8d:6e:26: ab:f8:95:04:64:ce:c2:c6:f5:ca:fe:d2:fe:97:25:8e:bc:ae: 5e:94:e8:d6:97:98:cf:35:51:3c:fe:97:fa:11:dd:de:a3:70: c8:ae:84:3a:ab:97:72:a4:8d:93:bf:97:08:04:4b:37:d3:ed: 1f:6b:79:57:fb:7f:eb:03:aa:c0:80:13:c6:0f:57:93:b0:7a: e8:2e:e0:71:5a:91:08:01:74:6f:e8:23:9e:71:14:41:09:2a: 83:91:37:f0:08:db:5e:9a:97:6f:6a:fa:15:fb:42:ea:a8:6d: 2c:7c:06:b5:44:ee:b1:56:21:5d:2a:03:3b:f8:7b:3a:e3:ae: bd:9f:c1:a7:08:8f:f8:90:e1:e8:25:1c:cc:f9:fd:1f:10:8a: 7e:27:af:84:a6:98:0f:a9:46:fb:02:9b:dd:e6:9e:43:64:06: 74:5d:70:d5:d6:06:9b:2b:94:2f:e8:7a:c8:bb:78:c3:49:fd: ca:40:25:20:8d:c5:34:76:13:14:64:1f:19:ca:18:a0:de:b7: 6e:86:b3:31:fb:97:86:77:50:d6:92:de:af:75:92:cc:5d:89: 90:aa:4f:42 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICD4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkzMDE1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyMGVjNy0wNGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4T43Ly63GPxbYr3bMTWUA0vy7QfqDnM3zUV7rObCEiYRpPxYJEwq9HQw40c2 +ZCcJhdR4yrONL64V4YrWzFPQz1ZbbLn1v5gUtbO2BZRp04T/I5O+D9K0TJEl8NL Rn/OWrNNCSffupkW7MfrZrk4VRPVVbilITRLh9jnHMIp7on/zZA6CF5CQhJN0/Ui PakBryN6Vh9E27Kddeg5gDBfffZUJRgrHt05WQQMNCoRXp+xo05rWgHDXE+Gir/X KnEOPzUa/1JmKx/FPFIzCFHUaQeFCI3g+QDzTT2IjTPCKSkM2N/DYNmHYSu70cqd /rtU6hv6LIw00TaGg/82LaVrGwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFGygsk/B 3yH0f70WN4/ddry93j9gMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvRjJENDZDQTAw OTlBMTFFQUI1ODkxRDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBADbCNkngfcT5 2mhxRvxYSl9P6BHCXx470MmqQmD/QZR04o1uJqv4lQRkzsLG9cr+0v6XJY68rl6U 6NaXmM81UTz+l/oR3d6jcMiuhDqrl3KkjZO/lwgESzfT7R9reVf7f+sDqsCAE8YP V5Oweugu4HFakQgBdG/oI55xFEEJKoORN/AI216al29q+hX7QuqobSx8BrVE7rFW IV0qAzv4ezrjrr2fwacIj/iQ4eglHMz5/R8Qin4nr4SmmA+pRvsCm93mnkNkBnRd cNXWBpsrlC/oesi7eMNJ/cpAJSCNxTR2ExRkHxnKGKDet26GszH7l4Z3UNaS3q91 ksxdiZCqT0I= -----END CERTIFICATE-----Generated at Sat Apr 26 08:13:19 2025 by rpki-client