$ rpki-client -vvf rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/D9C523A0B05A11EAA233021EC4F9AE02.roa File: D9C523A0B05A11EAA233021EC4F9AE02.roa (raw, json) Hash identifier: plSH71jqFHiqVOcppEgGivQOT8E3EqzsKsifhjqPdW8= Subject key identifier: 8F:27:47:FA:F2:F1:64:C7:6C:06:78:47:AE:BE:BA:1E:3B:65:AA:30 Certificate issuer: /CN=A9193037/serialNumber=CA955914F98B2FC916A4512DA72AB75A11C52BD0 Certificate serial: 08DB Authority key identifier: CA:95:59:14:F9:8B:2F:C9:16:A4:51:2D:A7:2A:B7:5A:11:C5:2B:D0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/D9C523A0B05A11EAA233021EC4F9AE02.roa Signing time: Thu 20 Mar 2025 20:30:56 +0000 ROA not before: Thu 20 Mar 2025 20:30:56 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 38473 IP address blocks: 202.20.102.0/24 maxlen: 24 202.20.103.0/24 maxlen: 24 202.20.104.0/24 maxlen: 24 2001:df0:77::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.crl rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:17:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2267 (0x8db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9193037, serialNumber=CA955914F98B2FC916A4512DA72AB75A11C52BD0 Validity Not Before: Mar 20 20:30:56 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67dc7b00-85a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:cb:91:25:25:17:3e:5a:f2:44:aa:df:58:84: 13:2e:ee:ca:bc:63:65:7f:3e:1d:0d:85:a0:7e:b2: c3:97:0f:33:f6:f5:d5:f0:b2:d6:90:6d:89:6c:66: 73:5b:9c:80:ef:3c:b8:33:d8:28:f6:ba:de:ac:8f: e0:19:ae:d7:90:46:2b:af:61:36:0f:e6:3e:72:da: 79:c3:4a:79:cd:b1:4c:d2:6d:27:1e:66:1a:93:b9: 79:2c:24:62:d0:31:19:9d:61:45:4e:71:58:e5:8c: ee:9c:75:43:b3:b8:aa:0a:f3:bb:aa:1c:31:29:31: 25:af:c1:21:93:20:18:27:b8:27:06:2d:c1:89:21: 34:8a:00:99:10:75:c4:5a:49:fb:97:ca:a4:4a:21: e1:3d:6a:92:bd:31:8b:25:f6:27:93:e4:c2:63:a3: 1a:9f:b0:4b:93:ae:4b:67:0e:36:8c:cf:ef:45:28: 1b:2a:5c:6c:1e:ae:45:ec:85:14:2e:9b:dc:f3:e2: 06:85:4a:b7:0a:94:5d:1b:b1:a1:89:01:8c:2f:14: 13:87:03:d4:be:ec:48:6a:be:14:00:34:c1:ea:a3: e6:e6:e6:17:64:0e:86:d4:dd:3a:a4:9c:b0:44:74: 9c:75:83:f8:77:32:da:96:7d:f2:3a:6b:70:e7:4e: a8:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:27:47:FA:F2:F1:64:C7:6C:06:78:47:AE:BE:BA:1E:3B:65:AA:30 X509v3 Authority Key Identifier: keyid:CA:95:59:14:F9:8B:2F:C9:16:A4:51:2D:A7:2A:B7:5A:11:C5:2B:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/D9C523A0B05A11EAA233021EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.20.102.0-202.20.104.255 IPv6: 2001:df0:77::/48 Signature Algorithm: sha256WithRSAEncryption 85:e6:b8:32:ef:7f:e3:d9:6f:6d:c5:d5:41:7d:f9:dc:2a:2e: 85:60:a6:30:3a:7e:59:fc:ed:c0:4a:b9:1f:0a:22:73:01:a2: 1b:d2:59:ff:8b:4d:62:4c:17:e6:3c:e8:de:2e:ff:5b:4a:67: 8c:00:fb:f5:3e:d8:b6:3b:c2:48:f4:df:5b:28:d1:ad:b5:08: 49:f4:b6:0c:81:bc:65:a5:27:a2:13:fb:f0:05:62:bd:ef:8d: 72:31:f8:da:9b:3f:d9:f7:dd:cc:fc:68:de:3e:7a:ff:4a:b3: d7:40:b3:af:50:fd:a1:ca:0a:b9:f2:c5:53:a4:b4:5b:c7:fc: 74:43:df:70:59:5e:9b:66:ea:de:1a:b0:c0:b7:35:95:4c:f2: d1:9d:86:15:c1:ea:59:70:7a:31:90:da:a5:7b:ff:99:cb:48: 86:e7:7a:f8:40:52:06:65:30:34:4d:68:10:38:f6:b4:21:61: 3c:7d:12:47:ab:21:f8:21:e8:82:58:d9:8a:9e:c6:37:60:ba: 03:15:a4:a5:c8:b1:4e:ad:59:6f:ba:86:37:47:58:39:20:90: 2f:18:87:f2:01:63:3b:6e:7e:10:de:ba:69:fc:78:9f:00:0a: 03:11:49:75:c8:aa:2b:ac:d7:64:45:46:35:f6:db:94:72:22: 84:d5:8a:8f -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgICCNswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTMwMzcxMTAvBgNVBAUTKENBOTU1OTE0Rjk4QjJGQzkxNkE0NTEyREE3MkFCNzVB MTFDNTJCRDAwHhcNMjUwMzIwMjAzMDU2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2RjN2IwMC04NWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtMuRJSUXPlryRKrfWIQTLu7KvGNlfz4dDYWgfrLDlw8z9vXV8LLWkG2JbGZz W5yA7zy4M9go9rrerI/gGa7XkEYrr2E2D+Y+ctp5w0p5zbFM0m0nHmYak7l5LCRi 0DEZnWFFTnFY5YzunHVDs7iqCvO7qhwxKTElr8EhkyAYJ7gnBi3BiSE0igCZEHXE Wkn7l8qkSiHhPWqSvTGLJfYnk+TCY6Man7BLk65LZw42jM/vRSgbKlxsHq5F7IUU Lpvc8+IGhUq3CpRdG7GhiQGMLxQThwPUvuxIar4UADTB6qPm5uYXZA6G1N06pJyw RHScdYP4dzLaln3yOmtw506ouQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFI8nR/ry 8WTHbAZ4R66+uh47ZaowMB8GA1UdIwQYMBaAFMqVWRT5iy/JFqRRLacqt1oRxSvQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzAzNy85NDBFNDZCNEFB QkMxMUVBQjEwNkMxNzZDNEY5QUUwMi95cFZaRlBtTEw4a1dwRkV0cHlxM1doSEZL OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lwVlpGUG1MTDhrV3BGRXRweXEzV2hIRks5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTMwMzcvOTQwRTQ2QjRBQUJDMTFFQUIxMDZDMTc2QzRGOUFFMDIvRDlDNTIzQTBC MDVBMTFFQUEyMzMwMjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E KTAnMBQEAgABMA4wDAMEAcoUZgMEAMoUaDAPBAIAAjAJAwcAIAEN8AB3MA0GCSqG SIb3DQEBCwUAA4IBAQCF5rgy73/j2W9txdVBffncKi6FYKYwOn5Z/O3ASrkfCiJz AaIb0ln/i01iTBfmPOjeLv9bSmeMAPv1Pti2O8JI9N9bKNGttQhJ9LYMgbxlpSei E/vwBWK9741yMfjamz/Z993M/GjePnr/SrPXQLOvUP2hygq58sVTpLRbx/x0Q99w WV6bZureGrDAtzWVTPLRnYYVwepZcHoxkNqle/+Zy0iG53r4QFIGZTA0TWgQOPa0 IWE8fRJHqyH4IeiCWNmKnsY3YLoDFaSlyLFOrVlvuoY3R1g5IJAvGIfyAWM7bn4Q 3rpp/HifAAoDEUl1yKorrNdkRUY19tuUciKE1YqP -----END CERTIFICATE-----Generated at Sat Apr 26 17:00:01 2025 by rpki-client