$ rpki-client -vvf rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/ABF3C76E0C4B11EF87D4886FC4F9AE02.roa File: ABF3C76E0C4B11EF87D4886FC4F9AE02.roa (raw, json) Hash identifier: 4D8Gd5fcPnmWPe8Yaf2DxYR0OtX+KheAxOMoPi97yp8= Subject key identifier: 30:A5:B0:5B:C3:AB:8D:F9:21:D4:BD:62:EF:12:49:6E:3E:82:17:1A Certificate issuer: /CN=A91A03CB/serialNumber=85ABF8480C909638BDCCA653AF1E690F572B23E1 Certificate serial: 3441 Authority key identifier: 85:AB:F8:48:0C:90:96:38:BD:CC:A6:53:AF:1E:69:0F:57:2B:23:E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/ABF3C76E0C4B11EF87D4886FC4F9AE02.roa Signing time: Wed 04 Dec 2024 14:50:48 +0000 ROA not before: Wed 04 Dec 2024 14:50:48 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 24107 IP address blocks: 202.49.120.0/24 maxlen: 24 202.49.121.0/24 maxlen: 24 202.164.28.0/22 maxlen: 22 202.164.28.0/23 maxlen: 23 202.164.28.0/24 maxlen: 24 202.164.29.0/24 maxlen: 24 202.164.30.0/23 maxlen: 23 202.164.30.0/24 maxlen: 24 202.164.31.0/24 maxlen: 24 2406:3d00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.crl rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:49:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13377 (0x3441) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A03CB, serialNumber=85ABF8480C909638BDCCA653AF1E690F572B23E1 Validity Not Before: Dec 4 14:50:48 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67506c47-783d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f7:15:72:6f:50:d1:c9:24:ac:54:df:ea:a5: db:ef:6f:d8:07:c5:ab:72:fa:47:31:25:e3:17:32: bd:29:eb:8b:49:33:0b:9c:64:12:37:cf:ef:83:49: 88:13:4d:e4:d4:99:f4:ea:0c:5e:68:13:e8:89:f3: b3:49:1e:6c:a7:ba:93:32:bd:c2:0f:ed:61:bd:e1: f3:17:3b:28:f0:4e:ce:f8:b6:81:e8:44:18:aa:f0: 5d:30:96:f0:f7:26:84:55:71:c7:9e:86:63:c5:d8: bc:56:40:ae:89:87:01:ec:1b:44:50:bf:50:f3:3f: eb:99:82:f7:87:0b:03:f4:1f:bb:e2:58:b9:41:66: 6c:67:28:f3:58:2b:73:64:3a:c7:02:84:a0:0f:7e: 44:04:1e:ee:e0:ca:13:11:2b:e0:93:7d:0e:e3:48: 78:ce:b9:ce:f3:17:f8:e2:80:d0:8b:0b:23:9a:80: 2f:36:86:9c:7c:9c:ae:4f:a4:15:1a:0a:e4:1d:71: b2:0e:22:cf:f9:da:80:83:9c:f9:9c:b7:20:d7:65: 5c:f0:35:58:ec:36:41:0f:2b:d2:a1:61:76:d0:72: e9:5a:3d:a3:14:ba:dd:14:b2:cc:97:fa:2d:42:42: 62:2b:b4:fa:55:b1:2b:a9:8e:73:8b:9e:19:4a:52: 06:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:A5:B0:5B:C3:AB:8D:F9:21:D4:BD:62:EF:12:49:6E:3E:82:17:1A X509v3 Authority Key Identifier: keyid:85:AB:F8:48:0C:90:96:38:BD:CC:A6:53:AF:1E:69:0F:57:2B:23:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/ABF3C76E0C4B11EF87D4886FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.49.120.0/23 202.164.28.0/22 IPv6: 2406:3d00::/32 Signature Algorithm: sha256WithRSAEncryption 78:d8:5f:2e:8f:ff:a7:20:44:5d:46:1d:5a:1a:7e:ff:c5:79: 2d:78:72:ae:c5:d7:1f:62:6c:61:dc:e2:c7:d2:b4:2d:76:c9: 5d:72:87:e3:7e:1d:04:1b:37:a3:70:d6:67:1f:71:69:75:9c: f0:eb:56:9f:5e:56:28:65:76:24:01:3f:b8:4d:12:94:10:61: 8b:6c:18:90:fa:f8:63:0e:ef:cc:33:d7:82:f7:64:d2:19:73: 9f:e5:bc:0e:8b:11:38:f3:89:67:54:1e:f8:ba:02:78:b5:d8: d4:3c:91:c5:1a:02:c1:d3:0a:d9:60:0d:5a:32:0e:a6:c5:e0: 9a:c1:90:7c:6b:43:08:1e:af:2a:bc:9a:6e:ca:18:8b:8d:a2: 14:92:ea:57:e6:17:9e:68:5b:5b:52:ca:d2:0e:8c:6e:4e:6c: 2d:13:d1:ea:68:05:89:37:66:c8:f5:ba:82:1d:9d:e4:1c:5c: c6:1f:79:77:24:6e:cb:98:cd:f8:e0:07:16:b5:23:f5:e5:ca: 72:d6:2d:e6:f7:55:f0:52:ef:f5:c8:cd:da:a5:30:75:09:e4: 48:79:e6:8c:a4:78:b8:b3:28:5f:db:27:06:45:ae:00:f1:b2: 89:f2:87:92:2d:6d:99:af:53:7c:9f:bb:69:4e:dd:03:43:8b: 29:d5:1f:77 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICNEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTAzQ0IxMTAvBgNVBAUTKDg1QUJGODQ4MEM5MDk2MzhCRENDQTY1M0FGMUU2OTBG NTcyQjIzRTEwHhcNMjQxMjA0MTQ1MDQ4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzUwNmM0Ny03ODNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqvcVcm9Q0ckkrFTf6qXb72/YB8WrcvpHMSXjFzK9KeuLSTMLnGQSN8/vg0mI E03k1Jn06gxeaBPoifOzSR5sp7qTMr3CD+1hveHzFzso8E7O+LaB6EQYqvBdMJbw 9yaEVXHHnoZjxdi8VkCuiYcB7BtEUL9Q8z/rmYL3hwsD9B+74li5QWZsZyjzWCtz ZDrHAoSgD35EBB7u4MoTESvgk30O40h4zrnO8xf44oDQiwsjmoAvNoacfJyuT6QV GgrkHXGyDiLP+dqAg5z5nLcg12Vc8DVY7DZBDyvSoWF20HLpWj2jFLrdFLLMl/ot QkJiK7T6VbErqY5zi54ZSlIGCwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDClsFvD q435IdS9Yu8SSW4+ghcaMB8GA1UdIwQYMBaAFIWr+EgMkJY4vcymU68eaQ9XKyPh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDNDQi84MUQ5RTRBMDFE OTYxMUUyQUFDMjE0N0YwOEIwMkNEMi9oYXY0U0F5UWxqaTl6S1pUcng1cEQxY3JJ LUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hhdjRTQXlRbGppOXpLWlRyeDVwRDFjckktRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTAzQ0IvODFEOUU0QTAxRDk2MTFFMkFBQzIxNDdGMDhCMDJDRDIvQUJGM0M3NkUw QzRCMTFFRjg3RDQ4ODZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAHKMXgDBALKpBwwDQQCAAIwBwMFACQGPQAwDQYJKoZIhvcN AQELBQADggEBAHjYXy6P/6cgRF1GHVoafv/FeS14cq7F1x9ibGHc4sfStC12yV1y h+N+HQQbN6Nw1mcfcWl1nPDrVp9eVihldiQBP7hNEpQQYYtsGJD6+GMO78wz14L3 ZNIZc5/lvA6LETjziWdUHvi6Ani12NQ8kcUaAsHTCtlgDVoyDqbF4JrBkHxrQwge ryq8mm7KGIuNohSS6lfmF55oW1tSytIOjG5ObC0T0epoBYk3Zsj1uoIdneQcXMYf eXckbsuYzfjgBxa1I/XlynLWLeb3VfBS7/XIzdqlMHUJ5Eh55oykeLizKF/bJwZF rgDxsonyh5ItbZmvU3yfu2lO3QNDiynVH3c= -----END CERTIFICATE-----Generated at Sat Apr 26 08:06:57 2025 by rpki-client