$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9083/C06F2E42D1B011EF8833C933C4F9AE02/0C2077B6D1B511EF944F205DC4F9AE02.roa File: 0C2077B6D1B511EF944F205DC4F9AE02.roa (raw, json) Hash identifier: rlJlkHo65xec8U7bYSTnPjms9g6+7D4Hmq1L6Dej1SU= Subject key identifier: AD:97:A2:CA:95:8D:58:11:08:48:F4:77:5A:9F:C4:C9:D9:70:E8:D2 Certificate issuer: /CN=A91A9083/serialNumber=E8CF22A08E4391CAD150FA31B44DC93C8AB825EA Certificate serial: 34 Authority key identifier: E8:CF:22:A0:8E:43:91:CA:D1:50:FA:31:B4:4D:C9:3C:8A:B8:25:EA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6M8ioI5DkcrRUPoxtE3JPIq4Jeo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A9083/C06F2E42D1B011EF8833C933C4F9AE02/0C2077B6D1B511EF944F205DC4F9AE02.roa Signing time: Tue 08 Apr 2025 13:09:48 +0000 ROA not before: Tue 08 Apr 2025 13:09:48 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 134351 IP address blocks: 23.81.40.0/21 maxlen: 21 23.106.224.0/21 maxlen: 21 142.91.104.0/23 maxlen: 23 173.234.64.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A9083/C06F2E42D1B011EF8833C933C4F9AE02/6M8ioI5DkcrRUPoxtE3JPIq4Jeo.crl rsync://rpki.apnic.net/member_repository/A91A9083/C06F2E42D1B011EF8833C933C4F9AE02/6M8ioI5DkcrRUPoxtE3JPIq4Jeo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6M8ioI5DkcrRUPoxtE3JPIq4Jeo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:35:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52 (0x34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A9083, serialNumber=E8CF22A08E4391CAD150FA31B44DC93C8AB825EA Validity Not Before: Apr 8 13:09:48 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67f5201c-d9a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:7d:1f:4f:92:98:e7:f1:35:8a:df:e0:a4:f6: 02:62:18:5f:47:1c:cd:88:57:1d:1d:9c:7a:52:96: 8d:f8:f2:de:10:1e:2b:e7:b2:4c:ed:fb:c4:e4:83: d5:db:b6:fb:10:76:ab:9e:04:86:1c:20:2d:08:52: e1:bb:68:d2:8b:ae:12:dc:de:21:9f:59:73:21:64: e6:99:6f:04:db:ed:e9:99:fd:d0:62:8d:ba:3a:7b: 0a:17:28:cc:9c:1e:37:e8:fe:91:e8:02:38:4b:61: 18:69:2b:05:3c:71:b2:dc:bd:73:80:28:4e:07:11: 78:49:88:f6:b4:e7:a1:b4:7b:f1:a1:13:e3:d7:af: c1:4f:20:52:b3:fe:ae:a5:05:a6:4f:25:6c:7f:90: e8:60:45:f6:1b:bc:1b:6b:cd:f9:aa:8c:83:3c:ad: 35:0b:c4:0f:1a:79:78:21:ba:34:07:c0:78:02:ee: b2:65:5b:cd:08:06:47:a7:bc:01:b0:56:01:62:d3: 83:94:35:b4:b5:44:25:95:d5:ce:9d:55:c5:62:5f: 87:28:68:e8:8e:9f:cb:e7:2f:48:1d:3a:15:67:7d: 0f:20:da:9b:07:d5:7c:95:87:ab:d6:5e:ac:f2:ff: 4e:28:fb:49:a8:ef:9f:88:a4:fc:b3:ca:19:24:5c: 8c:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:97:A2:CA:95:8D:58:11:08:48:F4:77:5A:9F:C4:C9:D9:70:E8:D2 X509v3 Authority Key Identifier: keyid:E8:CF:22:A0:8E:43:91:CA:D1:50:FA:31:B4:4D:C9:3C:8A:B8:25:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A9083/C06F2E42D1B011EF8833C933C4F9AE02/6M8ioI5DkcrRUPoxtE3JPIq4Jeo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6M8ioI5DkcrRUPoxtE3JPIq4Jeo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9083/C06F2E42D1B011EF8833C933C4F9AE02/0C2077B6D1B511EF944F205DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 23.81.40.0/21 23.106.224.0/21 142.91.104.0/23 173.234.64.0/22 Signature Algorithm: sha256WithRSAEncryption 1a:fb:f6:79:6e:42:d7:f6:8b:7f:43:78:9c:7d:aa:17:c2:75: b7:bf:b1:22:97:b3:49:33:de:15:49:a6:f5:b7:d2:97:40:74: be:eb:85:7f:8b:1c:1d:cf:0a:b1:00:45:eb:57:4f:85:75:1c: 56:7d:c1:34:f9:c7:f0:a2:e3:61:fd:d4:22:ac:58:3d:3a:20: c4:8d:14:90:80:20:15:e8:13:33:13:52:54:6d:b9:9e:24:d5: a5:f4:e4:7e:a2:82:5c:e9:43:ac:31:d3:3d:0c:4d:ad:1e:d0: 25:c2:3b:84:77:e3:94:4f:4f:bc:1f:62:31:e9:fc:10:02:9e: 6c:c9:e5:75:8e:63:54:cf:0b:9f:46:9c:ba:ec:75:f8:d6:71: 24:9c:88:f2:3a:80:1c:6a:c8:b7:9a:2b:48:84:fe:31:56:ba: 8a:54:a4:bc:29:87:11:95:6f:c8:67:c7:37:e9:53:10:f9:69: f4:a3:8f:e8:30:77:ce:67:26:4d:a7:d5:0a:d7:61:78:6d:84: 24:7d:91:88:ec:f4:6f:af:ca:71:9c:d4:5a:79:29:75:dc:5f: e6:db:99:80:e7:64:dd:ba:90:22:d3:7f:ce:38:3e:f4:d4:14: 73:13:ae:16:fe:f4:50:b2:10:d8:c8:41:de:3d:b2:ad:67:4c: 68:b1:95:34 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB OTA4MzExMC8GA1UEBRMoRThDRjIyQTA4RTQzOTFDQUQxNTBGQTMxQjQ0REM5M0M4 QUI4MjVFQTAeFw0yNTA0MDgxMzA5NDhaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ZjUyMDFjLWQ5YTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCqfR9Pkpjn8TWK3+Ck9gJiGF9HHM2IVx0dnHpSlo348t4QHivnskzt+8Tkg9Xb tvsQdqueBIYcIC0IUuG7aNKLrhLc3iGfWXMhZOaZbwTb7emZ/dBijbo6ewoXKMyc Hjfo/pHoAjhLYRhpKwU8cbLcvXOAKE4HEXhJiPa056G0e/GhE+PXr8FPIFKz/q6l BaZPJWx/kOhgRfYbvBtrzfmqjIM8rTULxA8aeXghujQHwHgC7rJlW80IBkenvAGw VgFi04OUNbS1RCWV1c6dVcViX4coaOiOn8vnL0gdOhVnfQ8g2psH1XyVh6vWXqzy /04o+0mo75+IpPyzyhkkXIznAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUrZeiypWN WBEISPR3Wp/Eydlw6NIwHwYDVR0jBBgwFoAU6M8ioI5DkcrRUPoxtE3JPIq4Jeow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5MDgzL0MwNkYyRTQyRDFC MDExRUY4ODMzQzkzM0M0RjlBRTAyLzZNOGlvSTVEa2NyUlVQb3h0RTNKUElxNEpl by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvNk04aW9JNURrY3JSVVBveHRFM0pQSXE0SmVvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OTA4My9DMDZGMkU0MkQxQjAxMUVGODgzM0M5MzNDNEY5QUUwMi8wQzIwNzdCNkQx QjUxMUVGOTQ0RjIwNURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAxBggrBgEFBQcBBwEB/wQi MCAwHgQCAAEwGAMEAxdRKAMEAxdq4AMEAY5baAMEAq3qQDANBgkqhkiG9w0BAQsF AAOCAQEAGvv2eW5C1/aLf0N4nH2qF8J1t7+xIpezSTPeFUmm9bfSl0B0vuuFf4sc Hc8KsQBF61dPhXUcVn3BNPnH8KLjYf3UIqxYPTogxI0UkIAgFegTMxNSVG25niTV pfTkfqKCXOlDrDHTPQxNrR7QJcI7hHfjlE9PvB9iMen8EAKebMnldY5jVM8Ln0ac uux1+NZxJJyI8jqAHGrIt5orSIT+MVa6ilSkvCmHEZVvyGfHN+lTEPlp9KOP6DB3 zmcmTafVCtdheG2EJH2RiOz0b6/KcZzUWnkpddxf5tuZgOdk3bqQItN/zjg+9NQU cxOuFv70ULIQ2MhB3j2yrWdMaLGVNA== -----END CERTIFICATE-----Generated at Sat Apr 26 13:41:45 2025 by rpki-client