$ rpki-client -vvf rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/76B5C744B45E11EAB71DF94AC4F9AE02.roa File: 76B5C744B45E11EAB71DF94AC4F9AE02.roa (raw, json) Hash identifier: RzsyMG8grNRl/TU/HKZlXJ7ZiLnl0fu14E8Z0lJpa0Q= Subject key identifier: 00:CF:1F:10:25:C3:86:43:42:84:44:A7:C5:BA:C0:6E:24:34:32:BD Certificate issuer: /CN=A91AACB2/serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D Certificate serial: 3456 Authority key identifier: D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/76B5C744B45E11EAB71DF94AC4F9AE02.roa Signing time: Tue 04 Feb 2025 15:00:53 +0000 ROA not before: Tue 04 Feb 2025 15:00:53 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 45634 IP address blocks: 45.64.128.0/22 maxlen: 22 45.64.128.0/24 maxlen: 24 45.64.129.0/24 maxlen: 24 45.64.130.0/24 maxlen: 24 45.64.131.0/24 maxlen: 24 112.140.184.0/22 maxlen: 22 112.140.184.0/24 maxlen: 24 112.140.185.0/24 maxlen: 24 112.140.186.0/24 maxlen: 24 112.140.187.0/24 maxlen: 24 180.210.200.0/21 maxlen: 21 180.210.200.0/24 maxlen: 24 180.210.201.0/24 maxlen: 24 180.210.202.0/24 maxlen: 24 180.210.203.0/24 maxlen: 24 180.210.204.0/24 maxlen: 24 180.210.205.0/24 maxlen: 24 180.210.206.0/24 maxlen: 24 180.210.207.0/24 maxlen: 24 2401:c100::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:58:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13398 (0x3456) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AACB2, serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D Validity Not Before: Feb 4 15:00:53 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67a22ba5-14f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:62:52:a1:b0:7f:0d:7d:c2:01:7c:0f:d1:24: 06:92:b0:ab:46:9e:1a:d3:07:ee:12:0b:73:c3:24: d4:11:73:db:31:f0:f6:02:62:9e:c5:2d:58:68:e1: ee:3d:e8:23:9b:01:6e:ae:81:90:b8:ef:0a:82:31: f0:51:60:cb:1b:c7:bd:fb:18:fb:44:c8:1b:e1:5f: 67:dd:09:c8:65:1e:e8:8d:2a:ee:ca:f4:5f:bd:f4: 08:17:73:05:ff:f0:65:42:11:c5:58:61:e5:d8:8c: 8b:75:06:7c:fc:dd:ea:67:3d:00:69:ba:00:c0:cc: 2a:c8:f8:31:7d:f9:ae:bf:50:3c:c9:d4:c2:e1:55: 51:c5:18:e1:ae:3a:ec:57:12:29:b1:07:a9:88:cd: 99:9c:cc:7a:44:aa:13:20:22:87:5e:d2:14:7e:2b: 85:91:dd:f2:7e:f3:dd:02:1c:ac:63:91:ef:78:10: ad:85:a7:f1:37:97:76:be:77:55:af:7e:7d:42:73: 59:f7:c0:e5:7b:1b:d4:48:d0:08:58:c1:33:4b:b8: 8c:c9:fb:d1:37:a2:9e:c3:bb:6e:13:6e:2d:dd:cb: 1f:17:c8:9f:93:35:cc:51:bc:4a:7a:ff:ae:90:48: ed:79:f4:20:d3:5a:c0:a8:58:d5:24:91:cc:b6:6c: 71:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:CF:1F:10:25:C3:86:43:42:84:44:A7:C5:BA:C0:6E:24:34:32:BD X509v3 Authority Key Identifier: keyid:D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/76B5C744B45E11EAB71DF94AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.128.0/22 112.140.184.0/22 180.210.200.0/21 IPv6: 2401:c100::/32 Signature Algorithm: sha256WithRSAEncryption 4c:4a:a3:d0:70:1f:7c:1a:2e:b5:d0:f3:12:5c:88:db:c8:21: 00:9b:60:7a:29:d6:cf:d2:67:61:4e:7a:21:87:c5:5e:9e:26: 70:59:8a:46:ae:fb:7f:eb:b0:52:3d:68:8d:40:cd:45:c5:c9: 42:90:28:78:d5:7f:05:85:82:62:27:4e:d9:39:15:59:cd:5a: 66:06:b1:f1:2a:47:6f:c5:68:f2:81:28:d1:50:95:d8:71:4c: 60:0d:04:06:4f:f7:79:bb:d8:5c:6e:02:40:67:b6:7b:61:8e: c5:6e:ce:5c:da:6d:f6:cb:03:dc:55:60:4e:7d:55:e4:31:8d: 0d:a9:8e:8e:b7:4d:c5:0b:63:77:c0:14:6a:93:10:48:43:0f: 6c:60:bf:c1:15:0a:1f:ea:18:ce:fc:c9:70:47:36:a3:ed:f1: 58:c7:62:71:61:53:f2:38:5a:7c:ac:03:29:ee:be:0b:b8:b4: 5b:91:1e:e0:5d:ba:e5:5e:be:e9:f7:54:43:f7:1b:76:3d:44: f1:6f:7c:9c:2c:4d:ae:3a:ef:e6:aa:47:0c:89:64:8c:5a:e8: ce:eb:cd:7f:14:b4:83:f7:90:d5:ce:8e:ef:95:0f:b4:50:63: 43:be:17:77:8f:6f:dc:65:c9:fb:a4:64:db:87:00:76:41:d1: dc:eb:b5:e4 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICNFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFDQjIxMTAvBgNVBAUTKEQ5RTlGOUY3M0VFNEY1QjFDREYxNzYyQzJERjM4MzI5 NTBBMzZCN0QwHhcNMjUwMjA0MTUwMDUzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2EyMmJhNS0xNGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3WJSobB/DX3CAXwP0SQGkrCrRp4a0wfuEgtzwyTUEXPbMfD2AmKexS1YaOHu PegjmwFuroGQuO8KgjHwUWDLG8e9+xj7RMgb4V9n3QnIZR7ojSruyvRfvfQIF3MF //BlQhHFWGHl2IyLdQZ8/N3qZz0AaboAwMwqyPgxffmuv1A8ydTC4VVRxRjhrjrs VxIpsQepiM2ZnMx6RKoTICKHXtIUfiuFkd3yfvPdAhysY5HveBCthafxN5d2vndV r359QnNZ98DlexvUSNAIWMEzS7iMyfvRN6Kew7tuE24t3csfF8ifkzXMUbxKev+u kEjtefQg01rAqFjVJJHMtmxxVwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFADPHxAl w4ZDQoREp8W6wG4kNDK9MB8GA1UdIwQYMBaAFNnp+fc+5PWxzfF2LC3zgylQo2t9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUNCMi8zN0Q1QTNERTFE OUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azliSE44WFlzTGZPREtWQ2ph MzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJlbjU5ejdrOWJITjhYWXNMZk9ES1ZDamEzMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUFDQjIvMzdENUEzREUxRDlDMTFFMjg5MkU4QjhBMDhCMDJDRDIvNzZCNUM3NDRC NDVFMTFFQUI3MURGOTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAItQIADBAJwjLgDBAO00sgwDQQCAAIwBwMFACQBwQAwDQYJ KoZIhvcNAQELBQADggEBAExKo9BwH3waLrXQ8xJciNvIIQCbYHop1s/SZ2FOeiGH xV6eJnBZikau+3/rsFI9aI1AzUXFyUKQKHjVfwWFgmInTtk5FVnNWmYGsfEqR2/F aPKBKNFQldhxTGANBAZP93m72FxuAkBntnthjsVuzlzabfbLA9xVYE59VeQxjQ2p jo63TcULY3fAFGqTEEhDD2xgv8EVCh/qGM78yXBHNqPt8VjHYnFhU/I4WnysAynu vgu4tFuRHuBduuVevun3VEP3G3Y9RPFvfJwsTa467+aqRwyJZIxa6M7rzX8UtIP3 kNXOju+VD7RQY0O+F3ePb9xlyfukZNuHAHZB0dzrteQ= -----END CERTIFICATE-----Generated at Sat Apr 26 08:03:53 2025 by rpki-client