$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/958B8F64721911EFA2635265C4F9AE02.roa File: 958B8F64721911EFA2635265C4F9AE02.roa (raw, json) Hash identifier: cNpjD+A0qAeJJbSt46mDfvf2GhXCVcdfWPzm8w+QB9o= Subject key identifier: 7E:77:4C:3A:FF:BC:B8:6A:3E:79:A2:9A:59:38:05:0F:B7:44:27:12 Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Certificate serial: C3 Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/958B8F64721911EFA2635265C4F9AE02.roa Signing time: Sat 21 Dec 2024 05:50:12 +0000 ROA not before: Sat 21 Dec 2024 05:50:12 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 37992 IP address blocks: 202.28.88.0/24 maxlen: 24 202.28.89.0/24 maxlen: 24 202.28.90.0/24 maxlen: 24 202.28.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:45:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 195 (0xc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAEB2, serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Validity Not Before: Dec 21 05:50:12 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67665713-08ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:ac:5f:f2:12:b7:5e:71:f5:c7:f1:2a:22:fe: 16:59:dc:1d:52:d1:e0:4c:44:08:7a:71:44:30:2a: 3d:f6:91:d7:e0:b5:5b:96:59:1b:55:0e:4e:58:92: 41:7d:a9:08:6f:dd:14:3d:87:57:da:40:6d:5f:b6: f8:84:14:b0:e6:05:db:80:f6:64:eb:f2:b1:f4:71: 94:06:99:22:86:12:96:77:c0:ca:13:32:c5:8f:23: 1e:25:d4:00:ba:e2:18:98:9e:d8:57:e6:30:c6:19: 3b:62:07:5f:e8:c2:11:dc:14:d0:da:65:64:04:3c: 41:29:d3:e6:af:da:ea:33:b0:41:b3:24:8d:a7:f5: 78:2e:5a:57:df:7a:6f:36:e7:97:4a:d7:26:44:8b: 28:ea:d4:36:d9:98:21:05:94:73:e2:0f:93:e0:78: c3:b9:06:cb:c2:5e:56:72:23:4c:f5:b1:c7:83:25: 96:a7:b7:22:99:35:82:a2:86:e9:d4:e2:fe:6d:ed: 32:92:24:51:07:7c:92:f4:0a:5c:74:53:a6:ac:f4: a4:37:8d:4a:f1:2b:c8:0b:bc:7f:8c:e7:0a:21:28: f2:18:00:c0:d8:32:19:35:6d:96:5d:b1:49:af:54: 83:e1:c5:92:1f:6d:f3:d0:ec:07:c7:68:2f:7d:0e: 42:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:77:4C:3A:FF:BC:B8:6A:3E:79:A2:9A:59:38:05:0F:B7:44:27:12 X509v3 Authority Key Identifier: keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/958B8F64721911EFA2635265C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.28.88.0/22 Signature Algorithm: sha256WithRSAEncryption 39:7e:d0:20:e6:ff:85:ac:6d:cf:ed:f8:d3:e8:1c:2a:ef:76: fd:08:6b:a2:5b:e8:dc:1c:a3:c9:9b:ee:a5:36:cb:a5:12:f0: 27:1f:a2:83:24:da:9b:ec:9a:c7:91:a0:14:bb:c8:1b:02:29: 21:6e:b4:aa:e1:43:b2:23:3b:6f:cf:27:e6:94:2d:04:85:cc: dd:96:66:d8:d3:8d:11:e9:77:ec:2d:30:2c:51:4d:6c:a1:32: f5:b5:26:d0:0d:14:7c:a4:51:b4:17:cf:11:48:18:47:65:c1: fd:bb:4d:8e:a1:89:d0:f0:fe:dd:3c:61:1f:9d:bb:0d:14:b6: 84:8e:fa:3f:a5:b5:73:a5:3c:06:b5:2a:a8:ef:a4:83:bb:b5: 2d:b6:d0:68:c7:93:c2:ab:4d:bb:08:e1:f1:74:6e:a3:79:b5: 5e:31:29:69:d6:ac:4a:bf:6a:a0:e0:89:af:75:24:78:f5:14: 18:57:b4:e9:14:1a:dd:a4:6e:b3:74:a4:b1:a3:d6:4c:60:6f: 85:06:de:98:b8:56:b9:77:39:72:d9:2a:ce:58:41:bf:45:d5: 00:fe:e3:b0:e3:f0:3c:41:6e:e7:b2:b7:b0:e3:43:c0:22:99: 80:6e:2d:b7:8c:cc:f3:1a:33:b0:aa:4e:68:37:46:1b:68:8b: e0:73:43:8d -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFFQjIxMTAvBgNVBAUTKDlCOThGQjdENDY4OTgzQTJDMTQ3NzI3MzMyNDhFRkZB MzQ2MkUxMjYwHhcNMjQxMjIxMDU1MDEyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzY2NTcxMy0wOGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8qxf8hK3XnH1x/EqIv4WWdwdUtHgTEQIenFEMCo99pHX4LVbllkbVQ5OWJJB fakIb90UPYdX2kBtX7b4hBSw5gXbgPZk6/Kx9HGUBpkihhKWd8DKEzLFjyMeJdQA uuIYmJ7YV+Ywxhk7Ygdf6MIR3BTQ2mVkBDxBKdPmr9rqM7BBsySNp/V4LlpX33pv NueXStcmRIso6tQ22ZghBZRz4g+T4HjDuQbLwl5WciNM9bHHgyWWp7cimTWCoobp 1OL+be0ykiRRB3yS9ApcdFOmrPSkN41K8SvIC7x/jOcKISjyGADA2DIZNW2WXbFJ r1SD4cWSH23z0OwHx2gvfQ5CwwIDAQABo4IClTCCApEwHQYDVR0OBBYEFH53TDr/ vLhqPnmimlk4BQ+3RCcSMB8GA1UdIwQYMBaAFJuY+31GiYOiwUdyczJI7/o0YuEm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVCMi8zOTUyMTAwRTZF ODMxMUVGQUI3MjYxODBDNEY5QUUwMi9tNWo3ZlVhSmc2TEJSM0p6TWtqdi1qUmk0 U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRTWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUFFQjIvMzk1MjEwMEU2RTgzMTFFRkFCNzI2MTgwQzRGOUFFMDIvOTU4QjhGNjQ3 MjE5MTFFRkEyNjM1MjY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBALKHFgwDQYJKoZIhvcNAQELBQADggEBADl+0CDm/4Wsbc/t +NPoHCrvdv0Ia6Jb6Nwco8mb7qU2y6US8CcfooMk2pvsmseRoBS7yBsCKSFutKrh Q7IjO2/PJ+aULQSFzN2WZtjTjRHpd+wtMCxRTWyhMvW1JtANFHykUbQXzxFIGEdl wf27TY6hidDw/t08YR+duw0UtoSO+j+ltXOlPAa1KqjvpIO7tS220GjHk8KrTbsI 4fF0bqN5tV4xKWnWrEq/aqDgia91JHj1FBhXtOkUGt2kbrN0pLGj1kxgb4UG3pi4 Vrl3OXLZKs5YQb9F1QD+47Dj8DxBbueyt7DjQ8AimYBuLbeMzPMaM7CqTmg3Rhto i+BzQ40= -----END CERTIFICATE-----Generated at Sat Apr 26 08:30:44 2025 by rpki-client