$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/2B9FBCB0DEC911EBA828524CC4F9AE02.roa File: 2B9FBCB0DEC911EBA828524CC4F9AE02.roa (raw, json) Hash identifier: es9j3LKTp+AUW2ig2BE9iWWW6VD0Nb77D+iullPdt18= Subject key identifier: 91:02:56:F4:F9:10:A2:44:B2:91:81:06:B1:DE:40:1B:51:50:CB:45 Certificate issuer: /CN=A91ACBB7/serialNumber=746241ADA77DDBDFEA0FE144EFE21391E3FC4FD9 Certificate serial: 0CB0 Authority key identifier: 74:62:41:AD:A7:7D:DB:DF:EA:0F:E1:44:EF:E2:13:91:E3:FC:4F:D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dGJBrad929_qD-FE7-ITkeP8T9k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/2B9FBCB0DEC911EBA828524CC4F9AE02.roa Signing time: Fri 28 Mar 2025 18:29:38 +0000 ROA not before: Fri 28 Mar 2025 18:29:38 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 58715 IP address blocks: 45.114.84.0/22 maxlen: 24 103.54.36.0/22 maxlen: 24 2403:41c0::/32 maxlen: 36 2403:41c0:fc00::/48 maxlen: 48 2403:41c0:fc05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/dGJBrad929_qD-FE7-ITkeP8T9k.crl rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/dGJBrad929_qD-FE7-ITkeP8T9k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dGJBrad929_qD-FE7-ITkeP8T9k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:09:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3248 (0xcb0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACBB7, serialNumber=746241ADA77DDBDFEA0FE144EFE21391E3FC4FD9 Validity Not Before: Mar 28 18:29:38 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67e6ea92-5466 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:00:41:3e:10:65:2a:e3:d9:c6:05:c4:e3:fb: ca:7d:58:e1:ce:bb:58:06:97:16:cc:9b:f7:16:30: cd:9f:bd:23:3f:31:f2:c6:33:38:df:82:c1:ab:ea: e4:dc:41:4f:bc:89:05:1c:2a:23:50:43:f0:2f:42: a0:7a:82:32:65:1c:86:3d:04:e4:03:45:fc:9e:aa: 1a:8f:b0:66:24:f6:91:68:2a:c6:05:62:b5:5b:da: 5c:6c:04:10:ef:8c:44:73:a4:b9:ee:b9:b6:3f:e4: c4:ce:a9:ad:5a:58:77:f4:0a:66:09:33:4f:ac:87: 77:78:e9:c3:b5:d9:56:84:bd:7c:9d:ab:8a:6c:e3: 5d:93:df:80:63:27:87:7c:d3:1d:b0:90:e1:e8:62: 09:b7:55:12:fd:84:9f:62:b5:0b:bf:12:0e:05:16: a7:9d:33:55:7b:9e:6b:90:50:60:fd:5e:ec:e1:36: 08:17:a9:6f:be:c9:3a:04:39:d7:71:af:df:bc:bb: d8:de:c0:cc:f2:bb:b5:97:4f:67:87:93:d3:d8:cb: f5:da:b9:cf:c4:9c:90:c1:44:53:49:ae:1d:1e:48: 2c:c9:76:a0:2e:2f:9d:b2:22:c7:2c:a1:c2:7b:3d: 17:9c:8a:5b:9b:b8:2b:c5:ff:43:47:f7:92:0e:42: cd:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:02:56:F4:F9:10:A2:44:B2:91:81:06:B1:DE:40:1B:51:50:CB:45 X509v3 Authority Key Identifier: keyid:74:62:41:AD:A7:7D:DB:DF:EA:0F:E1:44:EF:E2:13:91:E3:FC:4F:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/dGJBrad929_qD-FE7-ITkeP8T9k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dGJBrad929_qD-FE7-ITkeP8T9k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACBB7/5E1FCEBCF3F911E9B8A8310AC4F9AE02/2B9FBCB0DEC911EBA828524CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.114.84.0/22 103.54.36.0/22 IPv6: 2403:41c0::/32 Signature Algorithm: sha256WithRSAEncryption 3d:d3:71:a3:26:ea:55:e0:60:ba:92:a4:e6:bd:b1:bb:33:24: 52:6c:b6:28:5f:6d:f9:14:14:f9:e8:98:e8:48:7d:1f:fd:fe: 65:d2:4c:ee:1e:54:a7:aa:17:99:3f:62:5c:07:a5:96:ce:c5: 9d:99:94:f7:7b:73:bd:53:83:6e:03:a5:11:f2:70:89:1a:48: 3c:ef:5a:07:f3:cf:92:68:9c:c0:15:e8:7c:ea:aa:61:e5:e2: 53:b0:1e:02:60:f8:b9:fe:80:42:1f:e5:5a:66:9f:a2:94:30: f6:a4:12:79:4c:7e:f8:9d:84:30:1f:fc:8f:a4:70:04:31:c2: f4:21:ee:f0:51:9b:a5:3b:c9:14:97:59:3a:c8:74:ce:17:50: 99:9b:e4:ed:44:c0:e8:d8:4c:5a:9b:a5:58:2c:9c:d7:2a:c4: 27:cc:cb:2b:44:67:d0:55:17:45:45:cb:39:76:9c:70:b3:59: e4:ec:97:fb:bc:5d:28:12:d0:05:c4:62:cc:a0:55:4c:54:14: f4:f0:2c:b1:ec:8f:18:c1:60:c4:6f:76:45:6a:92:c6:d7:ea: 90:0d:65:e2:02:e1:64:88:ea:88:c1:5d:0a:41:9f:78:de:e3: 3e:b9:4c:39:b7:04:77:8b:46:77:b2:1c:6a:39:94:8b:9d:9a: 03:9b:44:ed -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNCQjcxMTAvBgNVBAUTKDc0NjI0MUFEQTc3RERCREZFQTBGRTE0NEVGRTIxMzkx RTNGQzRGRDkwHhcNMjUwMzI4MTgyOTM4WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2U2ZWE5Mi01NDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqwBBPhBlKuPZxgXE4/vKfVjhzrtYBpcWzJv3FjDNn70jPzHyxjM434LBq+rk 3EFPvIkFHCojUEPwL0KgeoIyZRyGPQTkA0X8nqoaj7BmJPaRaCrGBWK1W9pcbAQQ 74xEc6S57rm2P+TEzqmtWlh39ApmCTNPrId3eOnDtdlWhL18nauKbONdk9+AYyeH fNMdsJDh6GIJt1US/YSfYrULvxIOBRannTNVe55rkFBg/V7s4TYIF6lvvsk6BDnX ca/fvLvY3sDM8ru1l09nh5PT2Mv12rnPxJyQwURTSa4dHkgsyXagLi+dsiLHLKHC ez0XnIpbm7grxf9DR/eSDkLNQQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJECVvT5 EKJEspGBBrHeQBtRUMtFMB8GA1UdIwQYMBaAFHRiQa2nfdvf6g/hRO/iE5Hj/E/Z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0JCNy81RTFGQ0VCQ0Yz RjkxMUU5QjhBODMxMEFDNEY5QUUwMi9kR0pCcmFkOTI5X3FELUZFNy1JVGtlUDhU OWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RHSkJyYWQ5MjlfcUQtRkU3LUlUa2VQOFQ5ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUNCQjcvNUUxRkNFQkNGM0Y5MTFFOUI4QTgzMTBBQzRGOUFFMDIvMkI5RkJDQjBE RUM5MTFFQkE4Mjg1MjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAItclQDBAJnNiQwDQQCAAIwBwMFACQDQcAwDQYJKoZIhvcN AQELBQADggEBAD3TcaMm6lXgYLqSpOa9sbszJFJstihfbfkUFPnomOhIfR/9/mXS TO4eVKeqF5k/YlwHpZbOxZ2ZlPd7c71Tg24DpRHycIkaSDzvWgfzz5JonMAV6Hzq qmHl4lOwHgJg+Ln+gEIf5Vpmn6KUMPakEnlMfvidhDAf/I+kcAQxwvQh7vBRm6U7 yRSXWTrIdM4XUJmb5O1EwOjYTFqbpVgsnNcqxCfMyytEZ9BVF0VFyzl2nHCzWeTs l/u8XSgS0AXEYsygVUxUFPTwLLHsjxjBYMRvdkVqksbX6pANZeIC4WSI6ojBXQpB n3je4z65TDm3BHeLRneyHGo5lIudmgObRO0= -----END CERTIFICATE-----Generated at Sat Apr 26 08:28:13 2025 by rpki-client