$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/41669A1AFA7111EFBBC5374BC4F9AE02.roa File: 41669A1AFA7111EFBBC5374BC4F9AE02.roa (raw, json) Hash identifier: xErCMLXYoA0hL6AVT+7fD9OFndfuVCyqiiQ1j2stZZI= Subject key identifier: 83:0D:41:17:AD:A7:65:ED:C2:A5:0F:C9:53:24:06:5A:51:AB:2E:1C Certificate issuer: /CN=A91AE3F2/serialNumber=FFE1B7A8729A0ECBBEC8B2FD9A97B74826CCDBC5 Certificate serial: 01DB Authority key identifier: FF:E1:B7:A8:72:9A:0E:CB:BE:C8:B2:FD:9A:97:B7:48:26:CC:DB:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-G3qHKaDsu-yLL9mpe3SCbM28U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/41669A1AFA7111EFBBC5374BC4F9AE02.roa Signing time: Thu 27 Mar 2025 09:52:06 +0000 ROA not before: Thu 27 Mar 2025 09:52:06 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 212147 IP address blocks: 2400:b3a0:e1::/48 maxlen: 48 2400:b3a0:e2::/48 maxlen: 48 2400:b3a0:e3::/48 maxlen: 48 2400:b3a0:e4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/_-G3qHKaDsu-yLL9mpe3SCbM28U.crl rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/_-G3qHKaDsu-yLL9mpe3SCbM28U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-G3qHKaDsu-yLL9mpe3SCbM28U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:53:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 475 (0x1db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE3F2, serialNumber=FFE1B7A8729A0ECBBEC8B2FD9A97B74826CCDBC5 Validity Not Before: Mar 27 09:52:06 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67e51fc6-e63b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:9b:5b:3b:1a:bf:04:eb:fe:c9:db:8e:7b:ca: 2f:32:85:28:2f:a3:10:3d:39:48:c6:0d:09:42:61: fc:6a:de:63:8d:be:61:78:8b:c3:7d:67:7f:eb:61: 8c:f7:90:b1:93:8f:6c:59:83:3b:b3:62:62:d9:f9: b4:93:52:42:42:be:a0:b3:38:b5:70:51:86:31:d7: 32:44:3d:9e:4d:25:35:c5:20:42:9a:6b:69:53:66: 89:97:0c:f8:e5:a2:57:82:22:50:c7:a9:33:d0:a7: db:44:7d:44:1e:2b:61:d5:be:88:67:99:18:c3:de: 14:27:a9:16:02:d6:88:28:0c:1f:b3:da:8e:7e:f1: 22:91:99:12:3f:61:e1:94:71:10:42:74:50:f5:24: 8c:ec:76:8a:ec:d0:5a:2f:ee:bd:39:11:9e:3d:03: a7:d5:ab:e1:74:bd:3a:36:15:7f:19:7a:aa:17:2c: 66:c1:14:4a:98:c6:14:74:1d:10:45:93:91:11:28: 54:65:38:9e:62:d4:c6:3d:50:e8:1d:ff:7e:b8:3d: 34:5b:5e:30:15:b4:03:fd:70:ff:f2:8f:21:96:ba: e9:83:12:12:22:f0:a4:e4:97:d1:cc:10:d0:87:d6: cf:89:37:9d:cf:d7:83:ff:8c:7e:b7:8a:6b:29:6d: e1:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:0D:41:17:AD:A7:65:ED:C2:A5:0F:C9:53:24:06:5A:51:AB:2E:1C X509v3 Authority Key Identifier: keyid:FF:E1:B7:A8:72:9A:0E:CB:BE:C8:B2:FD:9A:97:B7:48:26:CC:DB:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/_-G3qHKaDsu-yLL9mpe3SCbM28U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-G3qHKaDsu-yLL9mpe3SCbM28U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/41669A1AFA7111EFBBC5374BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2400:b3a0:e1::-2400:b3a0:e4:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 32:04:62:49:ff:5b:7a:a5:50:6e:c0:d2:41:55:f5:19:3c:7f: bf:67:ed:68:0b:92:a0:ad:38:01:64:69:bc:1c:fe:4f:5b:90: be:65:43:1e:2e:92:a6:5b:a0:db:88:01:85:93:ac:33:44:95: 32:7a:39:ac:d0:f2:46:85:f0:57:e4:48:8e:02:3f:78:2d:0f: be:43:b2:4b:47:65:06:31:a8:74:2e:a3:ba:7a:e6:e2:e3:14: dc:c7:3f:d9:c5:0c:72:36:2a:08:bb:10:97:d5:d9:4d:e3:38: 78:52:34:f5:71:af:f3:c8:2e:c9:25:2c:f7:20:68:37:51:64: 26:f3:a2:95:fd:4d:e9:ac:58:8e:d5:82:42:3c:12:25:2c:64: c8:5e:c7:a7:98:f4:06:01:11:41:86:b5:fe:3b:07:4f:63:f1: d3:fb:cd:82:a5:96:3f:8c:1f:65:16:de:ac:b9:6c:67:be:d4: 8e:54:de:80:1c:88:8c:db:0b:bf:20:dd:ea:15:7a:eb:3d:ef: 45:4d:b3:f2:10:a0:f9:42:27:3f:3e:65:42:45:e1:bc:23:be: 8b:03:94:58:78:7d:0a:4a:6c:db:0b:a4:8d:a8:a3:be:87:0c: 3b:91:cc:73:55:e6:de:0e:f0:64:38:06:73:5c:0c:72:f1:d7: 52:06:7a:c0 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICAdswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUUzRjIxMTAvBgNVBAUTKEZGRTFCN0E4NzI5QTBFQ0JCRUM4QjJGRDlBOTdCNzQ4 MjZDQ0RCQzUwHhcNMjUwMzI3MDk1MjA2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2U1MWZjNi1lNjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp5tbOxq/BOv+yduOe8ovMoUoL6MQPTlIxg0JQmH8at5jjb5heIvDfWd/62GM 95Cxk49sWYM7s2Ji2fm0k1JCQr6gszi1cFGGMdcyRD2eTSU1xSBCmmtpU2aJlwz4 5aJXgiJQx6kz0KfbRH1EHith1b6IZ5kYw94UJ6kWAtaIKAwfs9qOfvEikZkSP2Hh lHEQQnRQ9SSM7HaK7NBaL+69ORGePQOn1avhdL06NhV/GXqqFyxmwRRKmMYUdB0Q RZOREShUZTieYtTGPVDoHf9+uD00W14wFbQD/XD/8o8hlrrpgxISIvCk5JfRzBDQ h9bPiTedz9eD/4x+t4prKW3hxwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFIMNQRet p2XtwqUPyVMkBlpRqy4cMB8GA1UdIwQYMBaAFP/ht6hymg7Lvsiy/ZqXt0gmzNvF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTNGMi84NkEwRkIyODQ2 MTYxMUVEOTJFQUFEMjBDNEY5QUUwMi9fLUczcUhLYURzdS15TEw5bXBlM1NDYk0y OFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL18tRzNxSEthRHN1LXlMTDltcGUzU0NiTTI4VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUUzRjIvODZBMEZCMjg0NjE2MTFFRDkyRUFBRDIwQzRGOUFFMDIvNDE2NjlBMUFG QTcxMTFFRkJCQzUzNzRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgACMBQwEgMHACQAs6AA4QMHACQAs6AA5DANBgkqhkiG9w0BAQsFAAOC AQEAMgRiSf9beqVQbsDSQVX1GTx/v2ftaAuSoK04AWRpvBz+T1uQvmVDHi6Splug 24gBhZOsM0SVMno5rNDyRoXwV+RIjgI/eC0PvkOyS0dlBjGodC6junrm4uMU3Mc/ 2cUMcjYqCLsQl9XZTeM4eFI09XGv88guySUs9yBoN1FkJvOilf1N6axYjtWCQjwS JSxkyF7Hp5j0BgERQYa1/jsHT2Px0/vNgqWWP4wfZRberLlsZ77UjlTegByIjNsL vyDd6hV66z3vRU2z8hCg+UInPz5lQkXhvCO+iwOUWHh9Ckps2wukjaijvocMO5HM c1Xm3g7wZDgGc1wMcvHXUgZ6wA== -----END CERTIFICATE-----Generated at Sat Apr 26 14:13:13 2025 by rpki-client