$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa File: 7BD0C11E8C3311EAB2E95132C4F9AE02.roa (raw, json) Hash identifier: SD43F6ndbx8cQg58d8qyQwvKSbxddffft/0WNF7cCQU= Subject key identifier: EA:65:8F:0E:14:B6:88:9C:3B:D0:03:23:48:5E:6E:AA:9C:9D:5F:7F Certificate issuer: /CN=A91AEE28/serialNumber=A6CB9EFB4FE8C1C4E0C2F1B00E84C7F1A2F49C6F Certificate serial: 137D Authority key identifier: A6:CB:9E:FB:4F:E8:C1:C4:E0:C2:F1:B0:0E:84:C7:F1:A2:F4:9C:6F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa Signing time: Tue 04 Feb 2025 16:54:59 +0000 ROA not before: Tue 04 Feb 2025 16:54:59 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 9246 IP address blocks: 43.240.88.0/22 maxlen: 22 103.7.100.0/22 maxlen: 22 114.142.192.0/18 maxlen: 18 114.142.212.0/24 maxlen: 24 117.20.120.0/21 maxlen: 21 202.151.64.0/19 maxlen: 19 202.151.76.0/24 maxlen: 24 202.151.85.0/24 maxlen: 24 2405:7400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.crl rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:58:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4989 (0x137d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AEE28, serialNumber=A6CB9EFB4FE8C1C4E0C2F1B00E84C7F1A2F49C6F Validity Not Before: Feb 4 16:54:59 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67a24663-5e58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:29:83:de:9d:35:e3:e5:7e:e5:18:35:8e:24: 75:3a:72:33:fc:6a:73:b6:40:82:39:c9:c7:ec:be: e1:0a:ca:81:5f:34:70:2e:aa:e5:b9:16:93:63:ed: 78:6f:cf:04:46:04:73:ba:3b:02:d5:62:52:b8:bd: 59:a7:d3:2b:8a:00:c8:36:db:5f:45:bd:16:e1:9a: 08:53:94:c8:c4:55:dc:a2:1a:cc:ce:ac:6b:f2:82: 18:42:7d:73:78:1a:7a:a2:1b:2c:8e:58:d5:e0:82: ed:cc:54:38:0c:87:c7:24:9a:34:63:68:e3:8f:f6: 5d:b2:fa:f5:e3:96:8a:bd:e4:f2:d3:b9:24:2b:e8: ea:35:27:50:1e:62:42:22:fd:e4:17:cc:a8:b8:60: a0:91:07:2d:a9:b2:13:8f:9a:5e:49:5e:95:bd:83: 3d:2e:24:2f:19:71:53:55:73:d2:5c:27:09:60:fd: af:97:76:b2:48:85:ad:d3:ad:ec:51:41:bb:83:29: 30:fb:b9:01:54:6f:8e:20:33:fe:76:6e:f1:53:34: 9c:42:24:ab:0f:33:40:4d:93:55:c6:4b:94:d8:df: 02:ec:51:26:80:97:8d:58:82:61:43:53:27:03:bc: 7f:c0:d0:9c:6f:d4:1a:1f:d0:10:0b:30:87:9b:d7: c0:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:65:8F:0E:14:B6:88:9C:3B:D0:03:23:48:5E:6E:AA:9C:9D:5F:7F X509v3 Authority Key Identifier: keyid:A6:CB:9E:FB:4F:E8:C1:C4:E0:C2:F1:B0:0E:84:C7:F1:A2:F4:9C:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.240.88.0/22 103.7.100.0/22 114.142.192.0/18 117.20.120.0/21 202.151.64.0/19 IPv6: 2405:7400::/32 Signature Algorithm: sha256WithRSAEncryption f1:34:4d:e2:83:ea:24:c7:fb:4e:cb:b4:b7:07:57:54:59:f8: 9f:c6:43:6a:7d:55:5a:de:a8:39:8e:e3:0c:d4:61:f8:3e:76: 19:28:14:25:79:94:53:d0:08:d2:58:00:13:1e:a6:cd:61:ef: f8:29:b0:14:26:b7:0d:a8:42:90:ca:82:61:f9:c7:e7:bd:e4: d1:46:ff:80:86:68:f2:d3:22:9d:df:dc:9c:57:1f:53:b2:cd: 68:dc:91:9e:fe:66:b0:08:22:20:d5:06:77:11:0f:6c:43:07: 74:11:bc:9d:60:db:c7:c7:2d:6a:8a:1a:5b:58:40:bc:2e:db: 49:c7:08:10:28:6b:97:7e:47:4d:91:0f:97:99:37:de:f4:7f: 9a:0d:2d:c3:e5:a9:ea:d1:3d:7c:4c:bf:df:be:06:93:5a:1b: 59:c6:a8:b0:65:5e:1f:5d:b2:a1:88:3e:fd:73:53:63:a2:5f: 01:08:73:84:44:e6:33:03:46:33:62:dc:6d:50:0b:67:a4:62: 38:1e:13:16:8a:a6:89:60:46:76:70:e0:08:4d:b5:16:8b:37: f5:66:45:16:c6:bc:90:7d:7f:90:8b:f7:51:c5:6d:71:52:8d: 40:81:9d:dd:36:8c:be:d3:0d:68:1e:3c:6c:1f:8b:66:6a:7d: 7d:b4:94:db -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICE30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUVFMjgxMTAvBgNVBAUTKEE2Q0I5RUZCNEZFOEMxQzRFMEMyRjFCMDBFODRDN0Yx QTJGNDlDNkYwHhcNMjUwMjA0MTY1NDU5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2EyNDY2My01ZTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxymD3p014+V+5Rg1jiR1OnIz/GpztkCCOcnH7L7hCsqBXzRwLqrluRaTY+14 b88ERgRzujsC1WJSuL1Zp9MrigDINttfRb0W4ZoIU5TIxFXcohrMzqxr8oIYQn1z eBp6ohssjljV4ILtzFQ4DIfHJJo0Y2jjj/Zdsvr145aKveTy07kkK+jqNSdQHmJC Iv3kF8youGCgkQctqbITj5peSV6VvYM9LiQvGXFTVXPSXCcJYP2vl3aySIWt063s UUG7gykw+7kBVG+OIDP+dm7xUzScQiSrDzNATZNVxkuU2N8C7FEmgJeNWIJhQ1Mn A7x/wNCcb9QaH9AQCzCHm9fAgwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFOpljw4U toicO9ADI0hebqqcnV9/MB8GA1UdIwQYMBaAFKbLnvtP6MHE4MLxsA6Ex/Gi9Jxv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUUyOC9GMUIxRkJCMDkw QzExMUU4QTQ5MzM5N0ZDNEY5QUUwMi9wc3VlLTBfb3djVGd3dkd3RG9USDhhTDBu RzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BzdWUtMF9vd2NUZ3d2R3dEb1RIOGFMMG5HOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUVFMjgvRjFCMUZCQjA5MEMxMTFFOEE0OTMzOTdGQzRGOUFFMDIvN0JEMEMxMUU4 QzMzMTFFQUIyRTk1MTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr8FgDBAJnB2QDBAZyjsADBAN1FHgDBAXKl0AwDQQCAAIw BwMFACQFdAAwDQYJKoZIhvcNAQELBQADggEBAPE0TeKD6iTH+07LtLcHV1RZ+J/G Q2p9VVreqDmO4wzUYfg+dhkoFCV5lFPQCNJYABMeps1h7/gpsBQmtw2oQpDKgmH5 x+e95NFG/4CGaPLTIp3f3JxXH1OyzWjckZ7+ZrAIIiDVBncRD2xDB3QRvJ1g28fH LWqKGltYQLwu20nHCBAoa5d+R02RD5eZN970f5oNLcPlqerRPXxMv9++BpNaG1nG qLBlXh9dsqGIPv1zU2OiXwEIc4RE5jMDRjNi3G1QC2ekYjgeExaKpolgRnZw4AhN tRaLN/VmRRbGvJB9f5CL91HFbXFSjUCBnd02jL7TDWgePGwfi2ZqfX20lNs= -----END CERTIFICATE-----Generated at Sat Apr 26 09:31:09 2025 by rpki-client