$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/AA6965E4CD8D11EF8DF2E66DC4F9AE02.roa File: AA6965E4CD8D11EF8DF2E66DC4F9AE02.roa (raw, json) Hash identifier: joFpQbUhhuICq9lMSQUwGZiftmapGwfxicrZ76+a/Wg= Subject key identifier: 62:C4:F2:7A:81:20:8E:B2:28:0E:ED:4A:41:48:42:57:53:A0:13:41 Certificate issuer: /CN=A91B6D28/serialNumber=9A4DAF8FCA85E193D34EA49597996DED17CBDF1E Certificate serial: 345A Authority key identifier: 9A:4D:AF:8F:CA:85:E1:93:D3:4E:A4:95:97:99:6D:ED:17:CB:DF:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/AA6965E4CD8D11EF8DF2E66DC4F9AE02.roa Signing time: Mon 13 Jan 2025 05:02:37 +0000 ROA not before: Mon 13 Jan 2025 05:02:37 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 38592 IP address blocks: 101.2.160.0/21 maxlen: 24 103.5.232.0/22 maxlen: 24 119.10.168.0/22 maxlen: 22 119.10.168.0/24 maxlen: 24 119.10.169.0/24 maxlen: 24 119.10.170.0/24 maxlen: 24 119.10.171.0/24 maxlen: 24 119.10.172.0/22 maxlen: 24 163.47.84.0/22 maxlen: 24 202.65.168.0/21 maxlen: 24 203.80.188.0/22 maxlen: 24 2402:2300::/32 maxlen: 32 2402:2300::/48 maxlen: 48 2402:2300:1211::/48 maxlen: 48 2402:2300:1212::/48 maxlen: 48 2402:2300:1215::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.crl rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 14:43:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13402 (0x345a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6D28, serialNumber=9A4DAF8FCA85E193D34EA49597996DED17CBDF1E Validity Not Before: Jan 13 05:02:37 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=67849e6c-dd82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:83:03:48:58:3a:61:0f:4d:e8:aa:16:7b:71: 3b:e0:6c:f5:a7:08:cd:83:5f:b1:f5:87:59:e6:d9: d9:e2:2e:d0:d5:28:32:bc:98:ae:8c:92:ca:27:76: bd:81:2f:5a:5b:01:a8:60:b5:0e:63:e0:69:15:a4: 56:cb:63:54:93:4e:a9:0f:40:76:39:8a:ae:eb:0c: ba:2d:b4:2c:aa:cc:9b:f6:75:5b:94:86:b7:fc:18: c2:1e:37:7a:85:08:83:1d:fe:2f:ec:8e:a8:46:8b: 98:f0:bd:ca:72:24:ad:16:d6:47:a1:28:2c:7c:c1: c0:34:40:06:6b:ca:90:30:29:6b:ca:62:18:bb:c0: 0a:cd:6d:f1:f9:9c:da:21:69:8b:d1:39:3d:b5:fb: 7a:b9:62:8a:8f:e3:50:8c:84:37:b9:8e:90:c9:f8: 16:03:2a:fb:75:ea:43:19:c4:ab:ac:50:31:5a:58: 4f:ff:41:37:5c:25:28:fb:51:1a:9a:99:91:80:38: 93:47:55:f0:51:1e:5e:f5:03:bb:d1:22:e1:3f:5d: cd:2b:d8:6c:57:57:e9:af:36:04:f8:70:de:22:65: a2:7e:7a:ce:c6:49:51:c4:f8:3d:9c:3d:51:12:94: d8:7f:63:a3:df:8d:67:d8:72:cb:97:8d:1d:0e:dc: ba:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:C4:F2:7A:81:20:8E:B2:28:0E:ED:4A:41:48:42:57:53:A0:13:41 X509v3 Authority Key Identifier: keyid:9A:4D:AF:8F:CA:85:E1:93:D3:4E:A4:95:97:99:6D:ED:17:CB:DF:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mk2vj8qF4ZPTTqSVl5lt7RfL3x4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6D28/61D453101D9211E29C5F3AF508B02CD2/AA6965E4CD8D11EF8DF2E66DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 101.2.160.0/21 103.5.232.0/22 119.10.168.0/21 163.47.84.0/22 202.65.168.0/21 203.80.188.0/22 IPv6: 2402:2300::/32 Signature Algorithm: sha256WithRSAEncryption 19:be:52:bb:fa:86:f2:04:93:05:93:7a:15:71:1a:07:64:6b: 79:7c:da:65:15:5c:1e:1e:6d:89:12:73:61:46:c1:7a:7e:fc: f6:6f:63:4f:e1:c0:19:97:dc:dc:44:d7:fa:bc:66:66:4c:b0: 5d:c9:59:82:b5:cc:ae:96:de:a2:7a:82:b0:0f:bb:2e:9d:a9: 31:4b:3f:2e:1b:7a:f5:34:09:87:62:b5:cb:fe:a0:70:ec:2b: cc:b1:82:79:13:04:76:73:8d:e7:ee:82:38:66:67:36:d9:fd: 63:48:2e:d7:bb:09:c7:d5:fe:d7:82:ed:e9:26:7a:24:b3:6b: 97:0d:e7:fc:3d:d3:ec:df:d1:bc:ad:07:90:48:b1:57:c4:53: 5a:9a:99:c2:ac:25:c0:4a:cd:56:0f:2d:75:57:e8:ce:54:0b: 70:6a:bf:f5:2f:29:41:dd:03:61:53:8a:4d:7e:7a:1f:4c:21: 94:3d:58:be:0c:79:46:58:be:d7:6f:54:5d:7a:cc:6d:62:14: 05:09:05:c6:e6:0a:bf:02:47:b4:de:f1:ef:63:12:04:bf:6c: 29:62:95:1b:ff:71:ae:af:58:24:62:6c:68:44:35:fd:f0:a4: a8:79:95:9e:25:47:56:e1:6c:9b:93:a4:d4:43:5a:3c:b0:5f: 8c:60:49:e9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgICNFowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZEMjgxMTAvBgNVBAUTKDlBNERBRjhGQ0E4NUUxOTNEMzRFQTQ5NTk3OTk2REVE MTdDQkRGMUUwHhcNMjUwMTEzMDUwMjM3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzg0OWU2Yy1kZDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr4MDSFg6YQ9N6KoWe3E74Gz1pwjNg1+x9YdZ5tnZ4i7Q1SgyvJiujJLKJ3a9 gS9aWwGoYLUOY+BpFaRWy2NUk06pD0B2OYqu6wy6LbQsqsyb9nVblIa3/BjCHjd6 hQiDHf4v7I6oRouY8L3KciStFtZHoSgsfMHANEAGa8qQMClrymIYu8AKzW3x+Zza IWmL0Tk9tft6uWKKj+NQjIQ3uY6QyfgWAyr7depDGcSrrFAxWlhP/0E3XCUo+1Ea mpmRgDiTR1XwUR5e9QO70SLhP13NK9hsV1fprzYE+HDeImWifnrOxklRxPg9nD1R EpTYf2Oj341n2HLLl40dDty6fQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFGLE8nqB II6yKA7tSkFIQldToBNBMB8GA1UdIwQYMBaAFJpNr4/KheGT006klZeZbe0Xy98e MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkQyOC82MUQ0NTMxMDFE OTIxMUUyOUM1RjNBRjUwOEIwMkNEMi9tazJ2ajhxRjRaUFRUcVNWbDVsdDdSZkwz eDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21rMnZqOHFGNFpQVFRxU1ZsNWx0N1JmTDN4NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZEMjgvNjFENDUzMTAxRDkyMTFFMjlDNUYzQUY1MDhCMDJDRDIvQUE2OTY1RTRD RDhEMTFFRjhERjJFNjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E PTA7MCoEAgABMCQDBANlAqADBAJnBegDBAN3CqgDBAKjL1QDBAPKQagDBALLULww DQQCAAIwBwMFACQCIwAwDQYJKoZIhvcNAQELBQADggEBABm+Urv6hvIEkwWTehVx Ggdka3l82mUVXB4ebYkSc2FGwXp+/PZvY0/hwBmX3NxE1/q8ZmZMsF3JWYK1zK6W 3qJ6grAPuy6dqTFLPy4bevU0CYditcv+oHDsK8yxgnkTBHZzjefugjhmZzbZ/WNI Lte7CcfV/teC7ekmeiSza5cN5/w90+zf0bytB5BIsVfEU1qamcKsJcBKzVYPLXVX 6M5UC3Bqv/UvKUHdA2FTik1+eh9MIZQ9WL4MeUZYvtdvVF16zG1iFAUJBcbmCr8C R7Te8e9jEgS/bClilRv/ca6vWCRibGhENf3wpKh5lZ4lR1bhbJuTpNRDWjywX4xg Sek= -----END CERTIFICATE-----Generated at Mon May 5 20:17:07 2025 by rpki-client