$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/07CD68A213AD11EFADED003DC4F9AE02.roa File: 07CD68A213AD11EFADED003DC4F9AE02.roa (raw, json) Hash identifier: gbSrDMCrPI8A3+3d0sfCicNLcWdleMd0w7YOfrmP/TI= Subject key identifier: 1F:CD:C0:9C:11:59:77:86:D4:47:87:56:F0:82:7A:6F:27:29:FE:98 Certificate issuer: /CN=A91BB493/serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867 Certificate serial: 0A6B Authority key identifier: 9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/07CD68A213AD11EFADED003DC4F9AE02.roa Signing time: Wed 26 Mar 2025 20:00:01 +0000 ROA not before: Wed 26 Mar 2025 20:00:00 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 55569 IP address blocks: 2001:218:2000:11::/64 maxlen: 64 2001:218:2000:21::/64 maxlen: 64 2001:218:4001:1::/64 maxlen: 64 2001:218:4001:2::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2667 (0xa6b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB493, serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867 Validity Not Before: Mar 26 20:00:00 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67e45cc0-d207 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:4c:ac:f4:27:e9:8a:a5:a3:26:e4:2b:3d:12: 09:1e:ad:a9:3a:1c:27:74:9c:b5:4b:a5:05:35:73: df:eb:ea:4c:df:ec:c1:b8:bf:4a:6d:54:57:fb:fa: ba:9a:7f:cf:fa:19:11:88:0d:8a:ae:5d:34:b8:c7: f7:39:b0:16:1d:c5:b5:93:86:c4:20:eb:06:c3:6a: 12:f5:f3:bf:c4:c6:e1:be:66:bc:5b:db:59:a5:a4: 85:bc:12:4c:e2:4c:16:28:f7:0c:a2:3c:8e:6a:32: 0a:1a:1b:1d:01:0b:5a:27:60:45:75:02:28:50:1d: 10:dd:c9:15:9c:f2:56:02:08:d0:f5:e5:4e:07:e8: d9:1b:4a:33:69:fd:2f:a0:a2:d3:04:d3:4c:95:64: f5:ed:76:2c:4c:82:18:37:3a:51:7d:e3:80:c1:77: 39:fb:0d:e3:50:00:c8:28:aa:b4:3e:ac:39:8f:7c: 47:4f:cd:f7:6e:06:fe:ad:ac:16:08:7c:22:2a:24: cc:37:53:bd:ed:e1:89:f1:55:fe:01:69:bd:c1:57: d3:93:4f:7d:83:d3:fe:08:79:55:3f:e1:40:5d:a4: 2b:46:58:15:a5:10:6e:78:1e:40:4a:36:1a:b3:a2: a6:e6:d6:21:d1:52:26:0d:d3:16:7b:8e:ef:d1:bf: 24:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:CD:C0:9C:11:59:77:86:D4:47:87:56:F0:82:7A:6F:27:29:FE:98 X509v3 Authority Key Identifier: keyid:9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/07CD68A213AD11EFADED003DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:218:2000:11::/64 2001:218:2000:21::/64 2001:218:4001:1::-2001:218:4001:2:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 96:4a:33:02:b4:f4:0b:80:eb:e0:57:01:78:c8:d5:be:b3:4c: f2:09:ba:39:91:28:1f:2d:27:6b:e3:b8:d8:1b:ed:46:bd:03: 38:03:b1:9f:a1:11:eb:65:02:a2:cd:ea:c2:84:b3:54:8b:67: 6d:d8:d6:74:0a:b1:88:5b:45:e5:dc:f2:6d:55:20:7a:5f:81: 60:43:7b:d9:ac:af:91:0f:cc:39:37:01:59:3a:d8:e4:d9:76: 00:49:a8:bc:74:27:17:1f:9e:43:fd:c8:fd:07:37:b1:3e:af: c1:e0:77:10:2f:76:00:b0:80:ed:a7:38:ed:e2:90:4a:a9:a8: 3f:04:ab:7e:d8:cf:4b:cf:c3:22:a6:71:c3:9e:dd:b2:de:58: fb:f7:a2:da:39:bd:c7:e2:59:71:8f:8b:20:17:d0:bb:c7:a0: 60:d0:59:23:b6:f9:6e:13:c5:dd:60:a4:5c:0b:f7:9e:f3:0a: d9:42:8a:61:2d:bf:57:de:a6:67:5c:3f:f9:ec:62:aa:ef:ff: 47:e2:ec:1a:0b:b6:5c:51:82:3a:49:87:69:95:02:d0:4e:a7: fc:3a:49:0c:e4:08:3f:ab:16:47:0a:7f:92:7b:9b:0e:f1:68: 97:db:e1:86:10:0f:79:93:6a:10:51:a9:28:be:76:51:04:0a: 16:ec:12:54 -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICCmswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI0OTMxMTAvBgNVBAUTKDlBM0ZFNTQxMjJBNTA5NkQzRUREODgwNjBFRDREOTE4 M0NCRTE4NjcwHhcNMjUwMzI2MjAwMDAwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2U0NWNjMC1kMjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt0ys9CfpiqWjJuQrPRIJHq2pOhwndJy1S6UFNXPf6+pM3+zBuL9KbVRX+/q6 mn/P+hkRiA2Krl00uMf3ObAWHcW1k4bEIOsGw2oS9fO/xMbhvma8W9tZpaSFvBJM 4kwWKPcMojyOajIKGhsdAQtaJ2BFdQIoUB0Q3ckVnPJWAgjQ9eVOB+jZG0ozaf0v oKLTBNNMlWT17XYsTIIYNzpRfeOAwXc5+w3jUADIKKq0Pqw5j3xHT833bgb+rawW CHwiKiTMN1O97eGJ8VX+AWm9wVfTk099g9P+CHlVP+FAXaQrRlgVpRBueB5ASjYa s6Km5tYh0VImDdMWe47v0b8kYwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFB/NwJwR WXeG1EeHVvCCem8nKf6YMB8GA1UdIwQYMBaAFJo/5UEipQltPt2IBg7U2Rg8vhhn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjQ5My81RkNBQjY3MjY4 RjMxMUVBODMyRERCMzdDNEY5QUUwMi9tal9sUVNLbENXMC0zWWdHRHRUWkdEeS1H R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21qX2xRU0tsQ1cwLTNZZ0dEdFRaR0R5LUdHYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkI0OTMvNUZDQUI2NzI2OEYzMTFFQTgzMkREQjM3QzRGOUFFMDIvMDdDRDY4QTIx M0FEMTFFRkFERUQwMDNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MDQEAgACMC4DCQAgAQIYIAAAEQMJACABAhggAAAhMBYDCQAgAQIYQAEAAQMJ ACABAhhAAQACMA0GCSqGSIb3DQEBCwUAA4IBAQCWSjMCtPQLgOvgVwF4yNW+s0zy Cbo5kSgfLSdr47jYG+1GvQM4A7GfoRHrZQKizerChLNUi2dt2NZ0CrGIW0Xl3PJt VSB6X4FgQ3vZrK+RD8w5NwFZOtjk2XYASai8dCcXH55D/cj9BzexPq/B4HcQL3YA sIDtpzjt4pBKqag/BKt+2M9Lz8MipnHDnt2y3lj796LaOb3H4llxj4sgF9C7x6Bg 0FkjtvluE8XdYKRcC/ee8wrZQophLb9X3qZnXD/57GKq7/9H4uwaC7ZcUYI6SYdp lQLQTqf8OkkM5Ag/qxZHCn+Se5sO8WiX2+GGEA95k2oQUakovnZRBAoW7BJU -----END CERTIFICATE-----Generated at Sat Apr 26 08:35:31 2025 by rpki-client