$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/8D864528E26911EFB89A9142C4F9AE02.roa File: 8D864528E26911EFB89A9142C4F9AE02.roa (raw, json) Hash identifier: y31kJqG82XvEmO9/QRkcWiRFKFh5zoKjaSnnJfP7MyE= Subject key identifier: 9E:37:38:45:58:79:EB:EF:1D:B2:1E:79:6D:8D:36:73:98:D0:9D:FF Certificate issuer: /CN=A91BB493/serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867 Certificate serial: 0A6A Authority key identifier: 9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/8D864528E26911EFB89A9142C4F9AE02.roa Signing time: Wed 26 Mar 2025 20:00:00 +0000 ROA not before: Wed 26 Mar 2025 20:00:00 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 4058 IP address blocks: 2001:218:2000:2::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2666 (0xa6a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB493, serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867 Validity Not Before: Mar 26 20:00:00 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67e45cbf-b6d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:cd:9e:07:af:51:d6:d6:2f:d3:78:61:8b:f2: 78:27:c7:4e:70:50:21:55:7b:11:72:c7:a9:e0:5f: 05:e4:fb:77:ce:81:19:e1:96:73:4e:03:2f:5e:c1: 2d:7e:a3:de:cb:ab:a5:ed:cc:a1:c8:5d:61:30:df: a8:f4:b0:95:b5:08:51:72:a1:8f:7d:a9:95:be:ec: a1:01:f9:20:73:58:7f:c5:55:93:e6:10:93:ce:6c: 49:76:0b:ea:8d:b9:2e:c9:f7:0a:41:13:25:bc:d9: 51:85:e9:8c:1d:ff:8f:b1:7a:4e:7c:db:66:e0:cb: 6d:a8:6b:79:29:0b:e3:db:3d:ba:2f:93:50:49:00: 06:ad:8c:b7:9a:e9:67:0b:ff:69:b6:2a:ec:53:3f: f7:25:22:3e:c5:6b:4f:a9:bc:ec:54:79:04:03:76: f8:d8:20:ae:76:d4:c5:1a:f9:8b:31:84:08:0b:ec: 81:aa:c2:e0:d3:88:96:96:72:cc:33:18:78:dc:4d: 90:c9:53:9b:83:98:39:20:91:2f:79:12:80:46:39: 2d:6d:54:a8:5d:15:d5:f2:ae:a6:33:25:05:22:1d: 4c:f6:76:ec:18:2d:17:90:d6:10:4d:2a:8b:00:6b: 2f:c8:39:42:e0:a2:cb:42:73:61:a3:1d:c4:2a:19: 87:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:37:38:45:58:79:EB:EF:1D:B2:1E:79:6D:8D:36:73:98:D0:9D:FF X509v3 Authority Key Identifier: keyid:9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/8D864528E26911EFB89A9142C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:218:2000:2::/64 Signature Algorithm: sha256WithRSAEncryption 40:f7:25:6d:84:ca:68:ab:d0:9c:8b:78:26:3b:dd:6d:91:80: 75:46:18:e6:29:19:5b:27:6f:9c:c3:ef:7b:78:44:e0:a0:ac: ee:c8:d3:65:a5:51:14:dc:ce:13:69:cf:76:00:0c:55:83:86: 50:10:96:d0:e9:4f:45:a8:06:9b:d9:bf:bc:cf:7b:58:ee:53: 8f:ba:12:b0:66:e8:75:7c:d2:01:33:8d:55:9c:ba:b8:13:42: 4c:ba:16:c2:c6:44:ca:86:3b:cd:af:de:83:a0:b7:a4:ef:fb: 6a:0a:97:84:fb:47:7c:4e:ba:db:ac:34:f3:7a:94:7a:3d:03: 7c:67:be:c6:af:07:e9:62:3f:6e:ae:89:47:05:38:d6:3a:e2: 9e:2a:30:0b:3a:92:01:52:78:0d:91:75:75:e8:0f:96:37:74: a6:c9:0d:37:3e:e1:9c:de:94:12:18:0f:ad:da:4b:01:b1:a3: d5:5e:7b:93:1a:1c:27:6e:d2:66:e9:e7:80:c9:50:4a:38:0f: 24:f5:e5:bd:8e:44:79:cc:34:e7:fa:b6:b6:37:dc:1c:b7:98: 9a:29:37:87:a9:60:72:cf:14:3e:e8:70:1c:c4:27:77:db:42: 18:c8:3a:98:46:05:44:c5:2f:33:71:07:e3:fe:63:4a:29:1d: e1:86:e1:46 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgICCmowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI0OTMxMTAvBgNVBAUTKDlBM0ZFNTQxMjJBNTA5NkQzRUREODgwNjBFRDREOTE4 M0NCRTE4NjcwHhcNMjUwMzI2MjAwMDAwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2U0NWNiZi1iNmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuM2eB69R1tYv03hhi/J4J8dOcFAhVXsRcsep4F8F5Pt3zoEZ4ZZzTgMvXsEt fqPey6ul7cyhyF1hMN+o9LCVtQhRcqGPfamVvuyhAfkgc1h/xVWT5hCTzmxJdgvq jbkuyfcKQRMlvNlRhemMHf+PsXpOfNtm4MttqGt5KQvj2z26L5NQSQAGrYy3muln C/9ptirsUz/3JSI+xWtPqbzsVHkEA3b42CCudtTFGvmLMYQIC+yBqsLg04iWlnLM Mxh43E2QyVObg5g5IJEveRKARjktbVSoXRXV8q6mMyUFIh1M9nbsGC0XkNYQTSqL AGsvyDlC4KLLQnNhox3EKhmHFwIDAQABo4ICmjCCApYwHQYDVR0OBBYEFJ43OEVY eevvHbIeeW2NNnOY0J3/MB8GA1UdIwQYMBaAFJo/5UEipQltPt2IBg7U2Rg8vhhn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjQ5My81RkNBQjY3MjY4 RjMxMUVBODMyRERCMzdDNEY5QUUwMi9tal9sUVNLbENXMC0zWWdHRHRUWkdEeS1H R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21qX2xRU0tsQ1cwLTNZZ0dEdFRaR0R5LUdHYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkI0OTMvNUZDQUI2NzI2OEYzMTFFQTgzMkREQjM3QzRGOUFFMDIvOEQ4NjQ1MjhF MjY5MTFFRkI4OUE5MTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E FTATMBEEAgACMAsDCQAgAQIYIAAAAjANBgkqhkiG9w0BAQsFAAOCAQEAQPclbYTK aKvQnIt4JjvdbZGAdUYY5ikZWydvnMPve3hE4KCs7sjTZaVRFNzOE2nPdgAMVYOG UBCW0OlPRagGm9m/vM97WO5Tj7oSsGbodXzSATONVZy6uBNCTLoWwsZEyoY7za/e g6C3pO/7agqXhPtHfE6626w083qUej0DfGe+xq8H6WI/bq6JRwU41jriniowCzqS AVJ4DZF1degPljd0pskNNz7hnN6UEhgPrdpLAbGj1V57kxocJ27SZunngMlQSjgP JPXlvY5Eecw05/q2tjfcHLeYmik3h6lgcs8UPuhwHMQnd9tCGMg6mEYFRMUvM3EH 4/5jSikd4YbhRg== -----END CERTIFICATE-----Generated at Sat Apr 26 09:34:11 2025 by rpki-client