$ rpki-client -vvf rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/B757FF4EAB8311EA9983D717C4F9AE02.roa File: B757FF4EAB8311EA9983D717C4F9AE02.roa (raw, json) Hash identifier: q5IkP0u3/4X3zrB3YXKIdUEoegOtePooQhqPih9d+0I= Subject key identifier: 4C:C9:6A:E8:3B:AD:FF:78:31:57:B8:94:15:CD:F8:C3:69:4B:E4:EA Certificate issuer: /CN=A91BCF31/serialNumber=5F8E4FD4A6DD635E43782E5A055622CAB2654A37 Certificate serial: 08BB Authority key identifier: 5F:8E:4F:D4:A6:DD:63:5E:43:78:2E:5A:05:56:22:CA:B2:65:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X45P1KbdY15DeC5aBVYiyrJlSjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/B757FF4EAB8311EA9983D717C4F9AE02.roa Signing time: Mon 20 Jan 2025 20:19:49 +0000 ROA not before: Mon 20 Jan 2025 20:19:49 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 10109 IP address blocks: 119.40.96.0/21 maxlen: 21 119.40.96.0/24 maxlen: 24 119.40.97.0/24 maxlen: 24 119.40.98.0/24 maxlen: 24 119.40.99.0/24 maxlen: 24 119.40.100.0/24 maxlen: 24 119.40.101.0/24 maxlen: 24 119.40.102.0/24 maxlen: 24 119.40.103.0/24 maxlen: 24 2400:d4e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/X45P1KbdY15DeC5aBVYiyrJlSjc.crl rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/X45P1KbdY15DeC5aBVYiyrJlSjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X45P1KbdY15DeC5aBVYiyrJlSjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:16:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2235 (0x8bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BCF31, serialNumber=5F8E4FD4A6DD635E43782E5A055622CAB2654A37 Validity Not Before: Jan 20 20:19:49 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=678eafe5-4488 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:17:70:b6:9a:a8:f1:b8:ba:55:96:b8:4d:25: 9f:a6:02:f2:ff:47:54:04:e2:b8:a3:28:d6:f6:87: 75:33:c2:d1:0c:7c:b9:4c:0f:ba:10:cf:f5:dc:b5: 41:a3:5d:8e:99:9b:e1:6a:44:79:5b:e2:39:60:ca: be:ef:04:89:76:8e:fa:3d:3f:28:67:83:3d:8a:d9: e5:52:5a:cc:bf:76:01:6d:99:66:03:e5:8c:d8:73: b6:a8:ad:56:f3:b2:57:c2:f9:86:34:9b:0c:76:fc: c8:22:bd:76:d4:b8:bb:1f:2b:97:03:0b:30:7e:6c: 4f:ff:00:f7:78:3c:fe:33:d2:50:be:2a:17:c3:24: fd:8d:60:51:ea:06:51:f4:8b:af:1b:0f:24:73:cf: ba:5c:8d:e5:cf:fb:4e:00:0a:b3:26:e8:5b:f8:5c: ae:9e:b3:24:f6:20:6e:24:11:5a:39:72:c5:3a:23: 6b:7f:50:ae:cf:7d:26:29:29:cb:b8:ee:4b:47:f7: 13:b8:ca:96:fe:ce:58:33:91:06:b8:a0:64:e5:36: 31:27:ad:42:53:87:54:52:49:82:2b:83:e5:8d:df: 98:a9:cd:18:54:cd:6b:72:39:87:eb:ca:38:49:68: 25:c2:37:d2:e2:3d:14:e1:92:16:ca:62:77:ef:7f: 3c:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:C9:6A:E8:3B:AD:FF:78:31:57:B8:94:15:CD:F8:C3:69:4B:E4:EA X509v3 Authority Key Identifier: keyid:5F:8E:4F:D4:A6:DD:63:5E:43:78:2E:5A:05:56:22:CA:B2:65:4A:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/X45P1KbdY15DeC5aBVYiyrJlSjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X45P1KbdY15DeC5aBVYiyrJlSjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BCF31/AF7FED62AA4E11EA9D8EC782C4F9AE02/B757FF4EAB8311EA9983D717C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 119.40.96.0/21 IPv6: 2400:d4e0::/32 Signature Algorithm: sha256WithRSAEncryption 20:ce:24:33:64:ec:df:f0:29:a8:11:1c:cd:97:5c:9b:4b:cf: 1c:a1:48:31:11:6e:c0:aa:ba:c5:25:16:60:96:52:c6:a4:ec: 45:e9:e1:25:14:d5:69:f9:31:01:b1:4e:e5:c0:14:9c:bc:c5: 54:36:8a:b3:b8:3f:f5:cb:23:78:86:95:4f:be:33:8d:8a:54: 0b:af:18:90:8b:ec:3b:43:54:63:b5:93:01:89:3d:64:be:af: aa:08:57:b5:a2:aa:d4:40:59:db:0f:56:12:47:8c:e4:f7:1a: f7:cc:56:15:ac:fb:1d:fb:8e:65:25:e2:5e:34:34:78:34:9a: 8f:7a:1d:fb:cd:02:8a:89:78:d9:72:99:d2:c0:49:88:80:f8: 2a:09:e6:0a:34:f9:18:7d:a0:28:8e:de:41:a0:ee:52:31:d2: d5:66:bc:c3:77:9c:e3:fc:c2:aa:36:41:8e:60:eb:40:85:ad: e3:7a:4d:31:30:4d:a3:ed:14:b7:8b:6a:d5:27:4d:46:53:b1: ed:f3:21:20:b8:fc:c6:21:68:e9:5a:3e:8a:c1:d9:1d:61:95: d4:88:ba:80:cd:d3:35:da:ef:d9:c4:b7:6b:2e:9f:ff:ef:e7: e1:2c:16:5c:d1:80:cc:e2:43:a4:5d:c5:c4:8e:36:d5:6b:13: f4:5d:23:4f -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICCLswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkNGMzExMTAvBgNVBAUTKDVGOEU0RkQ0QTZERDYzNUU0Mzc4MkU1QTA1NTYyMkNB QjI2NTRBMzcwHhcNMjUwMTIwMjAxOTQ5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzhlYWZlNS00NDg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApBdwtpqo8bi6VZa4TSWfpgLy/0dUBOK4oyjW9od1M8LRDHy5TA+6EM/13LVB o12OmZvhakR5W+I5YMq+7wSJdo76PT8oZ4M9itnlUlrMv3YBbZlmA+WM2HO2qK1W 87JXwvmGNJsMdvzIIr121Li7HyuXAwswfmxP/wD3eDz+M9JQvioXwyT9jWBR6gZR 9IuvGw8kc8+6XI3lz/tOAAqzJuhb+FyunrMk9iBuJBFaOXLFOiNrf1Cuz30mKSnL uO5LR/cTuMqW/s5YM5EGuKBk5TYxJ61CU4dUUkmCK4Pljd+Yqc0YVM1rcjmH68o4 SWglwjfS4j0U4ZIWymJ37388OwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEzJaug7 rf94MVe4lBXN+MNpS+TqMB8GA1UdIwQYMBaAFF+OT9Sm3WNeQ3guWgVWIsqyZUo3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQ0YzMS9BRjdGRUQ2MkFB NEUxMUVBOUQ4RUM3ODJDNEY5QUUwMi9YNDVQMUtiZFkxNURlQzVhQlZZaXlySmxT amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1g0NVAxS2JkWTE1RGVDNWFCVllpeXJKbFNqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkNGMzEvQUY3RkVENjJBQTRFMTFFQTlEOEVDNzgyQzRGOUFFMDIvQjc1N0ZGNEVB QjgzMTFFQTk5ODNENzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAN3KGAwDQQCAAIwBwMFACQA1OAwDQYJKoZIhvcNAQELBQAD ggEBACDOJDNk7N/wKagRHM2XXJtLzxyhSDERbsCqusUlFmCWUsak7EXp4SUU1Wn5 MQGxTuXAFJy8xVQ2irO4P/XLI3iGlU++M42KVAuvGJCL7DtDVGO1kwGJPWS+r6oI V7WiqtRAWdsPVhJHjOT3GvfMVhWs+x37jmUl4l40NHg0mo96HfvNAoqJeNlymdLA SYiA+CoJ5go0+Rh9oCiO3kGg7lIx0tVmvMN3nOP8wqo2QY5g60CFreN6TTEwTaPt FLeLatUnTUZTse3zISC4/MYhaOlaPorB2R1hldSIuoDN0zXa79nEt2sun//v5+Es FlzRgMziQ6RdxcSONtVrE/RdI08= -----END CERTIFICATE-----Generated at Sat Apr 26 07:51:00 2025 by rpki-client