$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/2251B910AC7411EBBE196180C4F9AE02.roa File: 2251B910AC7411EBBE196180C4F9AE02.roa (raw, json) Hash identifier: 0oRyzqVuAdePO5EPsN2BuW/GIZU57nKR40ge4zIrFQo= Subject key identifier: 8A:32:BE:C3:BD:94:73:ED:61:82:7E:BE:5B:9B:F7:98:A6:0D:31:9F Certificate issuer: /CN=A91C2168/serialNumber=9D346E6DB39C3D330C1AFF94060E15055FF4ED1C Certificate serial: 3495 Authority key identifier: 9D:34:6E:6D:B3:9C:3D:33:0C:1A:FF:94:06:0E:15:05:5F:F4:ED:1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTRubbOcPTMMGv-UBg4VBV_07Rw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/2251B910AC7411EBBE196180C4F9AE02.roa Signing time: Thu 24 Apr 2025 15:10:50 +0000 ROA not before: Thu 24 Apr 2025 15:10:50 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 24324 IP address blocks: 122.200.176.0/20 maxlen: 20 124.157.64.0/19 maxlen: 19 124.157.68.0/22 maxlen: 22 124.157.96.0/19 maxlen: 19 202.36.132.0/24 maxlen: 24 202.49.128.0/21 maxlen: 21 202.49.129.0/24 maxlen: 24 202.49.131.0/24 maxlen: 24 202.49.132.0/24 maxlen: 24 202.49.133.0/24 maxlen: 24 203.14.20.0/24 maxlen: 24 203.161.187.0/24 maxlen: 24 203.195.124.0/24 maxlen: 24 2404:6c00::/32 maxlen: 32 2404:6c00:a000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/nTRubbOcPTMMGv-UBg4VBV_07Rw.crl rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/nTRubbOcPTMMGv-UBg4VBV_07Rw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTRubbOcPTMMGv-UBg4VBV_07Rw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:10:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13461 (0x3495) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2168, serialNumber=9D346E6DB39C3D330C1AFF94060E15055FF4ED1C Validity Not Before: Apr 24 15:10:50 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=680a547a-273b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:1f:ce:46:73:f5:5e:20:fe:e9:de:af:8c:f3: 99:99:4b:93:92:6d:85:53:b7:4b:11:8b:cb:b4:9d: 81:17:f3:d5:db:54:1d:fd:20:61:1a:85:11:d6:fa: 9d:da:1a:32:03:aa:6a:19:dc:05:44:9a:94:12:ba: 21:2e:fe:96:4a:68:5f:eb:af:c4:a4:e3:be:fb:40: 83:23:03:d5:77:f2:49:d0:a0:c9:52:f8:5e:0c:1d: 75:12:57:fb:d1:07:68:6a:17:b0:12:33:a9:d4:c9: 6e:ae:0f:e3:bc:0a:71:6a:cb:d0:09:23:42:14:74: 6c:92:e1:05:a8:33:04:96:d3:2b:72:a2:07:a3:ab: e2:f4:da:ba:0b:83:0f:1f:07:d5:29:f0:3f:88:f3: c4:48:31:80:53:4c:66:a9:fe:f2:31:ff:2c:d0:8f: 3a:59:5f:e7:d2:3d:1c:d4:3a:0c:c1:03:9d:fe:53: 21:b8:26:e8:a9:fc:54:28:c6:64:60:58:ee:98:7f: 90:35:85:d5:b7:c7:fa:22:1a:47:10:c8:05:7f:06: 56:a4:51:46:43:da:e1:84:4a:ef:ff:46:e8:88:e6: bc:77:57:f1:f7:a6:fa:37:8a:67:65:62:6c:2d:87: 01:79:08:30:3d:62:0d:ae:20:e6:85:01:79:90:5b: 02:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:32:BE:C3:BD:94:73:ED:61:82:7E:BE:5B:9B:F7:98:A6:0D:31:9F X509v3 Authority Key Identifier: keyid:9D:34:6E:6D:B3:9C:3D:33:0C:1A:FF:94:06:0E:15:05:5F:F4:ED:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/nTRubbOcPTMMGv-UBg4VBV_07Rw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTRubbOcPTMMGv-UBg4VBV_07Rw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/2251B910AC7411EBBE196180C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 122.200.176.0/20 124.157.64.0/18 202.36.132.0/24 202.49.128.0/21 203.14.20.0/24 203.161.187.0/24 203.195.124.0/24 IPv6: 2404:6c00::/32 Signature Algorithm: sha256WithRSAEncryption a3:ff:ec:84:b0:f1:01:9b:ee:32:c1:44:ea:44:50:3d:a2:7c: a6:b8:f1:3d:15:8c:3f:c5:6f:8d:66:c1:06:8b:90:f0:f4:3e: 06:82:de:2c:7e:7a:23:0c:02:7f:1c:78:c8:6c:7e:82:a9:dc: 1d:78:97:0a:c0:6f:7d:39:4e:6c:d4:f4:b0:0e:f1:45:34:3c: 21:1f:38:33:bc:17:9d:ba:b1:5f:64:42:b8:bc:d4:3d:6c:83: b1:63:fa:ac:37:0b:1f:f4:b1:fa:2c:85:8e:08:97:e0:47:98: 39:65:45:48:88:95:cc:b7:53:1d:22:b2:df:84:6f:2b:bb:03: a0:09:2f:04:85:3c:65:b0:f9:d5:d8:c4:79:60:7d:b1:6e:59: 52:1b:5e:82:34:6d:52:b9:3a:5b:5f:23:06:ce:f8:5d:4a:d5: 78:40:5f:03:1c:28:da:f5:23:84:53:36:91:b7:bf:46:02:42: 3c:98:74:ea:a0:b0:bc:66:1c:88:5c:05:8f:c2:1f:51:22:24: 5f:d2:fe:a5:48:8c:e0:39:3b:2d:fe:06:71:b9:13:f3:8d:e2: a8:7d:0e:88:4f:0f:91:8d:38:a3:08:09:37:5b:b0:33:26:cb: c1:3e:d8:df:12:be:11:3b:74:94:0a:48:b4:ae:c7:08:f1:14: 39:bc:a7:b9 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICNJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzIxNjgxMTAvBgNVBAUTKDlEMzQ2RTZEQjM5QzNEMzMwQzFBRkY5NDA2MEUxNTA1 NUZGNEVEMUMwHhcNMjUwNDI0MTUxMDUwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODBhNTQ3YS0yNzNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAox/ORnP1XiD+6d6vjPOZmUuTkm2FU7dLEYvLtJ2BF/PV21Qd/SBhGoUR1vqd 2hoyA6pqGdwFRJqUErohLv6WSmhf66/EpOO++0CDIwPVd/JJ0KDJUvheDB11Elf7 0QdoahewEjOp1Mlurg/jvApxasvQCSNCFHRskuEFqDMEltMrcqIHo6vi9Nq6C4MP HwfVKfA/iPPESDGAU0xmqf7yMf8s0I86WV/n0j0c1DoMwQOd/lMhuCboqfxUKMZk YFjumH+QNYXVt8f6IhpHEMgFfwZWpFFGQ9rhhErv/0boiOa8d1fx96b6N4pnZWJs LYcBeQgwPWINriDmhQF5kFsCHwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFIoyvsO9 lHPtYYJ+vlub95imDTGfMB8GA1UdIwQYMBaAFJ00bm2znD0zDBr/lAYOFQVf9O0c MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjE2OC8yNEM2MkMwNjFE OTExMUUyOTI0NDMwRjMwOEIwMkNEMi9uVFJ1YmJPY1BUTU1Hdi1VQmc0VkJWXzA3 UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25UUnViYk9jUFRNTUd2LVVCZzRWQlZfMDdSdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzIxNjgvMjRDNjJDMDYxRDkxMTFFMjkyNDQzMEYzMDhCMDJDRDIvMjI1MUI5MTBB Qzc0MTFFQkJFMTk2MTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMDAEAgABMCoDBAR6yLADBAZ8nUADBADKJIQDBAPKMYADBADLDhQDBADLobsD BADLw3wwDQQCAAIwBwMFACQEbAAwDQYJKoZIhvcNAQELBQADggEBAKP/7ISw8QGb 7jLBROpEUD2ifKa48T0VjD/Fb41mwQaLkPD0PgaC3ix+eiMMAn8ceMhsfoKp3B14 lwrAb305TmzU9LAO8UU0PCEfODO8F526sV9kQri81D1sg7Fj+qw3Cx/0sfoshY4I l+BHmDllRUiIlcy3Ux0ist+Ebyu7A6AJLwSFPGWw+dXYxHlgfbFuWVIbXoI0bVK5 OltfIwbO+F1K1XhAXwMcKNr1I4RTNpG3v0YCQjyYdOqgsLxmHIhcBY/CH1EiJF/S /qVIjOA5Oy3+BnG5E/ON4qh9DohPD5GNOKMICTdbsDMmy8E+2N8SvhE7dJQKSLSu xwjxFDm8p7k= -----END CERTIFICATE-----Generated at Sat Apr 26 09:01:31 2025 by rpki-client