$ rpki-client -vvf rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/3FEFA562483D11EC82E81112C4F9AE02.roa File: 3FEFA562483D11EC82E81112C4F9AE02.roa (raw, json) Hash identifier: rK0c8XECyvN9kLfaJ8Yz0Teq8RiIt0v2rBtEKSM98ow= Subject key identifier: FA:B8:4E:5A:93:AD:65:0D:3A:BB:62:12:32:9D:1D:1D:33:FB:84:B7 Certificate issuer: /CN=A91C65E8/serialNumber=BCDCE8B06F05962340300C9C4747B5A251A219C4 Certificate serial: 3468 Authority key identifier: BC:DC:E8:B0:6F:05:96:23:40:30:0C:9C:47:47:B5:A2:51:A2:19:C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vNzosG8FliNAMAycR0e1olGiGcQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/3FEFA562483D11EC82E81112C4F9AE02.roa Signing time: Thu 30 Jan 2025 15:01:00 +0000 ROA not before: Thu 30 Jan 2025 15:01:00 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 45344 IP address blocks: 210.48.216.0/24 maxlen: 24 210.48.217.0/24 maxlen: 24 210.48.218.0/24 maxlen: 24 210.48.219.0/24 maxlen: 24 210.48.220.0/24 maxlen: 24 210.48.221.0/24 maxlen: 24 210.48.222.0/24 maxlen: 24 210.48.223.0/24 maxlen: 24 2001:df0:18::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/vNzosG8FliNAMAycR0e1olGiGcQ.crl rsync://rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/vNzosG8FliNAMAycR0e1olGiGcQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vNzosG8FliNAMAycR0e1olGiGcQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:54:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13416 (0x3468) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C65E8, serialNumber=BCDCE8B06F05962340300C9C4747B5A251A219C4 Validity Not Before: Jan 30 15:01:00 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=679b942b-e740 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:4f:92:3b:4d:b3:a0:6d:10:46:6e:72:2f:cc: 3f:96:cc:70:4e:ea:33:ab:07:3a:6b:5f:76:7e:7c: b4:e7:f1:d9:85:c3:b8:db:8c:fd:63:86:fb:09:c2: 88:41:be:af:a0:64:71:85:3d:0e:75:fb:2d:d3:d7: 93:85:55:9d:3b:60:8c:35:d1:c4:f6:be:f1:e2:95: 18:e7:93:25:f3:e6:e1:0d:69:e0:b9:90:6a:37:83: d5:41:0f:32:97:1a:4a:eb:8c:3a:4a:93:ff:20:34: d0:47:cc:be:8f:4b:96:3a:81:72:76:76:96:b1:d1: 61:e3:a9:a8:08:37:2c:78:9a:08:51:9b:df:da:76: 12:bb:e5:51:6b:a3:07:96:c8:39:ac:3b:1e:ce:77: 72:2c:6d:93:b0:bf:7d:c7:64:f1:8d:d2:82:82:23: a1:b2:4f:6d:c0:23:de:e7:a9:d4:63:9d:87:78:68: 25:6e:02:32:83:a6:08:59:3f:86:1b:f8:82:43:7b: 40:bb:b0:f9:88:7d:c4:3e:06:bb:b3:22:11:6d:d5: de:ab:f0:2d:5d:d3:7e:63:72:6d:8f:ce:b3:40:dc: 4c:00:45:f9:5d:95:57:97:20:47:46:3a:71:fb:68: 15:2a:d2:db:af:0b:74:1c:66:3e:01:c0:02:86:26: 25:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:B8:4E:5A:93:AD:65:0D:3A:BB:62:12:32:9D:1D:1D:33:FB:84:B7 X509v3 Authority Key Identifier: keyid:BC:DC:E8:B0:6F:05:96:23:40:30:0C:9C:47:47:B5:A2:51:A2:19:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/vNzosG8FliNAMAycR0e1olGiGcQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vNzosG8FliNAMAycR0e1olGiGcQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/3FEFA562483D11EC82E81112C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 210.48.216.0/21 IPv6: 2001:df0:18::/48 Signature Algorithm: sha256WithRSAEncryption 54:a2:2a:e2:5a:b8:8a:e1:0a:a9:f4:90:53:63:a5:fb:75:96: f5:b8:5b:be:6d:09:7b:ae:83:79:77:61:cd:84:5b:0e:26:0f: 2b:b7:97:82:9c:fb:10:77:28:d3:d9:a3:50:ac:53:05:31:7c: 0a:b4:62:df:2b:cc:2c:d2:87:8c:04:e6:07:a1:cb:42:95:67: 07:c5:ad:87:03:66:32:cf:9f:dc:d4:23:4e:de:cd:5d:c7:1f: fb:52:fe:9e:7d:a8:14:06:30:21:17:ed:bd:d9:fb:4c:f3:9e: 93:bf:94:8d:72:d0:c3:78:4d:fc:d2:ed:af:62:58:c7:dd:53: 56:58:08:56:6c:01:b6:5f:16:f1:e2:25:a0:3e:a8:3e:3b:91: 38:35:0e:c4:47:9c:c8:f8:a7:2d:21:77:d4:77:63:eb:e2:5c: b4:b4:c6:1f:94:f7:08:ec:69:7c:7e:7b:89:ed:f9:37:b4:a1: cf:33:58:99:c7:7f:3a:fe:27:15:3c:3c:44:16:5c:3d:3e:9c: 95:14:15:f6:64:da:f5:ea:00:d2:3e:95:95:cf:e4:7a:26:59: 0f:8c:61:2a:dc:26:9e:94:0f:98:d3:66:da:ca:98:14:d6:2f: 5d:15:e8:3c:5c:c6:40:ef:81:c4:77:89:5f:eb:9f:5d:5f:01: bb:09:06:6c -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICNGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzY1RTgxMTAvBgNVBAUTKEJDRENFOEIwNkYwNTk2MjM0MDMwMEM5QzQ3NDdCNUEy NTFBMjE5QzQwHhcNMjUwMTMwMTUwMTAwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzliOTQyYi1lNzQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA10+SO02zoG0QRm5yL8w/lsxwTuozqwc6a192fny05/HZhcO424z9Y4b7CcKI Qb6voGRxhT0Odfst09eThVWdO2CMNdHE9r7x4pUY55Ml8+bhDWnguZBqN4PVQQ8y lxpK64w6SpP/IDTQR8y+j0uWOoFydnaWsdFh46moCDcseJoIUZvf2nYSu+VRa6MH lsg5rDsezndyLG2TsL99x2TxjdKCgiOhsk9twCPe56nUY52HeGglbgIyg6YIWT+G G/iCQ3tAu7D5iH3EPga7syIRbdXeq/AtXdN+Y3Jtj86zQNxMAEX5XZVXlyBHRjpx +2gVKtLbrwt0HGY+AcAChiYl9wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPq4TlqT rWUNOrtiEjKdHR0z+4S3MB8GA1UdIwQYMBaAFLzc6LBvBZYjQDAMnEdHtaJRohnE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjVFOC9BMUYyM0E2NDFE OTkxMUUyOTVFQjUyODYwOEIwMkNEMi92Tnpvc0c4RmxpTkFNQXljUjBlMW9sR2lH Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZOem9zRzhGbGlOQU1BeWNSMGUxb2xHaUdjUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzY1RTgvQTFGMjNBNjQxRDk5MTFFMjk1RUI1Mjg2MDhCMDJDRDIvM0ZFRkE1NjI0 ODNEMTFFQzgyRTgxMTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAPSMNgwDwQCAAIwCQMHACABDfAAGDANBgkqhkiG9w0BAQsF AAOCAQEAVKIq4lq4iuEKqfSQU2Ol+3WW9bhbvm0Je66DeXdhzYRbDiYPK7eXgpz7 EHco09mjUKxTBTF8CrRi3yvMLNKHjATmB6HLQpVnB8WthwNmMs+f3NQjTt7NXccf +1L+nn2oFAYwIRftvdn7TPOek7+UjXLQw3hN/NLtr2JYx91TVlgIVmwBtl8W8eIl oD6oPjuRODUOxEecyPinLSF31Hdj6+JctLTGH5T3COxpfH57ie35N7ShzzNYmcd/ Ov4nFTw8RBZcPT6clRQV9mTa9eoA0j6Vlc/keiZZD4xhKtwmnpQPmNNm2sqYFNYv XRXoPFzGQO+BxHeJX+ufXV8BuwkGbA== -----END CERTIFICATE-----Generated at Sat Apr 26 05:56:37 2025 by rpki-client