$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/4BDF403A1A7B11F0A104ED51C4F9AE02.roa File: 4BDF403A1A7B11F0A104ED51C4F9AE02.roa (raw, json) Hash identifier: XA24y6Bmnh9zhYcZE0f+nzYkNFXplMfx6oKN/T97TM8= Subject key identifier: 98:9A:6F:75:CC:28:0E:8C:A8:F4:AE:AB:51:09:63:14:04:87:65:71 Certificate issuer: /CN=A91C7AA5/serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A Certificate serial: 0C Authority key identifier: F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/4BDF403A1A7B11F0A104ED51C4F9AE02.roa Signing time: Wed 16 Apr 2025 04:28:50 +0000 ROA not before: Wed 16 Apr 2025 04:28:50 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 8075 IP address blocks: 203.2.220.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:08:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12 (0xc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7AA5, serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A Validity Not Before: Apr 16 04:28:50 2025 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=67ff3202-dee6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:53:87:34:6f:59:88:03:51:bf:67:07:e2:43: 89:1f:fe:7d:ac:09:33:bf:c0:c3:62:d3:3d:86:d1: 2f:49:a1:42:4f:11:f5:8c:e1:da:8f:fe:71:1a:37: 79:40:10:4a:7c:ca:16:d4:c6:07:58:48:ac:e0:91: fb:d4:5c:b7:e3:7f:8f:d8:89:81:5c:8f:83:6e:0e: 52:ca:70:17:bc:dc:87:8b:69:4e:27:f8:05:58:72: 66:4d:20:90:c3:7a:44:80:d4:14:cb:80:40:85:99: 45:96:a3:6e:a9:93:30:02:44:65:3d:c0:a6:bd:fd: c4:07:2f:21:e4:48:ae:15:68:42:48:18:64:64:f9: 2a:ba:56:97:d9:ce:0c:7f:3c:34:9f:9d:c6:02:b3: 4d:49:f6:9d:fc:f5:41:e8:dc:44:a7:4c:bc:c3:7b: 12:f2:08:e3:fc:bd:a6:0e:bf:03:87:b9:c2:af:bc: 7f:2f:06:cb:5f:fd:d3:63:73:2c:8b:22:a9:96:90: b6:4c:4c:10:17:4d:c0:34:df:b3:95:61:50:45:dc: 7f:7c:d4:03:16:f8:a4:5a:ad:84:57:5c:c1:ca:ba: bb:9e:b8:ab:6b:0c:43:cc:8b:9a:90:8e:85:1f:b6: 81:7c:fd:da:13:7e:a5:97:27:22:a6:f7:d6:21:38: 34:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:9A:6F:75:CC:28:0E:8C:A8:F4:AE:AB:51:09:63:14:04:87:65:71 X509v3 Authority Key Identifier: keyid:F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/4BDF403A1A7B11F0A104ED51C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.2.220.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:c2:4d:7a:1a:24:cb:a6:ea:05:2e:60:e1:1b:08:88:5d:2c: c3:c1:9b:e1:2a:03:39:1f:9f:86:95:1a:66:75:9c:80:86:8f: ee:c3:82:46:eb:b8:74:39:c2:bb:db:d6:a9:e0:a9:7a:aa:f2: b4:1a:ce:73:b4:10:db:c9:64:5b:fc:dd:cb:8a:0a:8c:ef:57: 42:b3:4b:4c:60:64:70:88:21:fd:c4:86:38:33:22:c0:2d:16: ab:f3:b5:a1:c6:4f:76:35:e7:b4:b6:4d:b5:df:11:11:74:c0: 73:3f:f0:09:0b:01:cf:2b:f7:e1:4e:13:21:e3:02:fe:fa:2e: 9a:60:63:dc:ce:47:7c:8b:2b:89:80:5a:28:c1:cc:22:39:76: 1c:15:11:06:50:e4:91:46:ff:c3:04:75:01:31:8b:3d:98:5f: 16:9b:f8:1d:e4:67:e6:61:16:c6:65:df:17:66:ed:9f:85:ff: 44:d7:e4:cd:92:e4:65:07:b9:0c:5f:a8:1f:c2:60:0e:39:eb: 6c:cb:c2:a3:5e:81:8b:23:67:0f:53:c6:60:9a:e6:fc:2c:19: 7a:7a:d6:e8:ea:f0:f6:9f:ab:3f:b8:05:86:d5:6f:7f:4b:34: 10:e8:8d:bb:8a:11:bd:2d:15:7c:dc:41:d4:81:b6:50:23:ad: 7f:b1:a1:04 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD N0FBNTExMC8GA1UEBRMoRjcyNjdFODBCRTgxN0YwNDNEMjhGQjdFNzMwNUY0QzQ4 OEE4MzkxQTAeFw0yNTA0MTYwNDI4NTBaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ZmYzMjAyLWRlZTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4U4c0b1mIA1G/ZwfiQ4kf/n2sCTO/wMNi0z2G0S9JoUJPEfWM4dqP/nEaN3lA EEp8yhbUxgdYSKzgkfvUXLfjf4/YiYFcj4NuDlLKcBe83IeLaU4n+AVYcmZNIJDD ekSA1BTLgECFmUWWo26pkzACRGU9wKa9/cQHLyHkSK4VaEJIGGRk+Sq6VpfZzgx/ PDSfncYCs01J9p389UHo3ESnTLzDexLyCOP8vaYOvwOHucKvvH8vBstf/dNjcyyL IqmWkLZMTBAXTcA037OVYVBF3H981AMW+KRarYRXXMHKurueuKtrDEPMi5qQjoUf toF8/doTfqWXJyKm99YhODTFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUmJpvdcwo Doyo9K6rUQljFASHZXEwHwYDVR0jBBgwFoAU9yZ+gL6BfwQ9KPt+cwX0xIioORow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3QUE1L0JBRkIzNTc0MTVC QjExRjBCRkQ1NDg4MUM0RjlBRTAyLzl5Wi1nTDZCZndROUtQdC1jd1gweElpb09S by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvOXlaLWdMNkJmd1E5S1B0LWN3WDB4SWlvT1JvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD N0FBNS9CQUZCMzU3NDE1QkIxMUYwQkZENTQ4ODFDNEY5QUUwMi80QkRGNDAzQTFB N0IxMUYwQTEwNEVENTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAMsC3DANBgkqhkiG9w0BAQsFAAOCAQEAjsJNehoky6bqBS5g 4RsIiF0sw8Gb4SoDOR+fhpUaZnWcgIaP7sOCRuu4dDnCu9vWqeCpeqrytBrOc7QQ 28lkW/zdy4oKjO9XQrNLTGBkcIgh/cSGODMiwC0Wq/O1ocZPdjXntLZNtd8REXTA cz/wCQsBzyv34U4TIeMC/voummBj3M5HfIsriYBaKMHMIjl2HBURBlDkkUb/wwR1 ATGLPZhfFpv4HeRn5mEWxmXfF2btn4X/RNfkzZLkZQe5DF+oH8JgDjnrbMvCo16B iyNnD1PGYJrm/CwZenrW6Orw9p+rP7gFhtVvf0s0EOiNu4oRvS0VfNxB1IG2UCOt f7GhBA== -----END CERTIFICATE-----Generated at Sat Apr 26 08:33:39 2025 by rpki-client