$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/21B96F2E7BC911EBABCF472DC4F9AE02.roa File: 21B96F2E7BC911EBABCF472DC4F9AE02.roa (raw, json) Hash identifier: jfAjvDFneg9TxfVOqlYPDujvfvVSOSgnFYEvXUOG5OY= Subject key identifier: 9C:CB:74:64:88:BD:29:36:79:47:3B:9A:E1:AD:8A:1A:86:0B:C0:89 Certificate issuer: /CN=A91CB8BA/serialNumber=8382F6188C4A6DD66954D5718A3D9CCF9B8BF895 Certificate serial: 07A7 Authority key identifier: 83:82:F6:18:8C:4A:6D:D6:69:54:D5:71:8A:3D:9C:CF:9B:8B:F8:95 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/21B96F2E7BC911EBABCF472DC4F9AE02.roa Signing time: Thu 06 Feb 2025 20:19:26 +0000 ROA not before: Thu 06 Feb 2025 20:19:26 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 137280 IP address blocks: 213.255.228.0/23 maxlen: 23 213.255.230.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.crl rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:26:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1959 (0x7a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB8BA, serialNumber=8382F6188C4A6DD66954D5718A3D9CCF9B8BF895 Validity Not Before: Feb 6 20:19:26 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67a5194d-b577 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a8:9a:51:9c:07:ea:20:82:40:fd:f3:6b:e9: 7f:c7:62:d5:55:88:06:78:c2:7c:2f:dd:7f:ca:29: 86:27:b9:48:b6:bd:ff:c1:d3:52:5d:1d:06:65:22: fe:48:87:da:30:12:4b:22:12:e6:f9:da:24:35:b2: 8b:60:69:0f:bd:2c:76:4c:08:4e:26:31:bb:9d:7d: 9b:2b:a3:dd:16:68:98:7e:0f:4a:5c:58:6b:99:dd: 3d:c9:b0:4b:58:4e:2e:80:73:6e:3e:ed:05:83:28: d2:cd:24:7b:d2:3e:9c:99:5e:71:1d:f0:9f:70:ef: e1:05:d7:09:64:1e:21:54:7c:fe:4e:d4:bb:cb:78: 02:8e:39:c9:13:13:b3:ef:60:90:b2:d5:dc:50:ec: c6:1c:08:80:a7:61:b4:6b:ac:55:e0:05:f0:3b:a9: 3f:89:81:9c:54:08:7b:14:c9:d3:6d:0b:fc:6d:14: 20:3d:40:b0:52:07:b2:b2:5c:76:29:ed:dc:d2:0b: 1b:2b:44:46:9d:87:7b:58:0f:b6:25:5a:8a:48:2c: 9b:70:11:3a:8b:a2:eb:c1:32:11:9b:6e:77:80:16: e3:e5:56:21:a0:25:34:a8:75:b4:f1:52:ca:eb:1f: 43:3c:ec:e4:67:cd:f6:59:3f:66:5f:89:a4:31:f0: 55:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:CB:74:64:88:BD:29:36:79:47:3B:9A:E1:AD:8A:1A:86:0B:C0:89 X509v3 Authority Key Identifier: keyid:83:82:F6:18:8C:4A:6D:D6:69:54:D5:71:8A:3D:9C:CF:9B:8B:F8:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/21B96F2E7BC911EBABCF472DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 213.255.228.0-213.255.230.255 Signature Algorithm: sha256WithRSAEncryption 2e:11:e0:25:64:e9:45:6a:f7:4b:22:4b:0e:bb:e2:7d:72:9d: 3b:f5:62:fc:86:65:e7:29:c4:23:2b:9e:ba:3e:cd:96:c6:cc: ca:fc:95:ce:a3:9f:f8:95:f3:48:d2:47:42:87:b6:3d:0b:9f: 76:7d:c2:06:df:77:cd:ef:35:a2:f2:c2:7c:7b:21:b0:b0:b2: c0:cd:df:64:33:44:f7:b7:dc:75:63:20:14:e4:be:f0:cc:b4: f7:0b:17:28:2a:f2:ad:8a:2d:d8:da:44:0d:f5:8d:7d:e3:ca: 70:55:15:36:cd:1e:80:7c:fe:ff:b2:87:0b:7d:0a:a0:0e:b1: 03:56:7c:70:fc:6b:f9:73:26:1d:50:e8:7f:af:77:f9:70:0c: c5:fe:9b:49:69:49:37:8c:9e:cc:b5:ef:b8:b0:c7:e3:98:5f: 0c:a0:de:18:36:d4:80:12:00:34:53:e7:a9:59:06:c9:28:9f: 63:4f:93:3a:8e:87:5b:9f:dc:97:d8:8c:c1:6e:b9:9f:20:c2: 22:dd:5e:94:47:70:d2:ff:60:be:a8:b6:ca:fa:67:b1:c4:1e: 22:25:0d:45:1f:d2:ef:04:c3:ad:15:5d:c9:30:97:60:18:f7: 89:0d:4c:a1:26:b2:ca:96:b1:ce:85:ea:e1:d7:a8:31:28:ee: 79:26:ce:7f -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgICB6cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I4QkExMTAvBgNVBAUTKDgzODJGNjE4OEM0QTZERDY2OTU0RDU3MThBM0Q5Q0NG OUI4QkY4OTUwHhcNMjUwMjA2MjAxOTI2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2E1MTk0ZC1iNTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyqiaUZwH6iCCQP3za+l/x2LVVYgGeMJ8L91/yimGJ7lItr3/wdNSXR0GZSL+ SIfaMBJLIhLm+dokNbKLYGkPvSx2TAhOJjG7nX2bK6PdFmiYfg9KXFhrmd09ybBL WE4ugHNuPu0FgyjSzSR70j6cmV5xHfCfcO/hBdcJZB4hVHz+TtS7y3gCjjnJExOz 72CQstXcUOzGHAiAp2G0a6xV4AXwO6k/iYGcVAh7FMnTbQv8bRQgPUCwUgeyslx2 Ke3c0gsbK0RGnYd7WA+2JVqKSCybcBE6i6LrwTIRm253gBbj5VYhoCU0qHW08VLK 6x9DPOzkZ832WT9mX4mkMfBVgQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFJzLdGSI vSk2eUc7muGtihqGC8CJMB8GA1UdIwQYMBaAFIOC9hiMSm3WaVTVcYo9nM+bi/iV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjhCQS8yNTEwQjRFNkYw RkMxMUVBQjk4NUZBNUZDNEY5QUUwMi9nNEwyR0l4S2JkWnBWTlZ4aWoyY3o1dUwt SlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2c0TDJHSXhLYmRacFZOVnhpajJjejV1TC1KVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0I4QkEvMjUxMEI0RTZGMEZDMTFFQUI5ODVGQTVGQzRGOUFFMDIvMjFCOTZGMkU3 QkM5MTFFQkFCQ0Y0NzJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E GDAWMBQEAgABMA4wDAMEAtX/5AMEANX/5jANBgkqhkiG9w0BAQsFAAOCAQEALhHg JWTpRWr3SyJLDrvifXKdO/Vi/IZl5ynEIyueuj7NlsbMyvyVzqOf+JXzSNJHQoe2 PQufdn3CBt93ze81ovLCfHshsLCywM3fZDNE97fcdWMgFOS+8My09wsXKCryrYot 2NpEDfWNfePKcFUVNs0egHz+/7KHC30KoA6xA1Z8cPxr+XMmHVDof693+XAMxf6b SWlJN4yezLXvuLDH45hfDKDeGDbUgBIANFPnqVkGySifY0+TOo6HW5/cl9iMwW65 nyDCIt1elEdw0v9gvqi2yvpnscQeIiUNRR/S7wTDrRVdyTCXYBj3iQ1MoSayypax zoXq4deoMSjueSbOfw== -----END CERTIFICATE-----Generated at Sat Apr 26 16:50:09 2025 by rpki-client