$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFF62/11F4D8D0626211EE80BC855DC4F9AE02/34F912AAF49D11EFBD8ACC0EC4F9AE02.roa File: 34F912AAF49D11EFBD8ACC0EC4F9AE02.roa (raw, json) Hash identifier: c5vk3kr217STypuahM0vAhdq6P8h5827xgCJJ38F4Ec= Subject key identifier: 7B:45:D3:D5:F6:E8:69:13:19:B5:AB:D2:4A:1A:07:12:8B:FE:25:0C Certificate issuer: /CN=A91CFF62/serialNumber=583CBC7BC966145790C9F6F223688ADAFE5AD3B8 Certificate serial: 0125 Authority key identifier: 58:3C:BC:7B:C9:66:14:57:90:C9:F6:F2:23:68:8A:DA:FE:5A:D3:B8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WDy8e8lmFFeQyfbyI2iK2v5a07g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFF62/11F4D8D0626211EE80BC855DC4F9AE02/34F912AAF49D11EFBD8ACC0EC4F9AE02.roa Signing time: Fri 21 Mar 2025 04:09:50 +0000 ROA not before: Fri 21 Mar 2025 04:09:50 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 140637 IP address blocks: 143.174.60.0/24 maxlen: 24 143.174.61.0/24 maxlen: 24 192.55.112.0/24 maxlen: 24 192.104.43.0/24 maxlen: 24 192.104.44.0/24 maxlen: 24 192.104.45.0/24 maxlen: 24 192.245.105.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFF62/11F4D8D0626211EE80BC855DC4F9AE02/WDy8e8lmFFeQyfbyI2iK2v5a07g.crl rsync://rpki.apnic.net/member_repository/A91CFF62/11F4D8D0626211EE80BC855DC4F9AE02/WDy8e8lmFFeQyfbyI2iK2v5a07g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WDy8e8lmFFeQyfbyI2iK2v5a07g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:45:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 293 (0x125) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFF62, serialNumber=583CBC7BC966145790C9F6F223688ADAFE5AD3B8 Validity Not Before: Mar 21 04:09:50 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67dce68d-563f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:4d:c5:69:11:e7:37:42:89:00:95:06:77:e9: 40:ff:b6:7b:28:45:2a:ba:a9:45:54:9d:a5:42:be: c3:0f:1e:77:37:a7:bf:56:80:65:a2:71:0b:c4:4a: 9e:e9:90:4f:77:a2:64:9e:65:52:2c:39:4c:cb:20: 2e:61:4d:6e:1b:68:d5:99:ba:07:8e:2f:00:15:e3: fc:19:87:9a:15:26:9e:03:2e:62:5e:b3:08:41:1d: 36:cd:c8:65:15:e3:34:b5:28:cb:14:32:2d:a9:ad: 2a:44:18:52:70:07:58:95:2e:e0:28:d9:a1:8b:a5: 57:ea:fe:91:9c:d8:ed:73:09:d1:16:a3:57:07:30: fe:25:ff:4c:56:b7:cb:88:c6:bc:43:54:42:13:6f: 59:ee:8b:e3:a9:1b:37:2b:05:ef:7d:ed:a2:b1:fb: 66:c3:6f:6e:50:c5:9c:1d:92:31:0b:3b:f6:7c:41: 71:cb:2e:ac:db:7d:6a:e1:da:82:09:31:ac:2a:19: 3a:fd:78:89:47:f8:67:f3:42:bb:ee:2e:df:fa:62: 3b:4a:e3:dd:b3:c0:49:45:7e:10:99:6e:b8:7c:ee: 14:9b:44:fa:63:ed:0b:6a:96:36:3f:bf:fd:5c:c5: 72:b8:37:6b:cb:7e:69:03:99:51:81:97:fd:e4:78: f2:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:45:D3:D5:F6:E8:69:13:19:B5:AB:D2:4A:1A:07:12:8B:FE:25:0C X509v3 Authority Key Identifier: keyid:58:3C:BC:7B:C9:66:14:57:90:C9:F6:F2:23:68:8A:DA:FE:5A:D3:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFF62/11F4D8D0626211EE80BC855DC4F9AE02/WDy8e8lmFFeQyfbyI2iK2v5a07g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WDy8e8lmFFeQyfbyI2iK2v5a07g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFF62/11F4D8D0626211EE80BC855DC4F9AE02/34F912AAF49D11EFBD8ACC0EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 143.174.60.0/23 192.55.112.0/24 192.104.43.0-192.104.45.255 192.245.105.0/24 Signature Algorithm: sha256WithRSAEncryption 20:86:c0:71:8e:cb:0d:2e:df:a2:1f:b6:69:66:ad:05:9e:ba: 01:7e:92:29:02:34:f0:a3:95:a6:0c:c7:37:33:8b:be:d6:e2: 7f:49:45:f2:93:f5:c8:a4:e2:21:d8:36:f5:9b:e4:91:0a:91: a0:d2:c3:93:16:31:8e:47:f4:48:c2:ee:e6:ea:d2:06:c4:99: a0:39:68:75:62:53:a5:9e:20:7d:21:d8:2e:c5:17:85:ec:6b: b5:c0:07:25:62:2f:76:7e:f3:24:cb:54:8a:78:8b:e4:b5:e7: 01:bb:69:c5:68:2d:25:f5:4a:36:8e:98:61:f1:13:ee:3b:4f: 75:36:2a:37:61:04:37:77:e5:fa:dc:fc:81:d2:f3:3d:d5:f6: 91:00:5f:6f:73:3d:9e:6b:ad:71:2f:e6:18:bf:c3:ae:74:29: e5:24:de:c1:83:60:cf:ea:dd:8b:8e:93:0a:34:04:c7:23:d0: 3b:ed:51:8a:77:76:d7:90:1e:fe:2f:da:eb:0f:db:06:9f:bc: 41:01:fd:58:8c:59:c8:ff:5d:e4:e1:ce:32:c0:e1:33:04:e3: 33:76:c6:04:1e:c3:f5:0b:7a:42:68:39:dd:8f:9a:69:12:bb: a4:83:5e:80:dd:7b:61:56:6b:35:f3:56:32:e9:9d:8c:47:c5: 41:3b:46:27 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICASUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGNjIxMTAvBgNVBAUTKDU4M0NCQzdCQzk2NjE0NTc5MEM5RjZGMjIzNjg4QURB RkU1QUQzQjgwHhcNMjUwMzIxMDQwOTUwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2RjZTY4ZC01NjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvU3FaRHnN0KJAJUGd+lA/7Z7KEUquqlFVJ2lQr7DDx53N6e/VoBlonELxEqe 6ZBPd6JknmVSLDlMyyAuYU1uG2jVmboHji8AFeP8GYeaFSaeAy5iXrMIQR02zchl FeM0tSjLFDItqa0qRBhScAdYlS7gKNmhi6VX6v6RnNjtcwnRFqNXBzD+Jf9MVrfL iMa8Q1RCE29Z7ovjqRs3KwXvfe2isftmw29uUMWcHZIxCzv2fEFxyy6s231q4dqC CTGsKhk6/XiJR/hn80K77i7f+mI7SuPds8BJRX4QmW64fO4Um0T6Y+0LapY2P7/9 XMVyuDdry35pA5lRgZf95HjyBwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFHtF09X2 6GkTGbWr0koaBxKL/iUMMB8GA1UdIwQYMBaAFFg8vHvJZhRXkMn28iNoitr+WtO4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkY2Mi8xMUY0RDhEMDYy NjIxMUVFODBCQzg1NURDNEY5QUUwMi9XRHk4ZThsbUZGZVF5ZmJ5STJpSzJ2NWEw N2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1dEeThlOGxtRkZlUXlmYnlJMmlLMnY1YTA3Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZGNjIvMTFGNEQ4RDA2MjYyMTFFRTgwQkM4NTVEQzRGOUFFMDIvMzRGOTEyQUFG NDlEMTFFRkJEOEFDQzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMCYEAgABMCADBAGPrjwDBADAN3AwDAMEAMBoKwMEAcBoLAMEAMD1aTANBgkq hkiG9w0BAQsFAAOCAQEAIIbAcY7LDS7foh+2aWatBZ66AX6SKQI08KOVpgzHNzOL vtbif0lF8pP1yKTiIdg29ZvkkQqRoNLDkxYxjkf0SMLu5urSBsSZoDlodWJTpZ4g fSHYLsUXhexrtcAHJWIvdn7zJMtUiniL5LXnAbtpxWgtJfVKNo6YYfET7jtPdTYq N2EEN3fl+tz8gdLzPdX2kQBfb3M9nmutcS/mGL/DrnQp5STewYNgz+rdi46TCjQE xyPQO+1Rind215Ae/i/a6w/bBp+8QQH9WIxZyP9d5OHOMsDhMwTjM3bGBB7D9Qt6 Qmg53Y+aaRK7pINegN17YVZrNfNWMumdjEfFQTtGJw== -----END CERTIFICATE-----Generated at Sat Apr 26 13:03:29 2025 by rpki-client