$ rpki-client -vvf rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/F86E9DE46B9811ED9330AC4CC4F9AE02.roa File: F86E9DE46B9811ED9330AC4CC4F9AE02.roa (raw, json) Hash identifier: NQ44ywkdXvwjY8pBPw8S7NRNivsvd48rEIIAsaIuTIc= Subject key identifier: 7E:28:2A:33:7E:AD:7A:88:26:B1:36:7B:05:FD:6C:DD:D5:87:CE:54 Certificate issuer: /CN=A91D92FB/serialNumber=4C36F812E76D827ECE6E59BD1560585C51ECD992 Certificate serial: 348A Authority key identifier: 4C:36:F8:12:E7:6D:82:7E:CE:6E:59:BD:15:60:58:5C:51:EC:D9:92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/F86E9DE46B9811ED9330AC4CC4F9AE02.roa Signing time: Fri 24 Jan 2025 14:50:45 +0000 ROA not before: Fri 24 Jan 2025 14:50:45 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 17408 IP address blocks: 43.243.252.0/22 maxlen: 24 202.133.224.0/19 maxlen: 24 2405:7e00:17::/48 maxlen: 48 2405:7e00:1000::/36 maxlen: 36 2405:7e00:1000::/48 maxlen: 48 2405:7e00:1002::/64 maxlen: 64 2405:7e00:1003::/48 maxlen: 48 2405:7e00:100a::/48 maxlen: 48 2405:7e00:100b::/48 maxlen: 48 2405:7e00:100c::/48 maxlen: 48 2405:7e00:100d::/48 maxlen: 48 2405:7e00:100e::/48 maxlen: 48 2405:7e00:100f::/48 maxlen: 48 2405:7e00:1011::/48 maxlen: 48 2405:7e00:1012::/48 maxlen: 48 2405:7e00:1013::/48 maxlen: 48 2405:7e00:1014::/48 maxlen: 48 2405:7e00:1015::/48 maxlen: 48 2405:7e00:1016::/48 maxlen: 48 2405:7e00:101a::/48 maxlen: 48 2405:7e00:101b::/48 maxlen: 48 2405:7e00:4000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.crl rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:29:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13450 (0x348a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D92FB, serialNumber=4C36F812E76D827ECE6E59BD1560585C51ECD992 Validity Not Before: Jan 24 14:50:45 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6793a8c4-e9ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:cd:29:ea:28:12:b6:62:5b:ed:e3:59:b7:95: 22:d1:21:23:1c:e3:b9:0b:8c:f4:9d:55:96:45:38: e9:14:55:92:52:15:30:01:f2:4f:dd:d4:60:cf:1e: f5:ad:d9:be:c4:fd:a4:ee:18:06:12:6a:4e:2f:b8: 79:f5:ce:a1:a7:19:54:63:39:43:f5:a1:ce:01:f9: 5e:36:c1:da:fb:2f:87:1f:a9:fe:8a:e2:8e:f7:b9: 92:6d:22:d0:77:88:71:7b:cc:dc:95:ca:84:aa:7e: b8:5c:eb:66:fb:a9:37:52:49:44:de:b3:dd:5f:5c: ce:4f:84:72:23:56:31:2c:56:5b:6c:2f:b7:0b:c4: 8e:c4:53:61:90:a4:49:ba:6d:1b:23:33:11:fe:1a: b1:64:2a:7d:83:37:aa:0d:fd:d2:a3:a7:5f:71:cb: ea:6b:8f:a0:0b:1e:af:ef:57:2d:35:b7:17:aa:f4: 8f:42:ee:5b:3b:e6:a9:cb:e8:7c:5c:09:19:59:70: 36:93:0f:48:a3:f8:4b:02:b9:bd:98:a2:c2:97:81: 0f:06:c0:4f:91:e0:f0:75:71:cd:33:d7:1d:99:d5: 7c:42:8f:e7:0b:e9:42:e4:f6:a3:42:09:b8:2f:a2: 89:47:90:d7:d9:7b:9a:02:e0:41:5b:30:04:e0:90: 01:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:28:2A:33:7E:AD:7A:88:26:B1:36:7B:05:FD:6C:DD:D5:87:CE:54 X509v3 Authority Key Identifier: keyid:4C:36:F8:12:E7:6D:82:7E:CE:6E:59:BD:15:60:58:5C:51:EC:D9:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/F86E9DE46B9811ED9330AC4CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.243.252.0/22 202.133.224.0/19 IPv6: 2405:7e00:17::/48 2405:7e00:1000::/36 2405:7e00:4000::/36 Signature Algorithm: sha256WithRSAEncryption 79:9a:0f:16:fb:99:4b:0a:ff:11:7d:a8:74:ae:3c:18:dd:ab: 25:cb:3b:14:02:f4:d5:3f:cc:ca:3e:87:f2:01:ef:05:87:00: f2:41:d5:98:e1:6a:d5:92:2f:88:35:57:d6:21:b7:9a:c5:b5: ee:db:47:5a:6f:7f:dd:b3:e5:aa:68:ca:70:48:02:f3:8c:68: c8:17:b3:3c:2c:94:23:8b:ab:01:a8:2f:29:78:68:b6:a0:b0: a2:f8:92:7b:ee:d6:fa:08:ad:ce:35:e4:e1:b3:d2:8b:0c:11: 5a:cb:c4:46:13:77:f9:aa:25:39:e0:c4:6b:dc:9a:46:92:14: 21:20:0d:a7:97:e5:95:b0:57:ce:46:91:00:2a:81:d1:eb:c2: 6f:d5:ed:73:47:f5:10:e4:7f:d5:ef:07:95:06:b4:b9:28:fa: 80:e5:aa:bb:8e:0b:55:e0:37:65:54:32:f9:57:74:2f:bf:d7: 54:ca:c8:00:c7:5b:0a:6c:91:c3:8f:ef:10:60:ce:0b:ca:0a: 54:03:5e:a6:34:c5:57:9e:1a:c6:73:33:99:8c:27:35:f1:4c: 53:1f:3f:84:33:70:a3:fb:93:ad:32:03:be:72:c6:05:7d:53: d3:ec:7e:6b:28:8c:ca:d9:55:8b:f2:05:8c:f3:c1:11:9e:f9: 9e:03:19:11 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICNIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDkyRkIxMTAvBgNVBAUTKDRDMzZGODEyRTc2RDgyN0VDRTZFNTlCRDE1NjA1ODVD NTFFQ0Q5OTIwHhcNMjUwMTI0MTQ1MDQ1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzkzYThjNC1lOWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA680p6igStmJb7eNZt5Ui0SEjHOO5C4z0nVWWRTjpFFWSUhUwAfJP3dRgzx71 rdm+xP2k7hgGEmpOL7h59c6hpxlUYzlD9aHOAfleNsHa+y+HH6n+iuKO97mSbSLQ d4hxe8zclcqEqn64XOtm+6k3UklE3rPdX1zOT4RyI1YxLFZbbC+3C8SOxFNhkKRJ um0bIzMR/hqxZCp9gzeqDf3So6dfccvqa4+gCx6v71ctNbcXqvSPQu5bO+apy+h8 XAkZWXA2kw9Io/hLArm9mKLCl4EPBsBPkeDwdXHNM9cdmdV8Qo/nC+lC5PajQgm4 L6KJR5DX2XuaAuBBWzAE4JABbwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFH4oKjN+ rXqIJrE2ewX9bN3Vh85UMB8GA1UdIwQYMBaAFEw2+BLnbYJ+zm5ZvRVgWFxR7NmS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTJGQi8zMjdGQzZCMjFE ODgxMUUyOThGM0EzRTAwOEIwMkNEMi9URGI0RXVkdGduN09ibG05RldCWVhGSHMy WkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1REYjRFdWR0Z243T2JsbTlGV0JZWEZIczJaSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDkyRkIvMzI3RkM2QjIxRDg4MTFFMjk4RjNBM0UwMDhCMDJDRDIvRjg2RTlERTQ2 Qjk4MTFFRDkzMzBBQzRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MBIEAgABMAwDBAIr8/wDBAXKheAwHwQCAAIwGQMHACQFfgAAFwMGBCQFfgAQ AwYEJAV+AEAwDQYJKoZIhvcNAQELBQADggEBAHmaDxb7mUsK/xF9qHSuPBjdqyXL OxQC9NU/zMo+h/IB7wWHAPJB1ZjhatWSL4g1V9Yht5rFte7bR1pvf92z5apoynBI AvOMaMgXszwslCOLqwGoLyl4aLagsKL4knvu1voIrc415OGz0osMEVrLxEYTd/mq JTngxGvcmkaSFCEgDaeX5ZWwV85GkQAqgdHrwm/V7XNH9RDkf9XvB5UGtLko+oDl qruOC1XgN2VUMvlXdC+/11TKyADHWwpskcOP7xBgzgvKClQDXqY0xVeeGsZzM5mM JzXxTFMfP4QzcKP7k60yA75yxgV9U9PsfmsojMrZVYvyBYzzwRGe+Z4DGRE= -----END CERTIFICATE-----Generated at Sat Apr 26 08:07:32 2025 by rpki-client