$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/834D7D565BAA11EFBAF22B7FC4F9AE02.roa File: 834D7D565BAA11EFBAF22B7FC4F9AE02.roa (raw, json) Hash identifier: TJYAsaduMNFlCfCtpHImQhHzTtlz3kZi3/4L+kmyEYE= Subject key identifier: 9B:B7:BE:42:E4:03:AA:03:BD:99:9A:F0:87:B2:69:EA:86:29:F7:2F Certificate issuer: /CN=A91DF863/serialNumber=39CE15DB36739A22CAEE64E0CF8BA31F5A6B9348 Certificate serial: 32C6 Authority key identifier: 39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/834D7D565BAA11EFBAF22B7FC4F9AE02.roa Signing time: Fri 20 Dec 2024 15:51:55 +0000 ROA not before: Fri 20 Dec 2024 15:51:55 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 135437 IP address blocks: 203.175.160.0/20 maxlen: 23 203.175.160.0/21 maxlen: 24 203.175.168.0/22 maxlen: 24 203.175.172.0/23 maxlen: 24 203.175.174.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.crl rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:25:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12998 (0x32c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF863, serialNumber=39CE15DB36739A22CAEE64E0CF8BA31F5A6B9348 Validity Not Before: Dec 20 15:51:55 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=6765929b-60a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ad:02:46:8f:d6:b4:14:88:71:b5:da:78:cf: 4b:5f:cc:84:3a:fe:b9:bc:6f:fd:ca:a0:c6:03:63: 44:80:19:c4:12:d1:d5:9a:aa:f0:ff:3e:5c:78:7b: be:39:b8:82:e8:c2:c4:d3:1b:ea:ce:68:87:2a:19: 74:da:9c:cd:14:30:04:9b:47:27:5f:f5:73:dc:4a: c9:15:ed:5f:27:93:f1:dd:a7:eb:54:b5:97:37:65: 32:e7:55:ef:f1:81:3d:8e:ec:d9:76:f3:ee:a5:73: c7:64:4f:fa:e6:d4:6d:e8:60:33:20:c9:1a:d3:e3: b4:4d:43:1a:03:19:a7:cd:4b:e5:8b:d9:c9:ae:4a: 7b:31:35:a0:44:11:51:7e:92:62:67:a0:b4:68:92: 6b:66:e2:cd:16:90:a7:bb:20:65:8d:6e:00:b7:c5: 89:1f:35:97:4d:16:77:c7:47:c6:b8:07:28:5a:08: b9:56:76:69:c4:7b:61:3c:9e:07:d6:55:9c:e0:4b: 44:2d:fa:b5:0a:c6:15:88:c0:f2:d7:77:d3:23:0d: 6c:27:bb:ea:d8:c6:a8:8b:28:e1:d7:9b:b4:3a:7b: 39:2f:3d:3e:fb:0a:e6:6d:f8:e4:b1:fb:2a:43:7e: 81:f3:f6:7c:23:fb:ac:ff:5b:fb:01:94:eb:de:6a: 5d:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:B7:BE:42:E4:03:AA:03:BD:99:9A:F0:87:B2:69:EA:86:29:F7:2F X509v3 Authority Key Identifier: keyid:39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/834D7D565BAA11EFBAF22B7FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.175.160.0/20 Signature Algorithm: sha256WithRSAEncryption 59:7c:b0:f1:7a:47:d1:c5:84:27:97:cc:4c:3a:c6:84:97:d8: 85:f7:d0:3e:88:ad:3f:1f:d1:69:36:e3:8c:c3:f1:db:a2:5d: 15:34:2a:16:31:b5:94:91:3f:c8:8c:76:b8:ff:2c:08:df:c8: e0:d2:46:08:d9:18:23:24:81:27:a0:49:9a:ca:8f:47:07:fa: 15:dc:f0:fa:5d:50:65:0e:aa:b6:b8:ce:8f:7b:c9:fe:35:97: 5e:b4:51:9b:05:04:11:98:75:e9:dc:89:3c:04:9f:cb:ad:52: 82:a0:c0:4b:b6:d3:86:cb:6d:39:84:39:ad:6d:cc:6c:39:7e: e1:f7:d1:20:08:f9:a4:37:30:12:45:d7:77:2a:e0:ae:91:0c: 48:4b:be:20:8c:bb:c7:1f:a5:cc:5c:ae:63:27:f2:86:3d:5c: 7f:da:a5:77:83:8c:60:32:74:86:b8:53:30:74:cf:33:20:10: b5:1a:f1:21:b3:85:62:ee:1c:56:e8:f7:74:42:a1:c4:34:eb: 07:a0:bb:d0:50:ea:a9:15:a8:b3:c0:a5:31:a8:c7:41:ff:97: 34:0c:23:6e:fe:a4:c7:ca:2e:82:bc:cd:f8:87:34:7c:fc:79: 58:51:7c:f8:5a:2a:5d:51:ff:cc:90:29:f9:f4:18:e4:03:0e: a7:7d:20:d5 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICMsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REY4NjMxMTAvBgNVBAUTKDM5Q0UxNURCMzY3MzlBMjJDQUVFNjRFMENGOEJBMzFG NUE2QjkzNDgwHhcNMjQxMjIwMTU1MTU1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzY1OTI5Yi02MGEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2q0CRo/WtBSIcbXaeM9LX8yEOv65vG/9yqDGA2NEgBnEEtHVmqrw/z5ceHu+ ObiC6MLE0xvqzmiHKhl02pzNFDAEm0cnX/Vz3ErJFe1fJ5Px3afrVLWXN2Uy51Xv 8YE9juzZdvPupXPHZE/65tRt6GAzIMka0+O0TUMaAxmnzUvli9nJrkp7MTWgRBFR fpJiZ6C0aJJrZuLNFpCnuyBljW4At8WJHzWXTRZ3x0fGuAcoWgi5VnZpxHthPJ4H 1lWc4EtELfq1CsYViMDy13fTIw1sJ7vq2Maoiyjh15u0Ons5Lz0++wrmbfjksfsq Q36B8/Z8I/us/1v7AZTr3mpdpQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJu3vkLk A6oDvZma8IeyaeqGKfcvMB8GA1UdIwQYMBaAFDnOFds2c5oiyu5k4M+Lox9aa5NI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjg2My9CRkU1NEE2ODgx NUIxMUUyOUI1OEE3M0IzMjkyQjVFOC9PYzRWMnpaem1pTEs3bVRnejR1akgxcHJr MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jNFYyelp6bWlMSzdtVGd6NHVqSDFwcmswZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REY4NjMvQkZFNTRBNjg4MTVCMTFFMjlCNThBNzNCMzI5MkI1RTgvODM0RDdENTY1 QkFBMTFFRkJBRjIyQjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBATLr6AwDQYJKoZIhvcNAQELBQADggEBAFl8sPF6R9HFhCeX zEw6xoSX2IX30D6IrT8f0Wk244zD8duiXRU0KhYxtZSRP8iMdrj/LAjfyODSRgjZ GCMkgSegSZrKj0cH+hXc8PpdUGUOqra4zo97yf41l160UZsFBBGYdenciTwEn8ut UoKgwEu204bLbTmEOa1tzGw5fuH30SAI+aQ3MBJF13cq4K6RDEhLviCMu8cfpcxc rmMn8oY9XH/apXeDjGAydIa4UzB0zzMgELUa8SGzhWLuHFbo93RCocQ06wegu9BQ 6qkVqLPApTGox0H/lzQMI27+pMfKLoK8zfiHNHz8eVhRfPhaKl1R/8yQKfn0GOQD Dqd9INU= -----END CERTIFICATE-----Generated at Sat Apr 26 12:57:22 2025 by rpki-client