$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/959AC422557911EBBD21EB2FC4F9AE02.roa File: 959AC422557911EBBD21EB2FC4F9AE02.roa (raw, json) Hash identifier: oMF/P2hGXRHcLkAXgbmeUw5lcthqUMWdcFQRgDGmw2Q= Subject key identifier: C4:FF:A1:BA:81:D8:EC:36:A3:69:0B:C6:2D:71:8E:DE:B2:65:54:17 Certificate issuer: /CN=A91E6D5D/serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81 Certificate serial: 1AB3 Authority key identifier: 64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/959AC422557911EBBD21EB2FC4F9AE02.roa Signing time: Mon 24 Mar 2025 14:50:34 +0000 ROA not before: Mon 24 Mar 2025 14:50:34 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 17645 IP address blocks: 58.65.0.0/19 maxlen: 19 58.65.12.0/22 maxlen: 22 58.65.16.0/22 maxlen: 22 58.65.20.0/22 maxlen: 22 58.65.24.0/23 maxlen: 23 58.65.26.0/23 maxlen: 23 116.51.0.0/16 maxlen: 16 116.51.4.0/24 maxlen: 24 116.51.8.0/23 maxlen: 23 116.51.36.0/24 maxlen: 24 175.28.8.0/22 maxlen: 22 202.136.160.0/19 maxlen: 19 202.136.166.0/24 maxlen: 24 202.136.168.0/23 maxlen: 23 202.136.170.0/24 maxlen: 24 202.136.188.0/22 maxlen: 22 2402:2c00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:29:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6835 (0x1ab3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6D5D, serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81 Validity Not Before: Mar 24 14:50:34 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67e17139-b56e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b5:f3:db:76:6d:30:53:2b:39:e6:3e:4e:83: 59:f5:94:f2:26:3a:db:41:8e:92:00:03:0f:09:e9: 92:f1:02:7d:9f:c3:e6:96:08:e2:cc:5d:45:9b:ca: 33:79:5e:c1:a3:8a:fc:41:1c:c0:a0:f8:d4:da:f4: 82:b3:b8:2b:31:f5:f8:8a:f7:8a:c3:a6:8f:8b:df: 7a:02:78:6a:06:7d:5d:37:48:cc:f8:bb:99:41:24: fe:00:30:f4:2c:3c:1a:62:ca:53:c5:81:92:19:e6: cd:91:3a:03:8f:c6:c6:f6:07:f7:55:9f:c9:27:cf: 73:d9:12:c2:2e:6a:aa:2d:5f:73:e7:2c:60:87:12: dd:64:f6:de:91:65:c8:54:0d:cb:0e:88:27:b3:95: ba:26:03:12:33:79:5e:e3:48:ac:3c:55:c5:75:63: 23:87:2e:80:fc:82:3a:dc:6d:19:69:f1:a0:71:ad: 8b:ac:e0:eb:1c:9f:92:37:cf:ba:4a:0d:2a:b4:5a: d0:bc:d8:0d:3a:1d:ed:6c:1e:0a:cb:fa:03:4c:37: d8:80:37:6b:1f:7a:c5:50:04:06:aa:57:8f:94:70: 0d:6b:b1:e6:78:b6:91:c7:54:4d:a3:21:6f:81:b5: f8:a8:09:7d:12:cf:28:7a:31:a6:89:75:8f:8e:b5: 88:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:FF:A1:BA:81:D8:EC:36:A3:69:0B:C6:2D:71:8E:DE:B2:65:54:17 X509v3 Authority Key Identifier: keyid:64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/959AC422557911EBBD21EB2FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 58.65.0.0/19 116.51.0.0/16 175.28.8.0/22 202.136.160.0/19 IPv6: 2402:2c00::/32 Signature Algorithm: sha256WithRSAEncryption 82:fa:3d:85:62:bc:62:11:5b:bf:6c:49:3e:ee:6e:33:f3:5e: fe:35:55:4b:13:40:27:fd:44:a3:3f:33:7d:4c:73:2c:ed:0c: 5e:2a:24:41:51:4b:d7:57:99:ee:e7:67:b5:1c:82:24:1a:46: 58:5f:d3:09:3a:04:ac:04:d3:97:a0:9d:30:cf:d5:d1:1b:db: 25:a1:fc:90:eb:4f:b8:d0:a0:ff:77:e7:20:db:42:dc:48:20: 7e:9c:04:1c:53:1e:bc:c7:d2:a0:35:1b:c9:29:0f:18:b2:35: bf:90:68:84:2b:89:34:dc:af:da:45:2f:23:cb:83:c3:eb:4f: 00:99:2f:e9:31:f6:2d:fa:37:f0:ed:ac:4e:68:95:73:bb:7b: 88:74:dc:12:27:d4:4a:9d:9f:4b:90:d0:db:86:d9:64:7f:63: 85:ff:8f:d7:fa:ec:3e:53:ae:93:18:b5:04:34:91:be:ff:16: 3f:d4:ad:86:81:1c:7f:2a:dd:0a:17:96:35:0a:21:e6:7c:d3: 6f:08:72:79:de:e3:fa:a4:db:84:dc:2f:75:d0:c6:fb:aa:06: b9:cb:eb:5a:ac:f6:7a:9e:ac:27:22:b5:07:31:60:6a:3e:23: fc:60:3c:26:87:2a:0f:6c:c1:99:dd:ee:e8:03:fc:ab:f6:ec: f1:79:a7:55 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICGrMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTZENUQxMTAvBgNVBAUTKDY0QTY2NTgxNkFFRkVENzNCMzA3NTAwN0RBNTMzN0FD N0RFQzRCODEwHhcNMjUwMzI0MTQ1MDM0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2UxNzEzOS1iNTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArrXz23ZtMFMrOeY+ToNZ9ZTyJjrbQY6SAAMPCemS8QJ9n8PmlgjizF1Fm8oz eV7Bo4r8QRzAoPjU2vSCs7grMfX4iveKw6aPi996AnhqBn1dN0jM+LuZQST+ADD0 LDwaYspTxYGSGebNkToDj8bG9gf3VZ/JJ89z2RLCLmqqLV9z5yxghxLdZPbekWXI VA3LDogns5W6JgMSM3le40isPFXFdWMjhy6A/II63G0ZafGgca2LrODrHJ+SN8+6 Sg0qtFrQvNgNOh3tbB4Ky/oDTDfYgDdrH3rFUAQGqlePlHANa7HmeLaRx1RNoyFv gbX4qAl9Es8oejGmiXWPjrWI9QIDAQABo4ICtTCCArEwHQYDVR0OBBYEFMT/obqB 2Ow2o2kLxi1xjt6yZVQXMB8GA1UdIwQYMBaAFGSmZYFq7+1zswdQB9pTN6x97EuB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkQ1RC85RENCNjhFMDFE ODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdYT3pCMUFIMmxNM3JIM3NT NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pLWmxnV3J2N1hPekIxQUgybE0zckgzc1M0RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTZENUQvOURDQjY4RTAxRDg4MTFFMjk0Qjk1NUUxMDhCMDJDRDIvOTU5QUM0MjI1 NTc5MTFFQkJEMjFFQjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMB0EAgABMBcDBAU6QQADAwB0MwMEAq8cCAMEBcqIoDANBAIAAjAHAwUAJAIs ADANBgkqhkiG9w0BAQsFAAOCAQEAgvo9hWK8YhFbv2xJPu5uM/Ne/jVVSxNAJ/1E oz8zfUxzLO0MXiokQVFL11eZ7udntRyCJBpGWF/TCToErATTl6CdMM/V0RvbJaH8 kOtPuNCg/3fnINtC3EggfpwEHFMevMfSoDUbySkPGLI1v5BohCuJNNyv2kUvI8uD w+tPAJkv6TH2Lfo38O2sTmiVc7t7iHTcEifUSp2fS5DQ24bZZH9jhf+P1/rsPlOu kxi1BDSRvv8WP9SthoEcfyrdCheWNQoh5nzTbwhyed7j+qTbhNwvddDG+6oGucvr Wqz2ep6sJyK1BzFgaj4j/GA8JocqD2zBmd3u6AP8q/bs8XmnVQ== -----END CERTIFICATE-----Generated at Sat Apr 26 06:26:08 2025 by rpki-client