$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6BDD8DBA4AD811EFAECCDA0FC4F9AE02.roa File: 6BDD8DBA4AD811EFAECCDA0FC4F9AE02.roa (raw, json) Hash identifier: BWwN+rSwN6rW0OuvKIjRy/DxdNfSdNjFhYIfzEYQUBQ= Subject key identifier: E5:3B:99:F1:E1:90:EF:52:00:A7:56:F5:67:16:50:C0:FB:77:12:9A Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00 Certificate serial: 189F Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6BDD8DBA4AD811EFAECCDA0FC4F9AE02.roa Signing time: Tue 18 Feb 2025 17:35:40 +0000 ROA not before: Tue 18 Feb 2025 17:35:40 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 9714 IP address blocks: 49.255.24.0/22 maxlen: 22 49.255.28.0/22 maxlen: 22 116.240.16.0/22 maxlen: 22 116.240.192.0/20 maxlen: 20 202.138.0.0/24 maxlen: 24 202.138.1.0/24 maxlen: 24 202.141.208.0/20 maxlen: 20 210.50.0.0/21 maxlen: 21 210.50.192.0/21 maxlen: 21 210.50.198.0/24 maxlen: 24 211.27.224.0/22 maxlen: 22 211.27.227.0/24 maxlen: 24 2403:4800:1100::/40 maxlen: 40 2403:4800:1100::/48 maxlen: 48 2407:dc00::/40 maxlen: 40 2407:dc00:3::/48 maxlen: 48 2407:dc00:100::/40 maxlen: 40 2407:dc00:103::/48 maxlen: 48 2407:dc00:200::/40 maxlen: 40 2407:dc00:300::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:56:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6303 (0x189f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D, serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00 Validity Not Before: Feb 18 17:35:40 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67b4c4eb-6c6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8f:a9:53:87:67:81:25:59:5e:4d:1a:5d:76: 33:4a:eb:c2:c5:6d:9d:bc:f7:84:34:0e:8b:74:90: 4d:fe:e4:6e:8e:15:94:a0:a5:e4:1d:41:7f:24:69: a4:8d:2a:9b:8c:2f:08:3b:1d:39:9f:09:cd:e4:ac: 00:d8:b2:39:db:20:fc:80:33:fa:a8:01:39:90:b3: fb:01:bc:b4:e3:3b:36:1f:e9:9d:6d:97:bc:ea:01: 65:0a:fe:4a:aa:7e:91:7c:c5:da:2a:15:4d:04:15: f0:e2:f6:db:4d:b7:3c:22:e5:68:7b:e7:63:2f:3a: 0f:ee:a1:58:48:ce:2b:3d:23:36:b2:3d:15:e3:63: e8:19:f0:0c:d8:ee:4e:d1:b2:d4:1e:8c:73:f3:eb: ef:e3:af:cd:8e:35:f2:4b:1b:89:83:11:f0:95:aa: 89:2b:4d:3c:ba:14:36:53:f2:cc:74:4d:65:f1:7b: 24:98:69:7e:74:06:3a:55:d8:fc:b6:bf:40:51:ea: 0d:a0:76:09:f3:5d:ab:42:b6:f3:66:1b:55:16:84: 61:ce:4e:18:26:f3:56:0a:da:6a:60:77:af:69:77: 54:c0:3a:25:10:a5:cc:7a:ec:c7:da:18:bc:77:4b: 80:b7:11:97:c9:9b:7a:27:a7:70:dc:fb:ff:09:40: e8:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:3B:99:F1:E1:90:EF:52:00:A7:56:F5:67:16:50:C0:FB:77:12:9A X509v3 Authority Key Identifier: keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6BDD8DBA4AD811EFAECCDA0FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.255.24.0/21 116.240.16.0/22 116.240.192.0/20 202.138.0.0/23 202.141.208.0/20 210.50.0.0/21 210.50.192.0/21 211.27.224.0/22 IPv6: 2403:4800:1100::/40 2407:dc00::/38 Signature Algorithm: sha256WithRSAEncryption 86:f8:46:5e:7f:a8:80:24:b6:f6:88:62:5c:eb:22:05:71:c5: df:3e:c8:fa:a6:36:c0:15:7d:bd:11:9e:a0:30:96:62:e5:99: 99:ed:41:e9:76:03:b6:77:cc:63:56:cc:7f:2a:fb:91:94:77: 62:2c:2d:3c:3f:a2:88:07:86:af:90:f4:a4:6e:d1:ad:e2:ed: 86:5f:03:64:e8:02:a9:73:cb:8f:ad:e0:41:69:ab:6f:3c:1d: a5:3a:b6:a5:18:10:d7:5e:0a:af:0b:f9:9f:f4:b9:d0:5b:97: 54:28:9a:7b:79:eb:cf:ba:26:16:10:36:b4:91:15:09:3f:82: 59:1a:14:b9:75:f8:de:ea:32:77:87:52:39:33:ae:72:32:50: 11:f8:95:ab:70:ad:94:89:03:3a:88:9f:f8:e8:e8:fc:90:4b: 77:8d:93:8b:cf:c3:c1:d8:f4:9f:06:d1:67:2c:2b:16:ee:29: 04:33:9b:7c:91:d2:b2:d9:6c:c6:07:25:4d:84:72:e0:98:ea: 3e:e9:cb:bc:a7:d0:c7:c7:fe:65:1b:5c:98:83:34:0c:f5:ed: 12:db:1f:17:be:9d:98:95:6e:62:a1:58:dd:36:5e:ca:4e:ed: 5d:94:7f:30:20:f5:f8:1e:e3:b7:c3:2d:78:1e:52:6a:75:30: 62:3c:b2:33 -----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgICGJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE NDc2Q0JEMDAwHhcNMjUwMjE4MTczNTQwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2I0YzRlYi02YzZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwo+pU4dngSVZXk0aXXYzSuvCxW2dvPeENA6LdJBN/uRujhWUoKXkHUF/JGmk jSqbjC8IOx05nwnN5KwA2LI52yD8gDP6qAE5kLP7Aby04zs2H+mdbZe86gFlCv5K qn6RfMXaKhVNBBXw4vbbTbc8IuVoe+djLzoP7qFYSM4rPSM2sj0V42PoGfAM2O5O 0bLUHoxz8+vv46/NjjXySxuJgxHwlaqJK008uhQ2U/LMdE1l8XskmGl+dAY6Vdj8 tr9AUeoNoHYJ812rQrbzZhtVFoRhzk4YJvNWCtpqYHevaXdUwDolEKXMeuzH2hi8 d0uAtxGXyZt6J6dw3Pv/CUDoCQIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFOU7mfHh kO9SAKdW9WcWUMD7dxKaMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2 UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNkJERDhEQkE0 QUQ4MTFFRkFFQ0NEQTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E UjBQMDYEAgABMDADBAMx/xgDBAJ08BADBAR08MADBAHKigADBATKjdADBAPSMgAD BAPSMsADBALTG+AwFgQCAAIwEAMGACQDSAARAwYCJAfcAAAwDQYJKoZIhvcNAQEL BQADggEBAIb4Rl5/qIAktvaIYlzrIgVxxd8+yPqmNsAVfb0RnqAwlmLlmZntQel2 A7Z3zGNWzH8q+5GUd2IsLTw/oogHhq+Q9KRu0a3i7YZfA2ToAqlzy4+t4EFpq288 HaU6tqUYENdeCq8L+Z/0udBbl1Qomnt568+6JhYQNrSRFQk/glkaFLl1+N7qMneH UjkzrnIyUBH4latwrZSJAzqIn/jo6PyQS3eNk4vPw8HY9J8G0WcsKxbuKQQzm3yR 0rLZbMYHJU2EcuCY6j7py7yn0MfH/mUbXJiDNAz17RLbHxe+nZiVbmKhWN02XspO 7V2UfzAg9fge47fDLXgeUmp1MGI8sjM= -----END CERTIFICATE-----Generated at Sat Apr 26 12:35:43 2025 by rpki-client