$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa File: DCE70C6EF9B911ED8314C10EC4F9AE02.roa (raw, json) Hash identifier: Tn8STgUoF8I50uE/0Z1qBgI407z6TwGOKBDeoEbq/9M= Subject key identifier: 45:AA:2E:AA:3D:41:4E:48:B1:31:C7:B6:E5:7F:C9:05:0C:61:02:F7 Certificate issuer: /CN=A91EB4AF/serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Certificate serial: 02F9 Authority key identifier: A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa Signing time: Thu 17 Apr 2025 08:04:23 +0000 ROA not before: Thu 17 Apr 2025 08:04:23 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 3573 IP address blocks: 2404:3d00:41c2::/47 maxlen: 47 2404:3d00:41c2::/48 maxlen: 48 2404:3d00:41c3::/48 maxlen: 48 2404:3d00:41dc::/47 maxlen: 47 2404:3d00:41dc::/48 maxlen: 48 2404:3d00:41dd::/48 maxlen: 48 2404:3d00:41e4::/47 maxlen: 47 2404:3d00:41e4::/48 maxlen: 48 2404:3d00:41e5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:06:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 761 (0x2f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB4AF, serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Validity Not Before: Apr 17 08:04:23 2025 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=6800b607-b990 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:f7:ed:fe:52:f2:13:8d:37:b2:78:8d:0c:58: b6:cf:0f:e0:22:24:c5:2e:e7:40:f9:52:03:25:20: 0e:21:7c:1b:94:a8:ad:0d:c5:43:03:f8:85:7d:13: bc:fa:94:82:1d:48:1f:23:b6:58:24:1c:c7:e3:29: 1a:80:bd:95:8e:38:46:46:47:f8:60:a2:de:fc:93: 11:de:a1:0b:8a:0f:31:e3:a4:b7:91:ce:07:8d:0b: 19:2a:ae:9f:cb:3b:04:b6:c4:3b:08:04:6a:20:68: d0:e7:9b:45:38:97:d2:b2:23:a7:7b:0f:7a:e5:d6: 62:ca:49:89:5c:56:eb:d5:5e:cf:53:fb:49:af:ca: 14:07:2d:14:7e:03:6a:55:08:f9:be:18:1b:32:72: 19:ac:77:fe:8d:b5:21:cb:22:8e:12:5e:2c:44:6b: be:7f:4b:5a:47:66:73:0d:ba:31:b3:d2:a6:a5:bb: 58:80:8f:9c:ff:ae:24:7e:e1:00:a2:b0:d8:77:96: 74:28:5b:22:3c:bc:61:b7:0d:d2:62:d3:12:a1:4a: 05:03:c9:78:d0:68:9f:43:f0:c8:5e:bc:bc:bd:81: 76:db:38:b2:cc:da:76:ac:0b:93:a7:00:e6:d9:2c: 27:92:87:96:26:43:f4:0a:fe:78:7e:4d:4e:76:9d: 7f:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:AA:2E:AA:3D:41:4E:48:B1:31:C7:B6:E5:7F:C9:05:0C:61:02:F7 X509v3 Authority Key Identifier: keyid:A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2404:3d00:41c2::/47 2404:3d00:41dc::/47 2404:3d00:41e4::/47 Signature Algorithm: sha256WithRSAEncryption 6e:98:14:a4:dc:ed:bc:e7:40:54:50:71:73:53:9c:9d:b2:e1: cb:f7:c6:1e:c2:db:27:62:36:54:90:bc:fa:a4:f2:ef:d9:c8: 2f:50:4d:67:b6:53:b6:f2:2e:fb:c2:7b:30:6e:f4:9f:e9:d1: 7b:a4:33:56:04:9d:da:e3:79:6f:e0:99:92:40:f3:b4:75:a9: b2:49:82:0e:46:6a:0e:8f:d6:b5:9f:4b:39:11:18:66:3b:85: c4:58:aa:d8:bf:91:30:16:40:7c:ce:af:08:70:83:e1:9b:5b: 12:c6:93:7a:8f:50:fe:a0:b1:eb:4b:1f:12:38:14:fa:f1:be: 8f:b4:33:9c:5b:fe:e8:1b:ef:b9:11:52:98:e9:54:40:e6:67: cd:81:aa:28:6c:a9:b8:f9:b7:9c:6a:97:d9:d2:56:84:bf:7d: 5a:7a:f8:2f:04:ea:0d:be:b8:40:8c:4d:26:35:c7:52:e5:22: f8:23:d0:40:a8:3f:13:b8:65:4b:8a:02:1e:0b:b3:a1:b4:22: 98:55:b2:23:45:fc:d0:70:f1:d7:59:f7:2c:3d:06:e1:3d:1b: 18:3c:0e:16:33:97:a4:fa:e1:a1:f0:f4:76:c4:6a:82:3b:99: 52:a6:d2:f3:cb:2e:62:3d:72:b5:0e:19:52:9f:8c:6f:42:71: 0b:f6:fd:d3 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICAvkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI0QUYxMTAvBgNVBAUTKEE5N0VBQTRENkYxNTVCOEQyN0M0MEFFOEUzMjdEOUJB NTJDMzRCNDIwHhcNMjUwNDE3MDgwNDIzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODAwYjYwNy1iOTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyvft/lLyE403sniNDFi2zw/gIiTFLudA+VIDJSAOIXwblKitDcVDA/iFfRO8 +pSCHUgfI7ZYJBzH4ykagL2VjjhGRkf4YKLe/JMR3qELig8x46S3kc4HjQsZKq6f yzsEtsQ7CARqIGjQ55tFOJfSsiOnew965dZiykmJXFbr1V7PU/tJr8oUBy0UfgNq VQj5vhgbMnIZrHf+jbUhyyKOEl4sRGu+f0taR2ZzDboxs9KmpbtYgI+c/64kfuEA orDYd5Z0KFsiPLxhtw3SYtMSoUoFA8l40GifQ/DIXry8vYF22ziyzNp2rAuTpwDm 2SwnkoeWJkP0Cv54fk1Odp1/BQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEWqLqo9 QU5IsTHHtuV/yQUMYQL3MB8GA1UdIwQYMBaAFKl+qk1vFVuNJ8QK6OMn2bpSw0tC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjRBRi9DQzdCMjU1QURD QTkxMUVDOTRFM0UwMjlDNEY5QUUwMi9xWDZxVFc4Vlc0MG54QXJvNHlmWnVsTERT MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FYNnFUVzhWVzQwbnhBcm80eWZadWxMRFMwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUI0QUYvQ0M3QjI1NUFEQ0E5MTFFQzk0RTNFMDI5QzRGOUFFMDIvRENFNzBDNkVG OUI5MTFFRDgzMTRDMTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMCEEAgACMBsDBwEkBD0AQcIDBwEkBD0AQdwDBwEkBD0AQeQwDQYJKoZIhvcN AQELBQADggEBAG6YFKTc7bznQFRQcXNTnJ2y4cv3xh7C2ydiNlSQvPqk8u/ZyC9Q TWe2U7byLvvCezBu9J/p0XukM1YEndrjeW/gmZJA87R1qbJJgg5Gag6P1rWfSzkR GGY7hcRYqti/kTAWQHzOrwhwg+GbWxLGk3qPUP6gsetLHxI4FPrxvo+0M5xb/ugb 77kRUpjpVEDmZ82Bqihsqbj5t5xql9nSVoS/fVp6+C8E6g2+uECMTSY1x1LlIvgj 0ECoPxO4ZUuKAh4Ls6G0IphVsiNF/NBw8ddZ9yw9BuE9Gxg8DhYzl6T64aHw9HbE aoI7mVKm0vPLLmI9crUOGVKfjG9CcQv2/dM= -----END CERTIFICATE-----Generated at Sat Apr 26 07:37:45 2025 by rpki-client