$ rpki-client -vvf rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa File: CEF8E22E711711EDB49CE11AC4F9AE02.roa (raw, json) Hash identifier: Ps44UQPvNI+l6dnKBZUyTUvHvKmwO+RBPeKzPiMeBfw= Subject key identifier: 94:F1:7F:1F:78:EA:22:C9:1E:14:D3:55:B4:FD:8F:A7:10:F9:A6:D3 Certificate issuer: /CN=A91F277D/serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE Certificate serial: 0604 Authority key identifier: BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa Signing time: Fri 06 Dec 2024 22:11:53 +0000 ROA not before: Fri 06 Dec 2024 22:11:53 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 135348 IP address blocks: 139.163.131.0/24 maxlen: 24 139.163.138.0/24 maxlen: 24 139.163.247.0/24 maxlen: 24 168.134.136.0/24 maxlen: 24 168.134.137.0/24 maxlen: 24 168.134.139.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.crl rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:07:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1540 (0x604) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F277D, serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE Validity Not Before: Dec 6 22:11:53 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=675376a8-993b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:3a:8e:7f:29:2b:41:25:75:a8:6b:81:3b:34: ff:14:15:08:ae:5b:fd:64:eb:8f:4c:01:48:6a:12: 68:47:a1:5b:52:e5:6d:31:a2:e7:c7:a0:3d:24:31: be:50:bc:59:5b:9c:3a:97:85:1b:45:1d:38:f2:f4: c1:3b:57:c6:a4:e3:71:ca:14:57:4a:a1:65:57:45: ce:b9:b9:62:6c:e6:65:05:f5:f4:11:79:5f:1b:36: 9f:08:70:d3:4f:57:1e:6a:f1:66:87:7d:de:30:d6: cf:4a:4f:e1:05:3a:77:e4:36:69:c5:ae:55:ae:ed: 39:53:80:62:52:36:0e:33:e0:79:cb:c9:48:77:d1: 99:77:06:4c:89:58:4a:d5:68:f9:13:cd:91:8d:a3: 62:e2:be:0f:d1:bb:4c:f6:ac:28:53:d7:05:1b:ef: 49:16:64:47:4f:3d:c4:24:49:2a:e6:8d:c8:8e:08: dd:0a:58:9c:80:54:a3:b4:8d:7c:e1:42:7a:2d:ba: c7:06:1d:3f:5d:16:27:3e:4d:26:3b:9e:44:e4:4f: 05:60:5b:c9:a6:16:8d:ea:23:12:44:0a:bd:61:ce: 71:47:7a:d8:0a:f4:4f:5c:26:ae:b2:c7:45:35:58: 7e:32:44:d4:58:c8:ce:55:94:f3:30:aa:7a:52:0a: a6:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:F1:7F:1F:78:EA:22:C9:1E:14:D3:55:B4:FD:8F:A7:10:F9:A6:D3 X509v3 Authority Key Identifier: keyid:BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 139.163.131.0/24 139.163.138.0/24 139.163.247.0/24 168.134.136.0/23 168.134.139.0/24 Signature Algorithm: sha256WithRSAEncryption 62:25:1e:ea:a0:b1:5a:9c:45:c0:41:c1:fb:6c:43:22:12:0a: 08:ad:26:63:cb:e4:81:02:6f:0c:77:3c:7d:0f:fe:05:fb:57: 95:0e:f3:1e:97:d9:b5:22:6b:cb:29:82:aa:7d:fd:df:ee:db: da:ea:13:19:c0:20:dd:d8:92:f7:e0:01:73:38:fe:ca:c1:9a: 0f:7f:9c:78:e2:56:37:17:7e:2c:20:f5:76:87:b2:26:aa:6e: 87:f9:e0:c0:55:27:33:cc:5f:8b:51:23:99:3b:ea:c1:e1:03: c4:7d:bd:b8:73:37:ea:1a:1f:16:ff:46:f0:16:51:8f:3e:3f: a8:a8:39:81:7b:2d:f0:1f:5a:f1:c1:89:2b:d9:aa:55:4b:0f: 37:64:7b:cc:80:03:9d:dd:96:5c:c3:d4:bd:7b:73:78:9f:89: cf:a4:0c:1c:49:09:49:4d:2c:bc:0e:0a:eb:77:30:85:52:81: fc:4a:4c:eb:cb:28:d8:47:dd:c3:28:ce:2c:6f:d2:9a:6f:53: f6:fa:f4:c4:7c:72:67:bd:df:76:f2:e4:a6:9e:76:0c:20:4c: c5:75:aa:78:a7:64:2e:19:eb:9f:e7:2e:81:83:3b:80:28:e1: 4a:81:49:40:bd:7e:7b:70:79:b6:8a:6d:b5:34:91:5f:e5:9f: 5f:42:4f:ec -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICBgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjI3N0QxMTAvBgNVBAUTKEJCQzEwMzU2MUFGRDdBOTMwMzZEMUM3MkRENEMwQTdD MkE0RTI5Q0UwHhcNMjQxMjA2MjIxMTUzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzUzNzZhOC05OTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6TqOfykrQSV1qGuBOzT/FBUIrlv9ZOuPTAFIahJoR6FbUuVtMaLnx6A9JDG+ ULxZW5w6l4UbRR048vTBO1fGpONxyhRXSqFlV0XOublibOZlBfX0EXlfGzafCHDT T1ceavFmh33eMNbPSk/hBTp35DZpxa5Vru05U4BiUjYOM+B5y8lId9GZdwZMiVhK 1Wj5E82RjaNi4r4P0btM9qwoU9cFG+9JFmRHTz3EJEkq5o3IjgjdClicgFSjtI18 4UJ6LbrHBh0/XRYnPk0mO55E5E8FYFvJphaN6iMSRAq9Yc5xR3rYCvRPXCaussdF NVh+MkTUWMjOVZTzMKp6UgqmiwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJTxfx94 6iLJHhTTVbT9j6cQ+abTMB8GA1UdIwQYMBaAFLvBA1Ya/XqTA20cct1MCnwqTinO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjc3RC83OEExRDA4RThE NkIxMUVCOTg0MEUwNUZDNEY5QUUwMi91OEVEVmhyOWVwTURiUnh5M1V3S2ZDcE9L YzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3U4RURWaHI5ZXBNRGJSeHkzVXdLZkNwT0tjNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjI3N0QvNzhBMUQwOEU4RDZCMTFFQjk4NDBFMDVGQzRGOUFFMDIvQ0VGOEUyMkU3 MTE3MTFFREI0OUNFMTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBACLo4MDBACLo4oDBACLo/cDBAGohogDBACohoswDQYJKoZI hvcNAQELBQADggEBAGIlHuqgsVqcRcBBwftsQyISCgitJmPL5IECbwx3PH0P/gX7 V5UO8x6X2bUia8spgqp9/d/u29rqExnAIN3YkvfgAXM4/srBmg9/nHjiVjcXfiwg 9XaHsiaqbof54MBVJzPMX4tRI5k76sHhA8R9vbhzN+oaHxb/RvAWUY8+P6ioOYF7 LfAfWvHBiSvZqlVLDzdke8yAA53dllzD1L17c3ific+kDBxJCUlNLLwOCut3MIVS gfxKTOvLKNhH3cMozixv0ppvU/b69MR8cme933by5KaedgwgTMV1qninZC4Z65/n LoGDO4Ao4UqBSUC9fntwebaKbbU0kV/ln19CT+w= -----END CERTIFICATE-----Generated at Sat Apr 26 17:02:32 2025 by rpki-client