$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/C4662D3A5FD311EDAE56DD7FC4F9AE02.roa File: C4662D3A5FD311EDAE56DD7FC4F9AE02.roa (raw, json) Hash identifier: ECS4oxCwGoPittuwiBAwWcmaSVPvRXUwLMLK1Srfnf4= Subject key identifier: E2:82:FD:5F:7D:EB:35:21:55:10:62:16:9B:FC:52:80:9A:F8:D7:96 Certificate issuer: /CN=A91F8A41/serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14 Certificate serial: 06B7 Authority key identifier: CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/C4662D3A5FD311EDAE56DD7FC4F9AE02.roa Signing time: Wed 18 Dec 2024 01:37:50 +0000 ROA not before: Wed 18 Dec 2024 01:37:50 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 10101 IP address blocks: 202.152.64.0/19 maxlen: 19 202.152.64.0/24 maxlen: 24 202.152.65.0/24 maxlen: 24 202.152.66.0/24 maxlen: 24 202.152.67.0/24 maxlen: 24 202.152.68.0/24 maxlen: 24 202.152.69.0/24 maxlen: 24 202.152.70.0/24 maxlen: 24 202.152.71.0/24 maxlen: 24 202.152.72.0/24 maxlen: 24 202.152.73.0/24 maxlen: 24 202.152.76.0/22 maxlen: 22 202.152.76.0/24 maxlen: 24 202.152.77.0/24 maxlen: 24 202.152.78.0/24 maxlen: 24 202.152.79.0/24 maxlen: 24 202.152.80.0/24 maxlen: 24 202.152.81.0/24 maxlen: 24 202.152.82.0/24 maxlen: 24 202.152.83.0/24 maxlen: 24 202.152.84.0/24 maxlen: 24 202.152.85.0/24 maxlen: 24 202.152.86.0/24 maxlen: 24 202.152.87.0/24 maxlen: 24 202.152.88.0/22 maxlen: 22 202.152.92.0/24 maxlen: 24 202.152.93.0/24 maxlen: 24 202.152.94.0/24 maxlen: 24 202.152.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1719 (0x6b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8A41, serialNumber=CDFEDF2D411C84C36DC3BB6A02FDF1AC50B5BA14 Validity Not Before: Dec 18 01:37:50 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6762276e-a644 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:c7:87:ed:4c:93:55:a8:e1:61:e4:3c:1a:c1: 07:6f:a9:20:72:fd:4b:fa:12:74:83:51:2e:f0:ba: 10:25:ff:aa:9b:63:e5:0d:86:4b:77:2b:3a:de:a8: b0:f7:c6:96:1d:de:73:64:b2:aa:7f:58:2c:80:18: 49:e9:a3:c8:46:1e:ff:b0:eb:15:da:c6:77:a0:c2: 44:4f:68:46:bc:47:bb:85:d1:27:7c:8e:87:19:81: 43:2b:1c:26:0b:a1:06:47:6a:28:e3:61:f8:32:4a: be:67:69:c4:07:90:76:23:79:2c:a2:33:f7:1f:12: 35:0d:20:7c:09:e5:00:ce:35:24:28:37:95:d7:81: b7:ae:64:d2:48:85:31:a6:cd:f6:fa:3c:27:34:07: 1f:72:6b:e2:ca:e6:ae:a1:6d:27:3d:d0:4c:02:cf: 6b:1a:66:a3:fa:de:02:b1:d8:4e:f2:95:2d:ff:37: 92:3f:5b:d9:46:35:7e:a4:27:4e:97:3c:bf:64:b4: 2a:06:96:f3:0d:e0:2d:91:2a:8b:13:f2:02:45:cd: c3:a1:eb:2c:3a:14:69:7c:81:32:07:cb:b6:3d:d1: 5f:2e:5f:ac:cf:65:c0:25:d9:a8:05:83:cf:6c:e7: ff:1e:34:f9:85:76:d3:fc:45:54:4f:ba:86:ea:79: 6a:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:82:FD:5F:7D:EB:35:21:55:10:62:16:9B:FC:52:80:9A:F8:D7:96 X509v3 Authority Key Identifier: keyid:CD:FE:DF:2D:41:1C:84:C3:6D:C3:BB:6A:02:FD:F1:AC:50:B5:BA:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/zf7fLUEchMNtw7tqAv3xrFC1uhQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zf7fLUEchMNtw7tqAv3xrFC1uhQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8A41/554140DE87BC11EBB3C08272C4F9AE02/C4662D3A5FD311EDAE56DD7FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.152.64.0/19 Signature Algorithm: sha256WithRSAEncryption 67:12:ed:12:2b:45:6e:9f:f9:04:c3:af:8f:3f:54:8a:47:de: 2f:16:d3:25:9e:b8:3a:5d:d8:5e:ec:32:21:ba:09:93:bd:ac: 3e:01:57:c3:47:04:45:45:8f:e3:bf:30:11:99:1e:13:de:e5: c2:90:09:ef:31:8c:eb:fa:43:2d:33:6f:1c:a4:4f:5b:95:ac: ca:49:3f:b2:94:6a:81:e2:d6:bf:e4:18:e5:e6:4d:59:e7:11: 10:81:d9:ea:7b:29:ce:9b:d6:8b:fd:63:a4:04:f2:31:71:5d: 2d:5f:45:fb:64:7c:9e:c0:10:90:39:49:03:87:e3:b7:62:54: b9:b5:b2:fc:05:b4:32:09:5d:d8:fe:6c:c7:2b:6a:c7:b1:d7: 77:cd:20:80:bb:0f:20:cb:84:48:6c:0e:1a:66:b0:5f:6a:59: ed:d5:d7:ab:31:7e:9c:07:be:92:32:69:5d:a2:24:7a:29:27: da:7d:54:c6:e6:dd:0c:27:28:70:72:63:8a:35:9a:47:76:13: d6:69:e9:e4:f9:d5:55:15:c8:31:7d:db:af:d2:cc:f4:68:66: 52:60:8a:94:af:34:ad:f7:13:9b:ae:3e:9c:2d:11:f3:39:97: 51:23:78:f0:6e:2c:c7:aa:e3:35:f6:5d:89:b4:92:56:ed:04: af:e0:fe:3e -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBrcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjhBNDExMTAvBgNVBAUTKENERkVERjJENDExQzg0QzM2REMzQkI2QTAyRkRGMUFD NTBCNUJBMTQwHhcNMjQxMjE4MDEzNzUwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzYyMjc2ZS1hNjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1seH7UyTVajhYeQ8GsEHb6kgcv1L+hJ0g1Eu8LoQJf+qm2PlDYZLdys63qiw 98aWHd5zZLKqf1gsgBhJ6aPIRh7/sOsV2sZ3oMJET2hGvEe7hdEnfI6HGYFDKxwm C6EGR2oo42H4Mkq+Z2nEB5B2I3ksojP3HxI1DSB8CeUAzjUkKDeV14G3rmTSSIUx ps32+jwnNAcfcmviyuauoW0nPdBMAs9rGmaj+t4CsdhO8pUt/zeSP1vZRjV+pCdO lzy/ZLQqBpbzDeAtkSqLE/ICRc3DoessOhRpfIEyB8u2PdFfLl+sz2XAJdmoBYPP bOf/HjT5hXbT/EVUT7qG6nlqUwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOKC/V99 6zUhVRBiFpv8UoCa+NeWMB8GA1UdIwQYMBaAFM3+3y1BHITDbcO7agL98axQtboU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEE0MS81NTQxNDBERTg3 QkMxMUVCQjNDMDgyNzJDNEY5QUUwMi96ZjdmTFVFY2hNTnR3N3RxQXYzeHJGQzF1 aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pmN2ZMVUVjaE1OdHc3dHFBdjN4ckZDMXVoUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjhBNDEvNTU0MTQwREU4N0JDMTFFQkIzQzA4MjcyQzRGOUFFMDIvQzQ2NjJEM0E1 RkQzMTFFREFFNTZERDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAXKmEAwDQYJKoZIhvcNAQELBQADggEBAGcS7RIrRW6f+QTD r48/VIpH3i8W0yWeuDpd2F7sMiG6CZO9rD4BV8NHBEVFj+O/MBGZHhPe5cKQCe8x jOv6Qy0zbxykT1uVrMpJP7KUaoHi1r/kGOXmTVnnERCB2ep7Kc6b1ov9Y6QE8jFx XS1fRftkfJ7AEJA5SQOH47diVLm1svwFtDIJXdj+bMcrasex13fNIIC7DyDLhEhs DhpmsF9qWe3V16sxfpwHvpIyaV2iJHopJ9p9VMbm3QwnKHByY4o1mkd2E9Zp6eT5 1VUVyDF926/SzPRoZlJgipSvNK33E5uuPpwtEfM5l1EjePBuLMeq4zX2XYm0klbt BK/g/j4= -----END CERTIFICATE-----Generated at Sat Apr 26 08:15:10 2025 by rpki-client