$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/66476E182EAC11EFAAAF8E67C4F9AE02.roa File: 66476E182EAC11EFAAAF8E67C4F9AE02.roa (raw, json) Hash identifier: c+tQd6LFV/BZVoGpun0y1RLdLqyLfqdX/XcIv+ynZW4= Subject key identifier: AD:0E:BA:99:26:E1:80:65:1E:9C:4C:38:88:47:2B:C8:FA:A9:39:E4 Certificate issuer: /CN=A91FA6FF/serialNumber=CAE3DB8ADEE7A16AB6CA537F2347B0205BDF4F76 Certificate serial: A3 Authority key identifier: CA:E3:DB:8A:DE:E7:A1:6A:B6:CA:53:7F:23:47:B0:20:5B:DF:4F:76 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yuPbit7noWq2ylN_I0ewIFvfT3Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/66476E182EAC11EFAAAF8E67C4F9AE02.roa Signing time: Wed 09 Apr 2025 05:12:37 +0000 ROA not before: Wed 09 Apr 2025 05:12:37 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 0 IP address blocks: 202.3.136.0/24 maxlen: 24 2001:dee:c000::/48 maxlen: 48 2001:dee:c000::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/yuPbit7noWq2ylN_I0ewIFvfT3Y.crl rsync://rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/yuPbit7noWq2ylN_I0ewIFvfT3Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yuPbit7noWq2ylN_I0ewIFvfT3Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:13:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 163 (0xa3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA6FF, serialNumber=CAE3DB8ADEE7A16AB6CA537F2347B0205BDF4F76 Validity Not Before: Apr 9 05:12:37 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67f601c4-d1e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:49:02:67:5e:bf:b3:a1:2e:6c:bb:40:ec:cf: fe:d6:e6:6f:77:c9:27:86:6b:bb:c5:14:3d:36:ac: f8:54:5a:be:60:1d:c8:5c:14:46:36:97:b4:5d:50: 1f:d3:4c:e7:3e:0d:27:96:8b:ae:ac:62:50:48:0f: 01:67:c1:fa:2f:ba:a8:e3:f4:2b:3a:14:45:c8:c1: ca:6b:40:60:88:b1:52:a0:1f:2d:00:b7:8f:d0:34: a5:b8:f1:39:aa:f9:e2:49:82:ec:3a:af:79:97:9d: a4:f5:78:0e:8c:f6:e9:0a:0d:ab:20:f2:d6:1f:f9: 67:cc:df:fb:e2:74:3a:5e:0e:2b:23:a3:43:52:32: 50:93:13:65:a9:63:9c:ea:73:a1:9d:69:31:e4:44: 31:5b:22:f3:6e:b2:05:0c:b2:f0:a5:4d:b2:ff:25: 13:6c:f6:5c:95:ea:89:3c:b6:09:4b:05:5d:34:74: f0:66:7f:ce:dd:c9:2c:89:45:12:41:ce:c9:11:f1: 5f:4e:0c:0c:de:bd:91:df:6a:16:0a:fe:48:e5:b0: d0:ad:93:e4:37:4f:3b:cf:e8:0d:3c:55:ae:da:37: a9:bd:38:25:41:95:11:5c:5a:05:20:c4:4f:f4:c6: 6e:9a:c8:8c:0d:f9:f1:ea:61:f7:3d:1b:39:64:63: 6d:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:0E:BA:99:26:E1:80:65:1E:9C:4C:38:88:47:2B:C8:FA:A9:39:E4 X509v3 Authority Key Identifier: keyid:CA:E3:DB:8A:DE:E7:A1:6A:B6:CA:53:7F:23:47:B0:20:5B:DF:4F:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/yuPbit7noWq2ylN_I0ewIFvfT3Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yuPbit7noWq2ylN_I0ewIFvfT3Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA6FF/D281E7302E2911EFBAED6A1AC4F9AE02/66476E182EAC11EFAAAF8E67C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.3.136.0/24 IPv6: 2001:dee:c000::/48 Signature Algorithm: sha256WithRSAEncryption af:33:3d:aa:69:4e:a7:1a:c6:3e:64:4a:27:e9:9b:cc:96:b7: c5:f0:0c:75:c0:24:6c:29:14:cf:08:5d:26:a6:ec:7a:45:3f: b8:6f:48:44:65:72:31:85:94:ae:5b:00:e4:8b:16:db:59:7c: 23:36:bb:47:61:b5:43:c1:3e:a0:e6:78:8d:c9:08:5a:36:b0: 33:f0:72:82:0c:f7:cc:20:46:b4:d0:ac:17:48:6e:ad:74:35: 2a:8a:a6:97:16:82:d2:32:f4:6d:02:73:68:e1:60:54:35:d1: 56:c8:62:f4:33:68:bf:ae:f1:17:6d:37:a8:cd:30:6a:fc:d3: 47:ff:7d:61:9e:37:67:63:8a:18:ca:ac:dc:47:5e:0b:a1:0e: 89:7f:de:d2:f1:1c:84:7f:88:44:97:f0:d0:6b:b3:25:ac:a1: 8a:88:b0:5f:7b:04:04:b8:43:bf:30:c8:e4:c9:50:72:2e:96: 00:f2:f5:32:99:d3:39:b4:3a:1a:c1:42:e6:00:04:51:44:e4: d4:20:38:92:bd:dc:fa:de:9b:55:4f:f5:fb:94:cd:d7:62:9d: ee:3c:2c:bb:f5:34:ee:86:7c:4f:d9:3e:71:86:60:fe:3f:fb: 81:26:06:68:43:7d:a4:ce:cc:05:4e:d0:42:97:c0:ee:1c:a1: 28:f5:ca:7e -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICAKMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE2RkYxMTAvBgNVBAUTKENBRTNEQjhBREVFN0ExNkFCNkNBNTM3RjIzNDdCMDIw NUJERjRGNzYwHhcNMjUwNDA5MDUxMjM3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y2MDFjNC1kMWUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtEkCZ16/s6EubLtA7M/+1uZvd8knhmu7xRQ9Nqz4VFq+YB3IXBRGNpe0XVAf 00znPg0nlouurGJQSA8BZ8H6L7qo4/QrOhRFyMHKa0BgiLFSoB8tALeP0DSluPE5 qvniSYLsOq95l52k9XgOjPbpCg2rIPLWH/lnzN/74nQ6Xg4rI6NDUjJQkxNlqWOc 6nOhnWkx5EQxWyLzbrIFDLLwpU2y/yUTbPZcleqJPLYJSwVdNHTwZn/O3cksiUUS Qc7JEfFfTgwM3r2R32oWCv5I5bDQrZPkN087z+gNPFWu2jepvTglQZURXFoFIMRP 9MZumsiMDfnx6mH3PRs5ZGNt9QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFK0Oupkm 4YBlHpxMOIhHK8j6qTnkMB8GA1UdIwQYMBaAFMrj24re56FqtspTfyNHsCBb3092 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTZGRi9EMjgxRTczMDJF MjkxMUVGQkFFRDZBMUFDNEY5QUUwMi95dVBiaXQ3bm9XcTJ5bE5fSTBld0lGdmZU M1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3l1UGJpdDdub1dxMnlsTl9JMGV3SUZ2ZlQzWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkE2RkYvRDI4MUU3MzAyRTI5MTFFRkJBRUQ2QTFBQzRGOUFFMDIvNjY0NzZFMTgy RUFDMTFFRkFBQUY4RTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBADKA4gwDwQCAAIwCQMHACABDe7AADANBgkqhkiG9w0BAQsF AAOCAQEArzM9qmlOpxrGPmRKJ+mbzJa3xfAMdcAkbCkUzwhdJqbsekU/uG9IRGVy MYWUrlsA5IsW21l8Iza7R2G1Q8E+oOZ4jckIWjawM/Byggz3zCBGtNCsF0hurXQ1 KoqmlxaC0jL0bQJzaOFgVDXRVshi9DNov67xF203qM0wavzTR/99YZ43Z2OKGMqs 3EdeC6EOiX/e0vEchH+IRJfw0GuzJayhioiwX3sEBLhDvzDI5MlQci6WAPL1MpnT ObQ6GsFC5gAEUUTk1CA4kr3c+t6bVU/1+5TN12Kd7jwsu/U07oZ8T9k+cYZg/j/7 gSYGaEN9pM7MBU7QQpfA7hyhKPXKfg== -----END CERTIFICATE-----Generated at Sat Apr 26 05:56:36 2025 by rpki-client