$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa File: 33B6385E09E911EAA0C05451C4F9AE02.roa (raw, json) Hash identifier: MSG4IEJD21Lg46cXlyVsJXQNoEWSJs0ZdoCdo0HPe4k= Subject key identifier: 86:F7:21:31:D4:16:D1:4B:71:E1:D9:17:F0:98:D6:E1:05:DD:7E:D4 Certificate issuer: /CN=A91FEE70/serialNumber=FA94DE39088EC38A52B692279A42C4AFFB5B73B1 Certificate serial: 0C1F Authority key identifier: FA:94:DE:39:08:8E:C3:8A:52:B6:92:27:9A:42:C4:AF:FB:5B:73:B1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa Signing time: Tue 08 Apr 2025 18:57:31 +0000 ROA not before: Tue 08 Apr 2025 18:57:31 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 133081 IP address blocks: 203.2.168.0/24 maxlen: 24 203.2.169.0/24 maxlen: 24 203.2.170.0/24 maxlen: 24 203.2.171.0/24 maxlen: 24 203.2.172.0/24 maxlen: 24 203.2.173.0/24 maxlen: 24 203.2.174.0/24 maxlen: 24 203.2.175.0/24 maxlen: 24 203.16.128.0/24 maxlen: 24 203.16.129.0/24 maxlen: 24 203.16.130.0/24 maxlen: 24 203.16.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.crl rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:32:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3103 (0xc1f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEE70, serialNumber=FA94DE39088EC38A52B692279A42C4AFFB5B73B1 Validity Not Before: Apr 8 18:57:31 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=67f5719b-0989 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:66:8c:54:44:27:19:7d:05:89:ec:cd:1d:c2: da:90:04:27:03:6c:6e:48:77:75:64:04:72:3a:3e: 89:e9:48:58:18:2a:54:7a:69:39:13:01:54:69:f8: 05:42:73:e3:78:da:58:e5:2f:1f:5e:ee:9e:a7:fc: 3e:73:91:dc:4f:b1:22:70:af:c2:62:44:93:09:c3: 75:1a:8a:fb:d0:b7:90:52:0b:b0:fb:28:4a:53:3f: 8f:07:cc:d2:85:36:b5:21:bc:40:6c:0d:0b:89:35: 39:e5:7a:fe:71:b1:17:04:ff:e3:61:ef:e0:fa:be: 78:ef:8c:1f:7a:eb:37:6c:f5:cd:36:5f:f6:de:97: 97:14:55:c2:9e:fc:c1:33:fd:0e:ad:73:f1:e1:82: 00:1e:1d:59:0c:13:15:2e:2f:e2:d1:ba:2c:d1:c6: 65:15:be:05:10:63:c2:8d:44:4f:be:e7:96:14:91: b3:d2:09:25:10:e5:22:4b:f2:30:f6:30:64:5b:73: b9:92:9a:68:a8:4d:d1:58:26:22:f2:24:10:d3:eb: ed:0a:0b:c2:3f:5e:f3:9a:e0:98:ce:d2:c3:a9:14: 05:60:c4:32:c0:51:c6:67:c1:5f:fa:d8:f2:7e:77: bd:b8:44:98:3b:f8:7f:a9:4b:9b:6f:35:9c:cb:9b: 37:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:F7:21:31:D4:16:D1:4B:71:E1:D9:17:F0:98:D6:E1:05:DD:7E:D4 X509v3 Authority Key Identifier: keyid:FA:94:DE:39:08:8E:C3:8A:52:B6:92:27:9A:42:C4:AF:FB:5B:73:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/-pTeOQiOw4pStpInmkLEr_tbc7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-pTeOQiOw4pStpInmkLEr_tbc7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEE70/0910D1A009E811EAA630164FC4F9AE02/33B6385E09E911EAA0C05451C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.2.168.0/21 203.16.128.0/22 Signature Algorithm: sha256WithRSAEncryption 51:6a:c5:1e:d4:5d:23:0b:77:2f:26:70:28:a8:99:f7:9a:1a: 3c:3c:78:b9:57:10:8d:96:15:a7:13:c2:3f:b4:c8:7f:be:a0: 53:1e:38:36:97:bf:45:f8:c5:fc:ff:c6:88:0f:cb:54:bb:16: f1:4b:38:be:d6:0e:c9:18:8e:b1:f8:8e:99:3c:f6:32:96:2c: 3e:ff:b6:d7:e3:b3:d5:04:e6:fd:30:0e:49:50:0e:14:2d:8d: 7f:b3:0c:5a:aa:3e:4c:0b:6c:59:98:df:a4:56:f8:0c:0b:77: e5:0c:b8:07:21:61:a1:d6:41:2e:06:39:58:78:b3:50:b7:d6: 65:ce:f9:66:4e:2d:fa:54:7f:81:10:1d:3f:3d:45:c4:7f:d2: 19:76:c0:a6:b2:12:92:e0:df:e1:eb:37:08:2f:c4:30:0d:bb: 22:8d:44:45:52:ab:65:50:21:82:9a:c5:78:68:1a:5f:48:08: 60:ce:bf:43:02:91:f9:fa:cd:98:a6:d3:35:5b:5d:99:8b:16: 22:9a:c0:e7:9b:bb:54:68:08:2b:a8:e8:a9:de:df:67:9b:23: 21:a5:8b:35:78:28:09:2d:d8:30:af:45:22:3b:e2:ad:11:c6: e9:40:e6:17:72:aa:26:c5:00:e5:c9:9d:67:36:5e:f4:10:ad: 16:78:f8:2d -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICDB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFNzAxMTAvBgNVBAUTKEZBOTRERTM5MDg4RUMzOEE1MkI2OTIyNzlBNDJDNEFG RkI1QjczQjEwHhcNMjUwNDA4MTg1NzMxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y1NzE5Yi0wOTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxmaMVEQnGX0FiezNHcLakAQnA2xuSHd1ZARyOj6J6UhYGCpUemk5EwFUafgF QnPjeNpY5S8fXu6ep/w+c5HcT7EicK/CYkSTCcN1Gor70LeQUguw+yhKUz+PB8zS hTa1IbxAbA0LiTU55Xr+cbEXBP/jYe/g+r5474wfeus3bPXNNl/23peXFFXCnvzB M/0OrXPx4YIAHh1ZDBMVLi/i0bos0cZlFb4FEGPCjURPvueWFJGz0gklEOUiS/Iw 9jBkW3O5kppoqE3RWCYi8iQQ0+vtCgvCP17zmuCYztLDqRQFYMQywFHGZ8Ff+tjy fne9uESYO/h/qUubbzWcy5s3PwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIb3ITHU FtFLceHZF/CY1uEF3X7UMB8GA1UdIwQYMBaAFPqU3jkIjsOKUraSJ5pCxK/7W3Ox MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUU3MC8wOTEwRDFBMDA5 RTgxMUVBQTYzMDE2NEZDNEY5QUUwMi8tcFRlT1FpT3c0cFN0cElubWtMRXJfdGJj N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1wVGVPUWlPdzRwU3RwSW5ta0xFcl90YmM3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkVFNzAvMDkxMEQxQTAwOUU4MTFFQUE2MzAxNjRGQzRGOUFFMDIvMzNCNjM4NUUw OUU5MTFFQUEwQzA1NDUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAPLAqgDBALLEIAwDQYJKoZIhvcNAQELBQADggEBAFFqxR7U XSMLdy8mcCiomfeaGjw8eLlXEI2WFacTwj+0yH++oFMeODaXv0X4xfz/xogPy1S7 FvFLOL7WDskYjrH4jpk89jKWLD7/ttfjs9UE5v0wDklQDhQtjX+zDFqqPkwLbFmY 36RW+AwLd+UMuAchYaHWQS4GOVh4s1C31mXO+WZOLfpUf4EQHT89RcR/0hl2wKay EpLg3+HrNwgvxDANuyKNREVSq2VQIYKaxXhoGl9ICGDOv0MCkfn6zZim0zVbXZmL FiKawOebu1RoCCuo6Kne32ebIyGlizV4KAkt2DCvRSI74q0RxulA5hdyqibFAOXJ nWc2XvQQrRZ4+C0= -----END CERTIFICATE-----Generated at Sat Apr 26 17:05:21 2025 by rpki-client