$ rpki-client -vvf rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/ECC109EA3C8811EC889B9D78C4F9AE02.roa File: ECC109EA3C8811EC889B9D78C4F9AE02.roa (raw, json) Hash identifier: qsT6gdrcrYiz10awZz/5+uahx1IUYSEl585Lltn+07o= Subject key identifier: D4:E5:95:13:C9:8C:57:F0:57:32:84:D8:3E:88:3C:7C:04:8A:D7:90 Certificate issuer: /CN=A9120AC1/serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Certificate serial: 0481 Authority key identifier: E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/ECC109EA3C8811EC889B9D78C4F9AE02.roa Signing time: Tue 04 Feb 2025 23:42:53 +0000 ROA not before: Tue 04 Feb 2025 23:42:53 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 45753 IP address blocks: 69.72.80.0/21 maxlen: 21 69.72.80.0/24 maxlen: 24 69.72.81.0/24 maxlen: 24 69.72.82.0/24 maxlen: 24 69.72.83.0/24 maxlen: 24 69.72.84.0/24 maxlen: 24 69.72.85.0/24 maxlen: 24 69.72.86.0/24 maxlen: 24 69.72.87.0/24 maxlen: 24 148.66.48.0/20 maxlen: 20 148.66.48.0/24 maxlen: 24 148.66.49.0/24 maxlen: 24 148.66.50.0/24 maxlen: 24 148.66.52.0/24 maxlen: 24 148.66.53.0/24 maxlen: 24 148.66.54.0/24 maxlen: 24 148.66.55.0/24 maxlen: 24 148.66.56.0/24 maxlen: 24 148.66.57.0/24 maxlen: 24 148.66.58.0/24 maxlen: 24 148.66.59.0/24 maxlen: 24 148.66.60.0/24 maxlen: 24 148.66.61.0/24 maxlen: 24 148.66.62.0/24 maxlen: 24 148.66.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 23:37:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1153 (0x481) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9120AC1, serialNumber=E43DD233316BF0E29BA06D20DEC25DB4CC116E08 Validity Not Before: Feb 4 23:42:53 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67a2a5fd-9d0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a1:72:1f:d7:c9:11:56:ca:d7:19:0d:dd:96: 66:84:15:d9:0a:fc:d0:a4:fc:39:8c:c4:b6:5a:24: af:3c:81:00:f3:d5:fa:0c:8b:99:96:16:23:9c:97: 12:1b:d5:b1:c9:48:b1:6b:c1:09:c0:76:de:7b:63: aa:15:85:64:d0:67:ea:72:04:72:63:0b:b1:ce:88: 16:49:02:62:8a:39:8b:c8:6b:ed:0a:6d:7f:82:90: c4:68:5a:27:de:c9:5c:21:d3:c5:d2:48:64:76:be: 87:2d:f1:75:b4:00:20:28:6e:7b:16:af:8e:23:cc: 76:ed:2d:20:de:af:de:2f:d3:a6:59:8d:7b:63:be: ac:57:e5:27:08:32:fd:ff:bc:34:1e:ed:8f:ae:41: d6:22:da:1e:c2:55:56:20:8b:e8:f7:9f:2f:e6:b4: 4b:74:af:f3:58:98:51:10:5a:fd:90:12:bf:52:13: 44:e6:84:bf:d7:9b:a0:27:10:4c:2e:18:45:1e:7c: 42:df:a2:47:3d:a9:8b:da:23:ff:3f:f8:85:65:95: d3:d2:2c:b0:39:c3:44:b2:48:42:e3:ed:7e:8f:a1: 94:60:51:8e:a6:5b:bc:76:ea:4d:b0:33:ce:0b:dc: a6:97:00:90:18:ef:49:03:30:66:18:44:2b:f9:11: 4d:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:E5:95:13:C9:8C:57:F0:57:32:84:D8:3E:88:3C:7C:04:8A:D7:90 X509v3 Authority Key Identifier: keyid:E4:3D:D2:33:31:6B:F0:E2:9B:A0:6D:20:DE:C2:5D:B4:CC:11:6E:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/5D3SMzFr8OKboG0g3sJdtMwRbgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5D3SMzFr8OKboG0g3sJdtMwRbgg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120AC1/3E9A4AE0309711ECB285A64BC4F9AE02/ECC109EA3C8811EC889B9D78C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 69.72.80.0/21 148.66.48.0/20 Signature Algorithm: sha256WithRSAEncryption ae:36:02:c1:30:f6:43:1e:20:89:49:b1:e4:a9:a3:ce:a3:aa: eb:9f:95:34:84:0b:bd:fc:b5:15:8f:bd:96:3f:37:5d:7c:97: 17:e1:25:69:02:8a:14:d8:cc:b5:54:c9:72:45:2f:74:09:7f: ca:36:dc:17:6e:63:86:06:f3:69:25:0b:4d:9d:72:0f:b9:2e: b7:c4:84:46:e3:11:f8:35:4b:b3:65:7a:29:fb:0f:73:49:87: 16:a6:08:df:bd:cf:1d:cb:ab:b4:b5:63:a1:e5:c5:b8:3e:66: 62:67:f8:b4:b6:fa:f4:3f:52:63:e2:8f:2b:46:56:c0:f4:37: 7b:8b:66:68:f4:d7:2a:d0:e1:79:01:90:a8:2f:9d:41:98:d1: dc:b6:28:ef:0e:57:f3:61:08:69:a6:9e:45:46:4b:88:7f:0c: 70:36:03:70:9c:83:49:9c:19:41:f2:a7:c8:c7:83:9b:14:45: 29:82:1a:79:14:9c:d1:a6:20:93:5e:7f:36:05:6b:b3:d7:0b: 81:2a:08:79:01:9a:60:ca:e4:51:d9:72:70:21:d6:0a:f7:dc: dd:4d:1c:e1:19:cc:73:9f:1f:89:ab:33:d8:89:18:2e:79:de: 2e:83:58:a0:e6:8f:91:68:62:fc:02:46:02:c4:2f:36:aa:83: 80:46:9a:ea -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjBBQzExMTAvBgNVBAUTKEU0M0REMjMzMzE2QkYwRTI5QkEwNkQyMERFQzI1REI0 Q0MxMTZFMDgwHhcNMjUwMjA0MjM0MjUzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2EyYTVmZC05ZDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwqFyH9fJEVbK1xkN3ZZmhBXZCvzQpPw5jMS2WiSvPIEA89X6DIuZlhYjnJcS G9WxyUixa8EJwHbee2OqFYVk0GfqcgRyYwuxzogWSQJiijmLyGvtCm1/gpDEaFon 3slcIdPF0khkdr6HLfF1tAAgKG57Fq+OI8x27S0g3q/eL9OmWY17Y76sV+UnCDL9 /7w0Hu2PrkHWItoewlVWIIvo958v5rRLdK/zWJhREFr9kBK/UhNE5oS/15ugJxBM LhhFHnxC36JHPamL2iP/P/iFZZXT0iywOcNEskhC4+1+j6GUYFGOplu8dupNsDPO C9ymlwCQGO9JAzBmGEQr+RFNYwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNTllRPJ jFfwVzKE2D6IPHwEiteQMB8GA1UdIwQYMBaAFOQ90jMxa/Dim6BtIN7CXbTMEW4I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEFDMS8zRTlBNEFFMDMw OTcxMUVDQjI4NUE2NEJDNEY5QUUwMi81RDNTTXpGcjhPS2JvRzBnM3NKZHRNd1Ji Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVEM1NNekZyOE9LYm9HMGczc0pkdE13UmJnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjBBQzEvM0U5QTRBRTAzMDk3MTFFQ0IyODVBNjRCQzRGOUFFMDIvRUNDMTA5RUEz Qzg4MTFFQzg4OUI5RDc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBANFSFADBASUQjAwDQYJKoZIhvcNAQELBQADggEBAK42AsEw 9kMeIIlJseSpo86jquuflTSEC738tRWPvZY/N118lxfhJWkCihTYzLVUyXJFL3QJ f8o23BduY4YG82klC02dcg+5LrfEhEbjEfg1S7Nlein7D3NJhxamCN+9zx3Lq7S1 Y6Hlxbg+ZmJn+LS2+vQ/UmPijytGVsD0N3uLZmj01yrQ4XkBkKgvnUGY0dy2KO8O V/NhCGmmnkVGS4h/DHA2A3Ccg0mcGUHyp8jHg5sURSmCGnkUnNGmIJNefzYFa7PX C4EqCHkBmmDK5FHZcnAh1gr33N1NHOEZzHOfH4mrM9iJGC553i6DWKDmj5FoYvwC RgLELzaqg4BGmuo= -----END CERTIFICATE-----Generated at Fri Apr 18 11:00:33 2025 by rpki-client