$ rpki-client -vvf rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/9CDF0C0CFA4311EFAEC6A81AC4F9AE02.roa File: 9CDF0C0CFA4311EFAEC6A81AC4F9AE02.roa (raw, json) Hash identifier: A659tR0soBiQRXoeD1FPvGrYfSs+v9kVVN6MSoHXtyU= Subject key identifier: FA:DB:41:BE:E2:7D:75:6A:E0:98:B8:5A:8D:FE:4A:7A:60:AE:48:2B Certificate issuer: /CN=A912E31D/serialNumber=E628220F3FD00F417B9972E1D4A0F641696E7999 Certificate serial: 06 Authority key identifier: E6:28:22:0F:3F:D0:0F:41:7B:99:72:E1:D4:A0:F6:41:69:6E:79:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/9CDF0C0CFA4311EFAEC6A81AC4F9AE02.roa Signing time: Thu 06 Mar 2025 04:29:37 +0000 ROA not before: Thu 06 Mar 2025 04:29:37 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 153610 IP address blocks: 163.61.156.0/23 maxlen: 23 2001:df5:19c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.crl rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6 (0x6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E31D Validity Not Before: Mar 6 04:29:37 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67c924b1-436c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ad:ff:26:b3:cd:d2:c1:b1:40:39:25:8a:c8: b9:7e:74:57:c6:c3:58:db:28:d7:37:d3:28:d1:13: 2a:12:b4:b5:70:73:45:87:de:40:e8:2c:12:76:d9: 56:43:a9:1b:e2:b4:ed:ca:98:7c:da:86:99:31:e6: a9:07:ed:f2:bd:71:ba:67:25:0d:c2:c2:69:16:b4: 34:73:43:fc:1a:b8:02:9c:d4:55:bf:a9:d6:e1:10: c0:7d:6d:fa:8b:31:4d:ad:0f:29:91:f4:c1:72:85: fe:b7:b6:9a:90:7b:9c:66:24:b4:0e:c9:95:65:f7: 3d:f2:4f:ac:75:ab:53:2b:1f:e1:1e:06:fd:d9:62: 00:0c:41:fa:20:aa:f7:18:58:6e:ef:1d:e3:d5:9c: ca:fa:64:fa:c1:9d:6e:39:8b:c0:55:7b:6d:63:8d: 8b:d5:88:b0:45:2d:5c:7e:9b:f4:dc:b0:a7:0b:26: 21:84:76:dc:0b:94:69:e5:b5:00:3f:c9:fa:2e:bd: 09:ee:f3:07:0a:81:9d:cb:12:f1:c6:d6:8c:3d:23: cc:5b:9f:3f:37:80:f9:2f:bb:2d:d8:a3:9d:6e:89: 9f:bd:af:cb:2c:a7:a1:eb:36:27:7d:3b:1c:e3:69: 0e:1a:bb:65:e9:9c:1e:eb:39:af:81:24:c5:2e:4d: 2c:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:DB:41:BE:E2:7D:75:6A:E0:98:B8:5A:8D:FE:4A:7A:60:AE:48:2B X509v3 Authority Key Identifier: keyid:E6:28:22:0F:3F:D0:0F:41:7B:99:72:E1:D4:A0:F6:41:69:6E:79:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/9CDF0C0CFA4311EFAEC6A81AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 163.61.156.0/23 IPv6: 2001:df5:19c0::/48 Signature Algorithm: sha256WithRSAEncryption 1b:46:23:cb:80:8e:6c:f9:50:31:9b:89:27:4a:09:72:10:87: 52:24:39:9d:64:47:50:23:19:97:b1:ca:00:e5:82:f5:62:b5: 86:df:c8:d9:a3:a0:86:a0:ed:c2:95:1d:4f:13:83:19:ea:92: b6:57:5b:17:df:f1:ce:3b:7c:45:92:6d:3e:c2:ca:6d:fa:a2: c7:35:b1:8c:d0:88:4c:d2:ef:7f:13:b4:f6:e3:44:64:ea:4f: 82:d8:d1:1a:7a:47:98:39:a6:3b:06:da:da:89:c3:60:34:69: 21:bd:4d:75:f7:04:8b:3d:86:46:02:ce:32:58:2e:6f:5d:31: c4:46:9c:88:aa:b9:9d:c8:4b:31:37:f7:4b:3c:95:2a:4b:3d: 2e:d5:61:c7:ba:b2:09:d7:92:f3:98:1d:3d:76:1d:14:ed:e6: bf:c3:45:cf:33:2d:3d:80:07:bf:38:be:08:e6:bb:f1:4a:e1: 1b:07:09:51:ff:f7:91:54:d3:5f:10:a9:a7:02:ff:c0:0e:89: 0d:49:91:6b:f7:d3:86:6f:9a:f0:01:99:37:d1:37:fe:7a:7a: 46:94:5a:18:51:54:bf:ba:d9:ec:de:ea:2d:be:10:7c:18:10: db:4c:33:55:58:a0:05:1f:93:34:3d:ce:b3:ce:b8:c3:1d:df: 3e:9f:5e:c5 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RTMxRDExMC8GA1UEBRMoRTYyODIyMEYzRkQwMEY0MTdCOTk3MkUxRDRBMEY2NDE2 OTZFNzk5OTAeFw0yNTAzMDYwNDI5MzdaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YzkyNGIxLTQzNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDCrf8ms83SwbFAOSWKyLl+dFfGw1jbKNc30yjREyoStLVwc0WH3kDoLBJ22VZD qRvitO3KmHzahpkx5qkH7fK9cbpnJQ3CwmkWtDRzQ/wauAKc1FW/qdbhEMB9bfqL MU2tDymR9MFyhf63tpqQe5xmJLQOyZVl9z3yT6x1q1MrH+EeBv3ZYgAMQfogqvcY WG7vHePVnMr6ZPrBnW45i8BVe21jjYvViLBFLVx+m/TcsKcLJiGEdtwLlGnltQA/ yfouvQnu8wcKgZ3LEvHG1ow9I8xbnz83gPkvuy3Yo51uiZ+9r8ssp6HrNid9Oxzj aQ4au2XpnB7rOa+BJMUuTSyLAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU+ttBvuJ9 dWrgmLhajf5KemCuSCswHwYDVR0jBBgwFoAU5igiDz/QD0F7mXLh1KD2QWlueZkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJFMzFELzJDRjZCOEIwRjlD OTExRUZBNTRGNzYyQUM0RjlBRTAyLzVpZ2lEel9RRDBGN21YTGgxS0QyUVdsdWVa ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNWlnaUR6X1FEMEY3bVhMaDFLRDJRV2x1ZVprLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RTMxRC8yQ0Y2QjhCMEY5QzkxMUVGQTU0Rjc2MkFDNEY5QUUwMi85Q0RGMEMwQ0ZB NDMxMUVGQUVDNkE4MUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAaM9nDAPBAIAAjAJAwcAIAEN9RnAMA0GCSqGSIb3DQEBCwUA A4IBAQAbRiPLgI5s+VAxm4knSglyEIdSJDmdZEdQIxmXscoA5YL1YrWG38jZo6CG oO3ClR1PE4MZ6pK2V1sX3/HOO3xFkm0+wspt+qLHNbGM0IhM0u9/E7T240Rk6k+C 2NEaekeYOaY7BtraicNgNGkhvU119wSLPYZGAs4yWC5vXTHERpyIqrmdyEsxN/dL PJUqSz0u1WHHurIJ15LzmB09dh0U7ea/w0XPMy09gAe/OL4I5rvxSuEbBwlR//eR VNNfEKmnAv/ADokNSZFr99OGb5rwAZk30Tf+enpGlFoYUVS/utns3uotvhB8GBDb TDNVWKAFH5M0Pc6zzrjDHd8+n17F -----END CERTIFICATE-----Generated at Sat Apr 5 01:55:12 2025 by rpki-client