$ rpki-client -vvf rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/38BE1074FC0F11EA8DEF4D28C4F9AE02.roa File: 38BE1074FC0F11EA8DEF4D28C4F9AE02.roa (raw, json) Hash identifier: iWWPKNMJez26/4BW7/wljyQN/N1JrdnLJYQsd0J35V0= Subject key identifier: 8B:66:A9:B4:AE:1F:B5:59:97:B2:D2:81:18:4C:72:5A:02:6E:B5:9B Certificate issuer: /CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD Certificate serial: 07CC Authority key identifier: D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/38BE1074FC0F11EA8DEF4D28C4F9AE02.roa Signing time: Mon 24 Mar 2025 21:31:45 +0000 ROA not before: Mon 24 Mar 2025 21:31:45 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 134196 IP address blocks: 45.124.24.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 21:23:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1996 (0x7cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91397C2 Validity Not Before: Mar 24 21:31:45 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67e1cf41-dfa2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:07:b8:3a:7c:4f:56:ac:e2:3e:93:09:9b:3a: d7:a2:b6:b3:a0:37:f8:13:e2:4b:4a:07:a3:0e:af: 08:08:a8:6b:1d:e8:fa:9c:05:d5:fc:ea:a6:16:ca: 05:e8:06:85:7e:ce:f7:b9:7d:12:79:76:b3:16:4c: 58:43:80:6f:17:a5:a2:3f:33:f0:c0:b2:1a:83:43: 4d:96:bb:96:5a:dc:f5:18:0c:97:fe:0e:fd:13:1c: 1b:97:9e:de:f2:e5:0c:82:b3:ee:01:13:26:35:d6: fe:fa:8b:a0:95:fd:a8:83:14:0f:74:93:48:6b:17: 07:ca:4f:99:ea:5f:b5:73:27:67:47:98:4c:72:9d: 3b:e8:fd:a4:ad:04:5a:79:b4:1d:68:1f:ad:68:b3: 1c:31:10:6d:a1:9a:c0:7f:1e:f1:5d:16:37:f7:4d: 6e:8e:4d:19:70:2b:67:9d:6b:de:4f:08:36:2e:a0: 14:34:39:ad:81:49:03:06:72:cd:e4:f5:8a:9b:93: c1:50:de:4c:87:30:66:ff:a9:0e:87:a7:bc:03:6b: 3f:6f:aa:71:0b:0c:bf:38:71:e9:f5:5f:4c:1a:1e: e5:7f:88:d2:6f:c2:42:3f:db:e4:39:48:08:6e:2a: 9a:94:21:9f:ce:67:ea:7b:c5:75:24:ac:98:d6:77: 7e:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:66:A9:B4:AE:1F:B5:59:97:B2:D2:81:18:4C:72:5A:02:6E:B5:9B X509v3 Authority Key Identifier: keyid:D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/38BE1074FC0F11EA8DEF4D28C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.124.24.0/22 Signature Algorithm: sha256WithRSAEncryption 64:19:b7:68:99:c9:dc:e5:61:47:87:b5:e3:16:fa:f8:1a:84: c0:e1:72:0a:d1:36:70:06:33:99:56:64:bb:2d:76:69:3a:ef: 1d:1d:e0:56:a3:35:db:d2:92:36:90:96:e5:d6:9f:d0:11:3a: 54:74:e4:9b:f7:4e:25:d9:50:22:23:31:25:1d:87:aa:36:e7: 67:71:42:0f:21:de:77:7c:98:fb:41:51:63:05:9d:e2:22:30: 8f:73:ed:36:be:47:6c:58:de:fc:65:71:ad:fb:6a:76:fb:a8: 34:6d:bf:68:c1:a8:8f:fc:ee:ec:3d:df:6a:40:5a:4c:d0:d0: b2:94:42:81:e1:01:14:48:1b:6d:90:db:d2:32:6c:35:a6:0a: 1d:7c:52:79:92:a2:39:76:47:96:2a:ee:8e:48:e8:e5:0b:ac: c9:af:92:81:43:85:f2:f1:60:19:4f:81:70:04:be:6a:71:0d: f1:4d:6e:20:21:af:0f:1e:e3:ca:9c:12:8c:ae:09:3a:fb:ec: 09:d9:f5:5e:aa:c9:ae:63:66:15:30:be:22:59:84:5b:c2:34: 08:58:42:22:35:b8:0c:69:03:59:38:4b:12:9e:d6:a9:3b:6f: 3f:81:e9:89:74:76:89:74:96:ae:86:6d:45:45:37:e7:9f:f0: 7e:4a:4b:bd -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICB8wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk3QzIxMTAvBgNVBAUTKEQzRDE1QUVFOUE0RjhBRTVDMjgxMTA4QTdEMkQzQUQ4 MUQ0RTc5Q0QwHhcNMjUwMzI0MjEzMTQ1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2UxY2Y0MS1kZmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0ge4OnxPVqziPpMJmzrXorazoDf4E+JLSgejDq8ICKhrHej6nAXV/OqmFsoF 6AaFfs73uX0SeXazFkxYQ4BvF6WiPzPwwLIag0NNlruWWtz1GAyX/g79Exwbl57e 8uUMgrPuARMmNdb++ouglf2ogxQPdJNIaxcHyk+Z6l+1cydnR5hMcp076P2krQRa ebQdaB+taLMcMRBtoZrAfx7xXRY3901ujk0ZcCtnnWveTwg2LqAUNDmtgUkDBnLN 5PWKm5PBUN5MhzBm/6kOh6e8A2s/b6pxCwy/OHHp9V9MGh7lf4jSb8JCP9vkOUgI biqalCGfzmfqe8V1JKyY1nd+VwIDAQABo4IClTCCApEwHQYDVR0OBBYEFItmqbSu H7VZl7LSgRhMcloCbrWbMB8GA1UdIwQYMBaAFNPRWu6aT4rlwoEQin0tOtgdTnnN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTdDMi80RTQyNkRFOEZC RUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1WENnUkNLZlMwNjJCMU9l YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA5RmE3cHBQaXVYQ2dSQ0tmUzA2MkIxT2VjMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mzk3QzIvNEU0MjZERThGQkVBMTFFQTk0MEExRDE5QzRGOUFFMDIvMzhCRTEwNzRG QzBGMTFFQThERUY0RDI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAItfBgwDQYJKoZIhvcNAQELBQADggEBAGQZt2iZydzlYUeH teMW+vgahMDhcgrRNnAGM5lWZLstdmk67x0d4FajNdvSkjaQluXWn9AROlR05Jv3 TiXZUCIjMSUdh6o252dxQg8h3nd8mPtBUWMFneIiMI9z7Ta+R2xY3vxlca37anb7 qDRtv2jBqI/87uw932pAWkzQ0LKUQoHhARRIG22Q29IybDWmCh18UnmSojl2R5Yq 7o5I6OULrMmvkoFDhfLxYBlPgXAEvmpxDfFNbiAhrw8e48qcEoyuCTr77AnZ9V6q ya5jZhUwviJZhFvCNAhYQiI1uAxpA1k4SxKe1qk7bz+B6Yl0dol0lq6GbUVFN+ef 8H5KS70= -----END CERTIFICATE-----Generated at Sun Apr 6 01:30:29 2025 by rpki-client