$ rpki-client -vvf rpki.apnic.net/member_repository/A91592B3/8917FB2A5D0E11E5B3BEAD57C4F9AE02/D8D3FB6414F111F08EE5E32DC4F9AE02.roa File: D8D3FB6414F111F08EE5E32DC4F9AE02.roa (raw, json) Hash identifier: tOvAiPhxRE202cumPZpJeSLK5i3uUM9dNppjhBHTGzA= Subject key identifier: 14:44:6D:71:B1:4C:83:34:DE:DD:DF:55:9A:15:AB:08:1C:36:52:C4 Certificate issuer: /CN=A91592B3/serialNumber=3A5C0813C0FED0A83B3DD01B7A5AE1A130827028 Certificate serial: 2406 Authority key identifier: 3A:5C:08:13:C0:FE:D0:A8:3B:3D:D0:1B:7A:5A:E1:A1:30:82:70:28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OlwIE8D-0Kg7PdAbelrhoTCCcCg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91592B3/8917FB2A5D0E11E5B3BEAD57C4F9AE02/D8D3FB6414F111F08EE5E32DC4F9AE02.roa Signing time: Wed 09 Apr 2025 03:22:21 +0000 ROA not before: Wed 09 Apr 2025 03:22:21 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 19905 IP address blocks: 202.40.227.0/24 maxlen: 24 202.40.232.0/24 maxlen: 24 202.40.233.0/24 maxlen: 24 202.40.235.0/24 maxlen: 24 202.40.237.0/24 maxlen: 24 202.40.241.0/24 maxlen: 24 202.40.244.0/24 maxlen: 24 202.40.248.0/24 maxlen: 24 202.40.249.0/24 maxlen: 24 202.40.250.0/24 maxlen: 24 202.40.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91592B3/8917FB2A5D0E11E5B3BEAD57C4F9AE02/OlwIE8D-0Kg7PdAbelrhoTCCcCg.crl rsync://rpki.apnic.net/member_repository/A91592B3/8917FB2A5D0E11E5B3BEAD57C4F9AE02/OlwIE8D-0Kg7PdAbelrhoTCCcCg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OlwIE8D-0Kg7PdAbelrhoTCCcCg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 15:49:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9222 (0x2406) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91592B3, serialNumber=3A5C0813C0FED0A83B3DD01B7A5AE1A130827028 Validity Not Before: Apr 9 03:22:21 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67f5e7ec-57c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:87:ae:0a:80:6e:18:08:36:17:9d:57:87:80: dc:2a:d1:ba:18:8b:77:3f:ee:f5:39:bd:9e:e6:fd: 11:84:d8:8e:8b:07:2b:6e:b2:07:75:33:f9:ac:80: 41:a5:e6:de:01:46:1c:a0:18:21:aa:f7:9c:87:12: 48:cb:4d:b6:cb:96:aa:58:f4:bd:81:6c:6c:a6:d9: f0:48:a0:a7:c1:03:ce:a7:0a:a0:1f:bd:64:7c:ca: eb:2c:ce:49:b6:e7:e5:a5:cc:54:ea:1c:13:c2:9c: 26:e6:04:4c:3c:d4:9b:51:d0:7c:aa:88:4b:de:7d: 2b:68:f7:0c:8a:b3:30:12:ee:24:58:f1:b1:22:d1: f8:ca:25:af:a7:8a:f1:dd:43:ed:d3:64:ad:7e:dd: f9:c1:7e:14:e3:bc:cb:7e:1c:aa:b8:c2:8c:7b:96: 60:ca:f4:39:cf:aa:cb:af:0a:d7:51:6e:ac:cb:fe: 10:9c:91:25:64:83:fb:da:dd:32:17:60:b3:9d:ab: d7:93:75:57:74:1f:82:fb:5b:ae:a0:50:62:e2:d3: f9:ab:22:61:d2:ae:53:e4:c0:82:71:54:39:1a:01: 47:e5:4b:c4:22:54:fc:7c:62:28:8f:02:5d:74:11: b1:5f:50:00:30:6f:4c:c8:79:f5:ad:8d:cc:80:6e: b4:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:44:6D:71:B1:4C:83:34:DE:DD:DF:55:9A:15:AB:08:1C:36:52:C4 X509v3 Authority Key Identifier: keyid:3A:5C:08:13:C0:FE:D0:A8:3B:3D:D0:1B:7A:5A:E1:A1:30:82:70:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91592B3/8917FB2A5D0E11E5B3BEAD57C4F9AE02/OlwIE8D-0Kg7PdAbelrhoTCCcCg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OlwIE8D-0Kg7PdAbelrhoTCCcCg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91592B3/8917FB2A5D0E11E5B3BEAD57C4F9AE02/D8D3FB6414F111F08EE5E32DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.40.227.0/24 202.40.232.0/23 202.40.235.0/24 202.40.237.0/24 202.40.241.0/24 202.40.244.0/24 202.40.248.0/22 Signature Algorithm: sha256WithRSAEncryption 1c:fc:19:87:68:55:e6:6c:0b:c1:04:b9:d3:6e:58:23:90:6d: 83:1f:de:b9:d6:22:c6:3e:77:ba:3f:52:95:32:d8:8d:77:43: 07:ba:07:a3:3c:cf:06:cc:24:a3:65:03:6f:14:d2:13:56:05: a2:8b:89:5d:ab:4e:cb:50:4d:9f:19:62:c2:1f:3d:53:08:06: dc:2e:63:1d:c7:e4:db:87:8c:d5:27:09:0c:c4:dd:48:4c:41: c2:56:0f:76:30:48:8d:6f:bf:c5:34:53:2e:46:0d:cd:06:2b: ed:73:ec:c1:7e:c6:ee:4c:39:51:1d:9c:7d:6b:53:73:c1:83: 9b:3c:23:99:34:d6:87:29:6c:7c:51:da:ab:80:ac:35:6f:82: 4b:1f:9b:bb:1a:1e:58:8a:ee:8b:f6:24:e0:97:bc:83:1f:e6: e9:a2:03:0d:41:3c:f1:99:a0:a5:e7:85:2e:6b:cc:8e:24:a4: 7d:e8:d9:16:b8:2f:c3:35:ff:7f:82:fd:82:d3:4b:61:0a:4c: 8d:7b:c6:e0:c7:d2:db:53:7e:bf:ad:99:29:97:aa:4a:09:e8: 13:ba:bc:e1:00:ce:6a:6c:e0:6d:8d:f1:be:6c:87:40:ae:04: d6:a7:5c:8d:0f:71:e4:55:73:ae:5c:84:91:3a:1f:67:d5:3c: 80:d9:dc:ec -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICJAYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTkyQjMxMTAvBgNVBAUTKDNBNUMwODEzQzBGRUQwQTgzQjNERDAxQjdBNUFFMUEx MzA4MjcwMjgwHhcNMjUwNDA5MDMyMjIxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2Y1ZTdlYy01N2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8YeuCoBuGAg2F51Xh4DcKtG6GIt3P+71Ob2e5v0RhNiOiwcrbrIHdTP5rIBB pebeAUYcoBghqvechxJIy022y5aqWPS9gWxsptnwSKCnwQPOpwqgH71kfMrrLM5J tuflpcxU6hwTwpwm5gRMPNSbUdB8qohL3n0raPcMirMwEu4kWPGxItH4yiWvp4rx 3UPt02Stft35wX4U47zLfhyquMKMe5ZgyvQ5z6rLrwrXUW6sy/4QnJElZIP72t0y F2CznavXk3VXdB+C+1uuoFBi4tP5qyJh0q5T5MCCcVQ5GgFH5UvEIlT8fGIojwJd dBGxX1AAMG9MyHn1rY3MgG604QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFBREbXGx TIM03t3fVZoVqwgcNlLEMB8GA1UdIwQYMBaAFDpcCBPA/tCoOz3QG3pa4aEwgnAo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTJCMy84OTE3RkIyQTVE MEUxMUU1QjNCRUFENTdDNEY5QUUwMi9PbHdJRThELTBLZzdQZEFiZWxyaG9UQ0Nj Q2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09sd0lFOEQtMEtnN1BkQWJlbHJob1RDQ2NDZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTkyQjMvODkxN0ZCMkE1RDBFMTFFNUIzQkVBRDU3QzRGOUFFMDIvRDhEM0ZCNjQx NEYxMTFGMDhFRTVFMzJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMDAEAgABMCoDBADKKOMDBAHKKOgDBADKKOsDBADKKO0DBADKKPEDBADKKPQD BALKKPgwDQYJKoZIhvcNAQELBQADggEBABz8GYdoVeZsC8EEudNuWCOQbYMf3rnW IsY+d7o/UpUy2I13Qwe6B6M8zwbMJKNlA28U0hNWBaKLiV2rTstQTZ8ZYsIfPVMI BtwuYx3H5NuHjNUnCQzE3UhMQcJWD3YwSI1vv8U0Uy5GDc0GK+1z7MF+xu5MOVEd nH1rU3PBg5s8I5k01ocpbHxR2quArDVvgksfm7saHliK7ov2JOCXvIMf5umiAw1B PPGZoKXnhS5rzI4kpH3o2Ra4L8M1/3+C/YLTS2EKTI17xuDH0ttTfr+tmSmXqkoJ 6BO6vOEAzmps4G2N8b5sh0CuBNanXI0PceRVc65chJE6H2fVPIDZ3Ow= -----END CERTIFICATE-----Generated at Tue Apr 15 14:16:13 2025 by rpki-client