$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa File: CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa (raw, json) Hash identifier: U1zVQ5bqYpLe5FAQ5Vpdv4iV73y5ug6j2NtqdB0U6DA= Subject key identifier: DF:54:EB:BE:27:C3:9D:BE:50:84:C3:0B:15:53:27:0E:6F:D9:BA:FD Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91 Certificate serial: 1955 Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa Signing time: Tue 14 Jan 2025 16:34:14 +0000 ROA not before: Tue 14 Jan 2025 16:34:14 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 0 IP address blocks: 43.249.212.0/22 maxlen: 22 114.141.72.0/21 maxlen: 21 124.158.24.0/22 maxlen: 22 202.9.70.0/23 maxlen: 23 202.74.62.0/23 maxlen: 23 2404:4e00:ff::/48 maxlen: 48 2404:4e00:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 13 Apr 2025 16:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6485 (0x1955) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D03A Validity Not Before: Jan 14 16:34:14 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67869205-eec8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:21:58:64:d5:b3:c2:b1:84:7f:25:4b:f3:5d: 86:f6:2b:c5:8f:a8:7a:fc:cc:0e:93:d8:79:4e:a0: ee:81:17:c3:67:f4:07:d4:a7:ee:35:02:f0:2a:b7: 5e:81:2f:15:c7:0d:9b:c0:15:8f:bd:27:6f:20:97: 5b:a6:9f:8f:53:35:fd:b2:57:ac:d0:d2:69:87:52: bb:91:45:a3:50:d1:3d:36:b0:7c:c3:ba:b3:71:dd: 93:d7:f8:59:61:13:ae:6a:6b:b7:86:2e:eb:ad:c4: fe:7e:fc:63:95:c7:de:10:16:0c:71:68:1e:86:b6: c7:60:68:fc:31:f0:a2:b9:1d:16:bd:8d:1f:70:ab: 5d:d1:b3:1d:7a:9e:d6:c4:b5:ad:8f:91:71:7e:60: d4:f9:d0:06:27:00:5d:b2:96:04:d5:60:cc:1f:21: f0:12:26:59:b0:83:57:82:02:cb:d4:3b:75:56:c1: 84:13:d8:6b:89:d7:78:b3:5a:b9:17:d1:9a:26:b2: e3:81:79:2a:e1:4e:58:40:2e:93:86:1d:b4:97:60: 25:f7:0d:75:a9:ff:43:16:19:ec:0d:20:7d:ff:2f: d6:33:f3:d1:cd:c0:f0:80:29:69:ba:e7:0f:58:67: b6:de:0b:5e:a5:43:3a:88:0c:9f:3d:55:3a:0e:4f: 36:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:54:EB:BE:27:C3:9D:BE:50:84:C3:0B:15:53:27:0E:6F:D9:BA:FD X509v3 Authority Key Identifier: keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/CF2F506C8A0F11EA9DFF7F19C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.212.0/22 114.141.72.0/21 124.158.24.0/22 202.9.70.0/23 202.74.62.0/23 IPv6: 2404:4e00:ff::/48 2404:4e00:6000::/40 Signature Algorithm: sha256WithRSAEncryption 2b:f9:b5:f7:1e:f8:cd:a3:22:d8:84:49:ca:55:d1:e2:dc:40: 73:5c:ca:8b:ab:5e:72:82:5d:a3:18:83:f2:63:f7:02:da:5f: 2b:dc:d9:38:82:74:22:64:50:a2:5a:92:c1:2e:b0:a2:4d:04: 9f:15:4f:cf:7e:c3:be:9c:0b:71:45:64:eb:53:f8:b6:0e:88: 5c:72:5d:2c:4a:ab:d1:f9:a6:0e:d9:cc:2a:3b:52:94:fc:16: 73:5d:44:ff:3d:15:04:e2:bd:84:68:15:e7:74:06:46:cd:2c: 77:82:f5:89:a9:e3:51:e7:b2:8c:8d:b1:e0:e0:ce:47:a7:dd: 3f:3f:73:b8:02:7d:fc:d9:bb:98:21:88:3e:f2:a4:7b:78:cd: 02:0c:62:2e:5a:87:dd:21:6c:9e:82:fd:8d:02:57:26:cb:5b: c8:10:99:81:8b:85:72:c8:2d:21:cc:ac:b4:fa:37:19:44:03: 99:fa:1a:87:4c:f3:11:ab:64:a0:24:59:0c:ef:57:82:a2:68: 8a:a4:df:28:e7:0e:24:d7:2b:94:48:35:a1:5f:55:49:31:3d: 00:d6:49:f0:01:be:ff:e3:bb:23:98:44:28:e2:4c:41:55:1a: 9d:86:5d:c4:45:db:25:45:c2:84:bf:05:f7:4f:06:14:9c:5d: 65:fb:68:e0 -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgICGVUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD NTQyQTBEOTEwHhcNMjUwMTE0MTYzNDE0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzg2OTIwNS1lZWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3yFYZNWzwrGEfyVL812G9ivFj6h6/MwOk9h5TqDugRfDZ/QH1KfuNQLwKrde gS8Vxw2bwBWPvSdvIJdbpp+PUzX9sles0NJph1K7kUWjUNE9NrB8w7qzcd2T1/hZ YROuamu3hi7rrcT+fvxjlcfeEBYMcWgehrbHYGj8MfCiuR0WvY0fcKtd0bMdep7W xLWtj5FxfmDU+dAGJwBdspYE1WDMHyHwEiZZsINXggLL1Dt1VsGEE9hridd4s1q5 F9GaJrLjgXkq4U5YQC6Thh20l2Al9w11qf9DFhnsDSB9/y/WM/PRzcDwgClpuucP WGe23gtepUM6iAyfPVU6Dk82TQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFN9U674n w52+UITDCxVTJw5v2br9MB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvQ0YyRjUwNkM4 QTBGMTFFQTlERkY3RjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E QTA/MCQEAgABMB4DBAIr+dQDBANyjUgDBAJ8nhgDBAHKCUYDBAHKSj4wFwQCAAIw EQMHACQETgAA/wMGACQETgBgMA0GCSqGSIb3DQEBCwUAA4IBAQAr+bX3HvjNoyLY hEnKVdHi3EBzXMqLq15ygl2jGIPyY/cC2l8r3Nk4gnQiZFCiWpLBLrCiTQSfFU/P fsO+nAtxRWTrU/i2Dohccl0sSqvR+aYO2cwqO1KU/BZzXUT/PRUE4r2EaBXndAZG zSx3gvWJqeNR57KMjbHg4M5Hp90/P3O4An382buYIYg+8qR7eM0CDGIuWofdIWye gv2NAlcmy1vIEJmBi4VyyC0hzKy0+jcZRAOZ+hqHTPMRq2SgJFkM71eComiKpN8o 5w4k1yuUSDWhX1VJMT0A1knwAb7/47sjmEQo4kxBVRqdhl3ERdslRcKEvwX3TwYU nF1l+2jg -----END CERTIFICATE-----Generated at Mon Apr 7 05:20:26 2025 by rpki-client