$ rpki-client -vvf rpki.apnic.net/member_repository/A91627F9/288DF14AE9C411EF9920930AC4F9AE02/99E2D388E9C411EFAFABDD0BC4F9AE02.roa File: 99E2D388E9C411EFAFABDD0BC4F9AE02.roa (raw, json) Hash identifier: J1402rtf9QBVmnV/qIlsF0PgfqX7oUx84mIB0uPW1NA= Subject key identifier: 42:15:87:B0:10:C8:E8:05:66:08:C2:63:B8:4E:CF:0E:CC:8A:D4:66 Certificate issuer: /CN=A91627F9/serialNumber=F375476F3235DC3D525171E2BE9211638E490847 Certificate serial: 08 Authority key identifier: F3:75:47:6F:32:35:DC:3D:52:51:71:E2:BE:92:11:63:8E:49:08:47 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/83VHbzI13D1SUXHivpIRY45JCEc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91627F9/288DF14AE9C411EF9920930AC4F9AE02/99E2D388E9C411EFAFABDD0BC4F9AE02.roa Signing time: Wed 19 Feb 2025 00:38:28 +0000 ROA not before: Wed 19 Feb 2025 00:38:28 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 4764 IP address blocks: 203.0.120.0/24 maxlen: 24 2001:df5:1bc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91627F9/288DF14AE9C411EF9920930AC4F9AE02/83VHbzI13D1SUXHivpIRY45JCEc.crl rsync://rpki.apnic.net/member_repository/A91627F9/288DF14AE9C411EF9920930AC4F9AE02/83VHbzI13D1SUXHivpIRY45JCEc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/83VHbzI13D1SUXHivpIRY45JCEc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 07:09:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8 (0x8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91627F9 Validity Not Before: Feb 19 00:38:28 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67b52803-9ec0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:07:07:05:34:28:63:e4:be:13:c5:55:49:ce: c1:8c:55:79:aa:49:eb:e7:76:51:70:35:73:20:c3: ef:91:89:21:04:57:8c:c7:44:7a:e6:49:15:b6:c0: 46:81:af:7a:19:75:b6:ba:9d:09:65:93:df:f3:4e: ae:12:85:4f:cf:c3:80:76:09:c1:3a:83:6b:4e:1b: b0:08:4e:94:6e:d0:53:00:17:fa:0f:00:ca:08:94: de:f4:ec:de:a2:1c:5e:81:cd:18:a0:e3:30:0b:30: e1:5d:d9:94:48:a6:7a:b0:26:ec:60:31:8f:99:4a: 3d:80:33:66:1a:d3:74:e7:87:0b:25:c3:dd:c6:6f: df:eb:13:f6:f8:4d:c2:1c:8b:37:d2:8f:89:f7:a0: ae:f0:4c:19:94:08:89:ac:f6:67:4e:b7:a4:b6:38: 0f:bb:15:ec:09:bd:d6:14:3d:87:f5:39:a1:06:e0: 4e:d4:09:78:71:08:67:79:02:18:48:96:d2:e3:a4: 0a:df:04:4d:59:72:58:25:2b:99:c8:f0:e0:c5:b2: e4:9f:f7:de:66:02:97:8d:55:a7:4e:27:e6:3f:7d: b6:b1:bb:2d:b0:e6:9c:ea:96:38:2f:a3:c8:76:35: ac:6a:6f:4c:55:d6:91:00:13:10:bb:c4:c6:c6:3f: fd:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:15:87:B0:10:C8:E8:05:66:08:C2:63:B8:4E:CF:0E:CC:8A:D4:66 X509v3 Authority Key Identifier: keyid:F3:75:47:6F:32:35:DC:3D:52:51:71:E2:BE:92:11:63:8E:49:08:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91627F9/288DF14AE9C411EF9920930AC4F9AE02/83VHbzI13D1SUXHivpIRY45JCEc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/83VHbzI13D1SUXHivpIRY45JCEc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91627F9/288DF14AE9C411EF9920930AC4F9AE02/99E2D388E9C411EFAFABDD0BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.0.120.0/24 IPv6: 2001:df5:1bc0::/48 Signature Algorithm: sha256WithRSAEncryption 58:74:62:25:d7:56:d8:a1:16:00:43:67:59:d4:7f:9f:14:eb: fb:f3:ea:c3:ce:c1:0d:ef:cb:be:90:b1:d6:33:64:de:5a:7f: e2:5f:1e:dc:cb:46:15:87:2a:d8:66:55:78:c0:6a:a3:00:82: 28:d1:02:79:8d:30:04:ff:b8:d8:2a:75:e4:9f:35:57:3b:eb: a6:10:43:f7:b6:94:51:e8:54:65:79:93:3e:64:2a:ed:c1:3e: 24:e8:af:17:2f:e2:72:d5:fd:ab:ce:4e:84:17:18:9a:e8:93: 1c:1e:da:9f:37:87:ad:82:80:51:97:90:58:23:99:6b:79:e4: 35:bc:a7:61:50:5b:98:70:69:4a:27:35:0f:83:98:17:2d:e2: 85:75:fd:26:09:c8:c5:e5:6a:70:42:32:58:17:49:22:df:1f: 0f:3d:82:9f:cc:0a:a7:6e:b2:92:9f:b6:bf:6f:d4:18:9d:01: 2c:10:67:6e:6d:b2:47:28:35:b0:e0:33:3a:b9:06:44:49:69: b0:56:39:08:ce:f7:04:ca:fe:bf:3b:cb:41:cb:59:3e:a6:cc: 74:79:79:95:08:33:b1:6b:60:26:dd:e0:ff:3a:dd:54:43:cc: cd:23:9a:0c:e7:5e:97:df:3f:8f:a9:36:e5:44:f1:2c:fd:3a: 8b:3b:22:81 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MjdGOTExMC8GA1UEBRMoRjM3NTQ3NkYzMjM1REMzRDUyNTE3MUUyQkU5MjExNjM4 RTQ5MDg0NzAeFw0yNTAyMTkwMDM4MjhaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YjUyODAzLTllYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDaBwcFNChj5L4TxVVJzsGMVXmqSevndlFwNXMgw++RiSEEV4zHRHrmSRW2wEaB r3oZdba6nQllk9/zTq4ShU/Pw4B2CcE6g2tOG7AITpRu0FMAF/oPAMoIlN707N6i HF6BzRig4zALMOFd2ZRIpnqwJuxgMY+ZSj2AM2Ya03Tnhwslw93Gb9/rE/b4TcIc izfSj4n3oK7wTBmUCIms9mdOt6S2OA+7FewJvdYUPYf1OaEG4E7UCXhxCGd5AhhI ltLjpArfBE1ZclglK5nI8ODFsuSf995mApeNVadOJ+Y/fbaxuy2w5pzqljgvo8h2 Naxqb0xV1pEAExC7xMbGP/2nAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUQhWHsBDI 6AVmCMJjuE7PDsyK1GYwHwYDVR0jBBgwFoAU83VHbzI13D1SUXHivpIRY45JCEcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYyN0Y5LzI4OERGMTRBRTlD NDExRUY5OTIwOTMwQUM0RjlBRTAyLzgzVkhiekkxM0QxU1VYSGl2cElSWTQ1SkNF Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvODNWSGJ6STEzRDFTVVhIaXZwSVJZNDVKQ0VjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MjdGOS8yODhERjE0QUU5QzQxMUVGOTkyMDkzMEFDNEY5QUUwMi85OUUyRDM4OEU5 QzQxMUVGQUZBQkREMEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAMsAeDAPBAIAAjAJAwcAIAEN9RvAMA0GCSqGSIb3DQEBCwUA A4IBAQBYdGIl11bYoRYAQ2dZ1H+fFOv78+rDzsEN78u+kLHWM2TeWn/iXx7cy0YV hyrYZlV4wGqjAIIo0QJ5jTAE/7jYKnXknzVXO+umEEP3tpRR6FRleZM+ZCrtwT4k 6K8XL+Jy1f2rzk6EFxia6JMcHtqfN4etgoBRl5BYI5lreeQ1vKdhUFuYcGlKJzUP g5gXLeKFdf0mCcjF5WpwQjJYF0ki3x8PPYKfzAqnbrKSn7a/b9QYnQEsEGdubbJH KDWw4DM6uQZESWmwVjkIzvcEyv6/O8tBy1k+psx0eXmVCDOxa2Am3eD/Ot1UQ8zN I5oM516X3z+PqTblRPEs/TqLOyKB -----END CERTIFICATE-----Generated at Sat Apr 5 19:33:24 2025 by rpki-client