$ rpki-client -vvf rpki.apnic.net/member_repository/A9165C64/425B423CFFA311E98735A685C4F9AE02/FD9E07EAAB1111EF89574855C4F9AE02.roa File: FD9E07EAAB1111EF89574855C4F9AE02.roa (raw, json) Hash identifier: NrdZbVMd1dHy2FEEAMNxWeknBO6BNRI5lNG3a+z4IPk= Subject key identifier: 99:06:E4:49:25:A3:3C:EA:6A:30:DC:93:1E:9A:81:7C:AC:AD:31:7D Certificate issuer: /CN=A9165C64/serialNumber=40EBC25A08BA5E7541CE142D2BC28AE4F8288A4B Certificate serial: 0C2C Authority key identifier: 40:EB:C2:5A:08:BA:5E:75:41:CE:14:2D:2B:C2:8A:E4:F8:28:8A:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOvCWgi6XnVBzhQtK8KK5Pgoiks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9165C64/425B423CFFA311E98735A685C4F9AE02/FD9E07EAAB1111EF89574855C4F9AE02.roa Signing time: Thu 16 Jan 2025 18:26:43 +0000 ROA not before: Thu 16 Jan 2025 18:26:43 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 138501 IP address blocks: 2405:9a40::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9165C64/425B423CFFA311E98735A685C4F9AE02/QOvCWgi6XnVBzhQtK8KK5Pgoiks.crl rsync://rpki.apnic.net/member_repository/A9165C64/425B423CFFA311E98735A685C4F9AE02/QOvCWgi6XnVBzhQtK8KK5Pgoiks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOvCWgi6XnVBzhQtK8KK5Pgoiks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:26:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3116 (0xc2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9165C64 Validity Not Before: Jan 16 18:26:43 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67894f63-2fe3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:37:b0:87:6a:a2:a1:85:9c:a9:a4:39:b9:d9: 08:46:ad:83:de:c0:a5:a0:74:eb:fe:56:85:40:ce: 31:cd:94:ac:47:8d:4b:08:71:ea:c1:8b:64:a4:41: c3:4c:af:48:61:3e:77:d2:2b:c0:e1:54:87:e2:e0: d8:5f:c0:47:24:8d:30:4a:f8:9b:81:9b:f9:11:9b: 26:df:56:e0:bd:a6:84:7a:bc:74:bb:33:c9:3c:82: bd:2d:4c:bb:c8:35:16:14:19:4f:46:fe:0f:67:84: 3a:7a:2b:df:93:c5:f5:c2:5f:8e:8c:62:e6:60:06: 78:b9:27:dc:e5:3b:48:5b:b9:48:5c:94:be:20:e2: ba:8c:1f:88:a3:77:c7:33:54:0a:78:df:48:c5:72: af:0e:57:97:61:0e:5b:3d:e7:a6:59:61:1d:5d:a0: 86:a2:3d:58:37:54:6b:a8:92:b8:68:91:07:f9:34: 26:8d:13:bb:b6:55:51:3f:5e:68:35:fd:5a:e0:7f: ac:14:f2:8b:4b:ce:41:75:c9:4e:db:91:54:a6:7f: fc:80:2c:de:b5:14:27:02:84:9a:30:e1:7c:b6:45: bb:cd:4e:85:a6:8b:4b:35:ec:9c:d4:f0:73:21:7e: 1e:15:22:0c:78:99:89:6d:53:64:f3:2d:24:f3:bd: a0:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:06:E4:49:25:A3:3C:EA:6A:30:DC:93:1E:9A:81:7C:AC:AD:31:7D X509v3 Authority Key Identifier: keyid:40:EB:C2:5A:08:BA:5E:75:41:CE:14:2D:2B:C2:8A:E4:F8:28:8A:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9165C64/425B423CFFA311E98735A685C4F9AE02/QOvCWgi6XnVBzhQtK8KK5Pgoiks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QOvCWgi6XnVBzhQtK8KK5Pgoiks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165C64/425B423CFFA311E98735A685C4F9AE02/FD9E07EAAB1111EF89574855C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2405:9a40::/32 Signature Algorithm: sha256WithRSAEncryption 9d:9f:47:09:49:5f:8a:d7:a5:dd:2a:52:01:62:1b:8b:36:95: de:c7:35:80:72:53:49:90:68:ca:c8:60:49:25:81:cf:23:a2: 4c:be:62:77:da:85:70:7b:1b:b4:ac:f5:d4:7e:8f:27:c4:d0: db:c0:43:0a:54:41:a5:fb:36:a8:02:e9:13:57:28:21:db:98: 8b:58:82:4f:b6:2d:dc:98:7f:bd:a5:72:9b:14:48:bb:f6:dd: 4b:fa:2b:90:d5:d3:c8:1c:7a:fd:ac:bd:8a:bc:99:54:10:e2: 1f:6a:9e:44:bb:31:33:47:ca:01:a0:05:9d:85:fb:25:d3:10: 15:59:b6:9e:e2:3e:09:8a:ea:e4:a8:c7:19:0a:99:d2:b1:88: 7d:bf:48:c4:dd:10:c0:77:fd:0f:d9:8a:20:f6:96:29:b9:3d: 94:09:d1:4e:16:be:f5:1a:99:fb:34:b5:40:7c:2a:1f:2a:9b: a3:d6:7a:6f:a6:38:a9:92:22:ba:c7:2f:66:e2:a1:ba:6c:26: 00:21:6e:29:87:69:6a:20:21:24:ba:58:44:01:ca:9a:bb:ea: b8:0c:97:ab:e8:93:f4:99:a1:53:1b:06:23:27:07:d0:89:db: 57:c9:e6:bc:12:aa:bb:84:dc:b1:df:02:a5:da:37:49:a9:86: 50:f5:94:c8 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICDCwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjVDNjQxMTAvBgNVBAUTKDQwRUJDMjVBMDhCQTVFNzU0MUNFMTQyRDJCQzI4QUU0 RjgyODhBNEIwHhcNMjUwMTE2MTgyNjQzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzg5NGY2My0yZmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtzewh2qioYWcqaQ5udkIRq2D3sCloHTr/laFQM4xzZSsR41LCHHqwYtkpEHD TK9IYT530ivA4VSH4uDYX8BHJI0wSvibgZv5EZsm31bgvaaEerx0uzPJPIK9LUy7 yDUWFBlPRv4PZ4Q6eivfk8X1wl+OjGLmYAZ4uSfc5TtIW7lIXJS+IOK6jB+Io3fH M1QKeN9IxXKvDleXYQ5bPeemWWEdXaCGoj1YN1RrqJK4aJEH+TQmjRO7tlVRP15o Nf1a4H+sFPKLS85BdclO25FUpn/8gCzetRQnAoSaMOF8tkW7zU6FpotLNeyc1PBz IX4eFSIMeJmJbVNk8y0k872gawIDAQABo4ICljCCApIwHQYDVR0OBBYEFJkG5Ekl ozzqajDckx6agXysrTF9MB8GA1UdIwQYMBaAFEDrwloIul51Qc4ULSvCiuT4KIpL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUM2NC80MjVCNDIzQ0ZG QTMxMUU5ODczNUE2ODVDNEY5QUUwMi9RT3ZDV2dpNlhuVkJ6aFF0SzhLSzVQZ29p a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FPdkNXZ2k2WG5WQnpoUXRLOEtLNVBnb2lrcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjVDNjQvNDI1QjQyM0NGRkEzMTFFOTg3MzVBNjg1QzRGOUFFMDIvRkQ5RTA3RUFB QjExMTFFRjg5NTc0ODU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkBZpAMA0GCSqGSIb3DQEBCwUAA4IBAQCdn0cJSV+K16Xd KlIBYhuLNpXexzWAclNJkGjKyGBJJYHPI6JMvmJ32oVwexu0rPXUfo8nxNDbwEMK VEGl+zaoAukTVygh25iLWIJPti3cmH+9pXKbFEi79t1L+iuQ1dPIHHr9rL2KvJlU EOIfap5EuzEzR8oBoAWdhfsl0xAVWbae4j4JiurkqMcZCpnSsYh9v0jE3RDAd/0P 2Yog9pYpuT2UCdFOFr71Gpn7NLVAfCofKpuj1npvpjipkiK6xy9m4qG6bCYAIW4p h2lqICEkulhEAcqau+q4DJer6JP0maFTGwYjJwfQidtXyea8Eqq7hNyx3wKl2jdJ qYZQ9ZTI -----END CERTIFICATE-----Generated at Sat Apr 5 07:21:18 2025 by rpki-client