$ rpki-client -vvf rpki.apnic.net/member_repository/A9167F0C/0A58A19A70AB11E98317A57BC4F9AE02/339E038C223B11EF8750653DC4F9AE02.roa File: 339E038C223B11EF8750653DC4F9AE02.roa (raw, json) Hash identifier: Qj9vmpxbOqsAtvTtRRnjjbg9bDrBGP1V9UkKqSNOqgk= Subject key identifier: 14:1E:17:A2:9C:EC:C6:A0:D3:DD:15:32:0B:9A:00:91:1D:34:F0:2C Certificate issuer: /CN=A9167F0C/serialNumber=4E6142BD61B3EB5897CE01E8D45711DA50DCF565 Certificate serial: 09D8 Authority key identifier: 4E:61:42:BD:61:B3:EB:58:97:CE:01:E8:D4:57:11:DA:50:DC:F5:65 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TmFCvWGz61iXzgHo1FcR2lDc9WU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167F0C/0A58A19A70AB11E98317A57BC4F9AE02/339E038C223B11EF8750653DC4F9AE02.roa Signing time: Wed 26 Feb 2025 18:16:22 +0000 ROA not before: Wed 26 Feb 2025 18:16:22 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 134995 IP address blocks: 2402:6640::/32 maxlen: 32 2402:6640:5::/48 maxlen: 48 2402:6640:10::/48 maxlen: 48 2402:6640:11::/48 maxlen: 48 2402:6640:17::/48 maxlen: 48 2402:6640:18::/48 maxlen: 48 2402:6640:19::/48 maxlen: 48 2402:6640:20::/48 maxlen: 48 2402:6640:21::/48 maxlen: 48 2402:6640:22::/48 maxlen: 48 2402:6640:23::/48 maxlen: 48 2402:6640:24::/48 maxlen: 48 2402:6640:25::/48 maxlen: 48 2402:6640:26::/48 maxlen: 48 2402:6640:30::/48 maxlen: 48 2402:6640:fce::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167F0C/0A58A19A70AB11E98317A57BC4F9AE02/TmFCvWGz61iXzgHo1FcR2lDc9WU.crl rsync://rpki.apnic.net/member_repository/A9167F0C/0A58A19A70AB11E98317A57BC4F9AE02/TmFCvWGz61iXzgHo1FcR2lDc9WU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TmFCvWGz61iXzgHo1FcR2lDc9WU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:45:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2520 (0x9d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167F0C Validity Not Before: Feb 26 18:16:22 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67bf5a76-ce45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:2b:2e:b7:ea:6f:8a:3f:28:a7:8b:00:d8:25: 1e:73:60:f5:34:40:2f:0a:c1:20:0f:02:1d:9a:3d: d8:3a:39:55:28:15:88:45:5b:2d:94:71:77:04:5f: bc:55:66:c8:f1:65:a1:00:89:9f:9a:0c:99:89:a7: 6c:73:4e:fc:bc:f8:db:99:52:4a:9c:c8:bd:04:b3: bc:32:59:d0:9e:9d:6c:83:11:46:dd:74:c1:76:d0: 86:eb:6b:55:f4:dc:01:63:67:de:40:14:af:e0:db: 16:6b:68:cc:0d:cb:b1:69:19:ff:db:ca:1f:8d:fa: dd:f9:1a:f6:1b:c0:6a:8d:bf:ce:1a:96:ab:71:68: 3b:bf:20:ee:0a:9d:97:bd:38:15:b9:db:c7:07:f7: 38:fb:13:8c:0c:9b:9c:af:6f:86:21:fb:e4:d0:cc: 2b:b5:b0:a3:fa:c8:12:24:12:dc:05:85:37:89:e7: e6:36:e4:2f:6f:fa:cc:57:54:03:6f:1d:d2:23:6e: 3c:5a:a7:5e:58:86:7b:d3:9c:f1:2f:e9:06:d1:54: cc:8f:cd:ce:9f:17:5a:2d:1c:90:6f:9a:01:40:9d: c1:fa:fb:e1:34:01:bd:ac:bc:aa:8c:33:c2:b2:cf: 63:5a:be:bc:a4:63:5a:0a:0c:b2:d1:c2:21:5f:11: 95:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:1E:17:A2:9C:EC:C6:A0:D3:DD:15:32:0B:9A:00:91:1D:34:F0:2C X509v3 Authority Key Identifier: keyid:4E:61:42:BD:61:B3:EB:58:97:CE:01:E8:D4:57:11:DA:50:DC:F5:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167F0C/0A58A19A70AB11E98317A57BC4F9AE02/TmFCvWGz61iXzgHo1FcR2lDc9WU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TmFCvWGz61iXzgHo1FcR2lDc9WU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167F0C/0A58A19A70AB11E98317A57BC4F9AE02/339E038C223B11EF8750653DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2402:6640::/32 Signature Algorithm: sha256WithRSAEncryption 99:15:91:f2:c3:bb:f0:37:81:b0:36:6e:33:99:6e:52:c6:24: a2:40:0e:6f:02:ee:a1:c8:d2:51:92:d6:bd:b5:df:e2:7c:a9: 4d:06:9d:40:04:0b:f4:8c:73:c3:0c:07:98:21:fa:3b:1f:61: 5f:ba:6e:c4:18:a5:09:81:f8:2f:ab:82:1c:18:26:bb:01:3a: 60:b4:ab:5b:2e:5d:3d:f4:d5:76:17:a8:df:23:fe:15:0a:4b: 5f:70:b4:02:be:0d:a3:aa:38:c5:fb:6a:aa:93:0a:3f:e6:22: 48:d7:72:ee:1a:2d:16:26:8c:9d:89:7b:12:59:61:03:37:13: c6:67:eb:3b:61:a9:90:2e:1a:ad:e4:90:7f:c1:20:90:dc:d5: fc:dd:1f:bf:76:53:8b:07:9f:46:5f:6e:b8:d1:88:94:4c:76: 68:da:8b:ed:42:f8:56:f3:41:6f:90:0f:62:36:b7:fd:6e:79: 26:96:3b:86:fc:eb:08:89:e0:98:f2:6b:ce:48:84:51:05:0e: cc:14:52:22:85:b9:6e:66:e7:d7:7f:e0:99:91:67:da:d5:f5: 84:01:8e:9c:01:9b:d6:3a:08:03:f4:a7:a5:97:78:91:2a:37: e3:e4:8e:00:9d:a9:f8:9a:a5:61:b5:36:07:ab:be:b4:ab:ce: 64:2a:4a:ea -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICCdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdGMEMxMTAvBgNVBAUTKDRFNjE0MkJENjFCM0VCNTg5N0NFMDFFOEQ0NTcxMURB NTBEQ0Y1NjUwHhcNMjUwMjI2MTgxNjIyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2JmNWE3Ni1jZTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Ssut+pvij8op4sA2CUec2D1NEAvCsEgDwIdmj3YOjlVKBWIRVstlHF3BF+8 VWbI8WWhAImfmgyZiadsc078vPjbmVJKnMi9BLO8MlnQnp1sgxFG3XTBdtCG62tV 9NwBY2feQBSv4NsWa2jMDcuxaRn/28ofjfrd+Rr2G8Bqjb/OGparcWg7vyDuCp2X vTgVudvHB/c4+xOMDJucr2+GIfvk0MwrtbCj+sgSJBLcBYU3iefmNuQvb/rMV1QD bx3SI248WqdeWIZ705zxL+kG0VTMj83OnxdaLRyQb5oBQJ3B+vvhNAG9rLyqjDPC ss9jWr68pGNaCgyy0cIhXxGV7wIDAQABo4ICljCCApIwHQYDVR0OBBYEFBQeF6Kc 7Mag090VMguaAJEdNPAsMB8GA1UdIwQYMBaAFE5hQr1hs+tYl84B6NRXEdpQ3PVl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0YwQy8wQTU4QTE5QTcw QUIxMUU5ODMxN0E1N0JDNEY5QUUwMi9UbUZDdldHejYxaVh6Z0hvMUZjUjJsRGM5 V1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RtRkN2V0d6NjFpWHpnSG8xRmNSMmxEYzlXVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjdGMEMvMEE1OEExOUE3MEFCMTFFOTgzMTdBNTdCQzRGOUFFMDIvMzM5RTAzOEMy MjNCMTFFRjg3NTA2NTNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkAmZAMA0GCSqGSIb3DQEBCwUAA4IBAQCZFZHyw7vwN4Gw Nm4zmW5SxiSiQA5vAu6hyNJRkta9td/ifKlNBp1ABAv0jHPDDAeYIfo7H2Ffum7E GKUJgfgvq4IcGCa7ATpgtKtbLl099NV2F6jfI/4VCktfcLQCvg2jqjjF+2qqkwo/ 5iJI13LuGi0WJoydiXsSWWEDNxPGZ+s7YamQLhqt5JB/wSCQ3NX83R+/dlOLB59G X2640YiUTHZo2ovtQvhW80FvkA9iNrf9bnkmljuG/OsIieCY8mvOSIRRBQ7MFFIi hbluZufXf+CZkWfa1fWEAY6cAZvWOggD9Kell3iRKjfj5I4Anan4mqVhtTYHq760 q85kKkrq -----END CERTIFICATE-----Generated at Sat Apr 5 07:21:12 2025 by rpki-client