$ rpki-client -vvf rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/C552F48EC80011EAAD578B77C4F9AE02.roa File: C552F48EC80011EAAD578B77C4F9AE02.roa (raw, json) Hash identifier: UAdWkh5fwATHMmIyVhd7P9Q5bEUDKKzkNfodKXfZ52I= Subject key identifier: B6:C3:39:6B:85:0E:E3:5B:4D:26:13:20:18:3C:85:C7:22:6B:A1:35 Certificate issuer: /CN=A9172878/serialNumber=A3D00626C2F9B462C5507FF180C36DE9C3399CB2 Certificate serial: 34AF Authority key identifier: A3:D0:06:26:C2:F9:B4:62:C5:50:7F:F1:80:C3:6D:E9:C3:39:9C:B2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/C552F48EC80011EAAD578B77C4F9AE02.roa Signing time: Tue 10 Dec 2024 14:50:33 +0000 ROA not before: Tue 10 Dec 2024 14:50:33 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 131322 IP address blocks: 61.4.64.0/20 maxlen: 20 61.4.64.0/24 maxlen: 24 61.4.65.0/24 maxlen: 24 61.4.66.0/24 maxlen: 24 61.4.67.0/24 maxlen: 24 61.4.68.0/24 maxlen: 24 61.4.69.0/24 maxlen: 24 61.4.70.0/24 maxlen: 24 61.4.71.0/24 maxlen: 24 61.4.73.0/24 maxlen: 24 61.4.74.0/24 maxlen: 24 61.4.75.0/24 maxlen: 24 61.4.76.0/24 maxlen: 24 61.4.77.0/24 maxlen: 24 61.4.78.0/24 maxlen: 24 61.4.79.0/24 maxlen: 24 122.248.96.0/19 maxlen: 19 122.248.107.0/24 maxlen: 24 122.248.108.0/24 maxlen: 24 122.248.109.0/24 maxlen: 24 122.248.110.0/24 maxlen: 24 122.248.111.0/24 maxlen: 24 122.248.117.0/24 maxlen: 24 203.81.160.0/20 maxlen: 20 203.81.166.0/24 maxlen: 24 203.81.167.0/24 maxlen: 24 203.81.170.0/24 maxlen: 24 2406:ea00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.crl rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 14:33:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13487 (0x34af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172878, serialNumber=A3D00626C2F9B462C5507FF180C36DE9C3399CB2 Validity Not Before: Dec 10 14:50:33 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67585539-4c34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:8e:57:8c:77:c1:38:2b:95:5a:89:0c:31:17: da:fe:de:91:b5:c1:41:11:bb:4c:2b:db:ac:00:f1: 4e:61:b1:b4:e8:5d:e1:83:33:dd:ed:25:76:4e:0b: eb:7d:4b:79:38:cc:88:1c:b8:0e:fe:9b:7d:1a:a4: 67:93:91:a6:5d:17:27:4e:20:ba:b8:b6:07:a2:73: 22:c5:5e:1e:8b:36:70:e5:6a:9e:02:dc:99:db:4c: 00:d7:63:e8:d3:a1:21:fc:32:ae:9a:78:d7:98:ac: bd:4e:69:01:21:a4:07:8a:45:f0:5d:a2:2f:7f:0c: 57:1b:f2:4a:66:80:8f:d3:da:02:b8:67:6c:e8:f5: 3a:39:88:5c:9c:74:ae:28:5c:4e:32:fb:c3:01:63: ca:77:c2:94:a0:3f:6a:1f:c6:78:c9:58:cb:ec:d8: 53:b8:a7:26:33:1a:8d:84:f8:a1:ab:62:4f:3d:e3: 64:82:40:f2:92:16:c2:3d:af:ef:25:01:1b:ae:fd: 11:4c:f8:70:87:33:10:d4:27:b7:83:af:27:9d:3a: da:53:e3:0a:23:c0:72:a4:1f:b1:ef:59:22:48:0c: 29:c5:16:7b:80:cc:b5:04:cc:4e:36:ba:4d:3f:64: 3d:5f:2c:8d:70:bd:1f:41:8a:f1:85:c4:08:cf:d9: 68:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:C3:39:6B:85:0E:E3:5B:4D:26:13:20:18:3C:85:C7:22:6B:A1:35 X509v3 Authority Key Identifier: keyid:A3:D0:06:26:C2:F9:B4:62:C5:50:7F:F1:80:C3:6D:E9:C3:39:9C:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/C552F48EC80011EAAD578B77C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 61.4.64.0/20 122.248.96.0/19 203.81.160.0/20 IPv6: 2406:ea00::/32 Signature Algorithm: sha256WithRSAEncryption b1:45:1b:a7:f6:11:46:41:f4:e1:dd:14:e8:ed:bc:e0:4a:38: 83:e7:8d:a6:8c:a2:a1:17:e9:52:71:cf:d8:04:ef:a8:34:f0: e9:de:1e:fd:94:1f:3c:af:e0:b4:44:76:f7:79:71:ff:49:96: 97:8f:8c:58:76:65:9e:0a:02:25:1b:e9:2e:f3:7e:55:d3:5e: 7b:99:78:99:3c:a0:7a:4d:ae:6a:92:48:55:ed:7b:92:ac:32: 65:2c:34:bc:3e:18:98:a0:b0:0d:17:a6:b9:8d:bb:8f:3e:4e: 1a:25:d5:fe:11:14:f9:11:17:c5:90:aa:55:aa:ab:db:01:27: 9b:69:74:59:2e:4e:81:d9:ed:fa:09:bb:1e:e5:a9:98:a2:5d: 71:6c:f5:ff:cd:4c:e3:93:93:7c:e0:9c:ae:7d:20:61:a3:c1: fa:f5:fa:71:88:d2:1a:50:77:fc:8b:c3:a3:c5:38:c2:6b:f0: 0c:56:db:66:e6:50:49:21:11:7a:5a:db:60:59:fa:0d:df:3b: 2d:08:51:78:7d:dd:20:ee:b8:1d:0d:2c:37:62:ef:e2:cf:21: 4d:9b:03:53:cc:b0:c8:c0:0a:5e:7d:9d:98:c1:8f:13:40:b3: 62:05:20:bc:1e:cf:04:0c:8e:3f:4f:13:c4:04:55:d0:e5:f6: 6c:b3:5d:78 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICNK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzI4NzgxMTAvBgNVBAUTKEEzRDAwNjI2QzJGOUI0NjJDNTUwN0ZGMTgwQzM2REU5 QzMzOTlDQjIwHhcNMjQxMjEwMTQ1MDMzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzU4NTUzOS00YzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2Y5XjHfBOCuVWokMMRfa/t6RtcFBEbtMK9usAPFOYbG06F3hgzPd7SV2Tgvr fUt5OMyIHLgO/pt9GqRnk5GmXRcnTiC6uLYHonMixV4eizZw5WqeAtyZ20wA12Po 06Eh/DKumnjXmKy9TmkBIaQHikXwXaIvfwxXG/JKZoCP09oCuGds6PU6OYhcnHSu KFxOMvvDAWPKd8KUoD9qH8Z4yVjL7NhTuKcmMxqNhPihq2JPPeNkgkDykhbCPa/v JQEbrv0RTPhwhzMQ1Ce3g68nnTraU+MKI8BypB+x71kiSAwpxRZ7gMy1BMxONrpN P2Q9XyyNcL0fQYrxhcQIz9loIQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFLbDOWuF DuNbTSYTIBg8hccia6E1MB8GA1UdIwQYMBaAFKPQBibC+bRixVB/8YDDbenDOZyy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Mjg3OC80Qzk5OEEzNjFE OEExMUUyOEExRjIzRTQwOEIwMkNEMi9vOUFHSnNMNXRHTEZVSF94Z01OdDZjTTVu TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL285QUdKc0w1dEdMRlVIX3hnTU50NmNNNW5MSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzI4NzgvNEM5OThBMzYxRDhBMTFFMjhBMUYyM0U0MDhCMDJDRDIvQzU1MkY0OEVD ODAwMTFFQUFENTc4Qjc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAQ9BEADBAV6+GADBATLUaAwDQQCAAIwBwMFACQG6gAwDQYJ KoZIhvcNAQELBQADggEBALFFG6f2EUZB9OHdFOjtvOBKOIPnjaaMoqEX6VJxz9gE 76g08OneHv2UHzyv4LREdvd5cf9JlpePjFh2ZZ4KAiUb6S7zflXTXnuZeJk8oHpN rmqSSFXte5KsMmUsNLw+GJigsA0XprmNu48+Thol1f4RFPkRF8WQqlWqq9sBJ5tp dFkuToHZ7foJux7lqZiiXXFs9f/NTOOTk3zgnK59IGGjwfr1+nGI0hpQd/yLw6PF OMJr8AxW22bmUEkhEXpa22BZ+g3fOy0IUXh93SDuuB0NLDdi7+LPIU2bA1PMsMjA Cl59nZjBjxNAs2IFILwezwQMjj9PE8QEVdDl9myzXXg= -----END CERTIFICATE-----Generated at Thu Apr 17 05:00:43 2025 by rpki-client