$ rpki-client -vvf rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/8DA4D91477EF11EAB5508A28C4F9AE02.roa File: 8DA4D91477EF11EAB5508A28C4F9AE02.roa (raw, json) Hash identifier: ET14uths/QUA4uUBVbff9R12DTawrriACnHopTjr8Ws= Subject key identifier: BC:F9:73:9D:28:76:7F:2A:A3:4C:09:CA:65:77:71:D4:45:C2:FC:58 Certificate issuer: /CN=A9173780/serialNumber=9BC66CFF809A8A71212005DD9C27047AB418C8A7 Certificate serial: 09AB Authority key identifier: 9B:C6:6C:FF:80:9A:8A:71:21:20:05:DD:9C:27:04:7A:B4:18:C8:A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8Zs_4CainEhIAXdnCcEerQYyKc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/8DA4D91477EF11EAB5508A28C4F9AE02.roa Signing time: Thu 28 Nov 2024 20:09:45 +0000 ROA not before: Thu 28 Nov 2024 20:09:45 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 24479 IP address blocks: 203.3.167.0/24 maxlen: 24 203.28.212.0/24 maxlen: 24 203.170.2.0/23 maxlen: 23 203.170.4.0/22 maxlen: 22 203.170.8.0/21 maxlen: 21 203.170.8.0/24 maxlen: 24 203.170.9.0/24 maxlen: 24 203.170.10.0/24 maxlen: 24 203.170.11.0/24 maxlen: 24 203.170.12.0/24 maxlen: 24 203.170.13.0/24 maxlen: 24 203.170.14.0/24 maxlen: 24 2402:4d40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/m8Zs_4CainEhIAXdnCcEerQYyKc.crl rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/m8Zs_4CainEhIAXdnCcEerQYyKc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8Zs_4CainEhIAXdnCcEerQYyKc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 20:04:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2475 (0x9ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9173780 Validity Not Before: Nov 28 20:09:45 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=6748ce08-2024 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:11:c0:d4:10:b0:c2:b8:1f:ad:d3:84:22:d7: 93:a2:af:19:6d:c9:0c:ea:7e:ea:5c:d0:ff:f0:84: 56:f2:f1:3a:2c:49:29:93:98:89:4a:0d:38:b4:01: 47:99:b6:7f:a6:cd:01:c9:91:b8:34:54:cd:80:24: d2:5a:79:f0:66:19:65:e2:f8:96:17:86:55:c1:6d: 21:78:6c:57:29:90:4a:6d:ce:8f:83:dd:fe:b8:4e: 2a:10:ea:84:be:c6:dd:48:9e:83:69:5f:ab:ff:7d: 6d:85:06:11:33:28:1d:2a:5e:f0:90:e6:bf:a6:61: 90:de:63:4c:21:9a:24:ba:58:a3:0e:09:0f:11:c5: 2d:75:db:4f:78:25:68:b6:50:04:12:03:11:85:20: af:6b:57:5a:eb:1c:be:b2:67:93:87:ab:f8:14:18: cc:23:d1:08:6a:3f:2a:3c:e3:74:06:a4:b9:f5:9d: d8:13:18:64:88:89:3d:3c:76:f2:38:34:1c:25:c7: 29:4d:b3:8b:2b:d7:7f:9f:be:2f:d6:18:1f:a1:33: a9:63:72:22:cf:f6:5d:95:08:03:21:38:18:e5:17: 55:96:86:f1:50:25:46:e3:83:a6:cf:1e:ec:ef:81: 49:e8:24:59:80:eb:8e:c0:d3:13:c9:34:8c:14:f9: 69:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:F9:73:9D:28:76:7F:2A:A3:4C:09:CA:65:77:71:D4:45:C2:FC:58 X509v3 Authority Key Identifier: keyid:9B:C6:6C:FF:80:9A:8A:71:21:20:05:DD:9C:27:04:7A:B4:18:C8:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/m8Zs_4CainEhIAXdnCcEerQYyKc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8Zs_4CainEhIAXdnCcEerQYyKc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/8DA4D91477EF11EAB5508A28C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.3.167.0/24 203.28.212.0/24 203.170.2.0-203.170.15.255 IPv6: 2402:4d40::/32 Signature Algorithm: sha256WithRSAEncryption 73:5f:ca:f1:68:72:98:35:d4:4a:59:30:a3:59:92:ff:56:a6: d8:45:c4:7f:b6:bc:11:e7:81:ca:13:c5:36:bf:33:f5:af:1a: 10:39:d3:ce:2d:3e:0d:f6:43:9c:e8:23:40:35:e8:4e:05:26: a2:18:31:8b:84:a2:48:d5:1d:e7:41:fb:62:13:ad:e7:c3:17: 61:b9:b5:87:d1:c9:4d:fd:71:b6:f0:4d:54:e4:a4:49:2b:36: 98:d4:e6:f3:d2:66:10:9b:4c:93:5b:14:f8:71:63:6e:13:84: b6:04:8b:4a:3d:50:a0:ce:cb:d0:7d:40:ae:f9:85:bf:f0:07: 12:6c:74:6d:cd:68:e3:a5:ff:00:a0:90:5a:45:98:3c:87:e4: 00:b1:d6:67:86:9d:f0:e4:76:af:ec:63:1c:75:df:66:7f:45: ee:05:fc:3a:61:ee:51:e6:7a:b7:32:cf:04:bc:1a:1d:ea:54: d1:47:5e:22:b5:2c:a1:52:71:84:ce:91:27:94:94:c3:1d:54: 79:90:e1:87:4d:a4:95:50:ea:2f:f9:58:e3:09:03:eb:18:76: 0a:4a:0e:4d:87:75:78:89:1e:3b:24:03:cd:07:03:73:80:e8: 27:4a:f0:ae:8d:52:40:9e:8c:06:60:e1:2b:da:f8:e2:76:04: 17:68:c8:36 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgICCaswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzM3ODAxMTAvBgNVBAUTKDlCQzY2Q0ZGODA5QThBNzEyMTIwMDVERDlDMjcwNDdB QjQxOEM4QTcwHhcNMjQxMTI4MjAwOTQ1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzQ4Y2UwOC0yMDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxRHA1BCwwrgfrdOEIteToq8ZbckM6n7qXND/8IRW8vE6LEkpk5iJSg04tAFH mbZ/ps0ByZG4NFTNgCTSWnnwZhll4viWF4ZVwW0heGxXKZBKbc6Pg93+uE4qEOqE vsbdSJ6DaV+r/31thQYRMygdKl7wkOa/pmGQ3mNMIZokulijDgkPEcUtddtPeCVo tlAEEgMRhSCva1da6xy+smeTh6v4FBjMI9EIaj8qPON0BqS59Z3YExhkiIk9PHby ODQcJccpTbOLK9d/n74v1hgfoTOpY3Iiz/ZdlQgDITgY5RdVlobxUCVG44Omzx7s 74FJ6CRZgOuOwNMTyTSMFPlpuwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFLz5c50o dn8qo0wJymV3cdRFwvxYMB8GA1UdIwQYMBaAFJvGbP+AmopxISAF3ZwnBHq0GMin MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Mzc4MC84RUI2MkRGQTc3 RUQxMUVBQUE0Q0M0MjJDNEY5QUUwMi9tOFpzXzRDYWluRWhJQVhkbkNjRWVyUVl5 S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL204WnNfNENhaW5FaElBWGRuQ2NFZXJRWXlLYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzM3ODAvOEVCNjJERkE3N0VEMTFFQUFBNENDNDIyQzRGOUFFMDIvOERBNEQ5MTQ3 N0VGMTFFQUI1NTA4QTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E MzAxMCAEAgABMBoDBADLA6cDBADLHNQwDAMEAcuqAgMEBMuqADANBAIAAjAHAwUA JAJNQDANBgkqhkiG9w0BAQsFAAOCAQEAc1/K8WhymDXUSlkwo1mS/1am2EXEf7a8 EeeByhPFNr8z9a8aEDnTzi0+DfZDnOgjQDXoTgUmohgxi4SiSNUd50H7YhOt58MX Ybm1h9HJTf1xtvBNVOSkSSs2mNTm89JmEJtMk1sU+HFjbhOEtgSLSj1QoM7L0H1A rvmFv/AHEmx0bc1o46X/AKCQWkWYPIfkALHWZ4ad8OR2r+xjHHXfZn9F7gX8OmHu UeZ6tzLPBLwaHepU0UdeIrUsoVJxhM6RJ5SUwx1UeZDhh02klVDqL/lY4wkD6xh2 CkoOTYd1eIkeOyQDzQcDc4DoJ0rwro1SQJ6MBmDhK9r44nYEF2jINg== -----END CERTIFICATE-----Generated at Sun Apr 6 15:04:57 2025 by rpki-client