$ rpki-client -vvf rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/0619825C2F2A11ED9F62040DC4F9AE02.roa File: 0619825C2F2A11ED9F62040DC4F9AE02.roa (raw, json) Hash identifier: kL+XFv+JIBMzJ5k9XXPNiC6YLDiIMa15JQqj4/UV838= Subject key identifier: 42:78:D0:FD:1F:12:5B:49:2B:B0:31:C7:D2:BD:CB:15:83:37:1D:EE Certificate issuer: /CN=A91862F7/serialNumber=058421DE70780730473E5CC545BA0AE5DB9B4C0A Certificate serial: 0952 Authority key identifier: 05:84:21:DE:70:78:07:30:47:3E:5C:C5:45:BA:0A:E5:DB:9B:4C:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BYQh3nB4BzBHPlzFRboK5dubTAo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/0619825C2F2A11ED9F62040DC4F9AE02.roa Signing time: Fri 24 Jan 2025 17:35:49 +0000 ROA not before: Fri 24 Jan 2025 17:35:49 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 137470 IP address blocks: 202.3.0.0/24 maxlen: 24 202.3.1.0/24 maxlen: 24 202.3.2.0/24 maxlen: 24 202.3.3.0/24 maxlen: 24 202.3.4.0/24 maxlen: 24 202.3.5.0/24 maxlen: 24 203.13.216.0/24 maxlen: 24 203.13.217.0/24 maxlen: 24 203.13.218.0/24 maxlen: 24 203.13.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.crl rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BYQh3nB4BzBHPlzFRboK5dubTAo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:26:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2386 (0x952) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862F7 Validity Not Before: Jan 24 17:35:49 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6793cf75-9b07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ad:24:e1:a9:f5:5b:c5:47:4d:49:3b:ea:04: 27:c3:ea:a7:4b:fe:57:c9:7b:e7:c3:f5:f8:f7:39: 0e:48:1f:92:63:31:42:0f:ec:f3:1a:f3:6f:16:d2: de:ee:42:aa:0f:6c:9e:c6:cf:34:8e:1c:74:34:a2: 9e:63:ad:d2:cf:a9:87:dc:0a:1c:aa:30:77:08:59: 91:ac:8c:16:fd:36:72:98:e4:12:7e:7c:64:ac:c9: 8d:59:2b:04:9b:04:d7:cd:c2:0e:51:65:a0:1e:17: 91:29:63:78:d1:28:8e:f0:60:a0:56:41:45:c4:37: ae:50:65:c9:1c:6a:62:ef:f1:9d:3a:42:28:b0:7b: 23:a8:75:18:2c:10:4b:24:ff:72:1a:4f:69:79:ee: ae:c3:d3:ff:f0:0e:38:72:10:d5:8f:23:6b:d1:3b: 1e:2c:29:d1:47:28:e3:25:f1:7e:3c:a7:78:e0:25: e1:9b:8f:86:37:1c:a2:d6:d5:0d:79:e3:64:e7:d9: a7:00:81:0e:c7:ec:53:79:25:ad:5b:4b:56:1e:69: f0:4f:4b:bc:66:2b:5a:bd:f1:bd:79:9e:72:bd:e9: e7:4a:5c:6f:5e:40:8a:04:dc:3a:f4:9a:49:41:c2: 13:60:19:57:7a:11:1c:36:a3:54:05:6f:05:df:b8: 96:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:78:D0:FD:1F:12:5B:49:2B:B0:31:C7:D2:BD:CB:15:83:37:1D:EE X509v3 Authority Key Identifier: keyid:05:84:21:DE:70:78:07:30:47:3E:5C:C5:45:BA:0A:E5:DB:9B:4C:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/BYQh3nB4BzBHPlzFRboK5dubTAo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BYQh3nB4BzBHPlzFRboK5dubTAo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91862F7/5EAC61448FA611EA9ACB7E7FC4F9AE02/0619825C2F2A11ED9F62040DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.3.0.0-202.3.5.255 203.13.216.0/22 Signature Algorithm: sha256WithRSAEncryption 41:d6:50:9f:66:a6:21:87:62:6a:1d:ae:27:46:1e:57:88:e9: cd:f4:98:c5:ce:e6:7b:36:eb:14:cf:94:45:b0:6c:74:dc:41: 53:6b:2c:07:ba:3f:ed:2a:7c:f3:5c:bf:0c:14:a7:89:d6:48: 5e:b6:34:ed:1a:4c:a8:78:39:dc:d1:37:08:97:73:24:8a:16: bb:b8:8e:50:4f:d2:d2:f8:aa:a0:64:5f:7f:73:db:57:04:5e: d9:04:07:f9:ba:96:58:eb:34:0d:a6:a5:a5:30:c0:4b:d6:d8: e6:02:02:46:9b:78:f5:af:d3:97:c1:58:ae:5e:98:3a:5b:7d: 41:1e:32:5c:41:b9:ba:3c:e5:f5:f4:e5:b6:3f:4c:29:6c:b1: 33:cf:d1:4c:e1:e1:53:d3:a2:d5:bb:6e:ed:a9:b3:ff:ca:e3: b6:b9:5a:95:bc:16:ef:f3:09:80:71:8f:b7:0b:34:37:3f:68: 20:6b:d9:d9:69:4b:a3:1b:07:2f:59:90:22:ea:2a:a8:5c:02: 35:6c:d8:ba:eb:93:2a:7a:fc:70:d2:47:92:2e:3a:d9:da:3c: b1:db:9e:e1:d2:bf:3c:c1:ce:12:b1:d2:fa:f1:e8:9f:92:70: c6:6d:aa:62:1e:85:b3:f9:db:8e:74:8a:0d:57:ad:0a:5f:46: 0b:31:cc:52 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgICCVIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODYyRjcxMTAvBgNVBAUTKDA1ODQyMURFNzA3ODA3MzA0NzNFNUNDNTQ1QkEwQUU1 REI5QjRDMEEwHhcNMjUwMTI0MTczNTQ5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzkzY2Y3NS05YjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0K0k4an1W8VHTUk76gQnw+qnS/5XyXvnw/X49zkOSB+SYzFCD+zzGvNvFtLe 7kKqD2yexs80jhx0NKKeY63Sz6mH3AocqjB3CFmRrIwW/TZymOQSfnxkrMmNWSsE mwTXzcIOUWWgHheRKWN40SiO8GCgVkFFxDeuUGXJHGpi7/GdOkIosHsjqHUYLBBL JP9yGk9pee6uw9P/8A44chDVjyNr0TseLCnRRyjjJfF+PKd44CXhm4+GNxyi1tUN eeNk59mnAIEOx+xTeSWtW0tWHmnwT0u8ZitavfG9eZ5yvennSlxvXkCKBNw69JpJ QcITYBlXehEcNqNUBW8F37iWRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEJ40P0f EltJK7Axx9K9yxWDNx3uMB8GA1UdIwQYMBaAFAWEId5weAcwRz5cxUW6CuXbm0wK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjJGNy81RUFDNjE0NDhG QTYxMUVBOUFDQjdFN0ZDNEY5QUUwMi9CWVFoM25CNEJ6QkhQbHpGUmJvSzVkdWJU QW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JZUWgzbkI0QnpCSFBsekZSYm9LNWR1YlRBby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODYyRjcvNUVBQzYxNDQ4RkE2MTFFQTlBQ0I3RTdGQzRGOUFFMDIvMDYxOTgyNUMy RjJBMTFFRDlGNjIwNDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E HTAbMBkEAgABMBMwCwMDAMoDAwQBygMEAwQCyw3YMA0GCSqGSIb3DQEBCwUAA4IB AQBB1lCfZqYhh2JqHa4nRh5XiOnN9JjFzuZ7NusUz5RFsGx03EFTaywHuj/tKnzz XL8MFKeJ1khetjTtGkyoeDnc0TcIl3Mkiha7uI5QT9LS+KqgZF9/c9tXBF7ZBAf5 upZY6zQNpqWlMMBL1tjmAgJGm3j1r9OXwViuXpg6W31BHjJcQbm6POX19OW2P0wp bLEzz9FM4eFT06LVu27tqbP/yuO2uVqVvBbv8wmAcY+3CzQ3P2gga9nZaUujGwcv WZAi6iqoXAI1bNi665Mqevxw0keSLjrZ2jyx257h0r88wc4SsdL68eifknDGbapi HoWz+duOdIoNV60KX0YLMcxS -----END CERTIFICATE-----Generated at Sat Apr 5 00:27:06 2025 by rpki-client