$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/3C9DCE2ED6C511EFBF407577C4F9AE02.roa File: 3C9DCE2ED6C511EFBF407577C4F9AE02.roa (raw, json) Hash identifier: 96CXsA04scOaM1cbnErMDWbzyLO2tA6KbWztXUY7o2Y= Subject key identifier: 77:4C:9B:F1:E7:FA:B9:63:16:BA:72:F8:8C:13:13:A7:3B:D2:5F:6A Certificate issuer: /CN=A918C287/serialNumber=D8B1E2389BA591FD79B9A504AF5A44DAE0A6E828 Certificate serial: 3B Authority key identifier: D8:B1:E2:38:9B:A5:91:FD:79:B9:A5:04:AF:5A:44:DA:E0:A6:E8:28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2LHiOJulkf15uaUEr1pE2uCm6Cg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/3C9DCE2ED6C511EFBF407577C4F9AE02.roa Signing time: Mon 20 Jan 2025 00:26:49 +0000 ROA not before: Mon 20 Jan 2025 00:26:49 +0000 ROA not after: Sat 01 May 2038 00:00:00 +0000 asID: 45192 IP address blocks: 203.176.189.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/2LHiOJulkf15uaUEr1pE2uCm6Cg.crl rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/2LHiOJulkf15uaUEr1pE2uCm6Cg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2LHiOJulkf15uaUEr1pE2uCm6Cg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 06:45:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918C287 Validity Not Before: Jan 20 00:26:49 2025 GMT Not After : May 1 00:00:00 2038 GMT Subject: CN=678d9848-9347 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:df:76:52:13:ed:9a:af:71:d2:bc:b8:d3:46: 28:a3:f2:62:59:d1:75:4b:32:19:eb:e6:66:bf:96: 87:6a:73:37:01:e0:60:bc:b0:16:81:b9:62:19:6a: db:02:79:47:49:25:94:b5:8b:8c:e9:0f:92:6e:24: c5:31:85:e5:41:65:89:5a:2a:9e:51:ec:53:80:40: 22:2b:5b:2f:75:93:69:3e:0a:f2:26:44:42:34:7e: 0d:42:70:72:39:60:27:09:85:9a:3a:f8:b8:98:29: ed:e0:06:29:63:db:7c:3d:58:f9:92:e9:ab:90:a4: af:27:7a:53:de:91:94:38:ad:56:b5:aa:ca:02:46: 2e:c3:6a:2d:21:12:19:cd:d3:e0:87:2a:9f:8a:c5: f4:c8:ff:96:44:66:ec:69:84:7a:45:98:bd:fc:0c: 45:b5:ed:85:23:eb:4f:d6:bf:08:c5:33:ef:84:6a: e5:12:b1:e5:5b:29:02:f0:cf:b0:25:bd:7f:28:7f: 72:b2:dd:d1:69:77:ab:01:06:95:1e:03:f7:85:67: 65:c1:22:fc:77:ac:bf:a4:97:4d:5e:0c:b6:44:cf: 24:97:b0:2d:29:c9:43:50:b0:da:50:1f:29:e1:76: c2:79:ea:61:14:ae:b4:30:db:a9:2d:8d:a3:fc:50: cd:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:4C:9B:F1:E7:FA:B9:63:16:BA:72:F8:8C:13:13:A7:3B:D2:5F:6A X509v3 Authority Key Identifier: keyid:D8:B1:E2:38:9B:A5:91:FD:79:B9:A5:04:AF:5A:44:DA:E0:A6:E8:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/2LHiOJulkf15uaUEr1pE2uCm6Cg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2LHiOJulkf15uaUEr1pE2uCm6Cg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/3C9DCE2ED6C511EFBF407577C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.176.189.0/24 Signature Algorithm: sha256WithRSAEncryption 6a:20:1e:41:3b:9a:2e:a2:2b:b3:b6:e3:a8:5e:19:ea:04:ac: 73:fd:c7:fc:14:4f:a0:39:e1:24:cc:27:11:21:29:89:3a:bf: 8f:76:37:91:f3:f4:4e:ba:d4:58:99:81:20:dc:d2:0a:d9:84: 21:00:ce:3b:2c:f4:be:4e:e2:bb:c2:79:fe:30:43:3a:67:70: 49:bb:09:0a:9b:8e:0b:c1:6f:de:2c:97:ff:8e:61:7e:2a:7d: da:f9:60:b8:bf:61:17:7b:69:f3:60:82:f6:61:64:1e:a1:2d: 17:0b:13:88:1f:51:b8:84:8f:2a:21:90:d6:e7:36:8b:46:a2: 54:8e:d4:7b:2d:0a:a7:68:76:9e:e3:92:99:51:2e:3a:1a:4d: 2f:e4:d8:9a:a9:fa:a7:4b:b9:8c:58:c6:35:af:66:9d:c6:f4: a8:b2:53:f4:cd:46:69:57:95:39:df:96:6b:d6:6c:75:b2:0c: cf:61:5d:9c:e3:ea:18:6d:73:ed:1c:30:fb:b2:93:5c:91:d9: 35:dd:a8:77:69:50:ac:c1:54:d7:87:30:8b:27:2b:df:78:63: ea:58:ae:70:03:53:f8:64:52:06:45:f3:7d:98:7c:1e:b4:ff: 7b:e4:b3:9b:86:09:7f:c7:c2:39:d7:2b:68:e9:f8:a4:03:96: a9:eb:6c:56 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 QzI4NzExMC8GA1UEBRMoRDhCMUUyMzg5QkE1OTFGRDc5QjlBNTA0QUY1QTQ0REFF MEE2RTgyODAeFw0yNTAxMjAwMDI2NDlaFw0zODA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3OGQ5ODQ4LTkzNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCy33ZSE+2ar3HSvLjTRiij8mJZ0XVLMhnr5ma/lodqczcB4GC8sBaBuWIZatsC eUdJJZS1i4zpD5JuJMUxheVBZYlaKp5R7FOAQCIrWy91k2k+CvImREI0fg1CcHI5 YCcJhZo6+LiYKe3gBilj23w9WPmS6auQpK8nelPekZQ4rVa1qsoCRi7Dai0hEhnN 0+CHKp+KxfTI/5ZEZuxphHpFmL38DEW17YUj60/WvwjFM++EauUSseVbKQLwz7Al vX8of3Ky3dFpd6sBBpUeA/eFZ2XBIvx3rL+kl01eDLZEzySXsC0pyUNQsNpQHynh dsJ56mEUrrQw26ktjaP8UM2nAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUd0yb8ef6 uWMWunL4jBMTpzvSX2owHwYDVR0jBBgwFoAU2LHiOJulkf15uaUEr1pE2uCm6Cgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThDMjg3LzMwN0NGRjFFQjM3 NzExRUZCOTE4NEQ3QUM0RjlBRTAyLzJMSGlPSnVsa2YxNXVhVUVyMXBFMnVDbTZD Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMkxIaU9KdWxrZjE1dWFVRXIxcEUydUNtNkNnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QzI4Ny8zMDdDRkYxRUIzNzcxMUVGQjkxODREN0FDNEY5QUUwMi8zQzlEQ0UyRUQ2 QzUxMUVGQkY0MDc1NzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAMuwvTANBgkqhkiG9w0BAQsFAAOCAQEAaiAeQTuaLqIrs7bj qF4Z6gSsc/3H/BRPoDnhJMwnESEpiTq/j3Y3kfP0TrrUWJmBINzSCtmEIQDOOyz0 vk7iu8J5/jBDOmdwSbsJCpuOC8Fv3iyX/45hfip92vlguL9hF3tp82CC9mFkHqEt FwsTiB9RuISPKiGQ1uc2i0aiVI7Uey0Kp2h2nuOSmVEuOhpNL+TYmqn6p0u5jFjG Na9mncb0qLJT9M1GaVeVOd+Wa9ZsdbIMz2FdnOPqGG1z7Rww+7KTXJHZNd2od2lQ rMFU14cwiycr33hj6liucANT+GRSBkXzfZh8HrT/e+Szm4YJf8fCOdcraOn4pAOW qetsVg== -----END CERTIFICATE-----Generated at Sat Apr 5 22:06:38 2025 by rpki-client