$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/65EB88D6EE8D11EFBB2A6E56C4F9AE02.roa File: 65EB88D6EE8D11EFBB2A6E56C4F9AE02.roa (raw, json) Hash identifier: kdCYvch1mWwgu3f+WFRVuwKvGxl9I2RxpEPJ0BXYRsE= Subject key identifier: B5:6C:FF:C3:83:CB:A4:C2:F1:31:3D:C7:88:4C:7F:AE:28:13:F0:5A Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: A69A Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/65EB88D6EE8D11EFBB2A6E56C4F9AE02.roa Signing time: Wed 19 Feb 2025 06:47:34 +0000 ROA not before: Wed 19 Feb 2025 06:47:34 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 142494 IP address blocks: 2001:df1:bcc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 28 Feb 2025 08:51:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42650 (0xa69a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: Feb 19 06:47:34 2025 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=67b57e86-d7f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:b0:01:6c:07:1b:59:0f:68:0b:53:9e:bc:76: 1e:1c:2b:6b:83:0b:88:99:b7:2d:9a:b5:9a:1f:a4: 60:02:10:fe:a4:90:a1:c3:e2:12:c2:c7:70:2d:0e: 08:39:51:40:e0:4b:11:85:32:18:b1:d1:a2:5c:5c: 96:74:e7:67:4c:08:3a:df:01:55:94:1e:02:ef:21: b8:af:cf:5b:34:d4:cd:9e:84:1c:96:af:76:a6:65: 86:6d:fe:4c:3a:b7:30:bd:0a:72:7e:d5:09:ab:aa: 90:e5:3d:02:39:05:28:e7:bd:68:28:75:55:d4:8e: 67:52:2c:68:ae:d6:b2:7a:46:dd:dc:49:c3:d5:7f: a4:08:94:94:7f:e0:a8:f5:dd:a5:bf:fc:ec:59:b2: 7a:12:fc:0b:10:1f:b2:4f:a3:bb:c1:4c:db:21:75: db:8d:da:76:50:f7:f8:2e:e9:31:f8:66:6a:a4:9d: fe:0e:e9:c0:52:34:8c:b8:cb:48:3d:3d:ed:b9:e9: c8:a9:9c:93:0e:5f:5f:97:4a:86:27:b5:62:9e:1b: 2c:3a:ae:75:ea:32:2c:72:b3:86:55:9d:fe:b1:91: f5:77:fc:a7:96:f6:1a:4d:b6:25:3b:ae:ba:c3:5f: 53:ee:0e:15:1f:b8:21:29:e8:af:b6:43:64:02:52: 6e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:6C:FF:C3:83:CB:A4:C2:F1:31:3D:C7:88:4C:7F:AE:28:13:F0:5A X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/65EB88D6EE8D11EFBB2A6E56C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df1:bcc0::/48 Signature Algorithm: sha256WithRSAEncryption 54:64:c0:20:38:4c:b5:cf:cd:95:af:bc:b5:48:43:21:e8:bb: ef:8b:90:72:89:2f:98:9a:bc:ad:76:d1:62:5f:e0:43:31:e0: de:ce:39:34:3e:18:cd:79:79:4f:39:ab:6b:2b:ce:01:af:04: fb:05:92:4e:72:f0:4e:c5:78:75:c8:ee:e4:5b:da:5f:a8:b3: 9e:b7:34:08:a4:06:2f:3b:97:1e:b6:8c:74:41:71:f1:f7:e7: 88:97:5f:ed:f1:2f:63:b4:77:c4:63:04:b2:90:3e:8a:23:2e: d6:06:b9:ba:bd:42:9c:14:54:60:71:0c:d4:ec:85:d8:d6:07: e7:4f:ab:95:df:a5:9a:88:c3:c8:76:8e:82:4e:db:38:9e:f6: 40:9f:44:de:59:bf:d1:09:bd:80:93:8d:ad:20:f5:a9:fc:cf: 60:83:7c:1a:aa:28:36:8f:35:93:c4:ca:be:e6:56:2d:2a:81: b0:25:fc:39:20:91:3c:15:1f:93:e0:0a:08:6d:82:53:60:77: 0b:1e:11:3c:29:5a:42:29:35:4c:68:3a:82:6e:63:5b:01:16: c1:04:14:0f:10:f3:e2:3f:46:71:a2:6f:94:91:e1:b6:d8:c0: 25:d3:e0:d3:b1:6c:4c:bc:4b:0a:42:a2:44:29:ba:4d:5d:f2: b2:88:92:eb -----BEGIN CERTIFICATE----- MIIFdTCCBF2gAwIBAgIDAKaaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDIxOTA2NDczNFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjdiNTdlODYtZDdmNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOWwAWwHG1kPaAtTnrx2Hhwra4MLiJm3LZq1mh+kYAIQ/qSQocPiEsLHcC0O CDlRQOBLEYUyGLHRolxclnTnZ0wIOt8BVZQeAu8huK/PWzTUzZ6EHJavdqZlhm3+ TDq3ML0Kcn7VCauqkOU9AjkFKOe9aCh1VdSOZ1IsaK7WsnpG3dxJw9V/pAiUlH/g qPXdpb/87FmyehL8CxAfsk+ju8FM2yF1243adlD3+C7pMfhmaqSd/g7pwFI0jLjL SD097bnpyKmckw5fX5dKhie1Yp4bLDqudeoyLHKzhlWd/rGR9Xf8p5b2Gk22JTuu usNfU+4OFR+4ISnor7ZDZAJSbj0CAwEAAaOCApgwggKUMB0GA1UdDgQWBBS1bP/D g8ukwvExPceITH+uKBPwWjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzY1RUI4OEQ2 RUU4RDExRUZCQjJBNkU1NkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCIGCCsGAQUFBwEHAQH/ BBMwETAPBAIAAjAJAwcAIAEN8bzAMA0GCSqGSIb3DQEBCwUAA4IBAQBUZMAgOEy1 z82Vr7y1SEMh6Lvvi5ByiS+YmrytdtFiX+BDMeDezjk0PhjNeXlPOatrK84BrwT7 BZJOcvBOxXh1yO7kW9pfqLOetzQIpAYvO5cetox0QXHx9+eIl1/t8S9jtHfEYwSy kD6KIy7WBrm6vUKcFFRgcQzU7IXY1gfnT6uV36WaiMPIdo6CTts4nvZAn0TeWb/R Cb2Ak42tIPWp/M9gg3waqig2jzWTxMq+5lYtKoGwJfw5IJE8FR+T4AoIbYJTYHcL HhE8KVpCKTVMaDqCbmNbARbBBBQPEPPiP0Zxom+UkeG22MAl0+DTsWxMvEsKQqJE KbpNXfKyiJLr -----END CERTIFICATE-----Generated at Fri Feb 21 11:22:45 2025 by rpki-client