$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/0DD6A56C073011EAAD272760C4F9AE02.roa File: 0DD6A56C073011EAAD272760C4F9AE02.roa (raw, json) Hash identifier: qBejjoYLdXtif3ZRqqrrPUtMJWD/QrhqZjHJnzgHkz8= Subject key identifier: 67:3F:A4:A1:66:3B:49:38:D1:63:8F:4D:C2:BD:12:B5:4B:D1:8D:20 Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0F82 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/0DD6A56C073011EAAD272760C4F9AE02.roa Signing time: Fri 28 Feb 2025 19:30:01 +0000 ROA not before: Fri 28 Feb 2025 19:30:01 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397228 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:34:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3970 (0xf82) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA Validity Not Before: Feb 28 19:30:01 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c20eb9-fd9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:26:83:d8:3a:8f:91:31:e6:5c:9f:4c:09:ec: 6e:bf:48:af:fd:81:7c:e3:7b:d3:c9:e8:95:2c:7e: 39:7c:7b:15:ae:5d:75:9e:3d:d3:92:43:22:da:92: 4d:52:64:e6:3c:b3:a1:8b:87:cc:64:a9:92:32:60: 58:37:a4:00:84:65:b2:e6:4f:49:63:89:29:a2:d9: 72:77:45:b5:c3:c0:02:77:c5:d6:13:32:21:1a:b3: aa:cc:a8:fd:db:cb:70:21:e4:4c:c1:0b:58:75:43: 29:73:3f:bd:48:f3:73:b0:1a:ba:e8:08:4d:f7:5f: 2f:3b:75:df:12:d6:6b:08:fb:a1:39:16:80:5d:c9: 7a:17:60:82:b9:87:1b:32:33:0c:c7:ce:02:a8:dc: ea:0f:37:68:55:1e:3f:d1:b0:72:4a:bb:ec:90:fd: 26:db:86:b7:ec:9f:16:35:94:4a:8a:dc:10:c9:ee: f2:f8:88:df:b1:3d:87:de:ad:19:34:19:54:b3:0b: 52:73:40:66:cf:ff:63:2e:ee:43:1a:a9:72:fe:2a: 5c:99:6d:55:f6:c2:07:c8:d3:7e:aa:ad:a0:69:05: 46:91:01:e9:ae:c4:2d:b5:54:00:80:11:08:61:93: 3a:61:3e:a0:15:62:98:ce:8d:af:5d:15:6b:32:d9: 87:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:3F:A4:A1:66:3B:49:38:D1:63:8F:4D:C2:BD:12:B5:4B:D1:8D:20 X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/0DD6A56C073011EAAD272760C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption a3:f9:fd:22:da:ca:61:95:88:20:65:a0:45:3d:00:24:bf:8f: 96:bc:4d:0c:12:8c:4c:72:f5:67:33:b9:4d:1c:41:91:d7:ce: 98:2c:18:63:d3:9b:5d:d3:e9:10:b2:a5:c2:c4:71:84:24:0f: b0:8a:e7:ed:e6:dc:a8:ef:e4:bb:65:35:e2:ff:5e:c4:d5:45: 2b:3b:93:16:69:f6:88:25:f2:9d:7f:b3:44:4b:e7:33:10:a9: 14:30:3b:89:f4:37:4d:1a:fe:32:3c:c2:66:e9:72:ec:44:d9: d9:25:49:86:7f:32:bb:74:5e:5b:66:60:ed:e8:53:bb:d7:b6: 96:de:a7:b3:73:b0:fd:a0:ec:d2:68:b0:49:7c:0f:bf:5d:f9: a0:83:30:6b:f9:b9:40:21:4a:14:d6:29:80:a4:7a:ae:a8:1b: 2e:41:4e:e3:07:a7:38:67:84:0a:37:a9:43:75:15:fc:7a:58: dc:61:f8:a4:99:e9:ed:aa:b6:b5:45:1e:35:9d:7f:44:a3:6d: 25:40:d2:c1:ff:8e:e5:09:1f:af:ff:f3:00:7f:ce:41:7b:d8: 01:20:63:8f:53:a9:36:a1:5d:f1:bc:d4:27:8a:03:41:88:56: 2e:46:95:33:3e:db:64:b5:77:96:02:5f:23:8b:f1:10:f0:be: a3:4f:f9:3b -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICD4IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkzMDAxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyMGViOS1mZDlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqiaD2DqPkTHmXJ9MCexuv0iv/YF843vTyeiVLH45fHsVrl11nj3TkkMi2pJN UmTmPLOhi4fMZKmSMmBYN6QAhGWy5k9JY4kpotlyd0W1w8ACd8XWEzIhGrOqzKj9 28twIeRMwQtYdUMpcz+9SPNzsBq66AhN918vO3XfEtZrCPuhORaAXcl6F2CCuYcb MjMMx84CqNzqDzdoVR4/0bBySrvskP0m24a37J8WNZRKitwQye7y+IjfsT2H3q0Z NBlUswtSc0Bmz/9jLu5DGqly/ipcmW1V9sIHyNN+qq2gaQVGkQHprsQttVQAgBEI YZM6YT6gFWKYzo2vXRVrMtmHfQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFGc/pKFm O0k40WOPTcK9ErVL0Y0gMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvMERENkE1NkMw NzMwMTFFQUFEMjcyNzYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBAKP5/SLaymGV iCBloEU9ACS/j5a8TQwSjExy9WczuU0cQZHXzpgsGGPTm13T6RCypcLEcYQkD7CK 5+3m3Kjv5LtlNeL/XsTVRSs7kxZp9ogl8p1/s0RL5zMQqRQwO4n0N00a/jI8wmbp cuxE2dklSYZ/Mrt0XltmYO3oU7vXtpbep7NzsP2g7NJosEl8D79d+aCDMGv5uUAh ShTWKYCkeq6oGy5BTuMHpzhnhAo3qUN1Ffx6WNxh+KSZ6e2qtrVFHjWdf0SjbSVA 0sH/juUJH6//8wB/zkF72AEgY49TqTahXfG81CeKA0GIVi5GlTM+22S1d5YCXyOL 8RDwvqNP+Ts= -----END CERTIFICATE-----Generated at Sat Apr 5 06:10:03 2025 by rpki-client