$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/5731ACF609B111EAB045B31EC4F9AE02.roa File: 5731ACF609B111EAB045B31EC4F9AE02.roa (raw, json) Hash identifier: bGTTtd7/rtIq4skMTHhdB97UyYs3hhRsZz+Tw9F7E80= Subject key identifier: A7:DD:83:3B:D5:70:4D:21:79:E3:96:2B:E8:17:56:A3:D2:77:87:57 Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0F88 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/5731ACF609B111EAB045B31EC4F9AE02.roa Signing time: Fri 28 Feb 2025 19:30:12 +0000 ROA not before: Fri 28 Feb 2025 19:30:12 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397234 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:34:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3976 (0xf88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA Validity Not Before: Feb 28 19:30:12 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c20ec3-274c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:50:9e:fb:f4:ed:1c:40:6e:39:c8:d7:bb:c4: fc:a8:e2:94:f7:77:a8:c0:98:b8:70:10:14:02:de: 75:92:85:fa:12:e6:be:41:7f:28:32:fb:63:3d:42: 21:7f:a0:f6:7e:a4:8f:f2:d9:b3:3c:4e:7b:50:a7: c7:39:b7:f4:75:bf:f2:90:97:ba:01:70:46:eb:4f: aa:70:2f:48:9b:07:27:5d:95:fe:8d:77:38:12:52: 26:fd:c9:c7:d1:19:aa:da:08:99:af:1b:7b:06:c3: d1:9f:6a:a3:a0:a0:5c:5a:43:65:aa:01:4c:ed:2f: 9b:61:e6:35:db:09:ff:05:cc:71:d7:1c:31:74:21: c2:89:d4:75:86:0a:a1:93:70:1d:75:72:85:6b:00: a6:96:5a:1a:ed:35:84:4a:26:c5:6e:13:71:72:b1: eb:f8:a6:d4:fe:1b:de:95:33:d6:f6:0a:07:a8:29: 47:eb:c2:db:87:e9:ac:95:12:58:54:0e:83:b7:b4: 9d:04:0d:f2:ff:a0:69:01:64:cf:b6:8e:ee:47:3c: 9d:25:0f:e1:b7:bb:9d:27:a7:e1:2e:4a:4a:bb:1d: 45:0d:de:aa:d9:e9:36:30:43:2b:bf:a9:79:58:49: 77:11:46:0f:c5:3e:43:57:49:6c:a6:6f:50:7e:95: 4b:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:DD:83:3B:D5:70:4D:21:79:E3:96:2B:E8:17:56:A3:D2:77:87:57 X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/5731ACF609B111EAB045B31EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption a3:43:27:c3:c7:b5:2a:41:f1:04:86:8f:77:13:7b:23:e0:de: 28:3b:f1:c0:94:8b:f7:5b:60:ad:59:c4:af:40:da:43:35:37: 39:75:b0:a1:68:f5:09:a8:a6:d2:9e:8b:18:80:70:54:be:ed: 11:7e:d8:ca:31:53:f9:84:ab:71:82:f7:37:4d:64:e3:c7:6a: 6c:2f:43:74:1d:48:7b:2f:7c:1a:c9:1e:ec:d5:35:bc:13:3d: 9c:33:59:46:35:df:1e:a3:45:97:a2:73:3e:53:76:81:20:d9: 7c:1c:67:51:2d:2d:44:8a:b7:f9:7c:96:f8:3f:37:00:c5:5f: 2c:69:3e:f6:bd:f1:56:8b:76:92:43:c1:5e:ca:aa:02:5c:14: f2:e6:49:21:84:01:18:ac:18:2b:16:9e:69:52:e1:79:72:43: af:d8:5d:ea:6a:11:a2:f5:e6:28:d3:b0:ec:99:ab:b2:9d:c3: 42:e5:b0:6c:3a:9b:62:c6:f5:2a:41:20:3a:ed:bf:0d:69:15: 5d:9a:ee:de:cb:eb:72:f4:1b:b4:6b:63:e8:9c:2d:a6:41:12: f8:d1:37:24:45:5e:d8:02:ca:b1:b3:b5:f0:0d:2f:3c:30:7f: 6c:3a:96:9e:38:5e:3c:81:2c:91:73:e5:53:9d:f9:24:04:a4: f1:58:a7:95 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICD4gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkzMDEyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyMGVjMy0yNzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7lCe+/TtHEBuOcjXu8T8qOKU93eowJi4cBAUAt51koX6Eua+QX8oMvtjPUIh f6D2fqSP8tmzPE57UKfHObf0db/ykJe6AXBG60+qcC9ImwcnXZX+jXc4ElIm/cnH 0Rmq2giZrxt7BsPRn2qjoKBcWkNlqgFM7S+bYeY12wn/Bcxx1xwxdCHCidR1hgqh k3AddXKFawCmlloa7TWESibFbhNxcrHr+KbU/hvelTPW9goHqClH68Lbh+mslRJY VA6Dt7SdBA3y/6BpAWTPto7uRzydJQ/ht7udJ6fhLkpKux1FDd6q2ek2MEMrv6l5 WEl3EUYPxT5DV0lspm9QfpVLTwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFKfdgzvV cE0heeOWK+gXVqPSd4dXMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNTczMUFDRjYw OUIxMTFFQUIwNDVCMzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBAKNDJ8PHtSpB 8QSGj3cTeyPg3ig78cCUi/dbYK1ZxK9A2kM1Nzl1sKFo9QmoptKeixiAcFS+7RF+ 2MoxU/mEq3GC9zdNZOPHamwvQ3QdSHsvfBrJHuzVNbwTPZwzWUY13x6jRZeicz5T doEg2XwcZ1EtLUSKt/l8lvg/NwDFXyxpPva98VaLdpJDwV7KqgJcFPLmSSGEARis GCsWnmlS4XlyQ6/YXepqEaL15ijTsOyZq7Kdw0LlsGw6m2LG9SpBIDrtvw1pFV2a 7t7L63L0G7RrY+icLaZBEvjRNyRFXtgCyrGztfANLzwwf2w6lp44XjyBLJFz5VOd +SQEpPFYp5U= -----END CERTIFICATE-----Generated at Sat Apr 5 03:25:22 2025 by rpki-client