$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F254F0CE099A11EAB5891D5BC4F9AE02.roa File: F254F0CE099A11EAB5891D5BC4F9AE02.roa (raw, json) Hash identifier: hFBfd8G4g1FmKx6PuLjjSnV4/y+ga1+9BQQRoD46Goo= Subject key identifier: 75:F7:80:EC:4E:5B:2D:16:0A:24:36:D5:87:9D:9E:53:DF:C3:2B:0A Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0F87 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F254F0CE099A11EAB5891D5BC4F9AE02.roa Signing time: Fri 28 Feb 2025 19:30:10 +0000 ROA not before: Fri 28 Feb 2025 19:30:10 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397233 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 18:23:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3975 (0xf87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA Validity Not Before: Feb 28 19:30:10 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c20ec2-0fa3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:cd:fd:bf:11:a8:a3:7d:2e:73:05:0f:5d:4d: 32:f1:7d:27:0b:a5:ba:50:1e:dd:e3:22:76:7e:cf: 55:e9:dc:d2:57:2d:2b:c5:8f:97:12:e4:e9:01:45: b5:2a:a0:a9:14:30:fb:d3:7e:f3:25:2b:cb:d2:0a: ac:f0:53:24:67:28:f0:19:a3:e2:cb:76:2e:21:84: b5:39:6a:8c:95:bf:8b:a4:25:55:f4:5b:3b:23:02: 53:01:c2:cd:36:02:4b:25:02:b4:a6:b4:b8:a7:e9: 30:0e:81:1a:50:30:9f:f7:85:e7:2a:7a:ee:40:60: 2b:e4:7d:77:c8:9b:48:ac:27:11:68:6a:07:73:0f: ae:6f:1d:1f:75:1c:33:d8:e6:8a:b0:00:e7:d6:37: a0:d4:cd:b8:eb:2f:32:eb:ef:39:2a:c2:da:75:d0: c5:66:bf:71:66:a8:5b:45:4b:fe:0d:e5:87:78:46: 6b:50:1e:62:1e:7e:54:b0:3f:30:25:84:60:7b:93: 67:dc:5a:73:54:95:49:f7:97:fa:df:61:1f:c1:ab: 7e:86:e2:c3:56:ce:68:0e:1e:06:1c:49:1c:99:67: b7:1b:f8:5b:ff:9c:ac:73:bd:c6:01:a5:7f:cf:9c: 88:87:16:a0:f1:93:94:69:33:ae:85:27:6d:69:81: c9:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:F7:80:EC:4E:5B:2D:16:0A:24:36:D5:87:9D:9E:53:DF:C3:2B:0A X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F254F0CE099A11EAB5891D5BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 69:5d:ac:86:47:89:a9:97:ad:6e:4b:46:46:84:72:11:6e:c4: 3f:29:f4:3f:cf:6a:a5:81:1d:c1:b3:59:06:c3:01:d5:42:a3: c8:8f:ea:96:e7:2e:77:b2:65:4a:2e:a3:db:44:75:0f:81:3f: e2:d4:07:f2:6f:16:8f:80:26:26:01:df:82:27:81:e0:4d:66: c7:d4:aa:30:58:42:f2:3e:25:97:5c:b0:9c:45:07:2c:db:45: 33:54:96:d0:83:f4:53:ce:15:c5:ab:e4:c6:ad:65:28:76:d3: 13:0f:4b:ab:87:39:9e:6f:b9:c5:8f:12:07:58:90:a3:93:ae: dd:50:82:ff:43:0f:82:88:8e:b3:86:5e:92:ef:b9:92:48:b4: 12:88:5d:1f:ab:1d:8b:04:b2:5f:ed:38:48:5a:ed:25:8f:ea: 53:f1:2d:73:ed:f1:7d:26:b7:52:55:63:98:60:4e:75:b7:77: 33:c7:df:a0:ec:e3:dd:e4:ae:db:d1:31:54:f3:a8:58:6a:64: e6:c9:6b:4a:07:3f:cd:23:f8:8b:8f:d5:9a:4c:2a:38:3f:9c: 6d:b4:7e:ec:77:8c:8c:38:a8:0b:e2:0a:49:af:5d:e0:bd:5a: d4:f9:2f:10:9c:7e:46:51:0b:2e:ba:eb:f1:5a:76:8f:67:20: 9e:19:b2:f7 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICD4cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkzMDEwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyMGVjMi0wZmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3M39vxGoo30ucwUPXU0y8X0nC6W6UB7d4yJ2fs9V6dzSVy0rxY+XEuTpAUW1 KqCpFDD7037zJSvL0gqs8FMkZyjwGaPiy3YuIYS1OWqMlb+LpCVV9Fs7IwJTAcLN NgJLJQK0prS4p+kwDoEaUDCf94XnKnruQGAr5H13yJtIrCcRaGoHcw+ubx0fdRwz 2OaKsADn1jeg1M246y8y6+85KsLaddDFZr9xZqhbRUv+DeWHeEZrUB5iHn5UsD8w JYRge5Nn3FpzVJVJ95f632Efwat+huLDVs5oDh4GHEkcmWe3G/hb/5ysc73GAaV/ z5yIhxag8ZOUaTOuhSdtaYHJBQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFHX3gOxO Wy0WCiQ21YednlPfwysKMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvRjI1NEYwQ0Uw OTlBMTFFQUI1ODkxRDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBAGldrIZHiamX rW5LRkaEchFuxD8p9D/PaqWBHcGzWQbDAdVCo8iP6pbnLneyZUouo9tEdQ+BP+LU B/JvFo+AJiYB34IngeBNZsfUqjBYQvI+JZdcsJxFByzbRTNUltCD9FPOFcWr5Mat ZSh20xMPS6uHOZ5vucWPEgdYkKOTrt1Qgv9DD4KIjrOGXpLvuZJItBKIXR+rHYsE sl/tOEha7SWP6lPxLXPt8X0mt1JVY5hgTnW3dzPH36Ds493krtvRMVTzqFhqZObJ a0oHP80j+IuP1ZpMKjg/nG20fux3jIw4qAviCkmvXeC9WtT5LxCcfkZRCy666/Fa do9nIJ4Zsvc= -----END CERTIFICATE-----Generated at Fri Apr 11 13:47:48 2025 by rpki-client