$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F34CE5D6099A11EAB5891D5BC4F9AE02.roa File: F34CE5D6099A11EAB5891D5BC4F9AE02.roa (raw, json) Hash identifier: EycbjHKoId8Q0RL7IgnoYwrdCRnnTaYkg9os90cSbfc= Subject key identifier: 23:82:DD:BB:06:30:52:B3:0D:15:40:38:66:CE:D8:EE:3E:98:DF:2F Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0F8C Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F34CE5D6099A11EAB5891D5BC4F9AE02.roa Signing time: Fri 28 Feb 2025 19:30:16 +0000 ROA not before: Fri 28 Feb 2025 19:30:16 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397238 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:34:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3980 (0xf8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA Validity Not Before: Feb 28 19:30:16 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c20ec8-25e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b0:9c:ff:5f:50:e7:55:08:ad:ba:e5:18:40: c2:47:e2:17:ae:54:56:59:c1:66:47:78:69:3b:c0: d0:cc:d1:fc:3d:48:ff:85:89:6d:f8:81:94:d7:dc: 77:06:ca:f8:8b:13:bc:65:4e:b7:21:ea:5c:9f:fa: 46:90:22:c5:68:b0:55:8d:b4:62:00:b9:03:fe:7b: f7:fd:b2:3e:d1:d2:f6:5a:14:c7:8d:39:04:5c:02: 5f:db:bd:43:b6:33:87:54:fa:5a:90:0a:1a:4e:b4: 7c:4f:1f:61:4d:66:47:fb:27:98:cc:0c:1d:b7:b4: 87:9b:40:b6:59:3f:33:64:cb:47:63:66:27:55:3b: 5d:81:f7:8b:3c:bb:a2:e9:89:c6:f7:db:d8:70:b2: e0:b9:ed:a7:b9:e5:3c:6d:19:3d:23:2a:3b:59:dc: 2d:49:8e:42:39:ef:80:6d:d2:25:47:df:d5:b5:30: 41:ca:9f:35:aa:92:b4:4a:b4:59:81:e9:93:7a:83: 2a:e5:4f:4e:38:ac:88:72:fd:81:b3:1b:f5:0a:4f: 8b:78:b6:b8:ad:ba:90:33:03:93:ed:18:76:c8:52: 8d:8e:a5:38:0f:2e:a1:db:39:cf:04:ed:53:65:d2: 91:02:4b:d2:6a:ad:a5:68:b2:2a:f4:91:3b:dd:f7: 58:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:82:DD:BB:06:30:52:B3:0D:15:40:38:66:CE:D8:EE:3E:98:DF:2F X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F34CE5D6099A11EAB5891D5BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 23:f6:8c:9e:e6:fa:4f:39:c8:61:d4:69:8d:fd:10:5e:7a:a1: 80:73:87:01:86:59:15:bd:88:c0:fb:c5:6d:d3:7f:81:77:f6: 06:79:fb:bb:62:84:20:89:0f:06:9b:11:e8:c5:bd:53:b9:9b: b2:ab:55:99:6f:07:17:2a:56:16:07:29:e2:c3:45:ec:c0:26: 1b:ab:12:e9:e0:b4:be:dc:0d:d5:af:c2:6b:80:dc:65:68:db: 33:93:55:94:6a:55:7c:4c:2c:bf:95:c6:d1:ac:9f:e0:c0:78: 3b:00:7a:63:da:ed:23:3d:d1:f7:fc:d8:b4:8b:2d:35:42:f4: ec:bc:06:98:68:71:26:ca:81:a8:20:34:f0:21:ea:1c:1c:a1: 66:e3:09:73:05:a6:8b:76:17:a4:40:99:24:fc:57:77:1d:bf: 54:c4:eb:6c:20:2d:8e:0e:1b:00:49:6a:3d:6b:c4:79:c9:d1: 15:fd:fc:cd:99:fb:9a:f4:db:7a:9e:7c:c3:39:a6:2d:d7:3f: ba:b0:3b:b9:8d:e0:80:74:f6:85:3d:01:d2:a7:3c:4e:97:b6: ee:8e:ba:af:f0:9c:01:a3:c2:87:df:01:08:e9:76:3d:3e:26: bc:28:ad:fe:07:2b:d6:04:ee:73:94:9f:d6:56:aa:91:8b:19: b4:c8:b0:c0 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICD4wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkzMDE2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyMGVjOC0yNWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzrCc/19Q51UIrbrlGEDCR+IXrlRWWcFmR3hpO8DQzNH8PUj/hYlt+IGU19x3 Bsr4ixO8ZU63Iepcn/pGkCLFaLBVjbRiALkD/nv3/bI+0dL2WhTHjTkEXAJf271D tjOHVPpakAoaTrR8Tx9hTWZH+yeYzAwdt7SHm0C2WT8zZMtHY2YnVTtdgfeLPLui 6YnG99vYcLLgue2nueU8bRk9Iyo7WdwtSY5COe+AbdIlR9/VtTBByp81qpK0SrRZ gemTeoMq5U9OOKyIcv2Bsxv1Ck+LeLa4rbqQMwOT7Rh2yFKNjqU4Dy6h2znPBO1T ZdKRAkvSaq2laLIq9JE73fdYVwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFCOC3bsG MFKzDRVAOGbO2O4+mN8vMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvRjM0Q0U1RDYw OTlBMTFFQUI1ODkxRDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBACP2jJ7m+k85 yGHUaY39EF56oYBzhwGGWRW9iMD7xW3Tf4F39gZ5+7tihCCJDwabEejFvVO5m7Kr VZlvBxcqVhYHKeLDRezAJhurEungtL7cDdWvwmuA3GVo2zOTVZRqVXxMLL+VxtGs n+DAeDsAemPa7SM90ff82LSLLTVC9Oy8BphocSbKgaggNPAh6hwcoWbjCXMFpot2 F6RAmST8V3cdv1TE62wgLY4OGwBJaj1rxHnJ0RX9/M2Z+5r023qefMM5pi3XP7qw O7mN4IB09oU9AdKnPE6Xtu6Ouq/wnAGjwoffAQjpdj0+Jrworf4HK9YE7nOUn9ZW qpGLGbTIsMA= -----END CERTIFICATE-----Generated at Sat Apr 5 05:59:50 2025 by rpki-client