$ rpki-client -vvf rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/70F15C5CC5CA11EEA9DD0141C4F9AE02.roa File: 70F15C5CC5CA11EEA9DD0141C4F9AE02.roa (raw, json) Hash identifier: nAPMh/7iMp8qHi9OS6E5o7H7wB9OMq1g3EghUh99s44= Subject key identifier: 24:47:DD:87:71:97:EE:51:E6:A0:0A:30:B0:F7:58:45:5D:E9:EB:CF Certificate issuer: /CN=A919B06C/serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986 Certificate serial: 0E03 Authority key identifier: C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/70F15C5CC5CA11EEA9DD0141C4F9AE02.roa Signing time: Tue 25 Feb 2025 14:46:28 +0000 ROA not before: Tue 25 Feb 2025 14:46:28 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 18230 IP address blocks: 59.152.8.0/24 maxlen: 24 59.152.9.0/24 maxlen: 24 59.152.10.0/24 maxlen: 24 59.152.11.0/24 maxlen: 24 59.152.12.0/24 maxlen: 24 59.152.13.0/24 maxlen: 24 2404:1b40::/32 maxlen: 32 2404:1b40::/48 maxlen: 48 2404:1b40:1::/48 maxlen: 48 2404:1b40:2::/48 maxlen: 48 2404:1b40:3::/48 maxlen: 48 2404:1b40:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.crl rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:20:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3587 (0xe03) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919B06C Validity Not Before: Feb 25 14:46:28 2025 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=67bdd7c3-e7b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:c6:69:96:63:8e:7b:b0:c6:cd:41:a1:4c:b0: 00:9b:d3:9d:6d:eb:60:30:6f:03:5e:db:2d:32:50: fe:2e:07:1a:78:79:5a:ed:8f:c3:e1:a0:fc:f7:6c: d6:ac:f8:28:84:7f:94:72:95:a1:fc:8d:d4:95:a8: af:d2:51:b0:b1:f3:5a:d0:8e:d3:87:1c:52:1b:9b: a8:f8:90:f2:af:6c:0c:1d:7c:3e:39:c7:53:59:74: 2f:22:a0:49:b3:e6:8b:4c:51:75:38:c2:22:e9:6d: 64:56:70:24:dd:d6:8a:bf:4a:12:53:95:28:91:67: 4d:10:ac:8b:24:23:e0:1d:86:20:ee:34:19:5a:18: f2:5d:b2:15:dd:16:25:ce:db:4f:b9:3d:e4:3a:14: 63:84:bd:27:4b:f1:68:d0:b0:44:d3:a7:92:d3:06: 8d:e8:9a:f2:7d:3d:72:e9:6f:f8:43:45:03:e5:e3: 0d:0c:d9:56:42:52:de:72:90:b1:04:08:25:18:79: 13:7f:bd:e3:ba:b5:ed:aa:f8:5e:32:44:f8:ab:be: 36:45:cf:0d:1e:23:b1:b9:e7:aa:e8:6c:16:08:cd: ea:ed:da:50:6f:17:b7:99:da:23:0c:37:25:5f:59: 59:65:7d:16:cc:ca:22:71:16:49:d4:8d:67:41:1d: 57:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:47:DD:87:71:97:EE:51:E6:A0:0A:30:B0:F7:58:45:5D:E9:EB:CF X509v3 Authority Key Identifier: keyid:C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/70F15C5CC5CA11EEA9DD0141C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.152.8.0-59.152.13.255 IPv6: 2404:1b40::/32 Signature Algorithm: sha256WithRSAEncryption 48:d6:a7:67:dd:7c:c4:71:e8:14:af:b8:b7:9e:8d:ac:d2:b9: 99:7d:31:31:ad:98:b7:82:8b:4c:20:fa:71:c6:6a:ae:d0:75: 04:4b:44:b3:eb:3a:71:68:90:05:bf:61:31:5d:3d:43:94:55: 6b:f0:20:43:01:fa:78:ac:b5:98:bf:39:ad:58:7d:c3:c4:b4: bd:b8:fb:c3:93:74:80:30:2d:c5:2d:a8:8d:50:2c:6f:94:08: 9f:c1:5d:bb:9b:19:e6:92:2d:f2:93:87:e6:fd:2a:24:62:a4: 65:c6:ef:e1:ba:cd:8b:b9:8f:fe:66:f9:e7:64:e0:f6:53:8a: d0:ee:b6:42:27:9b:08:7c:6c:4b:0a:d5:94:5f:24:fc:5b:4c: 44:c2:62:a1:85:cb:51:eb:7f:88:9b:6d:0e:42:bf:e7:44:57: d3:ad:1a:55:64:5c:b3:be:17:2b:77:ab:95:1c:8a:b4:6e:8d: 5d:48:cb:4f:de:b3:1a:a3:a2:35:4c:0b:e2:50:de:8a:ad:11: 42:59:f6:98:6a:8e:ca:cc:8b:a7:82:dc:40:46:fd:5b:d8:ae: c0:f8:49:10:62:47:b4:3c:d5:37:8b:07:75:24:64:0d:0d:50: fc:75:b9:c0:c5:a6:8a:f6:ff:13:84:54:f3:36:2f:39:4e:ce: 30:79:31:9c -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICDgMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUIwNkMxMTAvBgNVBAUTKEM4MzQ5M0MwMjk3Q0NCNThEMjgzNzk0NkQ2MDYzRjE0 QTdERUU5ODYwHhcNMjUwMjI1MTQ0NjI4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2JkZDdjMy1lN2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzsZplmOOe7DGzUGhTLAAm9OdbetgMG8DXtstMlD+LgcaeHla7Y/D4aD892zW rPgohH+UcpWh/I3Ulaiv0lGwsfNa0I7ThxxSG5uo+JDyr2wMHXw+OcdTWXQvIqBJ s+aLTFF1OMIi6W1kVnAk3daKv0oSU5UokWdNEKyLJCPgHYYg7jQZWhjyXbIV3RYl zttPuT3kOhRjhL0nS/Fo0LBE06eS0waN6JryfT1y6W/4Q0UD5eMNDNlWQlLecpCx BAglGHkTf73jurXtqvheMkT4q742Rc8NHiOxueeq6GwWCM3q7dpQbxe3mdojDDcl X1lZZX0WzMoicRZJ1I1nQR1XeQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFCRH3Ydx l+5R5qAKMLD3WEVd6evPMB8GA1UdIwQYMBaAFMg0k8ApfMtY0oN5RtYGPxSn3umG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjA2Qy9FOUQ2MkU3NEZF QUUxMUU4OTEwRDRENjZDNEY5QUUwMi95RFNUd0NsOHkxalNnM2xHMWdZX0ZLZmU2 WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lEU1R3Q2w4eTFqU2czbEcxZ1lfRktmZTZZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUIwNkMvRTlENjJFNzRGRUFFMTFFODkxMEQ0RDY2QzRGOUFFMDIvNzBGMTVDNUND NUNBMTFFRUE5REQwMTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBQEAgABMA4wDAMEAzuYCAMEATuYDDANBAIAAjAHAwUAJAQbQDANBgkqhkiG 9w0BAQsFAAOCAQEASNanZ918xHHoFK+4t56NrNK5mX0xMa2Yt4KLTCD6ccZqrtB1 BEtEs+s6cWiQBb9hMV09Q5RVa/AgQwH6eKy1mL85rVh9w8S0vbj7w5N0gDAtxS2o jVAsb5QIn8Fdu5sZ5pIt8pOH5v0qJGKkZcbv4brNi7mP/mb552Tg9lOK0O62Qieb CHxsSwrVlF8k/FtMRMJioYXLUet/iJttDkK/50RX060aVWRcs74XK3erlRyKtG6N XUjLT96zGqOiNUwL4lDeiq0RQln2mGqOysyLp4LcQEb9W9iuwPhJEGJHtDzVN4sH dSRkDQ1Q/HW5wMWmivb/E4RU8zYvOU7OMHkxnA== -----END CERTIFICATE-----Generated at Sat Apr 5 07:14:22 2025 by rpki-client