$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa File: CF428AB8A87511EF9905FE0AC4F9AE02.roa (raw, json) Hash identifier: LYhr8YgkC0Sw7jB6h7Ap2rLMMGUCyeZL6u5HiVUsmQE= Subject key identifier: DB:1F:24:E7:CF:1B:2D:5D:82:5C:22:41:40:16:22:FD:2C:1E:6B:FD Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 49E5 Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa Signing time: Fri 28 Feb 2025 04:16:06 +0000 ROA not before: Fri 28 Feb 2025 04:16:06 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 150820 IP address blocks: 36.50.174.0/23 maxlen: 23 103.70.114.0/23 maxlen: 23 203.175.96.0/23 maxlen: 23 2001:df3:f0c0::/48 maxlen: 48 2001:df3:f140::/48 maxlen: 48 2001:df4:35c0::/48 maxlen: 48 2001:df4:5040::/48 maxlen: 48 2001:df4:8d40::/48 maxlen: 48 2001:df4:9b40::/48 maxlen: 48 2001:df4:a640::/48 maxlen: 48 2001:df4:ee40::/48 maxlen: 48 2401:4e20::/48 maxlen: 48 2401:9be0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 14:33:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18917 (0x49e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A Validity Not Before: Feb 28 04:16:06 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=67c13886-1897 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ef:f7:17:9d:09:26:c0:04:45:c6:b2:f4:21: 2e:08:48:bc:35:03:75:1e:a0:dd:67:39:dc:bc:1b: 3e:84:58:2d:89:6a:d3:67:d0:50:e0:a2:33:da:2f: 5f:24:3f:bb:37:a0:ce:ca:3a:7e:11:bd:1a:d7:c0: 84:6a:96:ea:74:65:e5:3f:7f:2c:ad:ce:14:ce:1d: a6:e3:53:63:15:64:1e:2e:2c:df:0c:c0:a9:05:57: 30:85:d0:73:6d:5c:d0:58:1b:83:13:d8:7d:fa:f4: 47:61:90:1e:c2:c7:22:b8:3c:09:3e:81:9c:c0:91: 3d:32:9d:0a:bb:d6:43:a0:3f:78:fe:13:5a:3c:80: 1a:e1:7f:75:60:9b:bc:43:dc:ff:50:9d:f4:10:52: 98:6e:3a:3e:d9:8a:a5:d1:ec:8c:6d:9d:17:f5:9d: 8f:4f:de:b5:a4:db:8e:fa:e0:67:61:d4:3e:f0:0c: 69:a0:15:51:be:e8:35:e2:7e:46:7c:c3:00:d2:ec: 13:5a:6b:db:9d:37:ff:5c:7e:30:40:a8:0e:80:0b: 2f:1b:2d:a6:a9:23:68:2e:f8:85:24:8f:62:aa:90: 78:c5:f3:72:d9:3e:d5:82:e4:d8:01:f6:25:73:e8: 8f:59:5f:cf:0e:38:6c:55:27:2b:ad:08:74:e0:ee: 2c:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:1F:24:E7:CF:1B:2D:5D:82:5C:22:41:40:16:22:FD:2C:1E:6B:FD X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CF428AB8A87511EF9905FE0AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.50.174.0/23 103.70.114.0/23 203.175.96.0/23 IPv6: 2001:df3:f0c0::/48 2001:df3:f140::/48 2001:df4:35c0::/48 2001:df4:5040::/48 2001:df4:8d40::/48 2001:df4:9b40::/48 2001:df4:a640::/48 2001:df4:ee40::/48 2401:4e20::/48 2401:9be0::/48 Signature Algorithm: sha256WithRSAEncryption 89:1c:46:00:a8:f2:3f:80:47:b1:ab:c8:5c:c2:e5:15:e1:bf: c9:88:05:ed:e6:46:77:fb:34:09:4e:7f:21:99:61:27:5f:f6: 34:75:a0:b9:0d:59:1e:71:bc:5c:9c:e0:e8:33:0d:1d:bd:b8: 78:93:c6:7b:e3:2e:a1:96:26:b9:5b:08:7f:67:84:c9:60:b3: 87:23:d4:b7:b3:25:b3:21:bf:b9:b2:27:cc:d4:92:ae:97:8f: fa:07:df:8a:1d:b6:21:ea:ee:a1:31:e7:81:b2:46:f5:19:2a: 92:74:1d:7e:d8:22:b2:df:63:7b:fc:4a:2a:22:43:29:90:99: 24:8e:04:d4:88:4f:bc:ef:4d:41:3c:5f:e5:ee:69:0c:ed:2d: c7:bf:3d:0e:63:95:e4:b4:2a:8e:d1:49:d7:d0:87:9e:68:74: 41:b9:07:ac:d8:3c:d6:f6:59:ab:9b:8d:89:47:03:05:8c:c2: 6b:66:fb:40:35:36:0a:39:5d:9e:22:29:f8:1d:9c:09:2b:e0: f0:45:f9:ee:96:34:ea:3e:89:e4:fd:c2:b0:2c:30:d3:af:5d: 8a:3b:e4:8d:ea:d0:1c:2e:13:6f:4e:c0:34:5a:be:e9:7c:e6: 53:66:4f:4b:05:51:ea:84:f3:03:b4:d9:0d:fa:4c:f9:21:e7: 59:98:72:b7 -----BEGIN CERTIFICATE----- MIIF4DCCBMigAwIBAgICSeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwMjI4MDQxNjA2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MxMzg4Ni0xODk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoe/3F50JJsAERcay9CEuCEi8NQN1HqDdZzncvBs+hFgtiWrTZ9BQ4KIz2i9f JD+7N6DOyjp+Eb0a18CEapbqdGXlP38src4Uzh2m41NjFWQeLizfDMCpBVcwhdBz bVzQWBuDE9h9+vRHYZAewsciuDwJPoGcwJE9Mp0Ku9ZDoD94/hNaPIAa4X91YJu8 Q9z/UJ30EFKYbjo+2Yql0eyMbZ0X9Z2PT961pNuO+uBnYdQ+8AxpoBVRvug14n5G fMMA0uwTWmvbnTf/XH4wQKgOgAsvGy2mqSNoLviFJI9iqpB4xfNy2T7VguTYAfYl c+iPWV/PDjhsVScrrQh04O4sGQIDAQABo4IDBDCCAwAwHQYDVR0OBBYEFNsfJOfP Gy1dglwiQUAWIv0sHmv9MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQ0Y0MjhBQjhB ODc1MTFFRjk5MDVGRTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgY0GCCsGAQUFBwEHAQH/ BH4wfDAYBAIAATASAwQBJDKuAwQBZ0ZyAwQBy69gMGAEAgACMFoDBwAgAQ3z8MAD BwAgAQ3z8UADBwAgAQ30NcADBwAgAQ30UEADBwAgAQ30jUADBwAgAQ30m0ADBwAg AQ30pkADBwAgAQ307kADBwAkAU4gAAADBwAkAZvgAAAwDQYJKoZIhvcNAQELBQAD ggEBAIkcRgCo8j+AR7GryFzC5RXhv8mIBe3mRnf7NAlOfyGZYSdf9jR1oLkNWR5x vFyc4OgzDR29uHiTxnvjLqGWJrlbCH9nhMlgs4cj1LezJbMhv7myJ8zUkq6Xj/oH 34odtiHq7qEx54GyRvUZKpJ0HX7YIrLfY3v8SioiQymQmSSOBNSIT7zvTUE8X+Xu aQztLce/PQ5jleS0Ko7RSdfQh55odEG5B6zYPNb2WaubjYlHAwWMwmtm+0A1Ngo5 XZ4iKfgdnAkr4PBF+e6WNOo+ieT9wrAsMNOvXYo75I3q0BwuE29OwDRavul85lNm T0sFUeqE8wO02Q36TPkh51mYcrc= -----END CERTIFICATE-----Generated at Sat Apr 5 14:27:53 2025 by rpki-client