$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/7D23CBEC721B11EF81654E68C4F9AE02.roa File: 7D23CBEC721B11EF81654E68C4F9AE02.roa (raw, json) Hash identifier: QmNoQ5kwSDSMVaOwVYCh0x6gy0cIvBWU/Eq5fZ1Zvas= Subject key identifier: 19:99:76:DD:85:11:5E:83:F9:C4:00:DD:50:3B:21:68:26:AC:19:8B Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Certificate serial: A3 Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/7D23CBEC721B11EF81654E68C4F9AE02.roa Signing time: Sat 21 Dec 2024 05:49:40 +0000 ROA not before: Sat 21 Dec 2024 05:49:40 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 133042 IP address blocks: 202.29.66.0/24 maxlen: 24 202.29.172.0/22 maxlen: 22 202.29.176.0/22 maxlen: 22 203.159.160.0/24 maxlen: 24 203.159.164.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 163 (0xa3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAEB2 Validity Not Before: Dec 21 05:49:40 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=676656f4-087b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:25:d1:6c:1c:3d:95:b1:0c:35:2f:58:e4:ff: a8:cf:05:4a:04:f4:dc:76:e4:36:57:6f:ce:51:9d: 3d:3c:f0:9f:91:6d:41:8a:d5:be:74:d1:e7:4f:5b: 5e:0f:08:b2:f2:4f:1d:3c:19:05:31:ba:d1:bf:a8: 9d:20:d4:21:63:92:b8:bd:34:ba:09:13:12:01:53: 94:54:a8:9b:1f:0e:8d:82:cc:99:54:79:bd:d7:d0: 78:31:79:ed:5f:b8:12:57:b7:04:cb:2f:a6:f5:08: a8:3c:57:ca:98:95:19:3c:5c:b2:39:30:c3:4a:03: 2a:56:4a:19:28:95:a3:1e:a7:8d:bb:87:f3:9f:28: b0:42:56:7e:97:d8:43:0e:21:8c:f5:f2:12:7f:07: 38:8e:f2:ee:94:ef:46:f5:ca:30:46:10:08:bb:55: 34:3d:ac:34:6a:9e:22:6c:24:83:2a:6f:9b:33:c2: 34:2c:f9:8f:90:4a:52:32:39:d2:b5:e8:ff:20:00: df:55:50:55:d5:2b:71:46:b4:dc:f2:ce:36:02:6e: 2f:2e:b6:6c:76:f9:42:af:ba:4a:86:e4:b8:40:72: df:c6:64:fc:ed:41:ab:6f:72:e3:88:64:a7:b9:2b: 73:26:5b:04:62:60:f8:0b:8c:46:5d:27:72:92:93: e2:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:99:76:DD:85:11:5E:83:F9:C4:00:DD:50:3B:21:68:26:AC:19:8B X509v3 Authority Key Identifier: keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/7D23CBEC721B11EF81654E68C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.29.66.0/24 202.29.172.0-202.29.179.255 203.159.160.0/24 203.159.164.0/24 Signature Algorithm: sha256WithRSAEncryption 55:33:75:90:21:02:fe:96:6f:5a:5a:95:23:3b:c7:17:fb:8e: 52:9d:c8:a9:11:0a:89:99:7b:79:eb:7c:e3:5d:a8:7e:95:af: 27:d2:41:75:2d:41:df:36:36:d2:51:02:05:c9:cc:a6:59:93: 2a:86:01:51:ed:fa:a0:07:aa:33:37:55:56:76:62:11:cf:e1: 31:37:7e:58:af:f2:37:57:c4:0a:b9:0d:e0:70:04:d8:bf:23: b7:16:f4:f6:e7:67:74:d3:5a:bc:68:46:22:7b:58:d7:8c:5a: ba:ef:c8:ff:f3:ee:8c:79:15:a6:df:02:3e:39:a0:09:2d:ae: 02:1e:81:2b:cd:2a:b2:60:54:20:3f:dd:52:55:c2:d9:6a:78: b3:fc:6c:69:a8:3d:bd:8e:72:84:59:37:d4:1e:33:5b:f2:5b: dc:aa:d2:b8:78:b9:f6:71:bf:c0:8e:4a:8e:f4:c8:31:69:bb: 7b:e5:8a:19:1a:ab:1a:03:2f:f3:cd:ee:e2:ed:e1:a1:e7:d9: f6:56:ed:5d:e5:68:02:b0:2f:04:a9:0a:62:2b:9a:b0:bf:64: e7:cb:f7:f1:80:df:17:97:c0:f4:4f:9d:56:2d:a7:d1:71:f2: 3b:a2:ef:33:b6:17:2b:4b:18:9f:f6:dc:12:70:c8:23:d7:3b: 0a:ba:38:8f -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICAKMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFFQjIxMTAvBgNVBAUTKDlCOThGQjdENDY4OTgzQTJDMTQ3NzI3MzMyNDhFRkZB MzQ2MkUxMjYwHhcNMjQxMjIxMDU0OTQwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzY2NTZmNC0wODdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwiXRbBw9lbEMNS9Y5P+ozwVKBPTcduQ2V2/OUZ09PPCfkW1BitW+dNHnT1te Dwiy8k8dPBkFMbrRv6idINQhY5K4vTS6CRMSAVOUVKibHw6NgsyZVHm919B4MXnt X7gSV7cEyy+m9QioPFfKmJUZPFyyOTDDSgMqVkoZKJWjHqeNu4fznyiwQlZ+l9hD DiGM9fISfwc4jvLulO9G9cowRhAIu1U0Paw0ap4ibCSDKm+bM8I0LPmPkEpSMjnS tej/IADfVVBV1StxRrTc8s42Am4vLrZsdvlCr7pKhuS4QHLfxmT87UGrb3LjiGSn uStzJlsEYmD4C4xGXSdykpPiyQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFBmZdt2F EV6D+cQA3VA7IWgmrBmLMB8GA1UdIwQYMBaAFJuY+31GiYOiwUdyczJI7/o0YuEm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVCMi8zOTUyMTAwRTZF ODMxMUVGQUI3MjYxODBDNEY5QUUwMi9tNWo3ZlVhSmc2TEJSM0p6TWtqdi1qUmk0 U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRTWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUFFQjIvMzk1MjEwMEU2RTgzMTFFRkFCNzI2MTgwQzRGOUFFMDIvN0QyM0NCRUM3 MjFCMTFFRjgxNjU0RTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMCYEAgABMCADBADKHUIwDAMEAsodrAMEAsodsAMEAMufoAMEAMufpDANBgkq hkiG9w0BAQsFAAOCAQEAVTN1kCEC/pZvWlqVIzvHF/uOUp3IqREKiZl7eet8412o fpWvJ9JBdS1B3zY20lECBcnMplmTKoYBUe36oAeqMzdVVnZiEc/hMTd+WK/yN1fE CrkN4HAE2L8jtxb09udndNNavGhGIntY14xauu/I//PujHkVpt8CPjmgCS2uAh6B K80qsmBUID/dUlXC2Wp4s/xsaag9vY5yhFk31B4zW/Jb3KrSuHi59nG/wI5KjvTI MWm7e+WKGRqrGgMv883u4u3hoefZ9lbtXeVoArAvBKkKYiuasL9k58v38YDfF5fA 9E+dVi2n0XHyO6LvM7YXK0sYn/bcEnDII9c7Cro4jw== -----END CERTIFICATE-----Generated at Sat Apr 5 02:15:39 2025 by rpki-client