$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/8ADEE00C71AB11EFB9222180C4F9AE02.roa File: 8ADEE00C71AB11EFB9222180C4F9AE02.roa (raw, json) Hash identifier: +1k3xsVjPHZVWGoCZSeraI1bjrU6j44DTVejNeAYHBc= Subject key identifier: DB:94:0E:50:49:4F:F0:6E:E0:72:2D:CB:11:56:1E:3C:62:1F:D5:1B Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126 Certificate serial: D1 Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/8ADEE00C71AB11EFB9222180C4F9AE02.roa Signing time: Sat 21 Dec 2024 05:50:26 +0000 ROA not before: Sat 21 Dec 2024 05:50:26 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 9546 IP address blocks: 202.28.92.0/22 maxlen: 22 202.28.116.0/24 maxlen: 24 202.28.117.0/24 maxlen: 24 202.28.118.0/24 maxlen: 24 202.28.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 06:09:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 209 (0xd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAEB2 Validity Not Before: Dec 21 05:50:26 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67665722-6626 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a2:2d:a4:ac:82:93:5d:03:c6:1b:ca:b7:f5: 9e:c1:cd:60:8f:1f:12:c9:6b:6d:b3:99:69:f6:74: 14:1a:a7:75:be:24:88:84:45:0d:46:20:1e:bc:54: 87:13:54:e4:fe:2e:40:dd:fe:11:85:42:4f:5e:36: 81:f5:29:bd:cb:27:ee:82:fd:f1:44:57:87:d6:6d: ee:a0:8d:65:dd:45:63:b1:c6:d0:19:9c:7b:46:55: 76:b8:3c:60:6d:52:84:72:3b:ac:33:f9:2c:d2:40: 11:b1:5a:2d:8b:b7:12:b8:95:7e:2f:00:4f:c9:f0: 91:39:3e:35:44:97:17:40:1b:6a:79:49:6c:cb:34: 11:9b:d2:13:21:dc:c8:81:ef:98:37:5b:f7:9a:1b: ce:c1:7a:4a:68:6f:ca:9a:5c:05:96:e8:70:80:62: 7e:d5:a6:b5:0d:f7:62:75:ae:0f:55:89:5c:99:68: ff:cf:96:4c:26:3e:57:dc:12:d4:ed:6d:75:a0:04: d4:7b:3c:b1:71:82:03:74:62:7a:d2:9c:55:2f:f0: 6d:09:4e:3d:28:ec:ca:01:39:3a:70:ef:35:00:6e: 9e:77:07:8b:9b:47:90:1d:00:64:7a:e4:f8:61:d1: 8b:63:ad:5c:c2:25:63:8b:b0:6b:f5:0d:44:3f:31: 20:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:94:0E:50:49:4F:F0:6E:E0:72:2D:CB:11:56:1E:3C:62:1F:D5:1B X509v3 Authority Key Identifier: keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/8ADEE00C71AB11EFB9222180C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.28.92.0/22 202.28.116.0/22 Signature Algorithm: sha256WithRSAEncryption 38:98:62:41:24:72:b7:1c:86:59:a2:24:2d:75:31:d8:40:d5: 66:89:f1:47:f4:a5:a5:c2:53:7f:be:cf:7d:f1:04:51:3a:7e: 64:be:7d:76:de:9f:10:2a:15:62:c2:fc:c2:e9:8c:62:22:de: fc:ab:e4:05:9b:70:12:4d:18:ee:e0:95:07:77:7e:12:b1:7a: 3c:94:13:52:78:c0:1f:9d:86:53:c6:8b:cb:a8:8c:cc:53:1d: 31:82:87:69:ca:fd:75:f5:d1:c2:71:19:e8:1f:d0:a5:cd:75: 70:ee:ce:d4:95:29:7c:b5:cc:a8:5e:a8:ac:d3:52:9a:9e:ad: d5:2e:b2:51:7f:3b:27:f5:df:27:9c:58:3f:5d:1c:9a:df:d4: 62:e6:05:58:e2:9f:57:a7:3c:ad:e9:68:b5:b8:8e:a0:89:12: 43:df:98:e0:81:64:6f:66:13:0b:59:5a:eb:ee:9a:74:a7:4f: c1:d0:4e:63:ba:dd:bb:4b:7e:c4:c0:42:8b:25:23:0a:c9:2b: 19:2f:e6:7b:ed:e1:7c:ff:a1:a5:5d:62:9b:e3:8d:ac:7a:29: 40:9b:38:7a:35:bd:c4:d5:e7:1a:08:c0:53:d8:ec:6d:64:e4: f6:96:61:fa:d5:01:04:46:c9:96:f6:5c:97:d0:c3:b2:66:e5: 48:40:3d:18 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFFQjIxMTAvBgNVBAUTKDlCOThGQjdENDY4OTgzQTJDMTQ3NzI3MzMyNDhFRkZB MzQ2MkUxMjYwHhcNMjQxMjIxMDU1MDI2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzY2NTcyMi02NjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr6ItpKyCk10DxhvKt/Wewc1gjx8SyWtts5lp9nQUGqd1viSIhEUNRiAevFSH E1Tk/i5A3f4RhUJPXjaB9Sm9yyfugv3xRFeH1m3uoI1l3UVjscbQGZx7RlV2uDxg bVKEcjusM/ks0kARsVoti7cSuJV+LwBPyfCROT41RJcXQBtqeUlsyzQRm9ITIdzI ge+YN1v3mhvOwXpKaG/KmlwFluhwgGJ+1aa1Dfdida4PVYlcmWj/z5ZMJj5X3BLU 7W11oATUezyxcYIDdGJ60pxVL/BtCU49KOzKATk6cO81AG6edweLm0eQHQBkeuT4 YdGLY61cwiVji7Br9Q1EPzEgJwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNuUDlBJ T/Bu4HItyxFWHjxiH9UbMB8GA1UdIwQYMBaAFJuY+31GiYOiwUdyczJI7/o0YuEm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVCMi8zOTUyMTAwRTZF ODMxMUVGQUI3MjYxODBDNEY5QUUwMi9tNWo3ZlVhSmc2TEJSM0p6TWtqdi1qUmk0 U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRTWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUFFQjIvMzk1MjEwMEU2RTgzMTFFRkFCNzI2MTgwQzRGOUFFMDIvOEFERUUwMEM3 MUFCMTFFRkI5MjIyMTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBALKHFwDBALKHHQwDQYJKoZIhvcNAQELBQADggEBADiYYkEk crcchlmiJC11MdhA1WaJ8Uf0paXCU3++z33xBFE6fmS+fXbenxAqFWLC/MLpjGIi 3vyr5AWbcBJNGO7glQd3fhKxejyUE1J4wB+dhlPGi8uojMxTHTGCh2nK/XX10cJx Gegf0KXNdXDuztSVKXy1zKheqKzTUpqerdUuslF/Oyf13yecWD9dHJrf1GLmBVji n1enPK3paLW4jqCJEkPfmOCBZG9mEwtZWuvumnSnT8HQTmO63btLfsTAQoslIwrJ Kxkv5nvt4Xz/oaVdYpvjjax6KUCbOHo1vcTV5xoIwFPY7G1k5PaWYfrVAQRGyZb2 XJfQw7Jm5UhAPRg= -----END CERTIFICATE-----Generated at Sat Apr 5 02:08:03 2025 by rpki-client