$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB72F/2FB49B3E43D111EF8BE8D87BC4F9AE02/79F48DAAED0711EFA7332931C4F9AE02.roa File: 79F48DAAED0711EFA7332931C4F9AE02.roa (raw, json) Hash identifier: GLbMFy1JbyAVM7u4jQAEv8xQTj/rbFbdkkf2ZQWfsOQ= Subject key identifier: C2:F7:3A:E5:C4:5C:15:F0:64:E5:EF:23:B9:02:6A:25:C4:92:4C:F7 Certificate issuer: /CN=A91AB72F/serialNumber=1244785D40C5EC58DFC4A328540F1B393DEA2375 Certificate serial: 71 Authority key identifier: 12:44:78:5D:40:C5:EC:58:DF:C4:A3:28:54:0F:1B:39:3D:EA:23:75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EkR4XUDF7FjfxKMoVA8bOT3qI3U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB72F/2FB49B3E43D111EF8BE8D87BC4F9AE02/79F48DAAED0711EFA7332931C4F9AE02.roa Signing time: Mon 17 Feb 2025 08:16:24 +0000 ROA not before: Mon 17 Feb 2025 08:16:24 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 4764 IP address blocks: 202.4.31.0/24 maxlen: 24 203.5.0.0/24 maxlen: 24 203.8.221.0/24 maxlen: 24 203.20.64.0/24 maxlen: 24 203.22.255.0/24 maxlen: 24 203.23.173.0/24 maxlen: 24 203.27.101.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB72F/2FB49B3E43D111EF8BE8D87BC4F9AE02/EkR4XUDF7FjfxKMoVA8bOT3qI3U.crl rsync://rpki.apnic.net/member_repository/A91AB72F/2FB49B3E43D111EF8BE8D87BC4F9AE02/EkR4XUDF7FjfxKMoVA8bOT3qI3U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EkR4XUDF7FjfxKMoVA8bOT3qI3U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 05:48:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB72F Validity Not Before: Feb 17 08:16:24 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67b2f058-1896 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:b6:09:f3:8c:48:6f:e9:dc:28:1a:ca:01:2c: 6e:b2:01:d0:14:8c:47:37:40:de:27:f9:cd:ad:0d: 94:fd:b1:ee:5d:5c:34:96:c3:c9:4d:d1:b5:97:07: 86:78:8f:a8:df:36:fc:e1:5f:6b:6a:ce:0c:a8:c3: e5:12:13:4e:43:45:74:31:9e:6f:17:64:62:bc:3a: b7:81:70:41:43:d6:39:fc:c0:a8:98:59:bc:5e:91: 25:3a:e7:1f:7b:50:dc:be:a5:80:f9:2c:b6:12:9f: 99:ee:0f:9f:e5:99:d5:f5:67:80:5b:ef:f5:67:27: 12:8a:4c:3a:0e:0f:fd:1d:6d:4e:8d:07:25:e5:01: 4f:e6:43:0d:ef:a0:d4:bd:e4:3a:66:29:6c:48:4b: 35:60:03:28:10:da:91:94:c0:70:ae:2b:84:d3:7c: c8:f3:05:0d:dd:4b:01:b6:61:b9:bf:fd:c2:04:75: 62:cd:3b:e8:b2:99:70:2e:58:21:9e:ac:13:ce:8d: c3:ef:21:0e:63:19:7c:8d:8f:24:e9:77:04:3e:bf: 62:e9:1b:a2:b6:b3:30:81:25:00:fa:88:d8:21:33: 16:1f:f4:db:1f:9a:67:0e:ba:b1:b0:35:9d:3b:12: ba:75:ef:49:b0:ab:c3:64:0e:db:37:71:52:50:6b: b7:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:F7:3A:E5:C4:5C:15:F0:64:E5:EF:23:B9:02:6A:25:C4:92:4C:F7 X509v3 Authority Key Identifier: keyid:12:44:78:5D:40:C5:EC:58:DF:C4:A3:28:54:0F:1B:39:3D:EA:23:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB72F/2FB49B3E43D111EF8BE8D87BC4F9AE02/EkR4XUDF7FjfxKMoVA8bOT3qI3U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EkR4XUDF7FjfxKMoVA8bOT3qI3U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB72F/2FB49B3E43D111EF8BE8D87BC4F9AE02/79F48DAAED0711EFA7332931C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.4.31.0/24 203.5.0.0/24 203.8.221.0/24 203.20.64.0/24 203.22.255.0/24 203.23.173.0/24 203.27.101.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:9e:07:6c:5e:3c:3b:22:ab:e2:a9:59:a0:e8:eb:7b:05:2f: a4:7b:1f:85:84:ec:dc:cc:e6:c3:6c:3e:dc:3a:23:52:e4:5a: 58:87:cd:ff:be:49:a0:91:b5:23:76:f2:1d:bd:44:b9:4e:d1: b3:0a:72:c7:b9:49:43:0d:65:87:32:b2:23:aa:e7:07:cd:fe: 7d:f8:6b:90:8b:d8:64:33:aa:92:35:e4:1b:2f:9d:70:77:64: 38:ae:f3:92:da:cd:04:4a:c4:94:f7:c2:91:32:d4:f0:a0:02: 23:29:f9:34:aa:e4:b6:00:0b:84:3d:fc:d9:f9:7e:ac:a2:22: d0:e6:d7:01:ad:19:9f:53:44:68:6c:3f:a1:2b:b5:36:97:86: 03:7d:a9:eb:4f:b2:3d:73:3e:4c:78:0f:7f:26:fc:d9:13:4b: e8:20:bb:6f:f3:1e:4b:a7:23:de:43:84:dc:21:c5:06:f1:9c: 8d:75:c4:2b:1e:25:0f:a7:a5:d8:68:e5:73:3c:c1:75:ec:76: e4:d6:68:9c:a9:11:47:dc:68:96:41:7e:4e:79:31:f6:af:91: f1:05:8f:7a:ba:6a:2d:aa:6b:ca:b0:5d:83:85:68:43:d0:22: df:fb:2d:cd:77:f7:84:fb:17:35:2f:d3:e4:a0:1d:72:b8:02: d2:7a:f9:6f -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QjcyRjExMC8GA1UEBRMoMTI0NDc4NUQ0MEM1RUM1OERGQzRBMzI4NTQwRjFCMzkz REVBMjM3NTAeFw0yNTAyMTcwODE2MjRaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YjJmMDU4LTE4OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDZtgnzjEhv6dwoGsoBLG6yAdAUjEc3QN4n+c2tDZT9se5dXDSWw8lN0bWXB4Z4 j6jfNvzhX2tqzgyow+USE05DRXQxnm8XZGK8OreBcEFD1jn8wKiYWbxekSU65x97 UNy+pYD5LLYSn5nuD5/lmdX1Z4Bb7/VnJxKKTDoOD/0dbU6NByXlAU/mQw3voNS9 5DpmKWxISzVgAygQ2pGUwHCuK4TTfMjzBQ3dSwG2Ybm//cIEdWLNO+iymXAuWCGe rBPOjcPvIQ5jGXyNjyTpdwQ+v2LpG6K2szCBJQD6iNghMxYf9NsfmmcOurGwNZ07 Erp170mwq8NkDts3cVJQa7e1AgMBAAGjggK5MIICtTAdBgNVHQ4EFgQUwvc65cRc FfBk5e8juQJqJcSSTPcwHwYDVR0jBBgwFoAUEkR4XUDF7FjfxKMoVA8bOT3qI3Uw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFCNzJGLzJGQjQ5QjNFNDNE MTExRUY4QkU4RDg3QkM0RjlBRTAyL0VrUjRYVURGN0ZqZnhLTW9WQThiT1QzcUkz VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvRWtSNFhVREY3RmpmeEtNb1ZBOGJPVDNxSTNVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjcyRi8yRkI0OUIzRTQzRDExMUVGOEJFOEQ4N0JDNEY5QUUwMi83OUY0OERBQUVE MDcxMUVGQTczMzI5MzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBDBggrBgEFBQcBBwEB/wQ0 MDIwMAQCAAEwKgMEAMoEHwMEAMsFAAMEAMsI3QMEAMsUQAMEAMsW/wMEAMsXrQME AMsbZTANBgkqhkiG9w0BAQsFAAOCAQEAjZ4HbF48OyKr4qlZoOjrewUvpHsfhYTs 3Mzmw2w+3DojUuRaWIfN/75JoJG1I3byHb1EuU7Rswpyx7lJQw1lhzKyI6rnB83+ ffhrkIvYZDOqkjXkGy+dcHdkOK7zktrNBErElPfCkTLU8KACIyn5NKrktgALhD38 2fl+rKIi0ObXAa0Zn1NEaGw/oSu1NpeGA32p60+yPXM+THgPfyb82RNL6CC7b/Me S6cj3kOE3CHFBvGcjXXEKx4lD6el2GjlczzBdex25NZonKkRR9xolkF+Tnkx9q+R 8QWPerpqLapryrBdg4VoQ9Ai3/stzXf3hPsXNS/T5KAdcrgC0nr5bw== -----END CERTIFICATE-----Generated at Sun Apr 6 16:16:29 2025 by rpki-client