$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/59E4B0A81B9211F0A5D50649C4F9AE02.roa File: 59E4B0A81B9211F0A5D50649C4F9AE02.roa (raw, json) Hash identifier: 6NSS3ImO+7MeAasEgP9eh6JpYdQNeKV6AFWR2pkbZBU= Subject key identifier: D0:D2:90:04:64:94:DC:3E:DD:22:DA:A1:E0:12:88:11:E5:D9:19:C9 Certificate issuer: /CN=A91B0F3F/serialNumber=F818FC988EC7032C3E2C6A48A55498AB7CD565FD Certificate serial: 0A17 Authority key identifier: F8:18:FC:98:8E:C7:03:2C:3E:2C:6A:48:A5:54:98:AB:7C:D5:65:FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/59E4B0A81B9211F0A5D50649C4F9AE02.roa Signing time: Thu 17 Apr 2025 15:26:44 +0000 ROA not before: Thu 17 Apr 2025 15:26:44 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 135420 IP address blocks: 45.249.184.0/22 maxlen: 22 45.249.184.0/24 maxlen: 24 45.249.185.0/24 maxlen: 24 45.249.186.0/24 maxlen: 24 45.249.187.0/24 maxlen: 24 103.218.188.0/22 maxlen: 22 103.218.188.0/24 maxlen: 24 103.218.189.0/24 maxlen: 24 103.218.190.0/24 maxlen: 24 103.218.191.0/24 maxlen: 24 2402:48c0::/32 maxlen: 36 2402:48c0::/48 maxlen: 48 2402:48c0:1::/48 maxlen: 48 2402:48c0:2::/48 maxlen: 48 2402:48c0:3::/48 maxlen: 48 2402:48c0:4::/48 maxlen: 48 2402:48c0:5::/48 maxlen: 48 2402:48c0:6::/48 maxlen: 48 2402:48c0:7::/48 maxlen: 48 2402:48c0:8::/48 maxlen: 48 2402:48c0:9::/48 maxlen: 48 2402:48c0:a::/48 maxlen: 48 2402:48c0:b::/48 maxlen: 48 2402:48c0:c::/48 maxlen: 48 2402:48c0:d::/48 maxlen: 48 2402:48c0:e::/48 maxlen: 48 2402:48c0:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.crl rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:40:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2583 (0xa17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0F3F, serialNumber=F818FC988EC7032C3E2C6A48A55498AB7CD565FD Validity Not Before: Apr 17 15:26:44 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=68011db4-3aea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:f7:fe:6c:b7:77:86:d5:89:e2:c0:30:66:92: b2:75:b1:cf:80:c8:bc:08:27:b3:19:70:c0:1f:ef: e0:f7:29:d2:1e:59:aa:e8:e5:8e:8d:20:bc:65:e3: 64:bc:f5:3d:6b:5e:7c:3b:cf:36:b8:9a:69:8a:d0: c6:09:06:6f:a7:af:df:a9:ad:34:85:70:bd:c0:ae: 60:0d:74:c0:0d:5f:8f:78:bd:8e:01:67:16:50:44: 0e:f2:d6:24:28:42:7f:87:49:dc:10:5c:32:70:66: 03:0b:83:82:ce:3a:4c:47:03:5a:47:e5:cf:f5:b8: 53:3f:d6:f0:58:25:6d:0d:45:9b:85:2a:a3:68:cb: df:2e:3a:be:5b:13:ee:4d:4b:15:cf:c0:03:9a:de: ac:92:8c:3d:95:f4:bf:48:22:94:72:76:84:c1:15: 81:eb:e3:b6:38:1d:d6:85:0e:a0:02:64:96:19:8d: 82:b2:f7:3a:f2:15:14:f6:d3:dc:fe:83:c9:0a:53: c5:49:3b:58:b2:e7:d5:20:43:d6:be:5e:54:b0:17: 48:f7:50:c0:b1:b7:1c:9c:40:c4:21:25:a0:1f:21: 8a:43:ec:5b:5d:c7:df:69:76:13:cf:59:b5:43:e3: b9:0f:25:9a:09:13:10:36:3a:cc:bd:6c:96:5a:05: f9:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:D2:90:04:64:94:DC:3E:DD:22:DA:A1:E0:12:88:11:E5:D9:19:C9 X509v3 Authority Key Identifier: keyid:F8:18:FC:98:8E:C7:03:2C:3E:2C:6A:48:A5:54:98:AB:7C:D5:65:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/59E4B0A81B9211F0A5D50649C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.249.184.0/22 103.218.188.0/22 IPv6: 2402:48c0::/32 Signature Algorithm: sha256WithRSAEncryption 48:a2:6d:cf:da:74:84:02:74:2c:25:0d:2b:31:d5:17:b6:36: 8e:ca:d3:c4:22:75:9f:77:8c:15:3b:39:0c:39:e8:40:cc:fe: 89:8b:c8:38:9d:dc:e0:24:0c:e5:04:18:8a:ab:6e:29:38:1c: 0b:58:64:85:83:bf:3f:40:38:63:f1:01:37:eb:16:e8:3d:fa: b9:63:0e:e3:19:10:1e:33:53:dc:76:80:17:dc:68:8b:03:59: 8e:15:7c:9c:de:3d:f0:bf:d0:3a:1c:80:03:a7:29:53:2c:90: 32:54:14:ac:e0:a5:f3:54:6d:b1:5b:69:ed:67:f7:df:6e:a6: dc:a0:cf:cf:e3:b4:af:95:48:cc:0a:0a:1f:0c:ad:10:67:55: fb:8c:47:4d:3a:f7:8f:d5:af:ea:45:74:ef:fd:53:c1:c4:e1: 3e:99:05:f6:56:22:fe:ac:d8:db:5f:4b:46:d5:f9:0b:a7:85: 38:d3:09:d3:ad:38:36:ca:aa:db:50:58:1b:ed:c5:0d:93:bd: c7:d9:18:c0:ad:c2:43:56:24:fa:96:80:78:b8:ad:75:c3:be: 69:78:ba:5b:b0:3b:4c:dc:e1:05:f1:73:8d:43:70:c0:61:9a: a9:84:1f:ad:a8:9d:4c:c0:01:de:f2:b5:f6:f3:32:aa:2b:7b: be:74:6e:dd -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICChcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjBGM0YxMTAvBgNVBAUTKEY4MThGQzk4OEVDNzAzMkMzRTJDNkE0OEE1NTQ5OEFC N0NENTY1RkQwHhcNMjUwNDE3MTUyNjQ0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODAxMWRiNC0zYWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlvf+bLd3htWJ4sAwZpKydbHPgMi8CCezGXDAH+/g9ynSHlmq6OWOjSC8ZeNk vPU9a158O882uJppitDGCQZvp6/fqa00hXC9wK5gDXTADV+PeL2OAWcWUEQO8tYk KEJ/h0ncEFwycGYDC4OCzjpMRwNaR+XP9bhTP9bwWCVtDUWbhSqjaMvfLjq+WxPu TUsVz8ADmt6skow9lfS/SCKUcnaEwRWB6+O2OB3WhQ6gAmSWGY2Csvc68hUU9tPc /oPJClPFSTtYsufVIEPWvl5UsBdI91DAsbccnEDEISWgHyGKQ+xbXcffaXYTz1m1 Q+O5DyWaCRMQNjrMvWyWWgX5UwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNDSkARk lNw+3SLaoeASiBHl2RnJMB8GA1UdIwQYMBaAFPgY/JiOxwMsPixqSKVUmKt81WX9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMEYzRi8wOTM3M0FENjc4 QzIxMUVBQkQ3NzIzNTlDNEY5QUUwMi8tQmo4bUk3SEF5dy1MR3BJcFZTWXEzelZa ZjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1CajhtSTdIQXl3LUxHcElwVlNZcTN6VlpmMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjBGM0YvMDkzNzNBRDY3OEMyMTFFQUJENzcyMzU5QzRGOUFFMDIvNTlFNEIwQTgx QjkyMTFGMEE1RDUwNjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIt+bgDBAJn2rwwDQQCAAIwBwMFACQCSMAwDQYJKoZIhvcN AQELBQADggEBAEiibc/adIQCdCwlDSsx1Re2No7K08QidZ93jBU7OQw56EDM/omL yDid3OAkDOUEGIqrbik4HAtYZIWDvz9AOGPxATfrFug9+rljDuMZEB4zU9x2gBfc aIsDWY4VfJzePfC/0DocgAOnKVMskDJUFKzgpfNUbbFbae1n999uptygz8/jtK+V SMwKCh8MrRBnVfuMR00694/Vr+pFdO/9U8HE4T6ZBfZWIv6s2NtfS0bV+QunhTjT CdOtODbKqttQWBvtxQ2TvcfZGMCtwkNWJPqWgHi4rXXDvml4uluwO0zc4QXxc41D cMBhmqmEH62onUzAAd7ytfbzMqore750bt0= -----END CERTIFICATE-----Generated at Tue Apr 22 13:49:27 2025 by rpki-client