$ rpki-client -vvf rpki.apnic.net/member_repository/A91B45C0/BDEE729AE6D911E88B8BF77CC4F9AE02/9995A38CFADC11EF87E86958C4F9AE02.roa File: 9995A38CFADC11EF87E86958C4F9AE02.roa (raw, json) Hash identifier: ysxysi1JRRCeXPbgklO9daFHXOXqs2WRrFVz0QeKvyg= Subject key identifier: 3A:B9:CF:E5:0C:5C:0A:C6:9E:72:17:13:16:E4:C6:0C:D6:8E:59:B7 Certificate issuer: /CN=A91B45C0/serialNumber=9512809ED435A3640AF9B75F0AFB2928D4163C31 Certificate serial: 11BF Authority key identifier: 95:12:80:9E:D4:35:A3:64:0A:F9:B7:5F:0A:FB:29:28:D4:16:3C:31 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lRKAntQ1o2QK-bdfCvspKNQWPDE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B45C0/BDEE729AE6D911E88B8BF77CC4F9AE02/9995A38CFADC11EF87E86958C4F9AE02.roa Signing time: Thu 06 Mar 2025 22:44:45 +0000 ROA not before: Thu 06 Mar 2025 22:44:45 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 58750 IP address blocks: 2403:ecc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B45C0/BDEE729AE6D911E88B8BF77CC4F9AE02/lRKAntQ1o2QK-bdfCvspKNQWPDE.crl rsync://rpki.apnic.net/member_repository/A91B45C0/BDEE729AE6D911E88B8BF77CC4F9AE02/lRKAntQ1o2QK-bdfCvspKNQWPDE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lRKAntQ1o2QK-bdfCvspKNQWPDE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 14:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4543 (0x11bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B45C0, serialNumber=9512809ED435A3640AF9B75F0AFB2928D4163C31 Validity Not Before: Mar 6 22:44:45 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=67ca255d-2c3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:c3:28:14:fd:54:b1:bf:27:db:0b:05:2e:57: ca:7c:ff:6a:6d:cc:99:9c:1c:e2:18:ea:ab:86:6a: 6f:cd:99:ab:b8:cb:95:8e:35:5b:2d:64:20:c3:e6: 54:75:32:a5:7f:a7:2c:78:a0:33:7e:fb:1c:5d:91: 05:29:10:76:fb:33:8a:43:5e:3a:53:a8:70:97:8b: f8:4c:f1:f7:33:36:4d:59:b5:63:02:a0:89:c4:e0: 96:8e:d3:f1:a3:8a:e3:d4:66:b5:bf:02:e1:51:5a: 84:37:07:f6:24:d0:9e:47:5d:7a:fa:b7:85:28:84: bb:f6:f7:2b:90:0e:93:11:6e:2e:e4:f9:d9:32:60: 65:ce:29:be:fc:de:3d:3f:cd:ae:5b:44:83:50:7b: a9:60:95:c8:2a:83:3e:c8:54:6d:fb:02:3e:36:bb: ca:54:0d:98:44:98:75:3b:12:87:a7:1e:59:a2:bc: 09:97:87:59:c2:30:d6:6d:c5:58:bb:6b:d2:0c:67: dc:fe:3f:dd:4a:b6:f7:6f:f2:c2:69:59:98:3c:6d: 93:12:10:ed:76:5c:ef:c4:8f:13:ca:2a:40:33:e7: 7e:c8:fc:7e:79:32:a3:03:ac:aa:bd:15:60:73:55: ad:d3:70:2f:df:ff:e4:11:db:80:d9:db:ee:4e:55: fa:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:B9:CF:E5:0C:5C:0A:C6:9E:72:17:13:16:E4:C6:0C:D6:8E:59:B7 X509v3 Authority Key Identifier: keyid:95:12:80:9E:D4:35:A3:64:0A:F9:B7:5F:0A:FB:29:28:D4:16:3C:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B45C0/BDEE729AE6D911E88B8BF77CC4F9AE02/lRKAntQ1o2QK-bdfCvspKNQWPDE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lRKAntQ1o2QK-bdfCvspKNQWPDE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B45C0/BDEE729AE6D911E88B8BF77CC4F9AE02/9995A38CFADC11EF87E86958C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2403:ecc0::/32 Signature Algorithm: sha256WithRSAEncryption 6d:d6:16:bb:67:6d:1e:a2:06:e4:b9:9b:61:70:3d:63:cc:c4: cb:1d:fd:9b:a7:d7:9f:b0:6d:ff:66:ea:ef:75:e7:5e:1b:f6: 59:1c:62:e8:48:1a:76:64:c1:39:44:c5:90:a4:61:09:6e:f8: 87:b5:8a:c2:21:20:e6:35:a2:02:0a:6f:56:51:20:ca:0b:f6: e3:3a:f8:a0:58:81:cd:79:0f:91:7e:19:e0:50:d6:96:38:79: f1:88:1b:5b:ca:99:f4:67:c8:5f:5b:ed:e6:2d:49:7c:e8:a5: f7:06:c4:09:98:20:e0:11:11:9a:85:e5:36:af:48:49:db:0e: 36:a1:3c:88:21:fe:76:0d:3d:c7:f5:0e:9b:c3:b8:13:43:7c: b1:cb:38:19:e7:93:88:b2:e7:0e:51:48:34:33:5b:45:4e:93: 93:3d:80:27:1b:30:4b:79:5b:6b:a8:2d:67:39:f0:52:bd:17: 5a:71:d6:0c:57:23:5e:35:5a:3e:49:3f:f5:19:ba:e6:c2:82: 97:cf:50:e1:29:be:4d:bc:1b:3c:30:5e:d5:a8:6f:f2:21:6a: 94:6e:cc:57:3d:d4:0d:c2:9c:24:02:3c:ff:07:98:d5:e9:bb: 45:7e:fe:34:bb:ca:fd:a7:b5:f9:fd:04:1c:cf:90:08:63:4c: 34:a8:29:3f -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICEb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ1QzAxMTAvBgNVBAUTKDk1MTI4MDlFRDQzNUEzNjQwQUY5Qjc1RjBBRkIyOTI4 RDQxNjNDMzEwHhcNMjUwMzA2MjI0NDQ1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2NhMjU1ZC0yYzNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAucMoFP1Usb8n2wsFLlfKfP9qbcyZnBziGOqrhmpvzZmruMuVjjVbLWQgw+ZU dTKlf6cseKAzfvscXZEFKRB2+zOKQ146U6hwl4v4TPH3MzZNWbVjAqCJxOCWjtPx o4rj1Ga1vwLhUVqENwf2JNCeR116+reFKIS79vcrkA6TEW4u5PnZMmBlzim+/N49 P82uW0SDUHupYJXIKoM+yFRt+wI+NrvKVA2YRJh1OxKHpx5ZorwJl4dZwjDWbcVY u2vSDGfc/j/dSrb3b/LCaVmYPG2TEhDtdlzvxI8TyipAM+d+yPx+eTKjA6yqvRVg c1Wt03Av3//kEduA2dvuTlX6fwIDAQABo4ICljCCApIwHQYDVR0OBBYEFDq5z+UM XArGnnIXExbkxgzWjlm3MB8GA1UdIwQYMBaAFJUSgJ7UNaNkCvm3Xwr7KSjUFjwx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDVDMC9CREVFNzI5QUU2 RDkxMUU4OEI4QkY3N0NDNEY5QUUwMi9sUktBbnRRMW8yUUstYmRmQ3ZzcEtOUVdQ REUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xSS0FudFExbzJRSy1iZGZDdnNwS05RV1BERS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjQ1QzAvQkRFRTcyOUFFNkQ5MTFFODhCOEJGNzdDQzRGOUFFMDIvOTk5NUEzOENG QURDMTFFRjg3RTg2OTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkA+zAMA0GCSqGSIb3DQEBCwUAA4IBAQBt1ha7Z20eogbk uZthcD1jzMTLHf2bp9efsG3/ZurvdedeG/ZZHGLoSBp2ZME5RMWQpGEJbviHtYrC ISDmNaICCm9WUSDKC/bjOvigWIHNeQ+RfhngUNaWOHnxiBtbypn0Z8hfW+3mLUl8 6KX3BsQJmCDgERGaheU2r0hJ2w42oTyIIf52DT3H9Q6bw7gTQ3yxyzgZ55OIsucO UUg0M1tFTpOTPYAnGzBLeVtrqC1nOfBSvRdacdYMVyNeNVo+ST/1GbrmwoKXz1Dh Kb5NvBs8MF7VqG/yIWqUbsxXPdQNwpwkAjz/B5jV6btFfv40u8r9p7X5/QQcz5AI Y0w0qCk/ -----END CERTIFICATE-----Generated at Sat Apr 12 19:12:02 2025 by rpki-client