$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/7D8845C43DD911EB8DA0EE5FC4F9AE02.roa File: 7D8845C43DD911EB8DA0EE5FC4F9AE02.roa (raw, json) Hash identifier: TJhxFRJSMHDZftvXajaD5yBRa7CxOx/OA+78HFtd2eM= Subject key identifier: E4:0B:B1:4B:95:DC:A0:9F:6B:A9:68:D5:89:71:64:E2:44:4D:B0:31 Certificate issuer: /CN=A91CB816/serialNumber=BD06BDBF8B0EEDBC9F07395A65254FCB8583989D Certificate serial: 06CE Authority key identifier: BD:06:BD:BF:8B:0E:ED:BC:9F:07:39:5A:65:25:4F:CB:85:83:98:9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vQa9v4sO7byfBzlaZSVPy4WDmJ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/7D8845C43DD911EB8DA0EE5FC4F9AE02.roa Signing time: Thu 02 Jan 2025 21:51:09 +0000 ROA not before: Thu 02 Jan 2025 21:51:09 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 38017 IP address blocks: 202.59.128.0/20 maxlen: 22 202.59.128.0/24 maxlen: 24 202.59.129.0/24 maxlen: 24 202.59.130.0/24 maxlen: 24 202.59.131.0/24 maxlen: 24 202.59.132.0/24 maxlen: 24 202.59.133.0/24 maxlen: 24 202.59.134.0/24 maxlen: 24 202.59.135.0/24 maxlen: 24 202.59.136.0/24 maxlen: 24 202.59.137.0/24 maxlen: 24 202.59.138.0/24 maxlen: 24 202.59.139.0/24 maxlen: 24 202.59.140.0/24 maxlen: 24 202.59.141.0/24 maxlen: 24 202.59.142.0/24 maxlen: 24 202.59.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/vQa9v4sO7byfBzlaZSVPy4WDmJ0.crl rsync://rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/vQa9v4sO7byfBzlaZSVPy4WDmJ0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vQa9v4sO7byfBzlaZSVPy4WDmJ0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 22:06:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1742 (0x6ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB816 Validity Not Before: Jan 2 21:51:09 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67770a4d-1056 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:fd:ad:21:9d:c7:a9:a8:c5:60:eb:10:e5:06: 17:f3:40:dc:6a:2c:10:c0:78:8f:85:43:10:0c:af: fd:49:a8:cd:6f:37:0e:03:fd:ff:b5:92:e0:0c:b6: bd:fb:0d:ab:79:69:ed:6d:13:c0:e3:99:9f:b1:86: a9:70:75:2e:82:02:51:b1:88:88:da:af:7c:35:d4: e2:f5:fd:91:8f:5e:09:74:e1:19:5c:71:bc:28:b9: b8:d8:a9:b9:e7:9e:7c:3e:c1:78:42:30:e1:4f:0e: a8:e3:d5:e7:29:e6:b8:b4:4f:7b:18:8a:77:fd:ac: 7f:a6:39:56:88:ed:80:22:7b:f8:81:48:5b:ea:a3: 20:75:4a:aa:ac:c2:46:f3:b2:de:07:1f:ab:06:ac: a9:8d:d0:7f:05:78:b4:da:fa:52:3e:f9:1a:45:9d: 13:6c:bb:2e:a4:a6:3c:98:8a:2e:ed:65:06:5f:92: df:f3:70:72:55:ed:79:13:6a:39:86:cd:92:77:96: 4b:37:29:f8:09:cd:da:b3:a4:f1:b6:43:55:87:6c: b9:c9:a5:a4:7a:79:4c:ec:77:68:ca:4d:5e:53:26: 1c:ff:cf:68:f1:c9:e8:6f:0a:6e:ad:11:2e:46:1c: 84:0e:57:55:ab:5f:8c:8b:c0:cc:71:fa:b5:ea:8b: 8a:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:0B:B1:4B:95:DC:A0:9F:6B:A9:68:D5:89:71:64:E2:44:4D:B0:31 X509v3 Authority Key Identifier: keyid:BD:06:BD:BF:8B:0E:ED:BC:9F:07:39:5A:65:25:4F:CB:85:83:98:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/vQa9v4sO7byfBzlaZSVPy4WDmJ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vQa9v4sO7byfBzlaZSVPy4WDmJ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB816/610466103DD611EBA0602C5BC4F9AE02/7D8845C43DD911EB8DA0EE5FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.59.128.0/20 Signature Algorithm: sha256WithRSAEncryption ac:db:9b:d5:c8:f5:72:2c:f0:27:68:da:92:b4:f9:4b:4d:d6: 01:fb:b5:cf:10:8e:fb:3f:55:c5:62:9e:7b:68:2d:96:83:4c: cc:34:34:c8:3f:1c:8e:49:7c:e5:2a:81:82:2b:19:22:6b:97: e4:63:e6:03:d3:ec:ef:a3:36:9e:3d:35:ec:43:c9:87:2d:c7: 85:74:1b:16:41:bd:77:04:a1:77:e7:db:8c:80:b4:b8:80:ab: e8:a6:ec:96:ab:f7:97:f4:a6:26:8c:7b:a1:bb:42:35:3b:48: 09:a6:b6:14:4b:d2:74:00:9c:91:da:b3:a9:99:35:72:b5:b2: ae:8c:04:c3:63:79:11:4c:ef:fc:1d:3f:0e:0e:d9:75:e7:c1: a5:35:3b:66:f3:cc:8f:93:36:89:15:4c:2e:e4:8d:2a:71:36: 99:22:a6:2f:27:2d:0f:3c:f6:26:56:d1:48:52:33:62:a9:be: c2:16:8e:bf:2b:6e:69:20:68:56:39:d2:95:f5:92:32:47:64: 9d:94:30:52:54:9c:25:17:7a:3f:92:84:f2:94:c9:bf:15:b6: a8:0e:cb:49:fc:8e:c7:67:c1:c4:db:f3:6a:3d:85:e9:94:0c: d6:cb:57:c9:ca:84:b2:87:3e:72:39:d6:ff:a6:14:d3:90:df: df:bb:5a:df -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I4MTYxMTAvBgNVBAUTKEJEMDZCREJGOEIwRUVEQkM5RjA3Mzk1QTY1MjU0RkNC ODU4Mzk4OUQwHhcNMjUwMTAyMjE1MTA5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzc3MGE0ZC0xMDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0P2tIZ3HqajFYOsQ5QYX80DcaiwQwHiPhUMQDK/9SajNbzcOA/3/tZLgDLa9 +w2reWntbRPA45mfsYapcHUuggJRsYiI2q98NdTi9f2Rj14JdOEZXHG8KLm42Km5 5558PsF4QjDhTw6o49XnKea4tE97GIp3/ax/pjlWiO2AInv4gUhb6qMgdUqqrMJG 87LeBx+rBqypjdB/BXi02vpSPvkaRZ0TbLsupKY8mIou7WUGX5Lf83ByVe15E2o5 hs2Sd5ZLNyn4Cc3as6TxtkNVh2y5yaWkenlM7Hdoyk1eUyYc/89o8cnobwpurREu RhyEDldVq1+Mi8DMcfq16ouKBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOQLsUuV 3KCfa6lo1YlxZOJETbAxMB8GA1UdIwQYMBaAFL0Gvb+LDu28nwc5WmUlT8uFg5id MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjgxNi82MTA0NjYxMDNE RDYxMUVCQTA2MDJDNUJDNEY5QUUwMi92UWE5djRzTzdieWZCemxhWlNWUHk0V0Rt SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZRYTl2NHNPN2J5ZkJ6bGFaU1ZQeTRXRG1KMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0I4MTYvNjEwNDY2MTAzREQ2MTFFQkEwNjAyQzVCQzRGOUFFMDIvN0Q4ODQ1QzQz REQ5MTFFQjhEQTBFRTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBATKO4AwDQYJKoZIhvcNAQELBQADggEBAKzbm9XI9XIs8Cdo 2pK0+UtN1gH7tc8Qjvs/VcVinntoLZaDTMw0NMg/HI5JfOUqgYIrGSJrl+Rj5gPT 7O+jNp49NexDyYctx4V0GxZBvXcEoXfn24yAtLiAq+im7Jar95f0piaMe6G7QjU7 SAmmthRL0nQAnJHas6mZNXK1sq6MBMNjeRFM7/wdPw4O2XXnwaU1O2bzzI+TNokV TC7kjSpxNpkipi8nLQ889iZW0UhSM2KpvsIWjr8rbmkgaFY50pX1kjJHZJ2UMFJU nCUXej+ShPKUyb8VtqgOy0n8jsdnwcTb82o9hemUDNbLV8nKhLKHPnI51v+mFNOQ 39+7Wt8= -----END CERTIFICATE-----Generated at Sat Apr 5 19:26:15 2025 by rpki-client