$ rpki-client -vvf rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/0A576F089A4C11EEBD557E12C4F9AE02.roa File: 0A576F089A4C11EEBD557E12C4F9AE02.roa (raw, json) Hash identifier: W3PBLvmUcdE3zAX7FZy5vyT9kW67f//Ujbv+JZHmvZA= Subject key identifier: 50:2E:E0:4E:49:DE:84:E1:51:40:4E:29:BE:11:12:20:45:D8:CF:D0 Certificate issuer: /CN=A91D28E1/serialNumber=5D5F6190215DFF0AC35432BC3A52A08BD341B700 Certificate serial: C9 Authority key identifier: 5D:5F:61:90:21:5D:FF:0A:C3:54:32:BC:3A:52:A0:8B:D3:41:B7:00 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XV9hkCFd_wrDVDK8OlKgi9NBtwA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/0A576F089A4C11EEBD557E12C4F9AE02.roa Signing time: Tue 31 Dec 2024 04:18:31 +0000 ROA not before: Tue 31 Dec 2024 04:18:31 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 152168 IP address blocks: 36.50.104.0/24 maxlen: 24 36.50.105.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/XV9hkCFd_wrDVDK8OlKgi9NBtwA.crl rsync://rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/XV9hkCFd_wrDVDK8OlKgi9NBtwA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XV9hkCFd_wrDVDK8OlKgi9NBtwA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 04:34:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 201 (0xc9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D28E1 Validity Not Before: Dec 31 04:18:31 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67737097-8b38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:82:36:c6:80:fb:d8:7d:14:8a:f5:9e:3b:be: 3b:86:14:33:76:f0:9d:0d:30:b9:62:f2:e4:d1:a0: be:0e:00:9c:e0:d3:a1:0a:ba:0b:27:b0:81:ad:67: 17:e6:0c:16:3f:37:19:c0:b2:25:f1:e1:6b:47:d2: 44:18:bb:e9:5a:df:f0:72:89:18:84:45:e6:85:8c: 49:e4:96:e1:bf:84:96:f4:3d:be:1a:c0:ec:03:f7: d7:57:8e:8d:ba:74:e4:47:da:22:97:42:cb:5c:2d: 5d:73:a2:10:40:d2:7a:0c:36:2a:e6:93:db:92:1d: e4:6b:ea:2c:36:d2:ad:eb:19:5e:17:46:ba:d2:7e: 6b:97:4c:37:fe:d4:62:71:53:f7:17:51:92:c9:c4: d9:0b:c4:56:96:b3:72:cf:15:22:43:e5:c7:fd:72: 87:7a:1c:42:50:49:73:c9:81:ee:26:03:a7:5d:87: b7:19:93:9d:f9:a7:d9:a2:4c:8d:51:6e:31:e9:98: 5b:5b:a6:9f:36:a8:d5:ae:04:67:5b:c0:6c:e6:43: 3e:cb:8f:74:1c:da:3b:8e:a0:15:d1:ae:cb:07:30: 21:c0:b5:7b:f8:61:2f:b8:d3:27:c2:66:18:00:d4: ab:6d:44:87:8d:b0:e2:7f:37:c0:9b:3f:dd:33:d1: 11:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:2E:E0:4E:49:DE:84:E1:51:40:4E:29:BE:11:12:20:45:D8:CF:D0 X509v3 Authority Key Identifier: keyid:5D:5F:61:90:21:5D:FF:0A:C3:54:32:BC:3A:52:A0:8B:D3:41:B7:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/XV9hkCFd_wrDVDK8OlKgi9NBtwA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XV9hkCFd_wrDVDK8OlKgi9NBtwA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D28E1/BBE3D43A9A4911EE9092E070C4F9AE02/0A576F089A4C11EEBD557E12C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.50.104.0/23 Signature Algorithm: sha256WithRSAEncryption a3:91:d4:e4:d8:3b:1f:00:0e:da:5d:23:48:a8:eb:5c:cb:33: a2:f1:c0:60:c1:78:ac:6f:e4:e9:df:f5:37:e4:03:9b:66:9a: a1:75:18:a8:aa:1a:5e:f2:de:61:1a:88:f7:df:bb:73:8a:ef: 53:a2:9b:a9:f3:0f:30:7b:3e:1d:d6:90:6c:98:f2:fe:be:0f: a9:47:5a:27:88:15:55:bc:13:84:19:00:b0:8f:4c:35:e8:38: 72:02:d4:09:3d:72:c5:56:c9:a2:75:6e:77:89:b7:88:d1:24: b6:ac:50:b1:67:d3:bf:a8:45:69:9c:d4:c6:56:94:81:16:d4: f3:c1:6d:5d:2c:85:c4:ff:43:81:fe:2c:98:0e:90:65:e6:0e: b8:f4:bf:f6:dd:8f:ae:f5:6d:1b:0f:a5:a2:59:9c:6b:ed:10: 2b:d9:e3:af:b6:a4:5f:32:7e:84:64:83:0c:c9:5d:0f:4a:23: fb:66:67:d7:10:44:cf:09:39:12:ed:d2:f9:de:49:6e:9c:cd: e4:f9:66:fe:57:20:09:d1:8d:ec:0f:4e:0c:d9:d6:6c:fc:92: 3b:83:7e:9a:a4:d6:f6:35:c4:b4:ae:eb:fd:55:65:74:2d:5d: 85:c0:fa:b7:c6:9f:60:1c:05:d5:61:ca:33:19:24:34:71:58: 93:ec:4c:31 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI4RTExMTAvBgNVBAUTKDVENUY2MTkwMjE1REZGMEFDMzU0MzJCQzNBNTJBMDhC RDM0MUI3MDAwHhcNMjQxMjMxMDQxODMxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzczNzA5Ny04YjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw4I2xoD72H0UivWeO747hhQzdvCdDTC5YvLk0aC+DgCc4NOhCroLJ7CBrWcX 5gwWPzcZwLIl8eFrR9JEGLvpWt/wcokYhEXmhYxJ5Jbhv4SW9D2+GsDsA/fXV46N unTkR9oil0LLXC1dc6IQQNJ6DDYq5pPbkh3ka+osNtKt6xleF0a60n5rl0w3/tRi cVP3F1GSycTZC8RWlrNyzxUiQ+XH/XKHehxCUElzyYHuJgOnXYe3GZOd+afZokyN UW4x6ZhbW6afNqjVrgRnW8Bs5kM+y490HNo7jqAV0a7LBzAhwLV7+GEvuNMnwmYY ANSrbUSHjbDifzfAmz/dM9ERBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFAu4E5J 3oThUUBOKb4REiBF2M/QMB8GA1UdIwQYMBaAFF1fYZAhXf8Kw1QyvDpSoIvTQbcA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjhFMS9CQkUzRDQzQTlB NDkxMUVFOTA5MkUwNzBDNEY5QUUwMi9YVjloa0NGZF93ckRWREs4T2xLZ2k5TkJ0 d0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hWOWhrQ0ZkX3dyRFZESzhPbEtnaTlOQnR3QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDI4RTEvQkJFM0Q0M0E5QTQ5MTFFRTkwOTJFMDcwQzRGOUFFMDIvMEE1NzZGMDg5 QTRDMTFFRUJENTU3RTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAEkMmgwDQYJKoZIhvcNAQELBQADggEBAKOR1OTYOx8ADtpd I0io61zLM6LxwGDBeKxv5Onf9TfkA5tmmqF1GKiqGl7y3mEaiPffu3OK71Oim6nz DzB7Ph3WkGyY8v6+D6lHWieIFVW8E4QZALCPTDXoOHIC1Ak9csVWyaJ1bneJt4jR JLasULFn07+oRWmc1MZWlIEW1PPBbV0shcT/Q4H+LJgOkGXmDrj0v/bdj671bRsP paJZnGvtECvZ46+2pF8yfoRkgwzJXQ9KI/tmZ9cQRM8JORLt0vneSW6czeT5Zv5X IAnRjewPTgzZ1mz8kjuDfpqk1vY1xLSu6/1VZXQtXYXA+rfGn2AcBdVhyjMZJDRx WJPsTDE= -----END CERTIFICATE-----Generated at Sat Apr 5 08:24:59 2025 by rpki-client