$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/5DCE1A1AA63C11ED9306165AC4F9AE02.roa File: 5DCE1A1AA63C11ED9306165AC4F9AE02.roa (raw, json) Hash identifier: QPGj0eJqXgnGukiRaT/QHSiAaiIAXjZCnZKqvteNQAI= Subject key identifier: C4:1E:34:50:E6:6E:23:EB:FF:85:1B:DB:CB:F5:CF:F2:92:2E:87:3B Certificate issuer: /CN=A91D5240/serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Certificate serial: 018F Authority key identifier: 5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/5DCE1A1AA63C11ED9306165AC4F9AE02.roa Signing time: Sun 09 Feb 2025 02:45:00 +0000 ROA not before: Sun 09 Feb 2025 02:45:00 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 400289 IP address blocks: 203.23.164.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 02:49:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 399 (0x18f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5240 Validity Not Before: Feb 9 02:45:00 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67a816ac-aae0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d1:39:f6:ab:fa:24:4e:da:ff:bb:5b:49:19: 63:6a:b1:e8:53:c1:8b:4c:53:e6:6f:1f:e7:79:0c: 95:1b:ad:2a:d0:cf:e6:2a:72:99:ab:0e:54:c2:8a: de:b8:0f:ff:a5:2c:22:38:cd:6e:99:47:0d:07:9e: e9:09:d9:95:10:05:5f:c5:e0:7f:a4:42:c9:b8:1e: 67:66:9a:28:3f:f0:14:5f:27:6b:86:aa:77:3c:e0: e7:0e:81:55:75:c2:d7:4b:fb:22:d4:44:cb:88:5c: ae:cc:bc:9b:9d:92:2c:e3:bf:55:50:20:39:c3:a3: 1e:7f:6e:17:53:f2:b7:9d:04:68:74:16:a8:39:d8: ac:88:9a:d4:ad:49:3b:55:cd:92:a3:fc:98:7f:d7: cf:bd:55:92:17:ed:7b:ab:9d:7d:4d:4e:60:df:61: ea:8b:f2:0a:ef:51:9e:27:5c:11:f5:ff:93:5b:71: 64:58:09:3e:ff:fd:01:ef:83:95:9a:a1:94:24:bd: f1:8f:87:16:96:9a:42:7e:67:5f:97:c8:e4:60:e5: 8d:03:e0:ae:a7:a7:b2:c6:02:1d:5a:f5:cc:d1:8f: 92:47:2f:6d:ca:eb:75:51:cf:3e:88:3e:ea:b7:6f: 02:40:bc:f8:ad:26:d5:69:61:15:d5:09:01:ff:1d: 9e:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:1E:34:50:E6:6E:23:EB:FF:85:1B:DB:CB:F5:CF:F2:92:2E:87:3B X509v3 Authority Key Identifier: keyid:5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/5DCE1A1AA63C11ED9306165AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.23.164.0/24 Signature Algorithm: sha256WithRSAEncryption 24:8c:af:3c:88:d9:d2:95:76:21:38:2b:f1:78:71:c2:d9:c8: 26:61:d6:7e:06:05:fa:60:40:9d:ff:95:7f:f5:4b:d6:3c:13: a9:57:86:e1:74:2a:27:0e:7b:0c:1b:e4:61:72:73:d5:93:d7: 83:01:46:e5:43:68:82:6b:66:7a:ed:f5:4d:40:c9:95:4e:bd: ea:79:00:0b:31:e3:43:65:d2:a4:bb:1e:9c:b5:d6:66:4b:d7: 9b:f5:1e:ba:6d:ba:ea:3a:eb:c0:9d:7f:63:f7:52:d2:7a:5d: 2e:6d:e3:15:54:a5:99:59:65:37:e3:a0:39:b6:10:d2:b4:08: eb:a5:51:15:27:4b:a8:70:a7:7e:3d:31:90:51:96:a2:66:63: e9:bf:ed:62:54:b1:df:e8:7b:9e:2c:47:b4:a0:7b:69:cd:e1: 6f:b6:c3:82:28:15:9f:c6:e3:db:01:4b:6f:c4:6f:75:82:9e: 50:19:b5:bc:16:23:df:e9:58:49:ef:8c:d1:11:22:2d:ab:f4: f0:b5:36:32:83:d2:c0:76:85:a5:5c:04:1e:32:8e:07:50:ca: 74:3a:70:fb:14:ae:4c:9d:8e:09:5d:15:81:e8:d2:e7:0f:f5: 57:b8:52:1d:f9:9d:40:b1:e4:db:3d:e3:a2:c7:e5:35:d7:35: 28:2a:f6:27 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDUyNDAxMTAvBgNVBAUTKDVEODlGM0FBRjlCMTNBMDdBNUIyNjRGMkRFQkE2NEQ1 QzUwMDY1MUMwHhcNMjUwMjA5MDI0NTAwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2E4MTZhYy1hYWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0tE59qv6JE7a/7tbSRljarHoU8GLTFPmbx/neQyVG60q0M/mKnKZqw5Uwore uA//pSwiOM1umUcNB57pCdmVEAVfxeB/pELJuB5nZpooP/AUXydrhqp3PODnDoFV dcLXS/si1ETLiFyuzLybnZIs479VUCA5w6Mef24XU/K3nQRodBaoOdisiJrUrUk7 Vc2So/yYf9fPvVWSF+17q519TU5g32Hqi/IK71GeJ1wR9f+TW3FkWAk+//0B74OV mqGUJL3xj4cWlppCfmdfl8jkYOWNA+Cup6eyxgIdWvXM0Y+SRy9tyut1Uc8+iD7q t28CQLz4rSbVaWEV1QkB/x2eOQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMQeNFDm biPr/4Ub28v1z/KSLoc7MB8GA1UdIwQYMBaAFF2J86r5sToHpbJk8t66ZNXFAGUc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTI0MC8yN0RERTdEODlC N0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9nZWxzbVR5M3JwazFjVUFa UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hZbnpxdm14T2dlbHNtVHkzcnBrMWNVQVpSdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDUyNDAvMjdEREU3RDg5QjdEMTFFREIzQzMzRjVEQzRGOUFFMDIvNURDRTFBMUFB NjNDMTFFRDkzMDYxNjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBADLF6QwDQYJKoZIhvcNAQELBQADggEBACSMrzyI2dKVdiE4 K/F4ccLZyCZh1n4GBfpgQJ3/lX/1S9Y8E6lXhuF0KicOewwb5GFyc9WT14MBRuVD aIJrZnrt9U1AyZVOvep5AAsx40Nl0qS7Hpy11mZL15v1Hrptuuo668Cdf2P3UtJ6 XS5t4xVUpZlZZTfjoDm2ENK0COulURUnS6hwp349MZBRlqJmY+m/7WJUsd/oe54s R7Sge2nN4W+2w4IoFZ/G49sBS2/Eb3WCnlAZtbwWI9/pWEnvjNERIi2r9PC1NjKD 0sB2haVcBB4yjgdQynQ6cPsUrkydjgldFYHo0ucP9Ve4Uh35nUCx5Ns946LH5TXX NSgq9ic= -----END CERTIFICATE-----Generated at Sat Apr 5 07:14:05 2025 by rpki-client