$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/C4C407A6ABFE11EF8BC3AC17C4F9AE02.roa File: C4C407A6ABFE11EF8BC3AC17C4F9AE02.roa (raw, json) Hash identifier: EhC7Iw3SYEkIxbf/jSCiFbV/awgcX2mr9+KQdTNr1bg= Subject key identifier: C9:3A:A4:C2:5C:FD:D8:F1:3B:92:87:36:A7:5A:DB:9E:AC:7A:0E:EB Certificate issuer: /CN=A91DD125/serialNumber=CE9056B4C65DE3857D4D0E1DB0023D60B6F7D30C Certificate serial: 1791 Authority key identifier: CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/C4C407A6ABFE11EF8BC3AC17C4F9AE02.roa Signing time: Tue 14 Jan 2025 17:04:35 +0000 ROA not before: Tue 14 Jan 2025 17:04:35 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 136620 IP address blocks: 2402:28c0::/32 maxlen: 32 2402:28c0::/40 maxlen: 40 2402:28c0::/48 maxlen: 48 2402:28c0:2::/48 maxlen: 48 2402:28c0:3::/48 maxlen: 48 2402:28c0:4::/48 maxlen: 48 2402:28c0:100::/48 maxlen: 48 2402:28c0:101::/48 maxlen: 48 2402:28c0:102::/47 maxlen: 47 2402:28c0:104::/46 maxlen: 46 2402:28c0:108::/45 maxlen: 45 2402:28c0:110::/44 maxlen: 44 2402:28c0:120::/43 maxlen: 43 2402:28c0:140::/42 maxlen: 42 2402:28c0:180::/41 maxlen: 41 2402:28c0:200::/39 maxlen: 39 2402:28c0:400::/38 maxlen: 38 2402:28c0:800::/37 maxlen: 37 2402:28c0:1000::/36 maxlen: 36 2402:28c0:2000::/35 maxlen: 35 2402:28c0:4000::/34 maxlen: 34 2402:28c0:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/zpBWtMZd44V9TQ4dsAI9YLb30ww.crl rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/zpBWtMZd44V9TQ4dsAI9YLb30ww.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 16:41:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6033 (0x1791) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD125 Validity Not Before: Jan 14 17:04:35 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67869923-6ede Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:91:1a:18:dd:f9:42:1a:b5:0e:b4:ec:44:4e: 96:04:5c:af:ee:af:9c:16:6b:cb:6f:26:b0:cd:ce: 18:e3:50:92:e3:32:23:37:27:e4:24:6b:07:ac:b7: ae:5e:a1:7a:f3:e9:0b:2d:28:7f:7c:0a:4f:36:d1: fb:b0:79:a5:24:8b:a1:66:9b:a2:02:8a:15:e1:0e: 30:11:a9:f9:ec:0c:3b:07:d5:22:9e:d9:40:76:45: df:ad:cb:f0:e8:bc:03:ee:59:ab:33:56:88:62:d3: 38:f8:8d:9a:cf:08:99:99:dc:c6:d6:a1:a0:3b:ab: 0e:38:bf:e5:cb:d8:e1:24:e2:86:34:64:85:8a:ae: 29:09:63:0b:ba:fe:32:f6:d7:f8:b1:8e:8a:cf:5a: a0:07:78:be:f7:40:ce:1e:15:90:57:56:cb:fd:f7: 07:9d:01:82:06:31:6b:7c:f4:68:76:04:b7:1a:9b: 17:0b:d8:28:bf:20:70:4d:fb:8f:cb:df:59:cc:d5: af:40:fc:dd:35:d5:b2:ee:a7:88:6c:de:f5:2c:a8: f1:18:c9:0b:1a:2d:03:a7:11:56:a4:de:3b:6c:21: 69:65:73:de:26:55:24:7b:cb:dc:30:a2:c0:24:20: ef:0d:e6:d7:42:cc:e9:d0:40:a1:c9:13:10:25:44: 6a:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:3A:A4:C2:5C:FD:D8:F1:3B:92:87:36:A7:5A:DB:9E:AC:7A:0E:EB X509v3 Authority Key Identifier: keyid:CE:90:56:B4:C6:5D:E3:85:7D:4D:0E:1D:B0:02:3D:60:B6:F7:D3:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/zpBWtMZd44V9TQ4dsAI9YLb30ww.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zpBWtMZd44V9TQ4dsAI9YLb30ww.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD125/7A142D00D95E11E787A1A766C4F9AE02/C4C407A6ABFE11EF8BC3AC17C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2402:28c0::/32 Signature Algorithm: sha256WithRSAEncryption 1f:c1:9d:5f:d1:58:cf:2e:c7:30:d8:ff:12:73:05:21:e8:3b: 3c:e0:7f:85:83:9b:52:1f:80:9e:07:4c:6f:5f:e6:5e:f3:b8: 23:a3:81:7d:e0:b7:5c:2d:90:e1:5d:b4:e8:40:b7:35:ab:45: 76:af:01:bf:a8:d0:3a:7c:a5:89:6b:64:89:d0:cd:99:82:8e: a2:7e:67:1e:dc:20:e6:1a:53:9d:39:af:0f:b4:7c:97:b9:fe: 2a:5b:4d:57:40:24:12:97:6c:48:03:14:aa:ff:27:eb:e7:11: cb:e8:0b:c1:9e:1f:56:fc:c0:e0:c5:71:bd:3e:c9:b2:75:b2: 23:ea:99:90:61:e1:eb:94:39:ed:39:ba:bf:87:85:2c:0f:a3: 2c:95:66:89:88:41:f6:bb:4f:4f:b3:10:46:dc:ed:de:04:d0: 24:20:a0:cb:d5:d2:b5:79:92:e1:39:29:85:1e:d9:96:04:44: fd:52:77:ff:bc:bc:09:0f:29:d4:df:da:76:9c:98:b1:1b:34: 2a:5e:d9:75:3d:7e:87:86:93:2b:58:bb:2c:c5:9a:34:03:72: 10:17:b8:23:73:0b:7e:53:bf:6a:e8:3d:60:43:da:a9:9f:44: 74:8a:d5:6a:59:e9:8e:16:d0:90:fa:ad:00:61:67:6d:4f:50: 7e:d3:ae:85 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICF5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQxMjUxMTAvBgNVBAUTKENFOTA1NkI0QzY1REUzODU3RDREMEUxREIwMDIzRDYw QjZGN0QzMEMwHhcNMjUwMTE0MTcwNDM1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzg2OTkyMy02ZWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt5EaGN35Qhq1DrTsRE6WBFyv7q+cFmvLbyawzc4Y41CS4zIjNyfkJGsHrLeu XqF68+kLLSh/fApPNtH7sHmlJIuhZpuiAooV4Q4wEan57Aw7B9UintlAdkXfrcvw 6LwD7lmrM1aIYtM4+I2azwiZmdzG1qGgO6sOOL/ly9jhJOKGNGSFiq4pCWMLuv4y 9tf4sY6Kz1qgB3i+90DOHhWQV1bL/fcHnQGCBjFrfPRodgS3GpsXC9govyBwTfuP y99ZzNWvQPzdNdWy7qeIbN71LKjxGMkLGi0DpxFWpN47bCFpZXPeJlUke8vcMKLA JCDvDebXQszp0EChyRMQJURqWQIDAQABo4ICljCCApIwHQYDVR0OBBYEFMk6pMJc /djxO5KHNqda256seg7rMB8GA1UdIwQYMBaAFM6QVrTGXeOFfU0OHbACPWC299MM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDEyNS83QTE0MkQwMEQ5 NUUxMUU3ODdBMUE3NjZDNEY5QUUwMi96cEJXdE1aZDQ0VjlUUTRkc0FJOVlMYjMw d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pwQld0TVpkNDRWOVRRNGRzQUk5WUxiMzB3dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REQxMjUvN0ExNDJEMDBEOTVFMTFFNzg3QTFBNzY2QzRGOUFFMDIvQzRDNDA3QTZB QkZFMTFFRjhCQzNBQzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkAijAMA0GCSqGSIb3DQEBCwUAA4IBAQAfwZ1f0VjPLscw 2P8ScwUh6Ds84H+Fg5tSH4CeB0xvX+Ze87gjo4F94LdcLZDhXbToQLc1q0V2rwG/ qNA6fKWJa2SJ0M2Zgo6ifmce3CDmGlOdOa8PtHyXuf4qW01XQCQSl2xIAxSq/yfr 5xHL6AvBnh9W/MDgxXG9PsmydbIj6pmQYeHrlDntObq/h4UsD6MslWaJiEH2u09P sxBG3O3eBNAkIKDL1dK1eZLhOSmFHtmWBET9Unf/vLwJDynU39p2nJixGzQqXtl1 PX6HhpMrWLssxZo0A3IQF7gjcwt+U79q6D1gQ9qpn0R0itVqWemOFtCQ+q0AYWdt T1B+066F -----END CERTIFICATE-----Generated at Sat Apr 5 08:14:18 2025 by rpki-client