$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/9907DC46D4BC11EF9BDDAF2EC4F9AE02.roa File: 9907DC46D4BC11EF9BDDAF2EC4F9AE02.roa (raw, json) Hash identifier: y92kZIz5LBcVQY/uLcVjmN9/RMXTLg+VGD41MiTJ1n4= Subject key identifier: 3D:E4:C8:9C:EA:DE:A0:8C:80:66:57:79:19:06:05:98:50:22:7F:01 Certificate issuer: /CN=A91E6D5D/serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81 Certificate serial: 1A8C Authority key identifier: 64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/9907DC46D4BC11EF9BDDAF2EC4F9AE02.roa Signing time: Fri 17 Jan 2025 10:19:56 +0000 ROA not before: Fri 17 Jan 2025 10:19:56 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 3949 IP address blocks: 116.51.19.0/24 maxlen: 24 116.51.20.0/24 maxlen: 24 116.51.22.240/28 maxlen: 32 116.51.23.192/27 maxlen: 27 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6796 (0x1a8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6D5D Validity Not Before: Jan 17 10:19:56 2025 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=678a2ecc-a9d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:66:37:3d:30:4e:15:02:3d:c9:c2:cb:e9:4d: de:88:bc:0f:9e:0b:f7:a8:b4:4d:9a:b9:f9:b7:7d: 9d:9f:30:79:17:dd:c2:9c:59:39:1a:fa:45:78:c8: 17:f2:19:98:9e:9c:92:77:36:36:1b:b3:75:39:72: f3:98:94:7f:59:63:d9:70:ae:eb:12:09:1e:e1:a9: 7b:44:51:47:ca:59:cc:ef:a7:6a:0e:43:5b:82:5f: 0d:66:b5:e4:74:6f:54:66:34:02:0e:62:02:25:02: e6:8a:63:d7:60:31:de:47:64:64:36:0c:ed:92:8d: 58:af:07:cc:03:62:81:30:ca:5c:f6:68:67:99:3f: 0e:4f:17:2e:95:0e:f9:1a:22:3c:4e:aa:09:72:9a: 64:ce:41:c2:4d:47:82:36:b3:0b:af:7b:7b:22:43: 0d:2c:2b:86:df:74:f0:e1:21:e7:c8:79:a2:36:6f: bd:30:8a:65:7d:54:89:34:c5:95:da:24:fb:55:db: a7:5a:ea:b8:9a:33:15:4f:12:cb:49:2c:fe:67:7a: e5:16:b3:61:f9:db:32:2d:f7:29:ca:59:82:a7:54: 7c:68:6d:15:2f:c0:85:75:fe:f7:bc:de:09:70:7c: 03:84:9c:0d:24:f7:1b:28:e7:b0:b3:27:e1:da:42: 00:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:E4:C8:9C:EA:DE:A0:8C:80:66:57:79:19:06:05:98:50:22:7F:01 X509v3 Authority Key Identifier: keyid:64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/9907DC46D4BC11EF9BDDAF2EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 116.51.19.0-116.51.20.255 116.51.22.240/28 116.51.23.192/27 Signature Algorithm: sha256WithRSAEncryption 46:e1:3c:40:cd:d2:7e:07:a9:5a:1c:be:c7:05:9b:bd:11:3a: 8a:2c:e1:65:d2:0e:39:db:7a:3b:e8:a5:bb:ee:e3:db:dc:d1: 84:b1:05:23:ae:59:0d:bc:b8:e8:0a:00:13:87:56:ec:f3:66: eb:53:e4:81:91:34:3d:d3:01:9d:9f:a3:9e:ea:c2:81:ee:01: d8:92:15:a1:52:60:9a:d4:e4:6a:48:0e:4a:2e:7d:65:d2:4c: dc:38:e9:d9:4b:c4:82:5f:0d:26:ab:93:1a:e2:b8:0f:ef:75: ed:76:44:ef:6c:78:4f:2c:76:92:0f:e6:3e:bf:a7:fd:77:cd: dd:2d:24:bd:af:4e:d0:c0:e9:b7:0c:17:f9:71:86:e6:7c:72: 42:d4:10:46:71:73:5e:09:7a:dc:92:2f:4b:3f:4f:d6:eb:a9: 70:08:71:97:63:eb:d4:71:08:16:2e:44:46:f9:f0:29:c0:a4: 7c:4c:6d:ed:6b:ca:b9:b6:24:17:9c:67:a4:df:3b:5c:42:fc: bf:96:69:23:36:e5:ff:b1:6f:16:54:dd:b8:b7:45:f6:cd:ba: ed:6e:c4:6f:de:3a:9e:2c:5e:52:ee:bb:fe:ac:a2:84:43:dd: d8:fe:48:33:fd:ac:df:6b:d4:e5:f4:45:67:82:4e:6c:78:ca: 2b:6a:dd:83 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICGowwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTZENUQxMTAvBgNVBAUTKDY0QTY2NTgxNkFFRkVENzNCMzA3NTAwN0RBNTMzN0FD N0RFQzRCODEwHhcNMjUwMTE3MTAxOTU2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NzhhMmVjYy1hOWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0GY3PTBOFQI9ycLL6U3eiLwPngv3qLRNmrn5t32dnzB5F93CnFk5GvpFeMgX 8hmYnpySdzY2G7N1OXLzmJR/WWPZcK7rEgke4al7RFFHylnM76dqDkNbgl8NZrXk dG9UZjQCDmICJQLmimPXYDHeR2RkNgztko1YrwfMA2KBMMpc9mhnmT8OTxculQ75 GiI8TqoJcppkzkHCTUeCNrMLr3t7IkMNLCuG33Tw4SHnyHmiNm+9MIplfVSJNMWV 2iT7VdunWuq4mjMVTxLLSSz+Z3rlFrNh+dsyLfcpylmCp1R8aG0VL8CFdf73vN4J cHwDhJwNJPcbKOewsyfh2kIA0wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFD3kyJzq 3qCMgGZXeRkGBZhQIn8BMB8GA1UdIwQYMBaAFGSmZYFq7+1zswdQB9pTN6x97EuB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkQ1RC85RENCNjhFMDFE ODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdYT3pCMUFIMmxNM3JIM3NT NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pLWmxnV3J2N1hPekIxQUgybE0zckgzc1M0RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTZENUQvOURDQjY4RTAxRDg4MTFFMjk0Qjk1NUUxMDhCMDJDRDIvOTkwN0RDNDZE NEJDMTFFRjlCRERBRjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMCIEAgABMBwwDAMEAHQzEwMEAHQzFAMFBHQzFvADBQV0MxfAMA0GCSqGSIb3 DQEBCwUAA4IBAQBG4TxAzdJ+B6laHL7HBZu9ETqKLOFl0g4523o76KW77uPb3NGE sQUjrlkNvLjoCgATh1bs82brU+SBkTQ90wGdn6Oe6sKB7gHYkhWhUmCa1ORqSA5K Ln1l0kzcOOnZS8SCXw0mq5Ma4rgP73XtdkTvbHhPLHaSD+Y+v6f9d83dLSS9r07Q wOm3DBf5cYbmfHJC1BBGcXNeCXrcki9LP0/W66lwCHGXY+vUcQgWLkRG+fApwKR8 TG3ta8q5tiQXnGek3ztcQvy/lmkjNuX/sW8WVN24t0X2zbrtbsRv3jqeLF5S7rv+ rKKEQ93Y/kgz/azfa9Tl9EVngk5seMorat2D -----END CERTIFICATE-----Generated at Wed Feb 19 22:02:55 2025 by rpki-client