$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FCDECBBE538711EA81ECEB2EC4F9AE02.roa File: FCDECBBE538711EA81ECEB2EC4F9AE02.roa (raw, json) Hash identifier: 9mCpQyOqxP3hpBsMe2es1MzwnHy+Qdhg6LSTrBrkNfk= Subject key identifier: 61:DF:48:CB:C3:8E:57:16:E7:A5:68:F0:85:E2:27:A7:C0:61:BA:BA Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00 Certificate serial: 1893 Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FCDECBBE538711EA81ECEB2EC4F9AE02.roa Signing time: Tue 18 Feb 2025 17:35:27 +0000 ROA not before: Tue 18 Feb 2025 17:35:27 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 24375 IP address blocks: 49.255.163.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6291 (0x1893) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D Validity Not Before: Feb 18 17:35:27 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67b4c4df-fdc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:70:e9:79:74:e7:8f:47:a2:e9:65:57:28:ba: 59:a6:c2:0e:ac:4c:95:d2:b5:f3:24:88:97:2c:dc: b5:2b:b1:b8:b7:16:ed:5b:5b:c4:7f:aa:9a:ee:05: 87:73:85:8a:77:74:8e:48:8b:e3:1e:67:45:3f:02: 57:c7:75:d1:d5:4a:b4:a5:93:5a:e7:65:24:4e:b0: fb:f7:1f:66:93:80:02:d3:3d:87:ca:42:a2:2c:e3: 31:b1:95:85:8c:52:3c:4f:77:6b:92:ab:14:7b:e5: 39:b1:04:fa:84:a0:86:75:2b:d6:b1:48:14:05:c1: 3a:34:3c:17:a9:c0:2f:4a:2c:d7:18:76:bc:ae:2e: 42:d5:24:8d:27:1b:eb:8c:69:ca:45:dc:42:b7:15: a3:25:f2:96:e1:a1:1d:59:20:c1:3d:13:c0:21:a1: aa:cf:b6:e8:06:8a:aa:03:ed:35:f5:a2:7c:28:28: 2d:f2:92:8f:91:d2:3f:ad:46:c7:5a:4b:ac:eb:01: f1:0f:d8:8d:ea:22:2f:98:13:80:e2:89:60:cf:f6: bb:0d:35:71:2f:f9:3b:90:7b:5b:e2:54:fe:71:42: 7e:f8:9f:96:14:7a:fb:99:7a:ad:50:64:29:aa:1c: 61:b5:83:e6:3e:11:4b:cc:4a:b6:58:14:bf:48:76: 22:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:DF:48:CB:C3:8E:57:16:E7:A5:68:F0:85:E2:27:A7:C0:61:BA:BA X509v3 Authority Key Identifier: keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FCDECBBE538711EA81ECEB2EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.255.163.0/24 Signature Algorithm: sha256WithRSAEncryption 29:80:3b:9c:13:af:e7:58:91:29:2f:2c:e2:2f:08:29:d1:a5: 2c:04:39:80:67:8f:4f:37:4a:e0:81:f1:a9:c1:29:db:ac:19: a4:a7:11:99:14:37:52:cd:0b:84:bc:86:c7:5c:d3:bf:a2:d3: bc:0f:64:05:9a:60:b1:55:6c:aa:81:2e:ba:fa:a5:8b:52:93: 88:68:1e:6a:02:6a:8e:72:06:82:de:df:72:57:3e:44:04:7c: 6e:1b:f5:ca:23:a2:a7:01:34:91:9f:ca:58:28:3d:c6:b5:50: aa:a1:58:be:35:6e:02:62:67:36:ee:2d:c7:c0:3b:27:0e:90: f4:6b:09:00:ac:8f:7e:be:ad:f0:ba:42:bb:be:46:59:eb:ce: ea:37:e6:30:97:39:4c:60:bc:eb:24:29:72:57:cb:97:81:97: 71:dc:63:a7:d2:09:4d:3b:4e:bd:fe:2f:4a:ff:74:bb:92:b2: 9e:1b:c8:6e:62:7f:0b:34:d3:8c:ae:1f:aa:57:a9:e2:00:ba: bb:e6:4e:da:ec:b3:9f:f6:6d:12:2f:36:77:ff:01:b2:d2:5a: 8e:65:90:2b:9a:c0:b4:85:ff:b6:ac:f6:32:01:55:1b:dc:41: 99:ab:00:6c:ac:dd:b6:77:a5:60:5b:55:e9:60:31:c8:d6:b5: 39:bc:54:43 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICGJMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE NDc2Q0JEMDAwHhcNMjUwMjE4MTczNTI3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2I0YzRkZi1mZGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv3DpeXTnj0ei6WVXKLpZpsIOrEyV0rXzJIiXLNy1K7G4txbtW1vEf6qa7gWH c4WKd3SOSIvjHmdFPwJXx3XR1Uq0pZNa52UkTrD79x9mk4AC0z2HykKiLOMxsZWF jFI8T3drkqsUe+U5sQT6hKCGdSvWsUgUBcE6NDwXqcAvSizXGHa8ri5C1SSNJxvr jGnKRdxCtxWjJfKW4aEdWSDBPRPAIaGqz7boBoqqA+019aJ8KCgt8pKPkdI/rUbH Wkus6wHxD9iN6iIvmBOA4olgz/a7DTVxL/k7kHtb4lT+cUJ++J+WFHr7mXqtUGQp qhxhtYPmPhFLzEq2WBS/SHYiPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGHfSMvD jlcW56Vo8IXiJ6fAYbq6MB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2 UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvRkNERUNCQkU1 Mzg3MTFFQTgxRUNFQjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAAx/6MwDQYJKoZIhvcNAQELBQADggEBACmAO5wTr+dYkSkv LOIvCCnRpSwEOYBnj083SuCB8anBKdusGaSnEZkUN1LNC4S8hsdc07+i07wPZAWa YLFVbKqBLrr6pYtSk4hoHmoCao5yBoLe33JXPkQEfG4b9cojoqcBNJGfylgoPca1 UKqhWL41bgJiZzbuLcfAOycOkPRrCQCsj36+rfC6Qru+Rlnrzuo35jCXOUxgvOsk KXJXy5eBl3HcY6fSCU07Tr3+L0r/dLuSsp4byG5ifws004yuH6pXqeIAurvmTtrs s5/2bRIvNnf/AbLSWo5lkCuawLSF/7as9jIBVRvcQZmrAGys3bZ3pWBbVelgMcjW tTm8VEM= -----END CERTIFICATE-----Generated at Sun Apr 6 04:00:11 2025 by rpki-client