$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC9A5/0E82C2ECC4F011EA91DCDF77C4F9AE02/7ABC3AE8E3DF11EF83DCFB09C4F9AE02.roa File: 7ABC3AE8E3DF11EF83DCFB09C4F9AE02.roa (raw, json) Hash identifier: gVQKifnCnYrJCXwjiQ6wAan+E1SDbIkqSVrqLa2fv58= Subject key identifier: A9:A7:6A:10:8F:9C:51:A0:FA:0C:D6:A6:EE:B1:16:62:E9:E8:C6:E7 Certificate issuer: /CN=A91EC9A5/serialNumber=E83FCF4C6FC8D74F3B6AB425606E2BC7746D6640 Certificate serial: 087C Authority key identifier: E8:3F:CF:4C:6F:C8:D7:4F:3B:6A:B4:25:60:6E:2B:C7:74:6D:66:40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6D_PTG_I1087arQlYG4rx3RtZkA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC9A5/0E82C2ECC4F011EA91DCDF77C4F9AE02/7ABC3AE8E3DF11EF83DCFB09C4F9AE02.roa Signing time: Mon 31 Mar 2025 21:20:49 +0000 ROA not before: Mon 31 Mar 2025 21:20:48 +0000 ROA not after: Fri 01 Aug 2025 00:00:00 +0000 asID: 136246 IP address blocks: 14.128.12.0/24 maxlen: 24 14.128.13.0/24 maxlen: 24 14.128.14.0/24 maxlen: 24 14.128.15.0/24 maxlen: 24 103.84.173.0/24 maxlen: 24 103.84.174.0/24 maxlen: 24 103.84.175.0/24 maxlen: 24 2400:a2c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC9A5/0E82C2ECC4F011EA91DCDF77C4F9AE02/6D_PTG_I1087arQlYG4rx3RtZkA.crl rsync://rpki.apnic.net/member_repository/A91EC9A5/0E82C2ECC4F011EA91DCDF77C4F9AE02/6D_PTG_I1087arQlYG4rx3RtZkA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6D_PTG_I1087arQlYG4rx3RtZkA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 18:19:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2172 (0x87c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC9A5, serialNumber=E83FCF4C6FC8D74F3B6AB425606E2BC7746D6640 Validity Not Before: Mar 31 21:20:48 2025 GMT Not After : Aug 1 00:00:00 2025 GMT Subject: CN=67eb0730-4352 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:79:93:0e:09:63:f8:3b:ac:40:29:57:a1:64: 3f:05:d9:da:6c:2e:e8:d2:96:d1:6e:83:e2:5c:7e: 67:16:1e:b1:53:21:04:f9:b9:85:d5:38:c7:a4:b5: 85:82:b7:6d:7a:bc:f4:63:a0:fa:f7:df:78:b6:d1: f4:70:7c:a1:8f:1c:cb:95:fb:6b:f9:06:53:9d:8b: cb:09:b1:dc:17:ec:e5:56:3c:5b:3b:d4:f0:32:9b: 6f:12:23:4a:46:fb:16:0d:39:ae:80:ae:2a:9f:ca: 3b:d4:13:0d:c2:0a:d4:25:f4:de:23:62:13:bd:b4: d6:30:37:9b:3f:af:c6:19:b1:42:57:fc:46:a1:e6: 1c:ed:31:34:8d:13:5c:0e:29:f8:d7:01:29:2d:e7: 77:2c:cb:a2:68:b2:bc:52:d0:ed:e3:84:fe:25:af: d6:74:fe:e7:fe:1a:37:61:d6:8c:7e:43:7e:8e:29: cc:7c:03:6a:57:0d:bc:f2:41:65:ba:8b:a2:9c:ee: a6:65:c1:fe:22:fb:88:ee:f6:d7:5a:07:3c:28:9a: 19:bf:91:f9:d1:4d:a6:f4:30:0e:60:00:7a:8d:54: 1b:9b:3e:0f:a5:73:a0:0b:f6:a4:dd:6f:57:d0:88: 45:db:b7:31:8d:fd:9d:0f:7e:c1:d5:cd:58:44:a9: c3:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:A7:6A:10:8F:9C:51:A0:FA:0C:D6:A6:EE:B1:16:62:E9:E8:C6:E7 X509v3 Authority Key Identifier: keyid:E8:3F:CF:4C:6F:C8:D7:4F:3B:6A:B4:25:60:6E:2B:C7:74:6D:66:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC9A5/0E82C2ECC4F011EA91DCDF77C4F9AE02/6D_PTG_I1087arQlYG4rx3RtZkA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6D_PTG_I1087arQlYG4rx3RtZkA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC9A5/0E82C2ECC4F011EA91DCDF77C4F9AE02/7ABC3AE8E3DF11EF83DCFB09C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.128.12.0/22 103.84.173.0-103.84.175.255 IPv6: 2400:a2c0::/32 Signature Algorithm: sha256WithRSAEncryption 93:a7:c9:ee:dd:f0:c4:c5:43:6e:99:92:07:a4:cd:cd:26:7d: 05:da:00:20:3d:01:f4:cd:13:02:48:8f:a8:bd:5c:38:ab:c4: 5a:8a:40:30:3c:60:3e:d4:8c:2f:56:0c:0e:7c:98:b5:ac:43: 4b:63:d1:47:06:2c:ae:19:27:24:48:c8:58:a1:7e:16:72:b9: 96:a9:46:de:2f:e4:17:eb:0a:c9:c4:22:1c:28:26:e4:ec:bd: 01:d2:de:6b:51:66:b3:0a:6c:83:a0:ac:f8:98:28:81:0c:42: 42:cd:74:36:25:27:8d:d7:c5:b8:bd:ac:24:af:3c:5d:62:59: 08:0c:02:e2:b8:0e:cf:4e:4a:4e:ee:9c:47:94:d3:47:0d:1c: ef:30:44:55:96:98:79:e9:58:13:d4:db:8c:5c:7c:a5:8f:4c: 2b:9d:79:42:1c:52:fd:c3:21:fc:3f:2d:5d:b4:14:7f:e4:ee: 30:be:df:61:e0:06:b4:1c:ee:c0:91:81:82:b4:e1:8e:d5:1e: 9f:a3:fd:3e:8f:47:8b:8c:30:37:42:be:49:26:47:6d:85:ae: 34:02:72:2d:fc:86:72:3a:8a:3a:65:c4:4d:41:c6:e4:55:89: 7f:dd:57:58:3c:95:3b:f4:4e:d8:39:e6:93:df:b2:56:39:80: f6:bc:a6:af -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICCHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUM5QTUxMTAvBgNVBAUTKEU4M0ZDRjRDNkZDOEQ3NEYzQjZBQjQyNTYwNkUyQkM3 NzQ2RDY2NDAwHhcNMjUwMzMxMjEyMDQ4WhcNMjUwODAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2ViMDczMC00MzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnXmTDglj+DusQClXoWQ/BdnabC7o0pbRboPiXH5nFh6xUyEE+bmF1TjHpLWF grdterz0Y6D69994ttH0cHyhjxzLlftr+QZTnYvLCbHcF+zlVjxbO9TwMptvEiNK RvsWDTmugK4qn8o71BMNwgrUJfTeI2ITvbTWMDebP6/GGbFCV/xGoeYc7TE0jRNc Din41wEpLed3LMuiaLK8UtDt44T+Ja/WdP7n/ho3YdaMfkN+jinMfANqVw288kFl uouinO6mZcH+IvuI7vbXWgc8KJoZv5H50U2m9DAOYAB6jVQbmz4PpXOgC/ak3W9X 0IhF27cxjf2dD37B1c1YRKnDcwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFKmnahCP nFGg+gzWpu6xFmLp6MbnMB8GA1UdIwQYMBaAFOg/z0xvyNdPO2q0JWBuK8d0bWZA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzlBNS8wRTgyQzJFQ0M0 RjAxMUVBOTFEQ0RGNzdDNEY5QUUwMi82RF9QVEdfSTEwODdhclFsWUc0cngzUnRa a0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZEX1BUR19JMTA4N2FyUWxZRzRyeDNSdFprQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUM5QTUvMEU4MkMyRUNDNEYwMTFFQTkxRENERjc3QzRGOUFFMDIvN0FCQzNBRThF M0RGMTFFRjgzRENGQjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBoEAgABMBQDBAIOgAwwDAMEAGdUrQMEBGdUoDANBAIAAjAHAwUAJACiwDAN BgkqhkiG9w0BAQsFAAOCAQEAk6fJ7t3wxMVDbpmSB6TNzSZ9BdoAID0B9M0TAkiP qL1cOKvEWopAMDxgPtSML1YMDnyYtaxDS2PRRwYsrhknJEjIWKF+FnK5lqlG3i/k F+sKycQiHCgm5Oy9AdLea1Fmswpsg6Cs+JgogQxCQs10NiUnjdfFuL2sJK88XWJZ CAwC4rgOz05KTu6cR5TTRw0c7zBEVZaYeelYE9TbjFx8pY9MK515QhxS/cMh/D8t XbQUf+TuML7fYeAGtBzuwJGBgrThjtUen6P9Po9Hi4wwN0K+SSZHbYWuNAJyLfyG cjqKOmXETUHG5FWJf91XWDyVO/RO2Dnmk9+yVjmA9rymrw== -----END CERTIFICATE-----Generated at Sun Apr 20 22:35:45 2025 by rpki-client