$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE6E8/7BCAFF02091D11EA93BD9E56C4F9AE02/9CDAADC2091E11EAB375615BC4F9AE02.roa File: 9CDAADC2091E11EAB375615BC4F9AE02.roa (raw, json) Hash identifier: cTVFkw9EC/7+0AhzRm+1VoJiYeWjlXwK0sbhIidN0dw= Subject key identifier: D6:B9:35:40:CA:18:A3:70:E8:72:A1:23:9E:02:A8:7A:15:C2:B9:36 Certificate issuer: /CN=A91EE6E8/serialNumber=9629AC710D3E21D5991928D59A4DB65411A96BFF Certificate serial: 0BF0 Authority key identifier: 96:29:AC:71:0D:3E:21:D5:99:19:28:D5:9A:4D:B6:54:11:A9:6B:FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/limscQ0-IdWZGSjVmk22VBGpa_8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE6E8/7BCAFF02091D11EA93BD9E56C4F9AE02/9CDAADC2091E11EAB375615BC4F9AE02.roa Signing time: Fri 10 Jan 2025 18:37:51 +0000 ROA not before: Fri 10 Jan 2025 18:37:51 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 55406 IP address blocks: 45.251.56.0/22 maxlen: 22 45.251.56.0/24 maxlen: 24 45.251.57.0/24 maxlen: 24 45.251.58.0/24 maxlen: 24 45.251.59.0/24 maxlen: 24 103.20.52.0/22 maxlen: 22 103.20.52.0/24 maxlen: 24 103.20.53.0/24 maxlen: 24 103.20.54.0/24 maxlen: 24 103.20.55.0/24 maxlen: 24 103.254.84.0/22 maxlen: 22 103.254.84.0/24 maxlen: 24 103.254.85.0/24 maxlen: 24 103.254.86.0/24 maxlen: 24 103.254.87.0/24 maxlen: 24 182.16.156.0/22 maxlen: 22 182.16.156.0/24 maxlen: 24 182.16.157.0/24 maxlen: 24 182.16.158.0/24 maxlen: 24 182.16.159.0/24 maxlen: 24 2405:f200::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE6E8/7BCAFF02091D11EA93BD9E56C4F9AE02/limscQ0-IdWZGSjVmk22VBGpa_8.crl rsync://rpki.apnic.net/member_repository/A91EE6E8/7BCAFF02091D11EA93BD9E56C4F9AE02/limscQ0-IdWZGSjVmk22VBGpa_8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/limscQ0-IdWZGSjVmk22VBGpa_8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 07:53:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3056 (0xbf0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE6E8 Validity Not Before: Jan 10 18:37:51 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=678168fe-4ad7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:24:45:d0:9d:d4:46:64:da:9d:21:fd:7d:c1: 7e:34:d0:96:32:0b:6d:e0:39:b0:4b:d2:43:ab:c2: 70:1a:29:84:f7:8c:ca:26:bd:19:21:76:10:3b:ae: a3:82:d8:2e:c6:6b:bb:c7:93:c7:c9:bb:f6:cb:7d: 3e:ec:52:12:3e:bc:20:cd:43:41:35:90:cf:0d:16: 84:11:6f:cf:bd:90:c8:8b:20:e1:2f:74:b9:3d:71: 2d:59:5d:20:81:b3:79:94:f7:93:b6:81:41:72:82: d1:66:b7:3e:d2:2e:ef:17:c5:ff:0a:83:53:a3:c0: 31:36:92:f5:b7:66:22:ab:06:df:b8:76:02:9b:85: 6c:7a:bc:da:90:2e:41:10:82:7b:16:87:e7:39:44: 92:fb:9e:27:93:80:7d:a2:64:f5:06:8c:42:47:85: bf:a5:8b:87:8f:7a:e1:27:09:5f:6b:bd:44:3b:78: 0b:90:5e:81:a3:b5:d0:f2:df:1b:20:e1:9f:22:db: 4a:51:78:9e:27:8c:4e:e9:d0:93:38:2c:59:65:3f: 64:14:93:02:0b:7c:d1:c9:9e:85:25:a9:7a:6e:d9: 0d:20:39:fc:c1:50:89:22:da:0a:69:59:6c:ab:2e: a1:b3:2c:d2:01:93:15:d2:33:46:4c:36:bc:31:ac: ab:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:B9:35:40:CA:18:A3:70:E8:72:A1:23:9E:02:A8:7A:15:C2:B9:36 X509v3 Authority Key Identifier: keyid:96:29:AC:71:0D:3E:21:D5:99:19:28:D5:9A:4D:B6:54:11:A9:6B:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE6E8/7BCAFF02091D11EA93BD9E56C4F9AE02/limscQ0-IdWZGSjVmk22VBGpa_8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/limscQ0-IdWZGSjVmk22VBGpa_8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE6E8/7BCAFF02091D11EA93BD9E56C4F9AE02/9CDAADC2091E11EAB375615BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.251.56.0/22 103.20.52.0/22 103.254.84.0/22 182.16.156.0/22 IPv6: 2405:f200::/32 Signature Algorithm: sha256WithRSAEncryption 99:b5:bf:4d:c3:5f:0c:f3:42:9f:3c:08:f9:c4:08:8e:4c:b0: 91:43:e2:52:6b:e9:ae:a6:84:70:97:b8:b5:29:dd:25:5c:9b: 77:8c:d9:ee:bb:8f:8e:2a:74:05:c5:41:86:5b:3a:ab:3c:51: 32:69:f1:7f:f5:e0:4d:75:81:a3:7e:40:44:57:82:0e:8d:7d: 47:95:2c:19:bd:8c:26:82:0a:e9:51:a3:7d:d2:9f:ff:3c:9e: 86:37:06:7f:83:1f:ad:13:3e:aa:77:bb:43:5f:fb:da:cd:1c: 17:a7:2e:c8:b7:18:1b:21:f3:2c:27:37:97:f8:dd:c0:e9:31: 9f:96:1a:72:8c:d3:35:0e:8c:c2:7c:27:38:1e:1f:09:04:6d: 6c:ea:88:f7:fe:63:4e:f4:85:a0:69:ab:21:64:6c:32:f7:9e: 8d:64:36:d6:38:3d:9c:72:2e:f2:c9:ce:6c:c6:35:f1:f6:72: 8c:bb:fc:de:2c:3d:ef:10:c1:a7:d2:b9:fa:be:b8:55:41:cb: c5:cc:b8:8f:01:57:a4:7c:36:6c:49:79:93:df:b0:a4:2c:4b: e0:60:71:92:b2:28:29:9c:91:9f:ee:92:96:26:99:ed:f3:13: 68:88:20:d4:23:32:d7:30:28:e2:8f:46:3a:dc:46:59:4b:9e: 94:5b:d5:00 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICC/AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUU2RTgxMTAvBgNVBAUTKDk2MjlBQzcxMEQzRTIxRDU5OTE5MjhENTlBNERCNjU0 MTFBOTZCRkYwHhcNMjUwMTEwMTgzNzUxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzgxNjhmZS00YWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyyRF0J3URmTanSH9fcF+NNCWMgtt4DmwS9JDq8JwGimE94zKJr0ZIXYQO66j gtguxmu7x5PHybv2y30+7FISPrwgzUNBNZDPDRaEEW/PvZDIiyDhL3S5PXEtWV0g gbN5lPeTtoFBcoLRZrc+0i7vF8X/CoNTo8AxNpL1t2YiqwbfuHYCm4VserzakC5B EIJ7FofnOUSS+54nk4B9omT1BoxCR4W/pYuHj3rhJwlfa71EO3gLkF6Bo7XQ8t8b IOGfIttKUXieJ4xO6dCTOCxZZT9kFJMCC3zRyZ6FJal6btkNIDn8wVCJItoKaVls qy6hsyzSAZMV0jNGTDa8MayrFQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFNa5NUDK GKNw6HKhI54CqHoVwrk2MB8GA1UdIwQYMBaAFJYprHENPiHVmRko1ZpNtlQRqWv/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTZFOC83QkNBRkYwMjA5 MUQxMUVBOTNCRDlFNTZDNEY5QUUwMi9saW1zY1EwLUlkV1pHU2pWbWsyMlZCR3Bh XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xpbXNjUTAtSWRXWkdTalZtazIyVkJHcGFfOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUU2RTgvN0JDQUZGMDIwOTFEMTFFQTkzQkQ5RTU2QzRGOUFFMDIvOUNEQUFEQzIw OTFFMTFFQUIzNzU2MTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIt+zgDBAJnFDQDBAJn/lQDBAK2EJwwDQQCAAIwBwMFACQF 8gAwDQYJKoZIhvcNAQELBQADggEBAJm1v03DXwzzQp88CPnECI5MsJFD4lJr6a6m hHCXuLUp3SVcm3eM2e67j44qdAXFQYZbOqs8UTJp8X/14E11gaN+QERXgg6NfUeV LBm9jCaCCulRo33Sn/88noY3Bn+DH60TPqp3u0Nf+9rNHBenLsi3GBsh8ywnN5f4 3cDpMZ+WGnKM0zUOjMJ8JzgeHwkEbWzqiPf+Y070haBpqyFkbDL3no1kNtY4PZxy LvLJzmzGNfH2coy7/N4sPe8QwafSufq+uFVBy8XMuI8BV6R8NmxJeZPfsKQsS+Bg cZKyKCmckZ/ukpYmme3zE2iIINQjMtcwKOKPRjrcRllLnpRb1QA= -----END CERTIFICATE-----Generated at Sun Apr 6 22:03:02 2025 by rpki-client