$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/4BBA96965CD511EE9A078180C4F9AE02.roa File: 4BBA96965CD511EE9A078180C4F9AE02.roa (raw, json) Hash identifier: s8gyc+lMEl4nS7dY6mvX8/vnSbnC7+O4jW7tyoFs1/s= Subject key identifier: 6C:40:CD:66:D8:A9:83:91:CD:82:3C:CD:06:35:31:24:16:59:F2:F8 Certificate issuer: /CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352 Certificate serial: 0221 Authority key identifier: 17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/4BBA96965CD511EE9A078180C4F9AE02.roa Signing time: Wed 05 Mar 2025 03:48:06 +0000 ROA not before: Wed 05 Mar 2025 03:48:06 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 139883 IP address blocks: 166.120.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.crl rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 02:11:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 545 (0x221) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2B47 Validity Not Before: Mar 5 03:48:06 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c7c976-dfb5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:c8:4b:ec:4c:54:2d:fe:8f:46:2a:72:14:c8: 18:a1:8b:50:50:38:d1:5c:d1:7e:7c:61:f8:4f:32: 1a:d7:4e:bb:b8:7d:3f:b2:d5:58:b1:de:83:10:32: 89:fa:8c:3b:2d:8d:92:1d:0a:a2:66:6a:7c:6a:e8: 29:39:06:6d:03:0c:f3:d6:d2:03:a4:bd:0d:53:ac: 4a:ae:e5:c3:d7:a3:2c:78:94:50:13:5e:8f:ef:a2: db:33:05:34:60:8c:86:bd:ff:f9:4c:cf:55:1a:b3: f2:0d:12:0c:52:91:7f:73:3c:4f:c1:07:89:44:5d: 6d:01:0e:ba:3a:24:c1:aa:d2:c2:4a:c1:4a:46:fc: a9:8c:7a:5c:a4:b3:ea:17:29:e6:ec:d5:1f:b4:8b: 32:f0:6f:6e:e4:76:a6:dc:6b:a0:07:73:f7:0c:53: 4a:c7:a6:04:b8:ee:75:bf:c4:06:15:7a:3a:de:40: fc:59:49:90:43:bc:f7:b9:b2:71:a5:c7:bb:b3:44: b0:28:5a:25:a5:71:2d:ec:88:df:4e:f5:d8:3f:a8: 50:c9:31:83:57:1a:de:7c:8d:eb:3c:6a:c6:19:57: d6:06:ae:38:a9:7d:f3:6b:12:1b:2b:b5:89:6b:46: 10:6e:d1:cb:57:89:2b:ba:93:a5:2b:7d:7e:07:67: 92:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:40:CD:66:D8:A9:83:91:CD:82:3C:CD:06:35:31:24:16:59:F2:F8 X509v3 Authority Key Identifier: keyid:17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/4BBA96965CD511EE9A078180C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 166.120.128.0/24 Signature Algorithm: sha256WithRSAEncryption 7b:f9:27:a4:79:b8:74:87:be:d8:1a:a1:e7:46:ec:6e:24:64: fd:80:ae:4a:34:ae:ef:57:ef:d5:d0:e0:9c:20:24:e4:0e:72: d1:65:ae:c8:cf:22:89:ca:42:0a:c5:67:18:ea:64:2c:ab:f5: 3c:74:c8:47:6e:09:45:57:00:67:24:61:1e:fa:14:eb:9f:a0: e7:bd:c8:69:5a:b9:5f:97:89:7b:47:db:3d:97:e4:96:11:7f: ae:24:a3:9a:de:4e:a2:d0:28:52:64:c1:66:a1:f0:20:67:d6: df:d0:48:67:bd:43:fc:d6:31:91:fa:6a:76:92:a0:b6:d4:37: fb:b1:0a:41:ed:e9:b2:90:71:ba:e1:3f:ab:71:2c:66:75:c0: 0c:1c:dc:93:64:af:d2:c6:b7:14:5b:e0:e6:0a:4d:ae:b5:09: c6:80:09:8c:30:5a:72:7f:cc:b5:ce:e9:2e:a1:ac:05:50:9b: 45:00:13:d1:a0:e6:cd:df:90:23:57:25:ec:39:a3:3f:1a:ff: 35:75:42:7d:49:dc:29:02:f0:9f:59:9e:3a:45:82:c8:0a:8b: 36:1c:4b:e0:92:3b:2e:19:d1:c1:fd:a9:70:0d:6d:40:30:6d: 75:78:e8:82:6d:47:51:fe:bc:07:4e:ec:43:04:ba:70:8f:3c: a8:29:9b:d1 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJCNDcxMTAvBgNVBAUTKDE3RDVGRTMyM0VCRkQ5QThEMzQ0RTc3QjczNzk5QThF NzU2MjQzNTIwHhcNMjUwMzA1MDM0ODA2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2M3Yzk3Ni1kZmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3chL7ExULf6PRipyFMgYoYtQUDjRXNF+fGH4TzIa1067uH0/stVYsd6DEDKJ +ow7LY2SHQqiZmp8augpOQZtAwzz1tIDpL0NU6xKruXD16MseJRQE16P76LbMwU0 YIyGvf/5TM9VGrPyDRIMUpF/czxPwQeJRF1tAQ66OiTBqtLCSsFKRvypjHpcpLPq Fynm7NUftIsy8G9u5Ham3GugB3P3DFNKx6YEuO51v8QGFXo63kD8WUmQQ7z3ubJx pce7s0SwKFolpXEt7IjfTvXYP6hQyTGDVxrefI3rPGrGGVfWBq44qX3zaxIbK7WJ a0YQbtHLV4krupOlK31+B2eSPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGxAzWbY qYORzYI8zQY1MSQWWfL4MB8GA1UdIwQYMBaAFBfV/jI+v9mo00Tne3N5mo51YkNS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkI0Ny9FODhFOUM3RTMz QUYxMUVEQjYxMDc0MzRDNEY5QUUwMi9GOVgtTWo2XzJhalRST2Q3YzNtYWpuVmlR MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0Y5WC1NajZfMmFqVFJPZDdjM21ham5WaVExSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjJCNDcvRTg4RTlDN0UzM0FGMTFFREI2MTA3NDM0QzRGOUFFMDIvNEJCQTk2OTY1 Q0Q1MTFFRTlBMDc4MTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBACmeIAwDQYJKoZIhvcNAQELBQADggEBAHv5J6R5uHSHvtga oedG7G4kZP2Arko0ru9X79XQ4JwgJOQOctFlrsjPIonKQgrFZxjqZCyr9Tx0yEdu CUVXAGckYR76FOufoOe9yGlauV+XiXtH2z2X5JYRf64ko5reTqLQKFJkwWah8CBn 1t/QSGe9Q/zWMZH6anaSoLbUN/uxCkHt6bKQcbrhP6txLGZ1wAwc3JNkr9LGtxRb 4OYKTa61CcaACYwwWnJ/zLXO6S6hrAVQm0UAE9Gg5s3fkCNXJew5oz8a/zV1Qn1J 3CkC8J9ZnjpFgsgKizYcS+CSOy4Z0cH9qXANbUAwbXV46IJtR1H+vAdO7EMEunCP PKgpm9E= -----END CERTIFICATE-----Generated at Sun Apr 6 02:26:54 2025 by rpki-client