$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/ACFAE180970E11EF9CC7623CC4F9AE02.roa File: ACFAE180970E11EF9CC7623CC4F9AE02.roa (raw, json) Hash identifier: Gk1l67dg5FNqnZfalpzkFwLJz8/jIZg966YRagGgh6M= Subject key identifier: 57:5F:92:CE:A1:CA:44:6F:30:5A:F2:4F:D2:7E:FE:40:C0:13:0A:B8 Certificate issuer: /CN=A91F6FC3/serialNumber=66025976B75F5C29F42C1D80CF4888F7D46058D7 Certificate serial: 3475 Authority key identifier: 66:02:59:76:B7:5F:5C:29:F4:2C:1D:80:CF:48:88:F7:D4:60:58:D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/ACFAE180970E11EF9CC7623CC4F9AE02.roa Signing time: Fri 06 Dec 2024 15:00:48 +0000 ROA not before: Fri 06 Dec 2024 15:00:48 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 9301 IP address blocks: 122.200.164.0/24 maxlen: 24 122.200.165.0/24 maxlen: 24 122.200.168.0/24 maxlen: 24 122.200.169.0/24 maxlen: 24 122.200.173.0/24 maxlen: 24 203.4.162.0/24 maxlen: 24 203.5.127.0/24 maxlen: 24 203.31.57.0/24 maxlen: 24 203.31.101.0/24 maxlen: 24 203.33.71.0/24 maxlen: 24 203.57.79.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.crl rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 14:45:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13429 (0x3475) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F6FC3 Validity Not Before: Dec 6 15:00:48 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=675311a0-ef36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:18:f1:99:b3:5d:b3:f6:8a:97:55:46:b7:6e: f3:64:d6:05:e5:eb:d2:04:69:2d:60:04:68:d0:ba: 95:0e:ef:a8:6b:05:43:1f:b2:0d:ee:a1:ab:41:da: 20:1b:5b:52:ee:a1:c3:4a:92:d6:f6:3c:02:ec:3f: 90:b7:bb:2b:2f:ae:26:f1:c0:38:64:6e:e3:2f:89: ff:f6:75:d8:88:ad:a1:84:31:9c:32:b4:21:f1:6b: 67:56:93:49:73:66:64:15:a8:16:c9:cd:df:fd:4a: 91:a1:f1:af:23:76:b3:5e:c4:e8:96:74:96:14:c1: b6:f1:a7:88:45:7e:6b:2b:f1:93:ba:14:77:56:fc: a7:a8:95:39:f5:51:e6:31:c5:08:e4:e9:e2:1c:9b: 41:b9:7a:ff:88:94:6b:3e:cd:bc:ac:ef:ad:da:ea: f0:60:a0:c0:5e:94:55:91:f2:f6:30:bf:3f:77:d8: 8f:e5:49:89:a1:e7:01:26:cf:ef:8b:39:7b:a2:3c: 5e:44:da:c7:08:b6:ab:42:f7:f6:26:32:1c:59:6e: 18:81:b1:eb:62:a0:38:0b:d1:78:c4:f1:f3:88:9d: a9:6c:08:61:7b:d8:5a:5e:77:fe:d7:d3:ce:99:fd: 07:07:0c:cf:8d:38:58:cc:da:74:2b:61:eb:be:b6: 5f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:5F:92:CE:A1:CA:44:6F:30:5A:F2:4F:D2:7E:FE:40:C0:13:0A:B8 X509v3 Authority Key Identifier: keyid:66:02:59:76:B7:5F:5C:29:F4:2C:1D:80:CF:48:88:F7:D4:60:58:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZgJZdrdfXCn0LB2Az0iI99RgWNc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6FC3/FC9078021D9211E2B3BC2CF608B02CD2/ACFAE180970E11EF9CC7623CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 122.200.164.0/23 122.200.168.0/23 122.200.173.0/24 203.4.162.0/24 203.5.127.0/24 203.31.57.0/24 203.31.101.0/24 203.33.71.0/24 203.57.79.0/24 Signature Algorithm: sha256WithRSAEncryption 81:9c:7a:12:86:76:77:91:b1:e1:c9:8a:7b:13:0f:49:fd:f6: 9d:72:4d:4e:4f:bb:50:5f:1a:74:87:f5:99:02:e7:c0:8b:2b: 95:19:9f:72:f5:77:58:e9:29:a4:d6:05:93:d0:a2:7b:f3:12: 55:de:61:27:0c:e5:b5:54:f5:3c:25:40:6a:ef:1b:6d:27:ae: cd:82:be:34:5d:43:21:7d:88:ff:7c:7d:ba:be:22:d8:c6:0c: 11:f4:42:8e:99:81:de:aa:18:bf:d1:e8:7f:0c:d6:24:96:e2: c0:91:a2:f0:0b:6a:0d:fc:e5:a7:e5:02:27:9e:3f:3a:6d:19: e5:60:20:48:ea:41:e2:71:0d:7d:61:fe:6f:cf:e4:c0:62:32: 15:5b:60:3d:07:a2:bf:07:d9:51:8f:f2:80:cf:40:0b:28:89: 29:55:a0:a0:88:db:e3:0c:ca:7a:bc:3e:21:51:b5:cc:35:3a: 0a:8f:c5:30:fe:52:bc:20:b5:54:d6:6e:b4:12:f0:cb:2d:c9: 06:10:e4:9c:3e:93:f9:bf:dc:78:98:e6:39:39:c6:df:4b:75: 35:b7:e9:65:52:a2:24:54:40:ec:ae:60:fe:93:5e:e2:21:af: 1b:8d:f7:89:66:67:76:e0:7e:35:1e:a2:7b:8a:9f:9a:9e:0a: 6b:7f:28:85 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgICNHUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjZGQzMxMTAvBgNVBAUTKDY2MDI1OTc2Qjc1RjVDMjlGNDJDMUQ4MENGNDg4OEY3 RDQ2MDU4RDcwHhcNMjQxMjA2MTUwMDQ4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzUzMTFhMC1lZjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2BjxmbNds/aKl1VGt27zZNYF5evSBGktYARo0LqVDu+oawVDH7IN7qGrQdog G1tS7qHDSpLW9jwC7D+Qt7srL64m8cA4ZG7jL4n/9nXYiK2hhDGcMrQh8WtnVpNJ c2ZkFagWyc3f/UqRofGvI3azXsTolnSWFMG28aeIRX5rK/GTuhR3VvynqJU59VHm McUI5OniHJtBuXr/iJRrPs28rO+t2urwYKDAXpRVkfL2ML8/d9iP5UmJoecBJs/v izl7ojxeRNrHCLarQvf2JjIcWW4YgbHrYqA4C9F4xPHziJ2pbAhhe9haXnf+19PO mf0HBwzPjThYzNp0K2HrvrZf+QIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFFdfks6h ykRvMFryT9J+/kDAEwq4MB8GA1UdIwQYMBaAFGYCWXa3X1wp9CwdgM9IiPfUYFjX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkZDMy9GQzkwNzgwMjFE OTIxMUUyQjNCQzJDRjYwOEIwMkNEMi9aZ0paZHJkZlhDbjBMQjJBejBpSTk5UmdX TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pnSlpkcmRmWENuMExCMkF6MGlJOTlSZ1dOYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjZGQzMvRkM5MDc4MDIxRDkyMTFFMkIzQkMyQ0Y2MDhCMDJDRDIvQUNGQUUxODA5 NzBFMTFFRjlDQzc2MjNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E QDA+MDwEAgABMDYDBAF6yKQDBAF6yKgDBAB6yK0DBADLBKIDBADLBX8DBADLHzkD BADLH2UDBADLIUcDBADLOU8wDQYJKoZIhvcNAQELBQADggEBAIGcehKGdneRseHJ insTD0n99p1yTU5Pu1BfGnSH9ZkC58CLK5UZn3L1d1jpKaTWBZPQonvzElXeYScM 5bVU9TwlQGrvG20nrs2CvjRdQyF9iP98fbq+ItjGDBH0Qo6Zgd6qGL/R6H8M1iSW 4sCRovALag385aflAieePzptGeVgIEjqQeJxDX1h/m/P5MBiMhVbYD0Hor8H2VGP 8oDPQAsoiSlVoKCI2+MMynq8PiFRtcw1OgqPxTD+UrwgtVTWbrQS8MstyQYQ5Jw+ k/m/3HiY5jk5xt9LdTW36WVSoiRUQOyuYP6TXuIhrxuN94lmZ3bgfjUeonuKn5qe Cmt/KIU= -----END CERTIFICATE-----Generated at Sun Apr 6 02:34:47 2025 by rpki-client