$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/72294810EAB211EF902A7E27C4F9AE02.roa File: 72294810EAB211EF902A7E27C4F9AE02.roa (raw, json) Hash identifier: FSFReYDaeQFvJdY+hyjPH64a3aCnAjTrkrMSrqHp11w= Subject key identifier: 67:69:AF:41:64:2E:BE:44:09:C4:BB:92:68:7F:0F:C7:E9:00:D3:7B Certificate issuer: /CN=A91FB68C/serialNumber=A2288F8964D6169A8795F2F4EF05E0D5E6E13B09 Certificate serial: 04 Authority key identifier: A2:28:8F:89:64:D6:16:9A:87:95:F2:F4:EF:05:E0:D5:E6:E1:3B:09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/72294810EAB211EF902A7E27C4F9AE02.roa Signing time: Fri 14 Feb 2025 09:03:34 +0000 ROA not before: Fri 14 Feb 2025 09:03:34 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 150696 IP address blocks: 163.61.138.0/24 maxlen: 24 2001:df5:1740::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.crl rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 07:11:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FB68C Validity Not Before: Feb 14 09:03:34 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=67af06e5-e403 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:43:e0:ca:a1:7d:1c:13:8d:d5:62:bb:35:12: 90:4f:d8:5e:18:a3:0d:f0:c1:f1:7c:bd:d6:70:ac: 97:dd:cd:99:97:55:bc:f2:7a:c2:d1:2c:3f:15:cc: 88:d5:c9:64:71:23:e9:02:ed:1a:eb:41:bf:76:5c: 33:2a:b1:41:f2:ea:2c:8e:61:98:50:c9:3a:f6:4c: 41:bd:bf:f1:4c:ff:00:27:b3:0f:12:86:80:6b:81: 94:ad:54:bb:29:da:1c:1f:68:63:aa:b0:54:42:51: e6:3e:80:be:b4:b0:b2:03:ec:94:a7:c6:3d:a8:1d: 0b:d9:67:5a:80:16:85:a7:70:f4:45:71:f8:99:5b: 10:44:a6:06:2a:7b:9d:a1:bd:6c:4e:0c:c0:c2:52: b9:c8:94:6a:dc:47:5e:fa:92:75:2d:9e:33:d8:a7: 42:01:29:a0:5f:5f:8e:b1:88:83:49:01:cb:82:43: 20:71:70:77:da:36:c5:35:08:cc:bc:dd:aa:58:43: 6b:0f:e1:ad:e2:0a:4a:96:a4:13:d0:83:b7:a9:e1: d0:fc:b1:a9:25:19:d9:99:2e:34:cc:f6:73:cc:d7: 21:d1:d8:9a:67:e7:e1:af:40:09:40:af:f6:a7:e8: 5d:0b:40:25:7c:41:ce:76:25:e0:d0:c6:3d:ec:50: c4:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:69:AF:41:64:2E:BE:44:09:C4:BB:92:68:7F:0F:C7:E9:00:D3:7B X509v3 Authority Key Identifier: keyid:A2:28:8F:89:64:D6:16:9A:87:95:F2:F4:EF:05:E0:D5:E6:E1:3B:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/72294810EAB211EF902A7E27C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 163.61.138.0/24 IPv6: 2001:df5:1740::/48 Signature Algorithm: sha256WithRSAEncryption 4e:b7:6f:2d:65:88:d6:0b:61:8c:32:6a:93:be:75:c9:5d:1a: 93:41:19:f2:18:e8:fc:c8:dd:bc:4e:15:6e:47:9c:ce:27:5d: 3f:8a:45:d6:69:81:d9:ac:79:85:9b:84:f1:db:1d:c1:4d:c8: b8:f1:93:53:5f:08:c6:9c:1a:81:4a:fb:e5:ab:2e:8e:c3:bc: 36:25:4c:6c:dc:4d:a1:79:f3:38:a2:40:bb:ac:30:1e:27:a4: f1:4b:86:87:d7:c6:a9:65:a2:a2:61:87:4d:3e:3e:85:12:2e: 83:27:d0:a0:be:10:91:b4:25:50:be:85:9a:03:f6:e6:23:0d: 0b:cf:5a:39:12:24:6a:67:d4:85:f7:ec:91:fa:ca:42:c5:98: a3:28:6f:e0:5d:50:8a:00:6b:8d:16:79:30:47:a0:9a:f2:c4: 80:5e:3c:73:d6:4c:6f:35:27:06:62:56:d6:0e:89:97:a2:c2: 4a:58:21:35:ee:74:42:99:bf:55:83:0c:49:8d:e0:e4:8e:33: ee:d9:f1:5e:ed:cb:68:b5:81:9a:b3:94:2a:ea:c1:56:1e:07: ba:ab:f9:9b:95:3b:b8:bf:0f:dc:cf:61:04:54:01:19:dc:f0: 3b:84:93:46:fa:55:da:91:4c:9e:6a:e5:5a:89:ff:2c:ab:70: ee:1b:0c:3b -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QjY4QzExMC8GA1UEBRMoQTIyODhGODk2NEQ2MTY5QTg3OTVGMkY0RUYwNUUwRDVF NkUxM0IwOTAeFw0yNTAyMTQwOTAzMzRaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YWYwNmU1LWU0MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDrQ+DKoX0cE43VYrs1EpBP2F4Yow3wwfF8vdZwrJfdzZmXVbzyesLRLD8VzIjV yWRxI+kC7RrrQb92XDMqsUHy6iyOYZhQyTr2TEG9v/FM/wAnsw8ShoBrgZStVLsp 2hwfaGOqsFRCUeY+gL60sLID7JSnxj2oHQvZZ1qAFoWncPRFcfiZWxBEpgYqe52h vWxODMDCUrnIlGrcR176knUtnjPYp0IBKaBfX46xiINJAcuCQyBxcHfaNsU1CMy8 3apYQ2sP4a3iCkqWpBPQg7ep4dD8saklGdmZLjTM9nPM1yHR2Jpn5+GvQAlAr/an 6F0LQCV8Qc52JeDQxj3sUMSdAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUZ2mvQWQu vkQJxLuSaH8Px+kA03swHwYDVR0jBBgwFoAUoiiPiWTWFpqHlfL07wXg1ebhOwkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCNjhDLzE3RDEwM0E4RUFC MjExRUY4NDZGMTMzN0M0RjlBRTAyL29paVBpV1RXRnBxSGxmTDA3d1hnMWViaE93 ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvb2lpUGlXVFdGcHFIbGZMMDd3WGcxZWJoT3drLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QjY4Qy8xN0QxMDNBOEVBQjIxMUVGODQ2RjEzMzdDNEY5QUUwMi83MjI5NDgxMEVB QjIxMUVGOTAyQTdFMjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAKM9ijAPBAIAAjAJAwcAIAEN9RdAMA0GCSqGSIb3DQEBCwUA A4IBAQBOt28tZYjWC2GMMmqTvnXJXRqTQRnyGOj8yN28ThVuR5zOJ10/ikXWaYHZ rHmFm4Tx2x3BTci48ZNTXwjGnBqBSvvlqy6Ow7w2JUxs3E2hefM4okC7rDAeJ6Tx S4aH18apZaKiYYdNPj6FEi6DJ9CgvhCRtCVQvoWaA/bmIw0Lz1o5EiRqZ9SF9+yR +spCxZijKG/gXVCKAGuNFnkwR6Ca8sSAXjxz1kxvNScGYlbWDomXosJKWCE17nRC mb9VgwxJjeDkjjPu2fFe7ctotYGas5Qq6sFWHge6q/mblTu4vw/cz2EEVAEZ3PA7 hJNG+lXakUyeauVaif8sq3DuGww7 -----END CERTIFICATE-----Generated at Sat Apr 5 22:09:10 2025 by rpki-client