$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/D717B9F0B7E511EFB5F63E6DC4F9AE02.roa File: D717B9F0B7E511EFB5F63E6DC4F9AE02.roa (raw, json) Hash identifier: R/nnjeAR+tZePhFeIgEDIZOhg5pi4qQT+4iwQfx8ekU= Subject key identifier: 5B:C3:09:B5:A5:00:71:29:2D:1E:B2:0C:CA:35:E7:85:64:95:DD:6B Certificate issuer: /CN=A91FF428/serialNumber=BE852A8B3B7EA5C5AC5A52AACB852A01A4CDD082 Certificate serial: 0417 Authority key identifier: BE:85:2A:8B:3B:7E:A5:C5:AC:5A:52:AA:CB:85:2A:01:A4:CD:D0:82 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/voUqizt-pcWsWlKqy4UqAaTN0II.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/D717B9F0B7E511EFB5F63E6DC4F9AE02.roa Signing time: Thu 09 Jan 2025 00:14:31 +0000 ROA not before: Thu 09 Jan 2025 00:14:31 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 149289 IP address blocks: 2001:df0:31c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/voUqizt-pcWsWlKqy4UqAaTN0II.crl rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/voUqizt-pcWsWlKqy4UqAaTN0II.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/voUqizt-pcWsWlKqy4UqAaTN0II.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 00:30:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1047 (0x417) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF428 Validity Not Before: Jan 9 00:14:31 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=677f14e7-9d2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:f8:28:a8:06:1b:c6:0c:70:db:48:4e:3d:3a: 87:f3:3e:5d:b1:b5:79:d3:84:cc:85:28:98:e5:b4: e9:0d:a2:97:01:76:52:26:a0:2a:3e:78:c4:97:23: 10:34:e8:68:f3:7e:1e:8a:02:e5:84:33:64:cf:5d: ba:11:55:3d:81:02:96:64:0a:0a:ec:01:e9:67:aa: 03:33:57:16:ce:ac:51:5c:26:04:e3:bc:5e:af:c2: 43:3b:3f:84:e0:4f:34:5a:01:1b:d7:24:69:6b:0b: f1:45:a5:f6:9a:b6:ce:cb:b3:0e:07:f3:53:4b:18: 8a:5f:94:f8:d4:01:dc:cd:63:f4:20:3e:d6:ac:c6: 68:be:18:87:c3:bb:ff:94:68:5a:dc:4a:67:d9:c2: 45:55:0f:5f:85:32:dd:25:36:78:7b:a6:08:ac:5e: 99:39:21:58:67:c8:de:43:bc:9e:de:7a:5b:90:5d: 73:0d:0f:79:ea:d3:fe:c2:49:e7:9f:4e:d5:a7:13: 6f:57:25:1a:5e:83:15:d3:5c:0c:af:e4:10:7d:97: 9d:61:cd:d1:ef:f3:21:6f:47:5c:28:80:e0:34:ae: 9d:a2:a8:f0:0b:9b:b3:73:14:71:7a:ce:ce:68:1b: be:8c:72:ad:91:c7:c1:79:9e:6c:9f:20:b7:23:15: 30:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:C3:09:B5:A5:00:71:29:2D:1E:B2:0C:CA:35:E7:85:64:95:DD:6B X509v3 Authority Key Identifier: keyid:BE:85:2A:8B:3B:7E:A5:C5:AC:5A:52:AA:CB:85:2A:01:A4:CD:D0:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/voUqizt-pcWsWlKqy4UqAaTN0II.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/voUqizt-pcWsWlKqy4UqAaTN0II.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF428/35EB13485DD811ECB9B4D630C4F9AE02/D717B9F0B7E511EFB5F63E6DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df0:31c0::/48 Signature Algorithm: sha256WithRSAEncryption 7b:e5:1f:80:15:76:b4:c8:96:6d:94:0c:ca:6c:01:aa:e0:d5: c3:0b:71:41:14:9f:c6:3b:15:d1:e5:63:81:70:5e:cd:ee:6b: 55:c8:04:82:e5:17:37:0b:03:c2:d8:35:5c:d4:94:6a:6f:c7: 04:01:34:41:6b:f6:cf:23:5b:38:92:0b:e4:9d:02:2e:cc:61: 91:ee:48:d1:cc:0b:38:66:46:5e:e6:a8:21:84:38:96:8b:11: a7:d4:c1:a7:55:5b:45:5b:f4:24:1f:3a:36:b7:17:07:aa:46: bc:ed:b5:e7:a6:91:83:5b:51:d1:62:10:67:30:33:e3:c3:12: 50:b2:e0:5c:81:72:07:0a:b5:93:8e:10:34:a7:f1:4b:41:f9: e4:6b:93:25:66:40:6d:44:2f:ea:b9:9a:e1:cf:06:64:59:8e: 34:df:65:3c:7d:0a:50:1d:5f:54:c9:e1:10:2e:67:83:86:85: a2:de:e6:ac:98:be:c0:67:26:6d:d4:46:4d:de:ba:03:35:37: e7:d3:ac:e6:a5:74:61:da:00:55:a1:98:d6:4c:52:57:e9:18: 0a:83:30:6e:0b:29:fb:fd:3f:d3:1b:9a:62:90:72:d4:f4:1e: ea:dc:3f:20:8f:9c:ea:a7:ab:2f:13:4f:49:57:3b:4c:cf:8a: e8:a9:85:19 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICBBcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkY0MjgxMTAvBgNVBAUTKEJFODUyQThCM0I3RUE1QzVBQzVBNTJBQUNCODUyQTAx QTRDREQwODIwHhcNMjUwMTA5MDAxNDMxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzdmMTRlNy05ZDJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx/goqAYbxgxw20hOPTqH8z5dsbV504TMhSiY5bTpDaKXAXZSJqAqPnjElyMQ NOho834eigLlhDNkz126EVU9gQKWZAoK7AHpZ6oDM1cWzqxRXCYE47xer8JDOz+E 4E80WgEb1yRpawvxRaX2mrbOy7MOB/NTSxiKX5T41AHczWP0ID7WrMZovhiHw7v/ lGha3Epn2cJFVQ9fhTLdJTZ4e6YIrF6ZOSFYZ8jeQ7ye3npbkF1zDQ956tP+wknn n07VpxNvVyUaXoMV01wMr+QQfZedYc3R7/Mhb0dcKIDgNK6doqjwC5uzcxRxes7O aBu+jHKtkcfBeZ5snyC3IxUwDQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFFvDCbWl AHEpLR6yDMo154Vkld1rMB8GA1UdIwQYMBaAFL6FKos7fqXFrFpSqsuFKgGkzdCC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjQyOC8zNUVCMTM0ODVE RDgxMUVDQjlCNEQ2MzBDNEY5QUUwMi92b1VxaXp0LXBjV3NXbEtxeTRVcUFhVE4w SUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZvVXFpenQtcGNXc1dsS3F5NFVxQWFUTjBJSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkY0MjgvMzVFQjEzNDg1REQ4MTFFQ0I5QjRENjMwQzRGOUFFMDIvRDcxN0I5RjBC N0U1MTFFRkI1RjYzRTZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAgAQ3wMcAwDQYJKoZIhvcNAQELBQADggEBAHvlH4AVdrTI lm2UDMpsAarg1cMLcUEUn8Y7FdHlY4FwXs3ua1XIBILlFzcLA8LYNVzUlGpvxwQB NEFr9s8jWziSC+SdAi7MYZHuSNHMCzhmRl7mqCGEOJaLEafUwadVW0Vb9CQfOja3 FweqRrztteemkYNbUdFiEGcwM+PDElCy4FyBcgcKtZOOEDSn8UtB+eRrkyVmQG1E L+q5muHPBmRZjjTfZTx9ClAdX1TJ4RAuZ4OGhaLe5qyYvsBnJm3URk3eugM1N+fT rOaldGHaAFWhmNZMUlfpGAqDMG4LKfv9P9MbmmKQctT0HurcPyCPnOqnqy8TT0lX O0zPiuiphRk= -----END CERTIFICATE-----Generated at Sat Apr 5 03:54:06 2025 by rpki-client