$ rpki-client -vvf rpki.sub.apnic.net/repository/A917447B0000/1/323030313a6466343a353134303a3a2f34342d3438203d3e20313533333436.roa File: 323030313a6466343a353134303a3a2f34342d3438203d3e20313533333436.roa (raw, json) Hash identifier: vq1Dx7sG4WRtaFPZjc9wFRugfLv/UBgy5UEajCDuBjc= Subject key identifier: 48:70:B3:82:32:A2:85:46:54:49:82:61:6E:E1:6C:36:98:EA:2F:3D Certificate issuer: /CN=A917447B0000/serialNumber=7A443962573EC01D5131651F90F46DA19AFC21D2 Certificate serial: 48AE1609E96A5D462A28C76088238730AC6BBBA5 Authority key identifier: 7A:44:39:62:57:3E:C0:1D:51:31:65:1F:90:F4:6D:A1:9A:FC:21:D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ekQ5Ylc-wB1RMWUfkPRtoZr8IdI.cer Subject info access: rsync://rpki.sub.apnic.net/repository/A917447B0000/1/323030313a6466343a353134303a3a2f34342d3438203d3e20313533333436.roa Signing time: Fri 14 Feb 2025 07:42:32 +0000 ROA not before: Fri 14 Feb 2025 07:37:32 +0000 ROA not after: Fri 13 Feb 2026 07:42:32 +0000 asID: 153346 IP address blocks: 2001:df4:5140::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.sub.apnic.net/repository/A917447B0000/1/7A443962573EC01D5131651F90F46DA19AFC21D2.crl rsync://rpki.sub.apnic.net/repository/A917447B0000/1/7A443962573EC01D5131651F90F46DA19AFC21D2.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ekQ5Ylc-wB1RMWUfkPRtoZr8IdI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 03:59:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:ae:16:09:e9:6a:5d:46:2a:28:c7:60:88:23:87:30:ac:6b:bb:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917447B0000 Validity Not Before: Feb 14 07:37:32 2025 GMT Not After : Feb 13 07:42:32 2026 GMT Subject: CN=4870B38232A28546544982616EE16C3698EA2F3D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:12:0f:4e:bd:10:54:0a:60:16:1e:81:02:74: bd:22:5b:b7:32:4a:6b:9f:29:37:1f:60:52:06:51: b5:ba:c2:59:8e:af:ea:ce:df:10:5e:42:95:62:8d: 5c:7a:cb:ef:8f:54:da:ee:fe:a3:52:13:8f:5c:b8: 6d:3e:06:14:90:15:1f:ed:32:ab:d5:a8:d2:53:8d: 09:82:9c:84:57:94:d9:fc:d8:8c:1c:8c:ea:94:65: 16:1a:c3:d6:81:9b:a3:34:e9:0c:30:d7:ed:bb:42: 33:5b:9c:b8:66:54:a4:e2:7b:16:b2:c9:cf:14:ce: b9:36:c1:98:3b:1e:c0:a5:ad:3e:1c:43:1c:82:2d: 8d:c9:4b:ac:7d:fb:15:8c:ea:8e:b7:49:f6:00:7e: ab:73:20:c9:33:3c:24:41:72:c7:99:89:a9:73:17: 95:a7:a7:2f:be:5d:0b:b6:4b:ed:65:b3:d1:f4:0a: 03:84:b4:97:6e:f8:42:15:b8:be:04:8a:b6:91:d1: e0:3f:14:0e:af:40:bc:d5:e4:70:2c:ad:6f:fe:bf: 64:ea:6c:a2:f5:f8:0d:7c:49:a0:6e:28:34:56:c2: a3:a3:a5:c8:ee:b7:8a:42:a8:21:7f:9b:b0:bf:75: e9:d1:3f:4f:9f:53:b3:06:68:71:ee:90:3e:75:6c: aa:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:70:B3:82:32:A2:85:46:54:49:82:61:6E:E1:6C:36:98:EA:2F:3D X509v3 Authority Key Identifier: keyid:7A:44:39:62:57:3E:C0:1D:51:31:65:1F:90:F4:6D:A1:9A:FC:21:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.sub.apnic.net/repository/A917447B0000/1/7A443962573EC01D5131651F90F46DA19AFC21D2.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ekQ5Ylc-wB1RMWUfkPRtoZr8IdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A917447B0000/1/323030313a6466343a353134303a3a2f34342d3438203d3e20313533333436.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:5140::/44 Signature Algorithm: sha256WithRSAEncryption 3d:85:d8:b9:09:4a:4a:cf:6d:42:51:c1:72:0b:9f:a6:6d:4e: c9:40:16:19:e1:bd:25:7f:c5:91:95:d4:9d:52:0e:66:fb:21: 07:6a:a0:92:cd:f2:ee:56:bd:4a:b3:c6:bf:83:79:42:7f:97: dd:8c:fb:4a:dd:05:0e:19:50:87:13:62:95:0a:17:ce:43:82: 3c:99:17:54:2c:af:82:77:d9:e1:27:8b:e7:2d:c1:97:7f:5e: 23:fe:21:48:af:4f:20:84:cf:2f:71:30:6b:64:b2:b9:4a:e9: 35:c2:c8:4e:ef:b7:8c:bb:83:6d:c9:72:d1:43:c2:fe:91:0f: af:c6:20:49:fd:52:7d:6b:0f:77:d8:2e:fc:ea:2c:94:6e:cd: 0f:f9:b2:d5:31:b0:0a:be:72:77:22:69:32:99:10:a7:98:0e: b6:3a:e6:3c:e7:59:6e:70:84:8e:15:8d:d6:48:8e:8d:dc:fa: 17:ea:d8:5b:36:93:bc:a7:f9:8d:96:36:6c:5f:01:4a:9b:a3: 82:69:bf:c2:c9:68:03:d8:94:81:a3:f9:af:8b:e4:9f:f5:ca: 06:52:ae:ed:ca:75:9a:36:db:9a:55:1b:05:8e:10:7c:bd:0c: 47:a8:db:c4:4d:bf:66:61:96:5a:9e:d3:d9:a3:6f:09:8d:df: 07:cc:27:e1 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUSK4WCelqXUYqKMdgiCOHMKxru6UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNzQ0N0IwMDAwMTEwLwYDVQQFEyg3QTQ0Mzk2MjU3 M0VDMDFENTEzMTY1MUY5MEY0NkRBMTlBRkMyMUQyMB4XDTI1MDIxNDA3MzczMloX DTI2MDIxMzA3NDIzMlowMzExMC8GA1UEAxMoNDg3MEIzODIzMkEyODU0NjU0NDk4 MjYxNkVFMTZDMzY5OEVBMkYzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOYSD069EFQKYBYegQJ0vSJbtzJKa58pNx9gUgZRtbrCWY6v6s7fEF5ClWKN XHrL749U2u7+o1ITj1y4bT4GFJAVH+0yq9Wo0lONCYKchFeU2fzYjByM6pRlFhrD 1oGbozTpDDDX7btCM1ucuGZUpOJ7FrLJzxTOuTbBmDsewKWtPhxDHIItjclLrH37 FYzqjrdJ9gB+q3MgyTM8JEFyx5mJqXMXlaenL75dC7ZL7WWz0fQKA4S0l274QhW4 vgSKtpHR4D8UDq9AvNXkcCytb/6/ZOpsovX4DXxJoG4oNFbCo6OlyO63ikKoIX+b sL916dE/T59TswZoce6QPnVsqpUCAwEAAaOCAh8wggIbMB0GA1UdDgQWBBRIcLOC MqKFRlRJgmFu4Ww2mOovPTAfBgNVHSMEGDAWgBR6RDliVz7AHVExZR+Q9G2hmvwh 0jAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE3NDQ3QjAwMDAvMS83QTQ0Mzk2 MjU3M0VDMDFENTEzMTY1MUY5MEY0NkRBMTlBRkMyMUQyLmNybDB+BggrBgEFBQcB AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9la1E1WWxjLXdC MVJNV1Vma1BSdG9acjhJZEkuY2VyMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYB BQUHMAuGd3JzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkx NzQ0N0IwMDAwLzEvMzIzMDMwMzEzYTY0NjYzNDNhMzUzMTM0MzAzYTNhMmYzNDM0 MmQzNDM4MjAzZDNlMjAzMTM1MzMzMzM0MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYI KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQgAQ30UUAwDQYJ KoZIhvcNAQELBQADggEBAD2F2LkJSkrPbUJRwXILn6ZtTslAFhnhvSV/xZGV1J1S Dmb7IQdqoJLN8u5WvUqzxr+DeUJ/l92M+0rdBQ4ZUIcTYpUKF85DgjyZF1Qsr4J3 2eEni+ctwZd/XiP+IUivTyCEzy9xMGtksrlK6TXCyE7vt4y7g23JctFDwv6RD6/G IEn9Un1rD3fYLvzqLJRuzQ/5stUxsAq+cnciaTKZEKeYDrY65jznWW5whI4VjdZI jo3c+hfq2Fs2k7yn+Y2WNmxfAUqbo4Jpv8LJaAPYlIGj+a+L5J/1ygZSru3KdZo2 25pVGwWOEHy9DEeo28RNv2Zhllqe09mjbwmN3wfMJ+E= -----END CERTIFICATE-----Generated at Tue Apr 8 18:41:57 2025 by rpki-client