$ rpki-client -vvf rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa File: 2FA57B9A97B611EDAE9D4381C4F9AE02.roa (raw, json) Hash identifier: lxqMNiae0D1WCp5yu5bfMqSlo/P+rEmoNXBcqzUVjb0= Subject key identifier: 17:D5:AD:98:15:D8:40:28:90:DF:22:86:9B:9D:2D:8A:4E:0A:F9:C9 Certificate issuer: /CN=A9117E4D/serialNumber=AE107F3C2977717A1CD3571D183748FD07D9FC5F Certificate serial: 349A Authority key identifier: AE:10:7F:3C:29:77:71:7A:1C:D3:57:1D:18:37:48:FD:07:D9:FC:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa Signing time: Tue 13 May 2025 08:07:37 +0000 ROA not before: Tue 13 May 2025 08:07:37 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 7545 IP address blocks: 14.202.192.0/24 maxlen: 24 60.241.61.0/24 maxlen: 24 110.175.127.0/24 maxlen: 24 203.219.48.0/22 maxlen: 22 220.240.122.0/24 maxlen: 24 220.245.124.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.crl rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 14:27:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13466 (0x349a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9117E4D, serialNumber=AE107F3C2977717A1CD3571D183748FD07D9FC5F Validity Not Before: May 13 08:07:37 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6822fdc9-9c42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:f3:7b:1a:77:db:26:84:f6:e9:ce:9c:71:7a: 30:e1:ac:d0:7f:d4:0c:29:68:dd:be:d4:c5:3c:ab: f5:c4:25:d4:17:da:03:85:e3:5b:e4:43:2d:2d:fd: 80:ce:f7:4f:99:2b:8c:45:15:22:30:d0:ba:a7:ab: b2:d3:29:cd:07:31:e0:f5:39:be:fa:9e:bd:53:6f: 9e:f6:73:80:c5:77:35:28:c6:e2:f3:49:f7:73:17: 12:44:17:50:e0:f5:44:8a:3d:f7:fa:7b:3a:21:74: 3c:32:10:26:58:3d:71:49:9d:d7:16:d8:ee:45:a6: 4c:db:30:0e:16:85:e4:a8:e6:d7:71:8d:d5:3b:74: e6:52:a4:2e:2b:52:f2:af:97:6b:9c:5c:04:97:05: 19:e2:53:22:92:94:2b:e3:bc:76:71:3b:1d:b5:74: 3d:d2:cb:8a:b0:b0:68:6c:b2:a1:dd:39:72:66:45: 58:5e:fe:1e:b5:1f:32:26:04:c7:fb:ec:9b:d4:52: f3:e5:e0:56:56:73:4a:8d:cd:c1:9c:ab:68:97:fb: c5:53:38:b0:fb:56:cf:23:43:3e:67:e6:7a:d0:dd: 91:e7:89:9e:47:e9:2f:3c:1c:4b:cb:7d:c6:1e:6d: 24:b3:0c:67:a8:fd:af:84:e1:ee:98:0d:aa:4c:16: 6c:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:D5:AD:98:15:D8:40:28:90:DF:22:86:9B:9D:2D:8A:4E:0A:F9:C9 X509v3 Authority Key Identifier: keyid:AE:10:7F:3C:29:77:71:7A:1C:D3:57:1D:18:37:48:FD:07:D9:FC:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rhB_PCl3cXoc01cdGDdI_QfZ_F8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117E4D/EA1B1D6A1D8511E2979FE7DC08B02CD2/2FA57B9A97B611EDAE9D4381C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.202.192.0/24 60.241.61.0/24 110.175.127.0/24 203.219.48.0/22 220.240.122.0/24 220.245.124.0/22 Signature Algorithm: sha256WithRSAEncryption 76:4f:cd:e9:a6:b6:1f:e9:92:96:e5:3e:f0:fa:4b:c0:6d:38: 0b:e7:66:1a:89:53:de:a2:ab:94:89:d1:c4:5f:b1:12:7c:ed: bf:35:6f:00:49:c3:1c:96:17:8f:d3:e9:87:a5:dd:e9:72:2a: bb:69:02:25:18:0f:78:a9:7f:aa:15:ed:89:83:3b:f3:f2:e4: 70:04:c5:2e:ea:e7:d7:0e:eb:4d:e5:0d:4d:77:90:fa:d2:e0: 01:59:9c:ef:d9:fe:28:67:74:e0:dc:87:1b:14:43:af:e0:fd: f4:0e:1f:5e:e7:91:ca:9f:e8:cf:dc:ea:f5:14:0a:58:35:77: 66:21:ba:6c:25:ed:7f:c6:ce:99:31:b2:8f:9f:64:0e:e0:37: 3a:5a:19:70:83:23:94:ca:2c:2a:28:7f:80:02:b3:3f:c2:76: 26:f4:21:9d:a7:32:9a:7d:9b:0c:b5:cd:94:67:ae:34:74:ff: 56:8a:e3:08:25:23:b8:16:7f:1e:7e:af:4a:16:58:9e:39:98: c9:db:b1:19:9c:73:5a:2b:dd:9c:ea:95:52:1e:09:27:c7:78: e0:55:5f:3a:d2:1b:1e:0b:cd:7d:3c:99:56:90:9c:3d:66:4d: 01:8c:f3:1b:4d:f5:32:e0:53:3f:3a:35:e1:1f:8b:e4:58:d6: bd:cd:a1:be -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICNJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTdFNEQxMTAvBgNVBAUTKEFFMTA3RjNDMjk3NzcxN0ExQ0QzNTcxRDE4Mzc0OEZE MDdEOUZDNUYwHhcNMjUwNTEzMDgwNzM3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODIyZmRjOS05YzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4PN7GnfbJoT26c6ccXow4azQf9QMKWjdvtTFPKv1xCXUF9oDheNb5EMtLf2A zvdPmSuMRRUiMNC6p6uy0ynNBzHg9Tm++p69U2+e9nOAxXc1KMbi80n3cxcSRBdQ 4PVEij33+ns6IXQ8MhAmWD1xSZ3XFtjuRaZM2zAOFoXkqObXcY3VO3TmUqQuK1Ly r5drnFwElwUZ4lMikpQr47x2cTsdtXQ90suKsLBobLKh3TlyZkVYXv4etR8yJgTH ++yb1FLz5eBWVnNKjc3BnKtol/vFUziw+1bPI0M+Z+Z60N2R54meR+kvPBxLy33G Hm0kswxnqP2vhOHumA2qTBZszwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFBfVrZgV 2EAokN8ihpudLYpOCvnJMB8GA1UdIwQYMBaAFK4Qfzwpd3F6HNNXHRg3SP0H2fxf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExN0U0RC9FQTFCMUQ2QTFE ODUxMUUyOTc5RkU3REMwOEIwMkNEMi9yaEJfUENsM2NYb2MwMWNkR0RkSV9RZlpf RjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JoQl9QQ2wzY1hvYzAxY2RHRGRJX1FmWl9GOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MTdFNEQvRUExQjFENkExRDg1MTFFMjk3OUZFN0RDMDhCMDJDRDIvMkZBNTdCOUE5 N0I2MTFFREFFOUQ0MzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAAOysADBAA88T0DBABur38DBALL2zADBADc8HoDBALc9Xww DQYJKoZIhvcNAQELBQADggEBAHZPzemmth/pkpblPvD6S8BtOAvnZhqJU96iq5SJ 0cRfsRJ87b81bwBJwxyWF4/T6Yel3elyKrtpAiUYD3ipf6oV7YmDO/Py5HAExS7q 59cO603lDU13kPrS4AFZnO/Z/ihndODchxsUQ6/g/fQOH17nkcqf6M/c6vUUClg1 d2Yhumwl7X/Gzpkxso+fZA7gNzpaGXCDI5TKLCoof4ACsz/Cdib0IZ2nMpp9mwy1 zZRnrjR0/1aK4wglI7gWfx5+r0oWWJ45mMnbsRmcc1or3ZzqlVIeCSfHeOBVXzrS Gx4LzX08mVaQnD1mTQGM8xtN9TLgUz86NeEfi+RY1r3Nob4= -----END CERTIFICATE-----Generated at Tue Jun 3 23:48:12 2025 by rpki-client