$ rpki-client -vvf rpki.apnic.net/member_repository/A91276FA/9C52A7E884C911EFB54D0C49C4F9AE02/7EC9705C84CA11EFA41F8D4DC4F9AE02.roa File: 7EC9705C84CA11EFA41F8D4DC4F9AE02.roa (raw, json) Hash identifier: utVxhZKF0BG0gKmfkjY5U3UQKAW2XCaaTxVRnaQMDbE= Subject key identifier: 56:5E:53:9C:4F:CD:41:4C:20:46:59:59:68:61:A7:9B:25:22:A6:B1 Certificate issuer: /CN=A91276FA/serialNumber=5533A7C57BF4DB1E538F9E77E0B4868B8F90C582 Certificate serial: 0E Authority key identifier: 55:33:A7:C5:7B:F4:DB:1E:53:8F:9E:77:E0:B4:86:8B:8F:90:C5:82 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VTOnxXv02x5Tj5534LSGi4-QxYI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91276FA/9C52A7E884C911EFB54D0C49C4F9AE02/7EC9705C84CA11EFA41F8D4DC4F9AE02.roa Signing time: Wed 09 Oct 2024 06:50:10 +0000 ROA not before: Wed 09 Oct 2024 06:50:10 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 6134 IP address blocks: 45.125.16.0/22 maxlen: 24 103.242.132.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91276FA/9C52A7E884C911EFB54D0C49C4F9AE02/VTOnxXv02x5Tj5534LSGi4-QxYI.crl rsync://rpki.apnic.net/member_repository/A91276FA/9C52A7E884C911EFB54D0C49C4F9AE02/VTOnxXv02x5Tj5534LSGi4-QxYI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VTOnxXv02x5Tj5534LSGi4-QxYI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14 (0xe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91276FA Validity Not Before: Oct 9 06:50:10 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=670627a2-20fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:94:47:68:ce:c5:25:78:c6:93:69:66:5a:2d: a6:a0:03:10:32:8c:27:9c:0b:79:96:0f:1e:d1:ab: 79:84:d1:ad:b6:d1:f2:b8:c0:3c:92:6a:d9:a8:df: fc:55:39:7d:04:d9:06:8e:97:62:c1:73:ad:52:48: 9a:c1:32:9e:4d:23:37:f0:52:40:7d:ed:55:b7:8a: b8:1a:01:fc:ec:7f:2e:2d:44:11:33:9c:d0:65:e9: 26:72:0d:16:df:43:e3:d4:dc:b8:95:62:67:e6:c3: 32:20:f6:a4:47:db:72:92:5f:26:8d:14:84:38:30: 4c:a0:f8:56:cf:f6:c8:37:8a:1f:b8:43:15:9d:91: 5c:3d:9f:54:1e:34:5b:a0:26:f1:04:42:69:1c:92: 03:02:02:ac:7a:5e:df:8c:69:60:1d:4b:6e:20:09: 5c:da:81:4f:a7:d7:bb:19:94:0c:9b:f9:df:32:9c: e8:78:40:61:f8:71:b5:50:d9:d6:c9:d6:a5:bf:eb: c9:79:be:dc:08:ce:1c:f1:08:62:ed:d6:e1:40:8e: c7:01:a2:21:82:85:9e:10:b7:91:7b:2d:54:8e:3d: 91:0b:9f:7b:ff:b6:60:12:e9:dc:b5:c4:6f:06:9f: 1e:4a:d6:31:00:3c:da:2d:78:55:9d:9f:4e:6e:dd: 94:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:5E:53:9C:4F:CD:41:4C:20:46:59:59:68:61:A7:9B:25:22:A6:B1 X509v3 Authority Key Identifier: keyid:55:33:A7:C5:7B:F4:DB:1E:53:8F:9E:77:E0:B4:86:8B:8F:90:C5:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91276FA/9C52A7E884C911EFB54D0C49C4F9AE02/VTOnxXv02x5Tj5534LSGi4-QxYI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VTOnxXv02x5Tj5534LSGi4-QxYI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91276FA/9C52A7E884C911EFB54D0C49C4F9AE02/7EC9705C84CA11EFA41F8D4DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.125.16.0/22 103.242.132.0/22 Signature Algorithm: sha256WithRSAEncryption a7:89:1c:7c:99:b8:10:34:7b:c3:ec:b3:14:87:75:48:f6:47: 03:13:41:f2:ca:86:87:07:73:2d:65:8e:f1:89:91:ef:53:85: b8:80:1c:69:5c:ba:4e:56:07:a2:bc:94:66:a7:f7:cf:9b:23: 34:42:9a:a5:b3:f0:53:46:db:59:a3:9e:25:4c:45:1a:da:e5: 27:74:81:f0:1d:68:76:15:6d:a1:cc:d8:9e:2a:72:e2:f4:a6: 93:68:2b:57:a9:b0:45:64:10:08:30:44:bf:e4:34:1c:93:2c: 52:55:d7:6d:e0:81:25:53:dc:50:25:99:93:f8:44:88:93:d5: 71:14:6f:13:ae:3b:74:6d:bb:ee:58:ac:2f:47:05:67:c0:81: 9d:4e:29:45:1f:6d:cd:5f:65:cc:36:9f:c7:ad:4f:96:98:2b: 2d:63:47:b5:f2:db:4b:13:6f:c5:5f:90:21:7d:d6:bc:07:ec: 88:20:5b:d7:75:61:30:27:14:18:65:9a:fa:f5:36:1d:c6:f1: 10:a9:52:e7:db:8d:a5:73:71:b5:74:2b:6f:25:ef:fd:fb:46: 2f:64:0c:fa:62:27:10:37:0d:4b:5f:61:7f:f0:94:c6:1f:ad: cc:e2:74:27:27:d7:53:1d:a3:b6:c2:81:4c:7d:d9:34:aa:a0: eb:7f:e2:e3 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy NzZGQTExMC8GA1UEBRMoNTUzM0E3QzU3QkY0REIxRTUzOEY5RTc3RTBCNDg2OEI4 RjkwQzU4MjAeFw0yNDEwMDkwNjUwMTBaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3MDYyN2EyLTIwZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC9lEdozsUleMaTaWZaLaagAxAyjCecC3mWDx7Rq3mE0a220fK4wDySatmo3/xV OX0E2QaOl2LBc61SSJrBMp5NIzfwUkB97VW3irgaAfzsfy4tRBEznNBl6SZyDRbf Q+PU3LiVYmfmwzIg9qRH23KSXyaNFIQ4MEyg+FbP9sg3ih+4QxWdkVw9n1QeNFug JvEEQmkckgMCAqx6Xt+MaWAdS24gCVzagU+n17sZlAyb+d8ynOh4QGH4cbVQ2dbJ 1qW/68l5vtwIzhzxCGLt1uFAjscBoiGChZ4Qt5F7LVSOPZELn3v/tmAS6dy1xG8G nx5K1jEAPNoteFWdn05u3ZT3AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUVl5TnE/N QUwgRllZaGGnmyUiprEwHwYDVR0jBBgwFoAUVTOnxXv02x5Tj5534LSGi4+QxYIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI3NkZBLzlDNTJBN0U4ODRD OTExRUZCNTREMEM0OUM0RjlBRTAyL1ZUT254WHYwMng1VGo1NTM0TFNHaTQtUXhZ SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvVlRPbnhYdjAyeDVUajU1MzRMU0dpNC1ReFlJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzZGQS85QzUyQTdFODg0QzkxMUVGQjU0RDBDNDlDNEY5QUUwMi83RUM5NzA1Qzg0 Q0ExMUVGQTQxRjhENERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW MBQwEgQCAAEwDAMEAi19EAMEAmfyhDANBgkqhkiG9w0BAQsFAAOCAQEAp4kcfJm4 EDR7w+yzFId1SPZHAxNB8sqGhwdzLWWO8YmR71OFuIAcaVy6TlYHoryUZqf3z5sj NEKapbPwU0bbWaOeJUxFGtrlJ3SB8B1odhVtoczYnipy4vSmk2grV6mwRWQQCDBE v+Q0HJMsUlXXbeCBJVPcUCWZk/hEiJPVcRRvE647dG277lisL0cFZ8CBnU4pRR9t zV9lzDafx61PlpgrLWNHtfLbSxNvxV+QIX3WvAfsiCBb13VhMCcUGGWa+vU2Hcbx EKlS59uNpXNxtXQrbyXv/ftGL2QM+mInEDcNS19hf/CUxh+tzOJ0JyfXUx2jtsKB TH3ZNKqg63/i4w== -----END CERTIFICATE-----Generated at Sun Feb 16 22:01:37 2025 by rpki-client