$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/2DC621D83C2A11F0A74B7710C4F9AE02.roa File: 2DC621D83C2A11F0A74B7710C4F9AE02.roa (raw, json) Hash identifier: rmIAlbUJUVk0XZ4xKIgfP0KCbOYrcaw0M75kffZPy5A= Subject key identifier: B5:5D:CD:9E:BA:3D:D5:EE:54:5F:00:43:5A:93:89:A0:FB:8D:79:6F Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7 Certificate serial: 0A57 Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/2DC621D83C2A11F0A74B7710C4F9AE02.roa Signing time: Thu 29 May 2025 01:14:40 +0000 ROA not before: Thu 29 May 2025 01:14:40 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 9908 IP address blocks: 61.10.0.0/16 maxlen: 16 61.10.0.0/17 maxlen: 17 61.10.0.0/18 maxlen: 20 61.10.64.0/18 maxlen: 18 61.10.64.0/19 maxlen: 20 61.10.96.0/19 maxlen: 20 61.10.128.0/17 maxlen: 20 61.15.0.0/16 maxlen: 16 61.15.0.0/17 maxlen: 20 61.15.128.0/17 maxlen: 20 61.18.0.0/16 maxlen: 20 125.59.0.0/16 maxlen: 20 203.83.64.0/18 maxlen: 18 203.168.222.0/23 maxlen: 24 218.252.0.0/16 maxlen: 16 218.252.0.0/17 maxlen: 20 218.252.128.0/17 maxlen: 20 218.253.0.0/18 maxlen: 20 222.166.0.0/16 maxlen: 20 222.167.0.0/19 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:20:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2647 (0xa57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9134172, serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7 Validity Not Before: May 29 01:14:40 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=6837b500-9aad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:36:79:ab:34:75:22:ce:d1:e5:0c:5b:3c:b4: 10:d5:a3:95:be:79:72:29:a6:6a:2c:ab:8e:0d:e0: 4c:c9:a5:70:4e:74:bb:ac:08:57:5a:b7:91:80:0c: 5d:60:b8:39:ac:06:8c:62:eb:eb:9f:89:64:3f:77: 07:8c:c1:b2:a0:23:58:36:66:7c:83:2b:53:19:dd: 2c:21:1b:95:5d:f8:5c:5d:83:3a:1c:5c:8e:74:4a: e5:9e:0a:27:bb:c8:75:a6:c0:b0:f6:86:69:b0:48: 19:c2:97:50:70:64:96:f3:59:02:26:82:5d:41:f8: 9b:52:63:cf:50:18:7c:80:2b:ac:4d:88:94:2d:db: 9a:0c:d2:5c:32:9d:12:05:49:3d:67:51:e8:0d:e1: da:31:30:d0:8a:8e:14:64:bc:5f:e6:64:a7:3c:7a: 73:54:a5:6f:10:f0:7e:35:ae:b7:f4:47:10:f5:17: c9:c6:8e:51:75:e8:fb:bd:ba:6a:f5:ca:ca:a1:04: 04:ba:fa:bc:de:8a:72:6c:b1:df:18:9a:5c:67:72: 11:85:28:e0:07:ed:d8:7c:c1:81:46:71:ec:74:21: 12:0f:cf:29:65:b7:80:de:6e:24:bd:d5:b6:9b:7b: b4:34:49:be:9e:6a:61:b5:c3:f4:7a:6f:ef:f4:a8: 92:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:5D:CD:9E:BA:3D:D5:EE:54:5F:00:43:5A:93:89:A0:FB:8D:79:6F X509v3 Authority Key Identifier: keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/2DC621D83C2A11F0A74B7710C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 61.10.0.0/16 61.15.0.0/16 61.18.0.0/16 125.59.0.0/16 203.83.64.0/18 203.168.222.0/23 218.252.0.0-218.253.63.255 222.166.0.0-222.167.31.255 Signature Algorithm: sha256WithRSAEncryption 0f:57:5b:bd:c9:f9:8c:bd:09:6d:19:c7:c9:ff:da:66:e3:f3: 78:57:79:4f:e5:e3:57:be:ab:37:99:0f:4c:4a:d7:64:71:7b: b3:96:2a:ed:5a:c8:70:1f:53:41:3f:0d:16:7c:62:01:69:7e: 0c:be:6c:dd:b5:51:48:a5:d9:1d:74:d8:52:f4:c7:2d:dc:7b: e5:1b:a1:c4:df:d0:ab:c5:cb:d8:a2:fa:9c:f1:89:e0:1b:f9: 44:b7:e9:f2:53:65:05:3f:af:1d:64:86:37:cf:9c:cf:78:58: ba:69:8c:20:e1:e6:2c:71:ba:aa:d7:d8:6d:1a:64:b4:49:07: a5:95:12:ce:ca:b9:97:4b:81:0f:9d:d0:5a:66:29:4a:ab:de: d4:4d:2f:cb:e9:eb:1b:85:3d:72:4d:99:64:f5:4c:4a:02:88: a5:b0:09:f6:fc:10:3f:66:c7:7b:1a:46:7a:ba:7d:9b:ea:2e: c0:e0:df:a9:5c:a4:96:95:f4:14:4f:68:2f:95:ac:52:d0:0f: 6f:f5:81:27:a5:ce:d6:53:f9:85:14:d8:76:e2:80:58:49:cc: 3c:11:8d:58:bd:96:10:b7:3d:c9:81:e0:69:db:f9:a8:2b:5e: 6d:a9:de:b8:71:59:1d:0a:f2:fa:4d:d9:05:ee:85:7d:cf:4f: ea:e0:87:b1 -----BEGIN CERTIFICATE----- MIIFpTCCBI2gAwIBAgICClcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw MzQ4QzQ2QTcwHhcNMjUwNTI5MDExNDQwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02ODM3YjUwMC05YWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5zZ5qzR1Is7R5QxbPLQQ1aOVvnlyKaZqLKuODeBMyaVwTnS7rAhXWreRgAxd YLg5rAaMYuvrn4lkP3cHjMGyoCNYNmZ8gytTGd0sIRuVXfhcXYM6HFyOdErlngon u8h1psCw9oZpsEgZwpdQcGSW81kCJoJdQfibUmPPUBh8gCusTYiULduaDNJcMp0S BUk9Z1HoDeHaMTDQio4UZLxf5mSnPHpzVKVvEPB+Na639EcQ9RfJxo5Rdej7vbpq 9crKoQQEuvq83opybLHfGJpcZ3IRhSjgB+3YfMGBRnHsdCESD88pZbeA3m4kvdW2 m3u0NEm+nmphtcP0em/v9KiS4wIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFLVdzZ66 PdXuVF8AQ1qTiaD7jXlvMB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvMkRDNjIxRDgz QzJBMTFGMEE3NEI3NzEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E RDBCMEAEAgABMDoDAwA9CgMDAD0PAwMAPRIDAwB9OwMEBstTQAMEAcuo3jALAwMC 2vwDBAba/QAwCwMDAd6mAwQF3qcAMA0GCSqGSIb3DQEBCwUAA4IBAQAPV1u9yfmM vQltGcfJ/9pm4/N4V3lP5eNXvqs3mQ9MStdkcXuzlirtWshwH1NBPw0WfGIBaX4M vmzdtVFIpdkddNhS9Mct3HvlG6HE39CrxcvYovqc8YngG/lEt+nyU2UFP68dZIY3 z5zPeFi6aYwg4eYscbqq19htGmS0SQellRLOyrmXS4EPndBaZilKq97UTS/L6esb hT1yTZlk9UxKAoilsAn2/BA/Zsd7GkZ6un2b6i7A4N+pXKSWlfQUT2gvlaxS0A9v 9YEnpc7WU/mFFNh24oBYScw8EY1YvZYQtz3JgeBp2/moK15tqd64cVkdCvL6TdkF 7oV9z0/q4Iex -----END CERTIFICATE-----Generated at Mon Jun 2 07:11:42 2025 by rpki-client