$ rpki-client -vvf rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/321C6B5C2C6711F0B5DEE20CC4F9AE02.roa File: 321C6B5C2C6711F0B5DEE20CC4F9AE02.roa (raw, json) Hash identifier: 5ze9WVBdkB3caAS6RW6n0SGf/tYNePtmefl2XUHO5EU= Subject key identifier: 84:28:8E:6F:44:8F:B0:9A:8C:6E:54:05:E9:4B:BC:84:91:EA:59:D5 Certificate issuer: /CN=A9147049/serialNumber=D9D1B055FEFC89F5803A7FA8E2B902619F338D8E Certificate serial: 02 Authority key identifier: D9:D1:B0:55:FE:FC:89:F5:80:3A:7F:A8:E2:B9:02:61:9F:33:8D:8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dGwVf78ifWAOn-o4rkCYZ8zjY4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/321C6B5C2C6711F0B5DEE20CC4F9AE02.roa Signing time: Thu 08 May 2025 23:50:19 +0000 ROA not before: Thu 08 May 2025 23:50:19 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 134090 IP address blocks: 2402:920::/32 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/2dGwVf78ifWAOn-o4rkCYZ8zjY4.crl rsync://rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/2dGwVf78ifWAOn-o4rkCYZ8zjY4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dGwVf78ifWAOn-o4rkCYZ8zjY4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 07:47:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147049, serialNumber=D9D1B055FEFC89F5803A7FA8E2B902619F338D8E Validity Not Before: May 8 23:50:19 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=681d433a-4059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:95:02:62:88:25:89:74:ea:16:e8:f4:77:34: 49:f5:0c:97:f3:e3:4f:f0:b2:89:15:fc:fb:65:2e: 2b:78:a8:c0:40:ed:e5:d4:5d:48:08:ac:2b:07:95: a5:20:37:8e:3f:28:b9:02:d6:1c:21:ad:e5:3c:eb: b5:f2:50:bc:97:41:ed:f7:33:31:97:76:36:bd:ae: f4:8f:77:be:b0:9b:4e:4a:8d:77:75:f7:1d:99:2e: f3:4f:a0:e4:32:e8:9e:0a:50:07:33:02:f7:b2:45: 9c:8e:51:2f:c1:ef:14:f7:d9:f1:9d:87:f0:56:b4: f5:5a:9c:59:8a:5d:ff:3a:78:3d:36:1a:9b:83:b6: 3f:d5:8e:83:aa:f6:86:57:d4:2c:41:35:b1:23:88: 84:d1:a9:9e:f3:f3:3a:2e:a7:ca:e5:10:bd:ab:10: a9:35:22:d2:14:82:3f:e3:df:84:a6:19:01:9e:bf: 84:b2:50:a7:d9:d6:c1:a9:41:90:66:de:a5:9a:2e: ba:d3:ed:f7:2a:3e:62:f5:d2:ec:76:6d:d9:6f:68: da:39:38:8c:23:c4:1f:de:e7:8f:0c:85:0d:44:67: 58:a0:94:d9:4f:82:bd:d5:73:43:64:4a:a8:54:b8: d7:fe:11:43:12:30:cf:71:e7:55:50:fb:8f:62:0f: 9e:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:28:8E:6F:44:8F:B0:9A:8C:6E:54:05:E9:4B:BC:84:91:EA:59:D5 X509v3 Authority Key Identifier: keyid:D9:D1:B0:55:FE:FC:89:F5:80:3A:7F:A8:E2:B9:02:61:9F:33:8D:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/2dGwVf78ifWAOn-o4rkCYZ8zjY4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dGwVf78ifWAOn-o4rkCYZ8zjY4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/321C6B5C2C6711F0B5DEE20CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2402:920::/32 Signature Algorithm: sha256WithRSAEncryption 3b:a8:b7:9b:a8:04:ae:bb:36:e8:59:b8:fd:96:b0:dd:53:f7: 1e:70:5f:a7:d8:65:5a:91:27:df:23:91:c6:17:3d:14:7c:a9: 6f:31:b4:20:67:f6:52:37:ed:6f:98:b4:48:d5:ef:33:90:67: 62:c2:44:38:6a:a1:f0:6f:2a:76:8d:77:8e:8c:57:a8:9f:3e: 12:16:35:0d:ab:9f:86:20:c0:63:f7:1a:f9:35:15:e5:b1:38: a6:16:83:ee:2a:02:cc:a0:0c:d9:6d:35:98:87:ea:6e:2e:68: 44:35:08:a3:4f:f2:b0:4f:5a:ae:d5:15:37:4c:2d:01:67:34: 23:03:88:38:e8:aa:56:83:93:e9:7a:f6:14:96:13:22:10:45: 66:bb:c6:39:d5:4c:be:aa:20:e9:d7:51:01:d7:70:0e:d5:9f: 6e:f1:ae:a4:83:91:3f:3b:a5:5e:75:b3:57:3a:ed:3f:2d:fd: 5c:92:b8:6d:ea:9c:b5:13:5e:13:ac:53:38:c2:e3:c5:d3:81: 72:6d:73:b1:b2:da:2e:42:01:3c:fa:25:6c:00:6b:04:9f:7b: 57:15:fa:9d:8f:7f:03:fb:3a:53:79:ed:c7:49:2e:c3:94:bf: 7d:1c:b3:a8:a2:f0:c4:49:58:6f:83:f5:5d:a6:6a:1e:b2:3f: 74:24:cd:c7 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NzA0OTExMC8GA1UEBRMoRDlEMUIwNTVGRUZDODlGNTgwM0E3RkE4RTJCOTAyNjE5 RjMzOEQ4RTAeFw0yNTA1MDgyMzUwMTlaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MWQ0MzNhLTQwNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0lQJiiCWJdOoW6PR3NEn1DJfz40/wsokV/PtlLit4qMBA7eXUXUgIrCsHlaUg N44/KLkC1hwhreU867XyULyXQe33MzGXdja9rvSPd76wm05KjXd19x2ZLvNPoOQy 6J4KUAczAveyRZyOUS/B7xT32fGdh/BWtPVanFmKXf86eD02GpuDtj/VjoOq9oZX 1CxBNbEjiITRqZ7z8zoup8rlEL2rEKk1ItIUgj/j34SmGQGev4SyUKfZ1sGpQZBm 3qWaLrrT7fcqPmL10ux2bdlvaNo5OIwjxB/e548MhQ1EZ1iglNlPgr3Vc0NkSqhU uNf+EUMSMM9x51VQ+49iD56DAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUhCiOb0SP sJqMblQF6Uu8hJHqWdUwHwYDVR0jBBgwFoAU2dGwVf78ifWAOn+o4rkCYZ8zjY4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3MDQ5L0IwOUNCRDY2MkM2 NjExRjA5REE1NkIwQkM0RjlBRTAyLzJkR3dWZjc4aWZXQU9uLW80cmtDWVo4empZ NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMmRHd1ZmNzhpZldBT24tbzRya0NZWjh6alk0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzA0OS9CMDlDQkQ2NjJDNjYxMUYwOURBNTZCMEJDNEY5QUUwMi8zMjFDNkI1QzJD NjcxMUYwQjVERUUyMENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR MA8wDQQCAAIwBwMFACQCCSAwDQYJKoZIhvcNAQELBQADggEBADuot5uoBK67NuhZ uP2WsN1T9x5wX6fYZVqRJ98jkcYXPRR8qW8xtCBn9lI37W+YtEjV7zOQZ2LCRDhq ofBvKnaNd46MV6ifPhIWNQ2rn4YgwGP3Gvk1FeWxOKYWg+4qAsygDNltNZiH6m4u aEQ1CKNP8rBPWq7VFTdMLQFnNCMDiDjoqlaDk+l69hSWEyIQRWa7xjnVTL6qIOnX UQHXcA7Vn27xrqSDkT87pV51s1c67T8t/VySuG3qnLUTXhOsUzjC48XTgXJtc7Gy 2i5CATz6JWwAawSfe1cV+p2PfwP7OlN57cdJLsOUv30cs6ii8MRJWG+D9V2mah6y P3Qkzcc= -----END CERTIFICATE-----Generated at Mon Jun 2 06:40:08 2025 by rpki-client