$ rpki-client -vvf rpki.apnic.net/member_repository/A91583E2/4D3CC08A3B9911F0A0CC5978C4F9AE02/B0E8BC383B9911F09DE90D79C4F9AE02.roa File: B0E8BC383B9911F09DE90D79C4F9AE02.roa (raw, json) Hash identifier: DBehkehjj1Vjada20+g+EkMiIesYAdzyY1KoJXBbQUk= Subject key identifier: DF:33:89:76:A3:3B:F4:E5:EA:36:14:AC:85:5D:97:4C:03:18:B0:77 Certificate issuer: /CN=A91583E2/serialNumber=47A6190AC05C30807ED15F40921BB232DB552484 Certificate serial: 02 Authority key identifier: 47:A6:19:0A:C0:5C:30:80:7E:D1:5F:40:92:1B:B2:32:DB:55:24:84 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R6YZCsBcMIB-0V9AkhuyMttVJIQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91583E2/4D3CC08A3B9911F0A0CC5978C4F9AE02/B0E8BC383B9911F09DE90D79C4F9AE02.roa Signing time: Wed 28 May 2025 07:59:33 +0000 ROA not before: Wed 28 May 2025 07:59:33 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 153380 IP address blocks: 2001:df4:8140::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91583E2/4D3CC08A3B9911F0A0CC5978C4F9AE02/R6YZCsBcMIB-0V9AkhuyMttVJIQ.crl rsync://rpki.apnic.net/member_repository/A91583E2/4D3CC08A3B9911F0A0CC5978C4F9AE02/R6YZCsBcMIB-0V9AkhuyMttVJIQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R6YZCsBcMIB-0V9AkhuyMttVJIQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 07:54:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91583E2, serialNumber=47A6190AC05C30807ED15F40921BB232DB552484 Validity Not Before: May 28 07:59:33 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=6836c265-558b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:85:ed:6a:c3:fc:62:c4:0f:83:b4:41:31:86: ff:b4:02:1f:47:d2:64:81:05:c5:44:2f:43:4e:b4: 31:a4:65:ed:d9:3a:d3:77:99:19:ef:68:68:7c:b5: d0:06:30:15:a6:b0:67:d6:58:60:91:10:4d:6a:2f: eb:02:22:3e:64:8c:ef:8a:88:3e:cc:d3:fe:99:d4: 3c:4c:f2:b9:4f:5a:6a:c7:c3:f0:1c:cd:ef:78:ed: cf:e8:3f:de:11:a2:e6:5a:31:92:e6:87:21:7b:db: 03:8a:36:11:01:3c:b9:14:29:f2:82:55:76:47:a6: 0e:d9:59:9f:d6:08:a7:95:00:2e:e0:06:44:d3:40: c7:9e:e3:e9:ee:46:29:1d:fa:a2:bd:b9:65:01:7d: 6b:5c:4b:95:22:c0:65:51:f0:57:14:79:13:08:2a: 1d:d4:7f:c3:87:e8:31:5d:33:65:68:c5:33:40:b0: 9a:eb:54:79:d4:b1:53:4b:68:d6:67:40:9e:a3:75: e1:5f:b7:d2:02:a0:6a:3e:9a:a0:cc:7a:31:a5:48: 66:56:3a:24:79:45:ae:75:a5:01:d7:e4:4b:e4:28: 29:20:80:72:6d:36:be:aa:0f:f7:89:d1:c9:87:0e: 58:b1:f5:89:c7:92:5d:02:09:93:9e:a0:53:b2:d7: 64:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:33:89:76:A3:3B:F4:E5:EA:36:14:AC:85:5D:97:4C:03:18:B0:77 X509v3 Authority Key Identifier: keyid:47:A6:19:0A:C0:5C:30:80:7E:D1:5F:40:92:1B:B2:32:DB:55:24:84 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91583E2/4D3CC08A3B9911F0A0CC5978C4F9AE02/R6YZCsBcMIB-0V9AkhuyMttVJIQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R6YZCsBcMIB-0V9AkhuyMttVJIQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91583E2/4D3CC08A3B9911F0A0CC5978C4F9AE02/B0E8BC383B9911F09DE90D79C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df4:8140::/48 Signature Algorithm: sha256WithRSAEncryption be:83:7f:68:70:74:c3:88:bb:6d:a9:17:8b:68:cc:5c:ff:b1: 88:84:87:99:2d:35:e4:a4:21:65:aa:ac:72:a8:c9:38:94:af: ff:c1:56:95:9e:ac:42:9d:ff:0a:ab:90:7f:0d:48:cf:9c:90: df:7e:ce:94:87:32:47:a6:cc:21:07:1a:1c:d8:34:d5:45:ae: a7:c7:b1:e2:0d:c1:5a:5c:f3:d4:d9:7e:3e:1a:ff:3c:48:a2: c6:92:d5:dc:2f:9d:11:5f:33:b1:6f:3d:55:15:55:7d:5b:24: 63:56:3d:ad:99:f8:ff:fe:43:a2:20:22:d9:2d:46:64:14:db: 60:b1:74:be:08:f6:31:73:ff:62:3b:b2:79:48:f8:58:2c:98: 93:88:87:af:0b:60:2b:ea:bc:9c:85:aa:53:27:cc:00:1c:02: 6c:8e:f3:f6:15:10:87:84:50:b9:15:d9:ec:92:fa:c8:93:bf: 0d:85:d5:0b:72:5b:a0:0d:86:2c:f5:c5:60:11:32:37:3b:dd: 4b:18:e9:65:ca:e1:5d:1e:20:f3:e4:ab:fa:95:8e:42:06:d6: e6:6a:a5:98:8a:1d:e2:0f:f0:d4:4f:fc:3f:8a:c4:1c:5b:8c: 61:b4:a9:3c:0d:df:f4:3c:0e:36:aa:67:57:a9:1b:30:8c:55: 61:2c:38:a1 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 ODNFMjExMC8GA1UEBRMoNDdBNjE5MEFDMDVDMzA4MDdFRDE1RjQwOTIxQkIyMzJE QjU1MjQ4NDAeFw0yNTA1MjgwNzU5MzNaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MzZjMjY1LTU1OGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDZhe1qw/xixA+DtEExhv+0Ah9H0mSBBcVEL0NOtDGkZe3ZOtN3mRnvaGh8tdAG MBWmsGfWWGCREE1qL+sCIj5kjO+KiD7M0/6Z1DxM8rlPWmrHw/Acze947c/oP94R ouZaMZLmhyF72wOKNhEBPLkUKfKCVXZHpg7ZWZ/WCKeVAC7gBkTTQMee4+nuRikd +qK9uWUBfWtcS5UiwGVR8FcUeRMIKh3Uf8OH6DFdM2VoxTNAsJrrVHnUsVNLaNZn QJ6jdeFft9ICoGo+mqDMejGlSGZWOiR5Ra51pQHX5EvkKCkggHJtNr6qD/eJ0cmH Dlix9YnHkl0CCZOeoFOy12SxAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQU3zOJdqM7 9OXqNhSshV2XTAMYsHcwHwYDVR0jBBgwFoAUR6YZCsBcMIB+0V9AkhuyMttVJIQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4M0UyLzREM0NDMDhBM0I5 OTExRjBBMENDNTk3OEM0RjlBRTAyL1I2WVpDc0JjTUlCLTBWOUFraHV5TXR0VkpJ US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUjZZWkNzQmNNSUItMFY5QWtodXlNdHRWSklRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODNFMi80RDNDQzA4QTNCOTkxMUYwQTBDQzU5NzhDNEY5QUUwMi9CMEU4QkMzODNC OTkxMUYwOURFOTBENzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHACABDfSBQDANBgkqhkiG9w0BAQsFAAOCAQEAvoN/aHB0w4i7 bakXi2jMXP+xiISHmS015KQhZaqscqjJOJSv/8FWlZ6sQp3/CquQfw1Iz5yQ337O lIcyR6bMIQcaHNg01UWup8ex4g3BWlzz1Nl+Phr/PEiixpLV3C+dEV8zsW89VRVV fVskY1Y9rZn4//5DoiAi2S1GZBTbYLF0vgj2MXP/YjuyeUj4WCyYk4iHrwtgK+q8 nIWqUyfMABwCbI7z9hUQh4RQuRXZ7JL6yJO/DYXVC3JboA2GLPXFYBEyNzvdSxjp ZcrhXR4g8+Sr+pWOQgbW5mqlmIod4g/w1E/8P4rEHFuMYbSpPA3f9DwONqpnV6kb MIxVYSw4oQ== -----END CERTIFICATE-----Generated at Mon Jun 2 05:45:20 2025 by rpki-client