$ rpki-client -vvf rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa File: 4335BE9C0D0611EFA3ECB057C4F9AE02.roa (raw, json) Hash identifier: 3QaIs0MEQTp5+WPYR1WYTiWl+pbfn1qVb0U7KbrgNTE= Subject key identifier: 2A:94:13:0B:86:1B:8B:13:C0:A5:7A:2C:79:EC:8C:1E:C1:69:9D:F6 Certificate issuer: /CN=A9161099/serialNumber=03A02E2F5DABF0FF3938628BC4FF5FB61653F045 Certificate serial: EE Authority key identifier: 03:A0:2E:2F:5D:AB:F0:FF:39:38:62:8B:C4:FF:5F:B6:16:53:F0:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa Signing time: Fri 23 May 2025 05:36:39 +0000 ROA not before: Fri 23 May 2025 05:36:39 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 16509 IP address blocks: 121.127.32.0/24 maxlen: 24 202.157.180.0/23 maxlen: 24 2401:cb60::/48 maxlen: 48 2401:cb60:1::/48 maxlen: 48 2401:cb60:2::/48 maxlen: 48 2401:cb60:3::/48 maxlen: 48 2401:cb60:4::/48 maxlen: 48 2401:cb60:5::/48 maxlen: 48 2401:cb60:6::/48 maxlen: 48 2401:cb60:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.crl rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 05:27:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 238 (0xee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161099, serialNumber=03A02E2F5DABF0FF3938628BC4FF5FB61653F045 Validity Not Before: May 23 05:36:39 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68300967-bb5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:81:56:1c:e4:65:1f:d9:de:ce:63:0c:6d:62: 5e:f0:97:82:02:87:a6:99:c1:df:53:00:e7:08:e1: 6c:46:d4:0d:25:0e:bc:25:d6:ac:71:77:54:67:07: 49:8d:8c:65:01:9d:d3:72:4e:43:93:0b:95:50:89: 0a:da:db:71:85:0f:47:bd:1c:82:9e:c2:11:8a:70: 7c:ec:72:6a:08:57:19:52:5d:05:c2:5d:c5:4b:ca: 15:0f:40:a5:01:1a:64:ed:df:9a:6b:54:1f:db:b7: 5e:bf:5c:b6:a3:6e:3c:b8:cf:5e:b5:7b:9e:b6:06: fd:86:e1:c0:92:f7:a6:68:b5:c0:ee:00:54:a9:28: 28:2c:77:c0:fc:5b:27:b4:bb:9f:e9:45:96:bd:43: a8:b5:fc:75:14:94:45:12:06:f6:82:cf:8e:39:2f: 0f:95:12:53:0d:5c:c3:eb:7b:54:85:c9:42:61:c9: 2d:b8:38:0b:71:0f:d0:a2:61:c0:37:c1:07:31:b1: 04:8e:58:ea:40:66:68:93:b4:5d:45:34:00:51:f4: 30:eb:63:80:30:ae:da:6b:22:95:20:55:b1:17:a7: e1:6a:6a:27:89:86:a4:19:16:68:99:bb:6d:d6:02: ea:72:e1:30:a2:01:47:81:60:87:33:5f:67:83:63: 8a:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:94:13:0B:86:1B:8B:13:C0:A5:7A:2C:79:EC:8C:1E:C1:69:9D:F6 X509v3 Authority Key Identifier: keyid:03:A0:2E:2F:5D:AB:F0:FF:39:38:62:8B:C4:FF:5F:B6:16:53:F0:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 121.127.32.0/24 202.157.180.0/23 IPv6: 2401:cb60::/45 Signature Algorithm: sha256WithRSAEncryption 52:91:c1:cd:cc:42:3c:2d:10:96:f4:4f:cf:0d:97:ef:d6:c3: 0b:03:dd:07:b4:56:df:41:c2:d7:41:6a:2d:84:5b:8d:a4:2f: b4:53:1b:89:98:02:3b:0c:6c:c0:92:65:fd:3b:f6:1e:1b:83: 32:91:30:33:4f:5f:98:88:31:f1:2d:f5:d1:7c:9d:bd:61:3d: a0:c2:6d:3c:23:f0:87:82:25:e5:85:39:31:0d:79:2c:24:0c: 6e:96:26:ea:bd:17:2e:55:a4:ff:7b:6d:0d:0d:ae:3c:26:00: 37:4a:1f:02:ea:c6:17:3a:b8:77:49:5e:e1:e8:89:2e:f0:7b: 1c:2d:b5:a6:7d:c3:0a:ed:90:5b:f8:58:40:1a:4c:68:d8:dd: 91:52:9b:e0:7f:19:83:e6:d5:fe:24:6b:bc:62:a1:17:96:40: fe:dd:d8:f4:b2:71:15:d1:1d:14:6a:60:9d:ee:cd:ee:1d:3a: e1:03:46:61:c6:58:d3:c5:60:ce:cd:3a:b2:de:87:a9:5d:35: 69:9a:79:7d:df:4f:9d:2a:71:43:65:38:bf:b5:1d:55:92:94: 66:da:9a:50:2f:80:91:f2:c4:82:3d:08:c7:b0:e5:d3:47:a6: 81:2f:5a:ae:9e:65:c4:8e:cf:57:5c:97:d9:57:d0:76:3c:e1: 1d:72:61:04 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICAO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjEwOTkxMTAvBgNVBAUTKDAzQTAyRTJGNURBQkYwRkYzOTM4NjI4QkM0RkY1RkI2 MTY1M0YwNDUwHhcNMjUwNTIzMDUzNjM5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODMwMDk2Ny1iYjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr4FWHORlH9nezmMMbWJe8JeCAoemmcHfUwDnCOFsRtQNJQ68JdascXdUZwdJ jYxlAZ3Tck5DkwuVUIkK2ttxhQ9HvRyCnsIRinB87HJqCFcZUl0Fwl3FS8oVD0Cl ARpk7d+aa1Qf27dev1y2o248uM9etXuetgb9huHAkvemaLXA7gBUqSgoLHfA/Fsn tLuf6UWWvUOotfx1FJRFEgb2gs+OOS8PlRJTDVzD63tUhclCYcktuDgLcQ/QomHA N8EHMbEEjljqQGZok7RdRTQAUfQw62OAMK7aayKVIFWxF6fhamoniYakGRZombtt 1gLqcuEwogFHgWCHM19ng2OK5wIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFCqUEwuG G4sTwKV6LHnsjB7BaZ32MB8GA1UdIwQYMBaAFAOgLi9dq/D/OThii8T/X7YWU/BF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTA5OS9GRDM2N0M3MDBE MDQxMUVGODVFNDZGNTVDNEY5QUUwMi9BNkF1TDEycjhQODVPR0tMeFA5ZnRoWlQ4 RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0E2QXVMMTJyOFA4NU9HS0x4UDlmdGhaVDhFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjEwOTkvRkQzNjdDNzAwRDA0MTFFRjg1RTQ2RjU1QzRGOUFFMDIvNDMzNUJFOUMw RDA2MTFFRkEzRUNCMDU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBAB5fyADBAHKnbQwDwQCAAIwCQMHAyQBy2AAADANBgkqhkiG 9w0BAQsFAAOCAQEAUpHBzcxCPC0QlvRPzw2X79bDCwPdB7RW30HC10FqLYRbjaQv tFMbiZgCOwxswJJl/Tv2HhuDMpEwM09fmIgx8S310XydvWE9oMJtPCPwh4Il5YU5 MQ15LCQMbpYm6r0XLlWk/3ttDQ2uPCYAN0ofAurGFzq4d0le4eiJLvB7HC21pn3D Cu2QW/hYQBpMaNjdkVKb4H8Zg+bV/iRrvGKhF5ZA/t3Y9LJxFdEdFGpgne7N7h06 4QNGYcZY08Vgzs06st6HqV01aZp5fd9PnSpxQ2U4v7UdVZKUZtqaUC+AkfLEgj0I x7Dl00emgS9arp5lxI7PV1yX2VfQdjzhHXJhBA== -----END CERTIFICATE-----Generated at Mon Jun 2 06:41:41 2025 by rpki-client