$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa File: D13FCAEAA62E11EFBC284C42C4F9AE02.roa (raw, json) Hash identifier: cwiDsaKdFR4GF6q5SXzSaW46UvaZNCjfFJfJT0yP3w0= Subject key identifier: A4:7F:61:C6:46:86:8F:51:2B:CA:42:B9:6B:BC:C9:AB:AE:1C:87:67 Certificate issuer: /CN=A917B520/serialNumber=542B94D8625CF711964FD13741295D27AD7A9004 Certificate serial: 01A9 Authority key identifier: 54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa Signing time: Mon 17 Feb 2025 09:24:43 +0000 ROA not before: Mon 17 Feb 2025 09:24:43 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 150436 IP address blocks: 101.47.0.0/18 maxlen: 24 101.47.64.0/20 maxlen: 24 101.47.80.0/20 maxlen: 23 101.47.80.0/21 maxlen: 24 101.47.88.0/22 maxlen: 24 101.47.92.0/23 maxlen: 24 101.47.95.0/24 maxlen: 24 101.47.96.0/21 maxlen: 24 101.47.128.0/18 maxlen: 24 101.47.253.0/24 maxlen: 24 150.5.128.0/17 maxlen: 24 2401:4c20::/40 maxlen: 44 2401:4c20:100::/40 maxlen: 40 2401:4c20:200::/40 maxlen: 44 2401:4c20:300::/40 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Mar 2025 02:45:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 425 (0x1a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B520 Validity Not Before: Feb 17 09:24:43 2025 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67b3005a-b5fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:43:4e:6c:f8:fd:e6:93:ee:a6:86:36:30:09: c1:12:a7:f6:af:e1:9f:bf:af:28:af:d7:21:15:f4: e4:b9:c7:5a:db:e7:8b:38:01:e2:b0:e1:77:0f:3a: 4e:2f:6e:21:92:96:d4:ee:b9:48:28:89:5f:be:bb: 84:cb:e9:21:ae:a4:99:d0:29:2e:24:dd:96:4b:5e: a6:4f:31:f5:81:e3:05:73:34:e5:25:a5:b0:9c:be: 4a:9a:1b:b2:2f:25:84:ef:40:c2:3b:39:f7:c3:17: 52:9d:6b:0f:40:cc:e4:ac:e5:51:b0:4a:df:ca:3f: cb:8a:d6:53:b2:5c:af:04:77:46:d0:9e:30:e6:3e: 8b:26:de:f0:6e:57:42:18:5f:9e:73:8d:66:e8:1a: dc:17:74:da:f2:11:ff:3c:69:2a:45:0b:d4:df:40: 47:95:7b:71:60:1b:59:75:5f:13:47:52:5d:e0:35: 2b:6f:04:8f:d7:2e:12:14:34:83:f2:ca:c7:ca:50: 55:10:96:65:c4:db:96:12:69:2c:2e:06:67:24:f0: 3d:1e:df:a6:7f:8f:b4:d4:8b:28:2a:d5:bb:ca:e7: e8:fc:0e:43:ce:1c:33:ab:4c:68:6d:59:40:2c:5b: a9:0f:20:e3:2d:71:18:61:c2:8a:94:6d:f1:9f:cd: 95:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:7F:61:C6:46:86:8F:51:2B:CA:42:B9:6B:BC:C9:AB:AE:1C:87:67 X509v3 Authority Key Identifier: keyid:54:2B:94:D8:62:5C:F7:11:96:4F:D1:37:41:29:5D:27:AD:7A:90:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/VCuU2GJc9xGWT9E3QSldJ616kAQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCuU2GJc9xGWT9E3QSldJ616kAQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/161D4C0AE4CA11EDA414E259C4F9AE02/D13FCAEAA62E11EFBC284C42C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 101.47.0.0-101.47.103.255 101.47.128.0/18 101.47.253.0/24 150.5.128.0/17 IPv6: 2401:4c20::/38 Signature Algorithm: sha256WithRSAEncryption 7a:58:c3:07:35:c2:4c:ec:c2:7e:15:2a:92:c2:0c:9b:0e:a8: 8c:69:ef:b6:78:86:63:60:5d:c4:0f:4e:6e:fe:d9:80:8b:1c: 0f:3f:9c:a1:dc:f1:18:8d:b0:11:b1:2f:7b:b3:0a:27:42:02: 48:94:5f:3f:f8:cc:1b:23:c6:08:9c:e6:42:3a:0d:d4:c1:6c: 64:c5:11:eb:03:b7:5b:e2:1d:77:0c:63:d1:59:4f:bc:4b:85: a1:f0:46:3e:74:95:94:1e:b1:43:9d:93:4c:10:ed:ad:b0:d7: d3:01:7c:50:01:b3:29:ab:33:bb:92:c4:9e:a2:b2:72:39:d8: 5a:87:4f:09:c2:64:4a:76:70:6f:0b:68:60:fa:20:1a:cf:1f: 69:20:13:83:d2:29:28:54:ca:77:e6:7a:15:d6:45:2b:21:83: 6b:53:1e:c3:fa:95:3a:f6:86:55:ac:37:62:df:51:87:73:69: c0:ba:6d:3f:de:84:5e:30:bb:5b:17:7b:fc:0a:23:80:4a:e4: 3b:58:2d:49:09:0f:4e:c6:dc:a9:77:3c:61:63:6c:99:26:7e: 36:c3:a7:69:ab:01:3f:fa:f7:68:53:9f:9d:48:db:36:18:69: d7:f2:49:19:4e:2d:16:f0:71:06:7c:88:5d:07:f1:fc:58:bb: 69:d1:71:a8 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgICAakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0I1MjAxMTAvBgNVBAUTKDU0MkI5NEQ4NjI1Q0Y3MTE5NjRGRDEzNzQxMjk1RDI3 QUQ3QTkwMDQwHhcNMjUwMjE3MDkyNDQzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02N2IzMDA1YS1iNWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4kNObPj95pPupoY2MAnBEqf2r+Gfv68or9chFfTkucda2+eLOAHisOF3DzpO L24hkpbU7rlIKIlfvruEy+khrqSZ0CkuJN2WS16mTzH1geMFczTlJaWwnL5Kmhuy LyWE70DCOzn3wxdSnWsPQMzkrOVRsErfyj/LitZTslyvBHdG0J4w5j6LJt7wbldC GF+ec41m6BrcF3Ta8hH/PGkqRQvU30BHlXtxYBtZdV8TR1Jd4DUrbwSP1y4SFDSD 8srHylBVEJZlxNuWEmksLgZnJPA9Ht+mf4+01IsoKtW7yufo/A5Dzhwzq0xobVlA LFupDyDjLXEYYcKKlG3xn82VdwIDAQABo4ICvjCCArowHQYDVR0OBBYEFKR/YcZG ho9RK8pCuWu8yauuHIdnMB8GA1UdIwQYMBaAFFQrlNhiXPcRlk/RN0EpXSetepAE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjUyMC8xNjFENEMwQUU0 Q0ExMUVEQTQxNEUyNTlDNEY5QUUwMi9WQ3VVMkdKYzl4R1dUOUUzUVNsZEo2MTZr QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZDdVUyR0pjOXhHV1Q5RTNRU2xkSjYxNmtBUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0I1MjAvMTYxRDRDMEFFNENBMTFFREE0MTRFMjU5QzRGOUFFMDIvRDEzRkNBRUFB NjJFMTFFRkJDMjg0QzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E OTA3MCUEAgABMB8wCwMDAGUvAwQDZS9gAwQGZS+AAwQAZS/9AwQHlgWAMA4EAgAC MAgDBgIkAUwgADANBgkqhkiG9w0BAQsFAAOCAQEAeljDBzXCTOzCfhUqksIMmw6o jGnvtniGY2BdxA9Obv7ZgIscDz+codzxGI2wEbEve7MKJ0ICSJRfP/jMGyPGCJzm QjoN1MFsZMUR6wO3W+Iddwxj0VlPvEuFofBGPnSVlB6xQ52TTBDtrbDX0wF8UAGz Kaszu5LEnqKycjnYWodPCcJkSnZwbwtoYPogGs8faSATg9IpKFTKd+Z6FdZFKyGD a1Mew/qVOvaGVaw3Yt9Rh3NpwLptP96EXjC7Wxd7/AojgErkO1gtSQkPTsbcqXc8 YWNsmSZ+NsOnaasBP/r3aFOfnUjbNhhp1/JJGU4tFvBxBnyIXQfx/Fi7adFxqA== -----END CERTIFICATE-----Generated at Thu Mar 13 21:49:43 2025 by rpki-client