$ rpki-client -vvf rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/AA398864B96611EF8161BF51C4F9AE02.roa File: AA398864B96611EF8161BF51C4F9AE02.roa (raw, json) Hash identifier: MfWpaMS6rRmOY6M0y/tJr6fftibzcsGmZcNhFWcJvTU= Subject key identifier: BE:77:DB:E8:74:86:F9:94:F5:D7:7A:59:11:DF:C7:3C:BE:B8:CE:8A Certificate issuer: /CN=A917BEA7/serialNumber=0B8D638FFD38B1F77E48E1BB5DF29929CE7D78B5 Certificate serial: 0197 Authority key identifier: 0B:8D:63:8F:FD:38:B1:F7:7E:48:E1:BB:5D:F2:99:29:CE:7D:78:B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C41jj_04sfd-SOG7XfKZKc59eLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/AA398864B96611EF8161BF51C4F9AE02.roa Signing time: Fri 16 May 2025 16:15:22 +0000 ROA not before: Fri 16 May 2025 16:15:22 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 139358 IP address blocks: 2401:e60:20::/44 maxlen: 44 2401:e60:20::/48 maxlen: 48 2401:e60:30::/44 maxlen: 44 2401:e60:100::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/C41jj_04sfd-SOG7XfKZKc59eLU.crl rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/C41jj_04sfd-SOG7XfKZKc59eLU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C41jj_04sfd-SOG7XfKZKc59eLU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 03:35:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 407 (0x197) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917BEA7, serialNumber=0B8D638FFD38B1F77E48E1BB5DF29929CE7D78B5 Validity Not Before: May 16 16:15:22 2025 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=6827649a-50e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:a0:86:96:b9:7b:73:b6:2c:cc:3b:48:55:b4: eb:2a:64:d1:20:e9:19:3f:3a:09:2d:71:9c:74:37: 67:9a:78:65:6a:1a:6d:51:37:ac:83:c5:1a:92:ea: 00:50:12:94:5e:fa:7a:bc:58:81:23:e1:75:14:82: 6f:7a:76:e0:db:d7:7e:73:a9:87:71:c5:7a:bd:0a: 1f:10:23:54:1d:2c:fe:34:9a:e9:bf:83:bb:bc:14: 8d:4f:81:02:d1:2f:4f:a4:6c:ec:e2:8c:60:e1:fc: a5:b0:5b:8a:ff:85:02:90:d7:95:8e:70:d4:e2:f1: a8:a3:88:3c:87:89:82:72:cc:e7:21:0f:7d:53:5d: f4:02:c1:74:8b:d2:5d:a6:1f:00:f4:d5:dd:60:be: b0:bd:fd:0e:cf:1a:e1:fb:4e:89:c6:de:a7:3d:aa: 7a:45:6e:d6:13:cc:a5:da:8b:c0:f6:99:a4:59:35: 8c:6f:b1:e6:c9:e2:d7:ab:0a:0d:70:79:a0:47:a2: c0:83:d8:a4:fe:59:f0:1c:d4:07:c5:98:c5:c5:ef: a2:5f:23:08:bf:9c:93:d7:ce:68:f9:7c:59:3d:dc: 16:b9:82:55:25:5f:88:ad:58:12:1e:ed:62:2b:71: fa:ec:51:f8:ca:6d:c8:96:8c:b7:24:1e:18:4c:5d: a4:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:77:DB:E8:74:86:F9:94:F5:D7:7A:59:11:DF:C7:3C:BE:B8:CE:8A X509v3 Authority Key Identifier: keyid:0B:8D:63:8F:FD:38:B1:F7:7E:48:E1:BB:5D:F2:99:29:CE:7D:78:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/C41jj_04sfd-SOG7XfKZKc59eLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C41jj_04sfd-SOG7XfKZKc59eLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/AA398864B96611EF8161BF51C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:e60:20::/43 2401:e60:100::/40 Signature Algorithm: sha256WithRSAEncryption 70:fd:e9:ac:81:2b:17:4c:b7:4e:ee:23:c8:17:1e:24:a9:c4: 19:16:26:e3:91:bf:4f:39:c6:90:64:23:93:42:9e:5c:cc:4a: 55:4d:f4:07:8a:d4:e3:5b:e8:1d:b9:d5:19:3b:a7:1a:5c:68: 59:a0:6c:ee:02:e5:22:66:f5:86:9e:be:3a:9b:b9:4b:ed:23: 13:26:76:4a:a2:7b:b9:d5:34:39:1f:a6:cf:86:39:e1:77:6d: ec:bf:a7:75:59:19:b6:9c:53:64:36:db:a4:81:78:af:50:f0: 90:af:91:44:a6:fd:7f:bc:d5:89:ea:d5:9f:13:80:d6:00:a7: ec:cd:e0:ef:88:f6:57:96:93:e9:a6:9e:5d:79:bf:0b:d3:1f: 42:87:b0:a1:fb:ed:82:5f:1f:0d:42:0c:2c:63:15:2e:9b:18: 24:a9:91:9b:c4:69:af:7a:8b:29:c3:98:7c:05:c2:d5:1e:fe: 47:fe:22:73:46:b7:fb:ac:ac:46:d6:b3:5f:91:39:a6:42:30: a5:80:21:de:d8:b1:72:c4:35:32:c8:b8:d1:82:46:16:a3:5e: fe:bd:39:4e:d9:03:b5:7c:9f:31:8a:bc:3b:83:25:81:31:74: a8:38:c0:23:77:d1:4c:69:5b:33:53:c7:69:a1:30:11:20:dd: 9b:25:ee:26 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0JFQTcxMTAvBgNVBAUTKDBCOEQ2MzhGRkQzOEIxRjc3RTQ4RTFCQjVERjI5OTI5 Q0U3RDc4QjUwHhcNMjUwNTE2MTYxNTIyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODI3NjQ5YS01MGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3aCGlrl7c7YszDtIVbTrKmTRIOkZPzoJLXGcdDdnmnhlahptUTesg8UakuoA UBKUXvp6vFiBI+F1FIJvenbg29d+c6mHccV6vQofECNUHSz+NJrpv4O7vBSNT4EC 0S9PpGzs4oxg4fylsFuK/4UCkNeVjnDU4vGoo4g8h4mCcsznIQ99U130AsF0i9Jd ph8A9NXdYL6wvf0Ozxrh+06Jxt6nPap6RW7WE8yl2ovA9pmkWTWMb7HmyeLXqwoN cHmgR6LAg9ik/lnwHNQHxZjFxe+iXyMIv5yT185o+XxZPdwWuYJVJV+IrVgSHu1i K3H67FH4ym3Iloy3JB4YTF2kHQIDAQABo4ICoDCCApwwHQYDVR0OBBYEFL532+h0 hvmU9dd6WRHfxzy+uM6KMB8GA1UdIwQYMBaAFAuNY4/9OLH3fkjhu13ymSnOfXi1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkVBNy8wNDRGNjQ0ODEx NjgxMUVFQUM2M0MyMzRDNEY5QUUwMi9DNDFqal8wNHNmZC1TT0c3WGZLWktjNTll TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0M0MWpqXzA0c2ZkLVNPRzdYZktaS2M1OWVMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0JFQTcvMDQ0RjY0NDgxMTY4MTFFRUFDNjNDMjM0QzRGOUFFMDIvQUEzOTg4NjRC OTY2MTFFRjgxNjFCRjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E GzAZMBcEAgACMBEDBwUkAQ5gACADBgAkAQ5gATANBgkqhkiG9w0BAQsFAAOCAQEA cP3prIErF0y3Tu4jyBceJKnEGRYm45G/TznGkGQjk0KeXMxKVU30B4rU41voHbnV GTunGlxoWaBs7gLlImb1hp6+Opu5S+0jEyZ2SqJ7udU0OR+mz4Y54Xdt7L+ndVkZ tpxTZDbbpIF4r1DwkK+RRKb9f7zVierVnxOA1gCn7M3g74j2V5aT6aaeXXm/C9Mf Qoewofvtgl8fDUIMLGMVLpsYJKmRm8Rpr3qLKcOYfAXC1R7+R/4ic0a3+6ysRtaz X5E5pkIwpYAh3tixcsQ1Msi40YJGFqNe/r05TtkDtXyfMYq8O4MlgTF0qDjAI3fR TGlbM1PHaaEwESDdmyXuJg== -----END CERTIFICATE-----Generated at Mon Jun 2 05:35:28 2025 by rpki-client